Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Computer Infected - Need Help


  • Please log in to reply

#1
zillo396

zillo396

    New Member

  • Member
  • Pip
  • 3 posts

First and foremost, I am thanking whomever comes to my aid now and will continue the much deserved thanks till the problem is resolved. I have some sensitive documents on the PC that has been infected, so, I am a little hesitant to backup my files and just nuke the PC.

 

1. I am not entirely sure what I have done for the PC to suddenly become infected but it started happening around 4:00 pm today. I launched my browser, Chrome, then suddenly I was re-directed to some PC support Page, I knew something was wrong and immediately disconnected my internet. 

 

2. Up until this point I have had no virus protection installed, anti-malware, adware, spyware etc installed other than Windows Defender. I did run a full system scan with WD and it found nothing. I turned my net back on and launched a browser and to no avail was re-directed again to some credit coupon webpage, so I proceeded to shut off my net again.

 

3. I downloaded, Avast, Spybot Search & Destroy Malwarebytes and Comodo, they all found somethings and proceeded to remove it, however; the problem still persists because Avast blocker keeps coming up and mentioning that a virus has been blocked known as MAL: 32. And these are some of the viruses that have been blocked by Avast as well:

 

kds3fxhsxipje.dll - c:\program files (x86)\keeperrsext - Win32:Adware-Gen [Adw] and there are a few similar to this one.

 

The main thing that's happening is my webpage is being re-directed and trying to download to my guess more viruses. I ran FRST and Addition Texts are below.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-04-2015
Ran by Vilyam (administrator) on WILL on 20-04-2015 20:48:46
Running from C:\Users\Vilyam\Desktop
Loaded Profiles: Vilyam (Available profiles: Vilyam)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7156296 2013-03-05] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1426136 2015-04-01] (COMODO)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-04-20] (Avast Software s.r.o.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-117805156-1059988709-3418736103-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-04-20] (Piriform Ltd)
HKU\S-1-5-21-117805156-1059988709-3418736103-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-20] (Avast Software s.r.o.)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-117805156-1059988709-3418736103-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-20] (Avast Software s.r.o.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-20] (Avast Software s.r.o.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 71.10.216.1 71.10.216.2
Tcpip\..\Interfaces\{B9AE0BC8-D283-42AE-90E5-B778DF273A2A}: [NameServer] 156.154.70.22,156.154.71.22

FireFox:
========
FF ProfilePath: C:\Users\Vilyam\AppData\Roaming\Mozilla\Firefox\Profiles\qrnhcizq.default
FF Homepage: https://www.google.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-20] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-29] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-20] ()
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-10] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-29] (Adobe Systems)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-02-19]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: No Name - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-04-20]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HomePage: Default ->
CHR Profile: C:\Users\Vilyam\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Vilyam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-10]
CHR Extension: (Google Search) - C:\Users\Vilyam\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-10]
CHR Extension: (Google Wallet) - C:\Users\Vilyam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-10]
CHR Extension: (Gmail) - C:\Users\Vilyam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-10]
CHR Extension: (Avast Online Security) - C:\Users\Vilyam\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-04-20]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-20]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 gpsvc; C:\Windows\System32\gpsvc.dll [1360896 2014-11-21] (Microsoft Corporation) [File not signed]
R2 nsi; C:\Windows\System32\nsisvc.dll [28672 2014-11-21] (Microsoft Corporation) [File not signed]
U4 SharedAccess; C:\Windows\System32\ipnathlp.dll [452608 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [802816 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WinHttpAutoProxySvc; C:\Windows\SysWOW64\winhttp.dll [631808 2014-11-21] (Microsoft Corporation) [File not signed]
U3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [214528 2014-11-21] (Microsoft Corporation) [File not signed]
U3 ALG; C:\Windows\System32\alg.exe [96768 2014-11-21] (Microsoft Corporation) [File not signed]
U3 AppIDSvc; C:\Windows\System32\appidsvc.dll [39424 2014-11-21] (Microsoft Corporation) [File not signed]
R3 Appinfo; C:\Windows\System32\appinfo.dll [110080 2014-11-21] (Microsoft Corporation) [File not signed]
U3 AppMgmt; C:\Windows\System32\appmgmts.dll [187904 2014-11-21] (Microsoft Corporation) [File not signed]
U3 AppMgmt; C:\Windows\SysWOW64\appmgmts.dll [155648 2014-11-21] (Microsoft Corporation) [File not signed]
U3 AppReadiness; C:\Windows\system32\AppReadiness.dll [562688 2014-11-21] (Microsoft Corporation) [File not signed]
U3 AppXSvc; C:\Windows\system32\appxdeploymentserver.dll [1348096 2014-11-21] (Microsoft Corporation) [File not signed]
U2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe [927232 2012-10-29] () [File not signed]
U2 AudioEndpointBuilder; C:\Windows\System32\AudioEndpointBuilder.dll [229888 2015-02-14] (Microsoft Corporation) [File not signed]
R2 Audiosrv; C:\Windows\System32\Audiosrv.dll [911360 2014-11-21] (Microsoft Corporation) [File not signed]
U2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-20] (Avast Software s.r.o.)
U3 AxInstSV; C:\Windows\System32\AxInstSV.dll [111104 2014-11-21] (Microsoft Corporation) [File not signed]
U3 BDESVC; C:\Windows\System32\bdesvc.dll [348672 2014-11-21] (Microsoft Corporation) [File not signed]
U2 BFE; C:\Windows\System32\bfe.dll [845312 2014-11-21] (Microsoft Corporation) [File not signed]
U2 BITS; C:\Windows\System32\qmgr.dll [933376 2014-11-21] (Microsoft Corporation) [File not signed]
U2 BrokerInfrastructure; C:\Windows\System32\bisrv.dll [270336 2014-11-21] (Microsoft Corporation) [File not signed]
U3 Browser; C:\Windows\System32\browser.dll [135168 2014-11-21] (Microsoft Corporation) [File not signed]
U3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation) [File not signed]
U3 bthserv; C:\Windows\system32\bthserv.dll [94720 2014-11-21] (Microsoft Corporation) [File not signed]
U3 CertPropSvc; C:\Windows\System32\certprop.dll [156160 2014-11-21] (Microsoft Corporation) [File not signed]
U2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5540424 2015-04-01] (COMODO)
U3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265816 2015-04-01] (COMODO)
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [131584 2014-11-21] (Microsoft Corporation) [File not signed]
U2 CscService; C:\Windows\System32\cscsvc.dll [802304 2014-11-21] (Microsoft Corporation) [File not signed]
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [817664 2014-11-21] (Microsoft Corporation) [File not signed]
U3 defragsvc; C:\Windows\System32\defragsvc.dll [524288 2014-11-21] (Microsoft Corporation) [File not signed]
U2 DeviceAssociationService; C:\Windows\system32\das.dll [407040 2014-11-21] (Microsoft Corporation) [File not signed]
U3 DeviceInstall; C:\Windows\system32\umpnpmgr.dll [116736 2014-11-21] (Microsoft Corporation) [File not signed]
U2 Dhcp; C:\Windows\system32\dhcpcore.dll [365056 2014-11-21] (Microsoft Corporation) [File not signed]
U2 Dhcp; C:\Windows\SysWOW64\dhcpcore.dll [292864 2014-11-21] (Microsoft Corporation) [File not signed]
U2 Dnscache; C:\Windows\System32\dnsrslvr.dll [252416 2014-11-21] (Microsoft Corporation) [File not signed]
U3 dot3svc; C:\Windows\System32\dot3svc.dll [262144 2014-11-21] (Microsoft Corporation) [File not signed]
U2 DPS; C:\Windows\system32\dps.dll [174080 2014-11-21] (Microsoft Corporation) [File not signed]
U3 DsmSvc; C:\Windows\System32\DeviceSetupManager.dll [206848 2014-11-21] (Microsoft Corporation) [File not signed]
U3 Eaphost; C:\Windows\System32\eapsvc.dll [110592 2014-11-21] (Microsoft Corporation) [File not signed]
U3 EFS; C:\Windows\system32\efssvc.dll [41472 2014-11-21] (Microsoft Corporation) [File not signed]
U2 EventLog; C:\Windows\System32\wevtsvc.dll [1696256 2014-11-21] (Microsoft Corporation) [File not signed]
U2 EventSystem; C:\Windows\system32\es.dll [516608 2014-11-21] (Microsoft Corporation) [File not signed]
U2 EventSystem; C:\Windows\SysWOW64\es.dll [367616 2014-11-21] (Microsoft Corporation) [File not signed]
U3 Fax; C:\Windows\system32\fxssvc.exe [658944 2014-11-21] (Microsoft Corporation) [File not signed]
U3 fdPHost; C:\Windows\system32\fdPHost.dll [22016 2014-11-21] (Microsoft Corporation) [File not signed]
U3 FDResPub; C:\Windows\system32\fdrespub.dll [34816 2014-11-21] (Microsoft Corporation) [File not signed]
U3 fhsvc; C:\Windows\system32\fhsvc.dll [121856 2014-11-21] (Microsoft Corporation) [File not signed]
U2 FontCache; C:\Windows\system32\FntCache.dll [1390080 2014-11-21] (Microsoft Corporation) [File not signed]
U2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2015-02-05] (NVIDIA Corporation)
U3 hidserv; C:\Windows\system32\hidserv.dll [33792 2014-11-21] (Microsoft Corporation) [File not signed]
U3 hidserv; C:\Windows\SysWOW64\hidserv.dll [30720 2014-11-21] (Microsoft Corporation) [File not signed]
U3 hkmsvc; C:\Windows\system32\kmsvc.dll [101376 2014-11-21] (Microsoft Corporation) [File not signed]
U3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [275968 2014-11-21] (Microsoft Corporation) [File not signed]
U3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [445952 2014-11-21] (Microsoft Corporation) [File not signed]
U3 HomeGroupProvider; C:\Windows\SysWOW64\provsvc.dll [366080 2014-11-21] (Microsoft Corporation) [File not signed]
U3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [114688 2014-11-21] (Microsoft Corporation) [File not signed]
U2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
U3 IKEEXT; C:\Windows\System32\ikeext.dll [1084416 2014-11-21] (Microsoft Corporation) [File not signed]
U2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [926208 2014-11-21] (Microsoft Corporation) [File not signed]
U3 KeyIso; C:\Windows\system32\keyiso.dll [62464 2014-11-21] (Microsoft Corporation) [File not signed]
U3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [46592 2014-11-21] (Microsoft Corporation) [File not signed]
U3 KtmRm; C:\Windows\system32\msdtckrm.dll [373248 2014-11-21] (Microsoft Corporation) [File not signed]
U2 LanmanServer; C:\Windows\system32\srvsvc.dll [329216 2014-11-21] (Microsoft Corporation) [File not signed]
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [289280 2014-11-21] (Microsoft Corporation) [File not signed]
U3 lfsvc; C:\Windows\System32\GeofenceMonitorService.dll [521728 2014-11-21] (Microsoft Corporation) [File not signed]
U3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [367104 2014-11-21] (Microsoft Corporation) [File not signed]
U3 lltdsvc; C:\Windows\System32\lltdsvc.dll [279040 2014-11-21] (Microsoft Corporation) [File not signed]
U2 lmhosts; C:\Windows\System32\lmhsvc.dll [24576 2014-11-21] (Microsoft Corporation) [File not signed]
U2 LSM; C:\Windows\System32\lsm.dll [780800 2015-02-20] (Microsoft Corporation) [File not signed]
U2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
U2 MMCSS; C:\Windows\system32\mmcss.dll [71168 2014-11-21] (Microsoft Corporation) [File not signed]
U2 MpsSvc; C:\Windows\system32\mpssvc.dll [880640 2014-11-21] (Microsoft Corporation) [File not signed]
U3 MSDTC; C:\Windows\System32\msdtc.exe [144384 2014-11-21] (Microsoft Corporation) [File not signed]
U3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [151040 2014-11-21] (Microsoft Corporation) [File not signed]
S3 msiserver; C:\Windows\System32\msiexec.exe [64512 2014-11-21] (Microsoft Corporation) [File not signed]
S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [59904 2014-11-21] (Microsoft Corporation) [File not signed]
U3 napagent; C:\Windows\system32\qagentRT.dll [446464 2014-11-21] (Microsoft Corporation) [File not signed]
U3 NcaSvc; C:\Windows\System32\ncasvc.dll [166400 2014-11-21] (Microsoft Corporation) [File not signed]
U3 NcbService; C:\Windows\System32\ncbservice.dll [154112 2014-11-21] (Microsoft Corporation) [File not signed]
U3 NcdAutoSetup; C:\Windows\System32\NcdAutoSetup.dll [74752 2014-11-21] (Microsoft Corporation) [File not signed]
U3 Netlogon; C:\Windows\system32\netlogon.dll [838656 2014-11-21] (Microsoft Corporation) [File not signed]
U3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [695296 2014-11-21] (Microsoft Corporation) [File not signed]
U3 Netman; C:\Windows\System32\netman.dll [266752 2014-11-21] (Microsoft Corporation) [File not signed]
U3 netprofm; C:\Windows\System32\netprofmsvc.dll [550912 2014-11-21] (Microsoft Corporation) [File not signed]
U2 NlaSvc; C:\Windows\System32\nlasvc.dll [391680 2015-02-14] (Microsoft Corporation) [File not signed]
U2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-02-05] (NVIDIA Corporation)
U2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2015-02-05] (NVIDIA Corporation)
U3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [380416 2014-11-21] (Microsoft Corporation) [File not signed]
U3 p2psvc; C:\Windows\system32\p2psvc.dll [440832 2014-11-21] (Microsoft Corporation) [File not signed]
U2 PcaSvc; C:\Windows\System32\pcasvc.dll [474112 2014-11-21] (Microsoft Corporation) [File not signed]
U3 PeerDistSvc; C:\Windows\system32\peerdistsvc.dll [2252800 2014-11-21] (Microsoft Corporation) [File not signed]
U3 PerfHost; C:\Windows\SysWow64\perfhost.exe [21504 2013-08-21] (Microsoft Corporation) [File not signed]
U3 pla; C:\Windows\system32\pla.dll [1526784 2014-11-21] (Microsoft Corporation) [File not signed]
U3 pla; C:\Windows\SysWOW64\pla.dll [1534464 2014-11-21] (Microsoft Corporation) [File not signed]
U3 PlugPlay; C:\Windows\system32\umpnpmgr.dll [116736 2014-11-21] (Microsoft Corporation) [File not signed]
U3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [26624 2014-11-21] (Microsoft Corporation) [File not signed]
U3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [380416 2014-11-21] (Microsoft Corporation) [File not signed]
U3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [397312 2014-11-21] (Microsoft Corporation) [File not signed]
U2 Power; C:\Windows\system32\umpo.dll [80384 2014-11-21] (Microsoft Corporation) [File not signed]
U3 PrintNotify; C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll [2987520 2014-11-21] (Microsoft Corporation) [File not signed]
U2 ProfSvc; C:\Windows\system32\profsvc.dll [225280 2015-02-14] (Microsoft Corporation) [File not signed]
U3 QWAVE; C:\Windows\system32\qwave.dll [303104 2014-11-21] (Microsoft Corporation) [File not signed]
S3 RasAuto; C:\Windows\System32\rasauto.dll [102912 2014-11-21] (Microsoft Corporation) [File not signed]
S3 RasMan; C:\Windows\System32\rasmans.dll [542208 2014-11-21] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [226816 2014-11-21] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [183296 2014-11-21] (Microsoft Corporation) [File not signed]
U4 RemoteRegistry; C:\Windows\system32\regsvc.dll [166400 2014-11-21] (Microsoft Corporation) [File not signed]
R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [80896 2014-11-21] (Microsoft Corporation) [File not signed]
U3 RpcLocator; C:\Windows\system32\locator.exe [10240 2014-11-21] (Microsoft Corporation) [File not signed]
R2 RpcSs; C:\Windows\system32\rpcss.dll [817664 2014-11-21] (Microsoft Corporation) [File not signed]
U4 SCardSvr; C:\Windows\System32\SCardSvr.dll [194048 2014-11-21] (Microsoft Corporation) [File not signed]
U3 ScDeviceEnum; C:\Windows\System32\ScDeviceEnum.dll [131072 2014-11-21] (Microsoft Corporation) [File not signed]
U2 Schedule; C:\Windows\system32\schedsvc.dll [1265152 2014-11-21] (Microsoft Corporation) [File not signed]
U3 SCPolicySvc; C:\Windows\System32\certprop.dll [156160 2014-11-21] (Microsoft Corporation) [File not signed]
U2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
U2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
U2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
U3 seclogon; C:\Windows\system32\seclogon.dll [31744 2014-11-21] (Microsoft Corporation) [File not signed]
R2 SENS; C:\Windows\System32\sens.dll [73728 2014-11-21] (Microsoft Corporation) [File not signed]
U3 SensrSvc; C:\Windows\system32\sensrsvc.dll [243200 2014-11-21] (Microsoft Corporation) [File not signed]
U3 SessionEnv; C:\Windows\system32\sessenv.dll [339968 2014-11-21] (Microsoft Corporation) [File not signed]
U3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [296448 2014-11-21] (Microsoft Corporation) [File not signed]
U2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [640000 2014-11-21] (Microsoft Corporation) [File not signed]
U2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [576512 2014-11-21] (Microsoft Corporation) [File not signed]
U3 smphost; C:\Windows\System32\smphost.dll [13312 2014-11-21] (Microsoft Corporation) [File not signed]
U3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2014-11-21] (Microsoft Corporation) [File not signed]
U3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14848 2014-11-21] (Microsoft Corporation) [File not signed]
R2 Spooler; C:\Windows\System32\spoolsv.exe [827392 2014-11-21] (Microsoft Corporation) [File not signed]
U3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [249344 2014-11-21] (Microsoft Corporation) [File not signed]
U3 SstpSvc; C:\Windows\system32\sstpsvc.dll [142848 2014-11-21] (Microsoft Corporation) [File not signed]
U2 stisvc; C:\Windows\System32\wiaservc.dll [670720 2014-11-21] (Microsoft Corporation) [File not signed]
U3 StorSvc; C:\Windows\system32\storsvc.dll [20480 2014-11-21] (Microsoft Corporation) [File not signed]
U3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [17920 2014-11-21] (Microsoft Corporation) [File not signed]
U3 svsvc; C:\Windows\system32\svsvc.dll [13312 2014-11-21] (Microsoft Corporation) [File not signed]
U3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
U3 swprv; C:\Windows\System32\swprv.dll [706048 2014-11-21] (Microsoft Corporation) [File not signed]
U2 SysMain; C:\Windows\system32\sysmain.dll [1217024 2014-11-21] (Microsoft Corporation) [File not signed]
U2 SystemEventsBroker; C:\Windows\System32\SystemEventsBrokerServer.dll [294912 2014-11-21] (Microsoft Corporation) [File not signed]
U3 TabletInputService; C:\Windows\System32\TabSvc.dll [154624 2014-11-21] (Microsoft Corporation) [File not signed]
U3 TapiSrv; C:\Windows\System32\tapisrv.dll [313344 2014-11-21] (Microsoft Corporation) [File not signed]
U3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [254464 2014-11-21] (Microsoft Corporation) [File not signed]
S3 TermService; C:\Windows\System32\termsrv.dll [1114624 2014-11-21] (Microsoft Corporation) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [59392 2014-11-21] (Microsoft Corporation) [File not signed]
U3 THREADORDER; C:\Windows\system32\mmcss.dll [71168 2014-11-21] (Microsoft Corporation) [File not signed]
U3 TimeBroker; C:\Windows\System32\TimeBrokerServer.dll [262656 2014-11-21] (Microsoft Corporation) [File not signed]
U2 TrkWks; C:\Windows\System32\trkwks.dll [124416 2014-11-21] (Microsoft Corporation) [File not signed]
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [106496 2014-11-21] (Microsoft Corporation) [File not signed]
U3 UI0Detect; C:\Windows\system32\UI0Detect.exe [41984 2014-11-21] (Microsoft Corporation) [File not signed]
U3 UmRdpService; C:\Windows\System32\umrdp.dll [300032 2014-11-21] (Microsoft Corporation) [File not signed]
U3 upnphost; C:\Windows\System32\upnphost.dll [457728 2014-11-21] (Microsoft Corporation) [File not signed]
U3 upnphost; C:\Windows\SysWOW64\upnphost.dll [331776 2014-11-21] (Microsoft Corporation) [File not signed]
U3 VaultSvc; C:\Windows\System32\vaultsvc.dll [260608 2014-11-21] (Microsoft Corporation) [File not signed]
U3 vds; C:\Windows\System32\vds.exe [1313792 2014-11-21] (Microsoft Corporation) [File not signed]
U3 vmicguestinterface; C:\Windows\System32\ICSvc.dll [524800 2014-11-21] (Microsoft Corporation) [File not signed]
U3 vmicheartbeat; C:\Windows\System32\ICSvc.dll [524800 2014-11-21] (Microsoft Corporation) [File not signed]
U3 vmickvpexchange; C:\Windows\System32\ICSvc.dll [524800 2014-11-21] (Microsoft Corporation) [File not signed]
U3 vmicrdv; C:\Windows\System32\ICSvc.dll [524800 2014-11-21] (Microsoft Corporation) [File not signed]
U3 vmicshutdown; C:\Windows\System32\ICSvc.dll [524800 2014-11-21] (Microsoft Corporation) [File not signed]
U3 vmictimesync; C:\Windows\System32\ICSvc.dll [524800 2014-11-21] (Microsoft Corporation) [File not signed]
U3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-11-21] (Microsoft Corporation) [File not signed]
U3 VSS; C:\Windows\system32\vssvc.exe [1454080 2014-11-21] (Microsoft Corporation) [File not signed]
U3 W32Time; C:\Windows\system32\w32time.dll [411648 2014-11-21] (Microsoft Corporation) [File not signed]
U3 wbengine; C:\Windows\system32\wbengine.exe [1571328 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [465920 2014-11-21] (Microsoft Corporation) [File not signed]
U2 Wcmsvc; C:\Windows\System32\wcmsvc.dll [374784 2014-11-21] (Microsoft Corporation) [File not signed]
U3 wcncsvc; C:\Windows\System32\wcncsvc.dll [465920 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [43520 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WcsPlugInService; C:\Windows\SysWOW64\WcsPlugInService.dll [34304 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WdiServiceHost; C:\Windows\system32\wdi.dll [95744 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WdiServiceHost; C:\Windows\SysWOW64\wdi.dll [84992 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WdiSystemHost; C:\Windows\system32\wdi.dll [95744 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WdiSystemHost; C:\Windows\SysWOW64\wdi.dll [84992 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
U3 WebClient; C:\Windows\System32\webclnt.dll [229376 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WebClient; C:\Windows\SysWOW64\webclnt.dll [199168 2014-11-21] (Microsoft Corporation) [File not signed]
U3 Wecsvc; C:\Windows\system32\wecsvc.dll [209408 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WEPHOSTSVC; C:\Windows\system32\wephostsvc.dll [26112 2014-11-21] (Microsoft Corporation) [File not signed]
U3 wercplsupport; C:\Windows\System32\wercplsupport.dll [84992 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WerSvc; C:\Windows\System32\WerSvc.dll [108544 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WiaRpc; C:\Windows\System32\wiarpc.dll [67584 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
U2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [230400 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WinRM; C:\Windows\system32\WsmSvc.dll [2608640 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WinRM; C:\Windows\SysWOW64\WsmSvc.dll [2170368 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WlanSvc; C:\Windows\System32\wlansvc.dll [1547264 2014-11-21] (Microsoft Corporation) [File not signed]
U3 wlidsvc; C:\Windows\system32\wlidsvc.dll [1639424 2014-11-21] (Microsoft Corporation) [File not signed]
U3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [201728 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1478144 2014-11-21] (Microsoft Corporation) [File not signed]
U3 workfolderssvc; C:\Windows\system32\workfolderssvc.dll [1668096 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WPCSvc; C:\Windows\SysWOW64\wpcsvc.dll [10240 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [86528 2014-11-21] (Microsoft Corporation) [File not signed]
U2 wscsvc; C:\Windows\System32\wscsvc.dll [146944 2014-11-21] (Microsoft Corporation) [File not signed]
U2 WSearch; C:\Windows\system32\SearchIndexer.exe [903168 2014-11-21] (Microsoft Corporation) [File not signed]
U2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [710144 2014-11-21] (Microsoft Corporation) [File not signed]
U3 wuauserv; C:\Windows\system32\wuaueng.dll [3678720 2015-03-13] (Microsoft Corporation) [File not signed]
U3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [104960 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WwanSvc; C:\Windows\System32\wwansvc.dll [513536 2014-11-21] (Microsoft Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U3 1394ohci; C:\Windows\System32\drivers\1394ohci.sys [231424 2013-08-22] (Microsoft Corporation) [File not signed]
U3 acpipagr; C:\Windows\System32\drivers\acpipagr.sys [10240 2013-08-22] (Microsoft Corporation) [File not signed]
U3 AcpiPmi; C:\Windows\System32\drivers\acpipmi.sys [12288 2013-08-22] (Microsoft Corporation) [File not signed]
U3 acpitime; C:\Windows\System32\drivers\acpitime.sys [10752 2013-08-22] (Microsoft Corporation) [File not signed]
U1 AFD; C:\Windows\system32\drivers\afd.sys [563200 2014-11-21] (Microsoft Corporation) [File not signed]
U1 ahcache; C:\Windows\System32\DRIVERS\ahcache.sys [75776 2015-02-14] (Microsoft Corporation) [File not signed]
U3 AmdK8; C:\Windows\System32\drivers\amdk8.sys [95744 2013-08-22] (Microsoft Corporation) [File not signed]
U3 AmdPPM; C:\Windows\System32\drivers\amdppm.sys [98816 2013-08-22] (Microsoft Corporation) [File not signed]
U3 AppID; C:\Windows\system32\drivers\appid.sys [82944 2014-11-21] (Microsoft Corporation) [File not signed]
U1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2012-05-07] ()
U2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-20] ()
U2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-04-20] (Avast Software s.r.o.)
U1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-20] (Avast Software s.r.o.)
U0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-20] ()
U1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-20] (Avast Software s.r.o.)
U1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-20] (Avast Software s.r.o.)
U2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-04-20] (Avast Software s.r.o.)
U0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-04-20] ()
U1 BasicDisplay; C:\Windows\System32\drivers\BasicDisplay.sys [50688 2013-08-22] (Microsoft Corporation) [File not signed]
U1 BasicRender; C:\Windows\System32\drivers\BasicRender.sys [33280 2014-11-21] (Microsoft Corporation) [File not signed]
U3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [102912 2013-08-22] (Microsoft Corporation) [File not signed]
U3 BthAvrcpTg; C:\Windows\System32\drivers\BthAvrcpTg.sys [36992 2013-08-22] (Microsoft Corporation) [File not signed]
U3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [57856 2014-11-21] (Microsoft Corporation) [File not signed]
U3 bthhfhid; C:\Windows\System32\drivers\BthHFHid.sys [30720 2013-08-22] (Microsoft Corporation) [File not signed]
U3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [64000 2014-11-21] (Microsoft Corporation) [File not signed]
U4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [88576 2013-08-22] (Microsoft Corporation) [File not signed]
U1 cdrom; C:\Windows\System32\drivers\cdrom.sys [164352 2013-08-22] (Microsoft Corporation) [File not signed]
U3 circlass; C:\Windows\System32\drivers\circlass.sys [44032 2013-08-22] (Microsoft Corporation) [File not signed]
U3 CmBatt; C:\Windows\System32\drivers\CmBatt.sys [25472 2013-08-22] (Microsoft Corporation) [File not signed]
U1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20696 2015-04-01] (COMODO)
U1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [820952 2015-04-01] (COMODO)
U1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [35080 2015-04-01] (COMODO)
U3 CompositeBus; C:\Windows\System32\drivers\CompositeBus.sys [36352 2013-08-22] (Microsoft Corporation) [File not signed]
U3 condrv; C:\Windows\System32\drivers\condrv.sys [43008 2013-08-22] (Microsoft Corporation) [File not signed]
U1 CSC; C:\Windows\System32\drivers\csc.sys [559104 2014-11-21] (Microsoft Corporation) [File not signed]
U1 Dfsc; C:\Windows\System32\Drivers\dfsc.sys [134144 2014-11-21] (Microsoft Corporation) [File not signed]
U3 dmvsc; C:\Windows\System32\drivers\dmvsc.sys [29696 2013-08-22] (Microsoft Corporation) [File not signed]
U1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2015-02-17] (Disc Soft Ltd)
U3 e1iexpress; C:\Windows\system32\DRIVERS\e1i63x64.sys [460288 2013-06-18] (Intel Corporation) [File not signed]
U3 ErrDev; C:\Windows\System32\drivers\errdev.sys [10240 2013-08-22] (Microsoft Corporation) [File not signed]
U3 exfat; C:\Windows\System32\Drivers\exfat.sys [200704 2013-08-22] (Microsoft Corporation) [File not signed]
U3 fdc; C:\Windows\System32\drivers\fdc.sys [30720 2013-08-22] (Microsoft Corporation) [File not signed]
U3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34816 2013-08-22] (Microsoft Corporation) [File not signed]
U3 flpydisk; C:\Windows\System32\drivers\flpydisk.sys [25088 2013-08-22] (Microsoft Corporation) [File not signed]
U3 FxPPM; C:\Windows\System32\drivers\fxppm.sys [27136 2013-08-22] (Microsoft Corporation) [File not signed]
U3 gencounter; C:\Windows\System32\drivers\vmgencounter.sys [11264 2013-08-22] (Microsoft Corporation) [File not signed]
U3 HdAudAddService; C:\Windows\system32\drivers\HdAudio.sys [395776 2013-08-22] (Microsoft Corporation) [File not signed]
U3 HDAudBus; C:\Windows\System32\drivers\HDAudBus.sys [76800 2014-11-21] (Microsoft Corporation) [File not signed]
U3 HidBatt; C:\Windows\System32\drivers\HidBatt.sys [26624 2013-08-22] (Microsoft Corporation) [File not signed]
U3 HidBth; C:\Windows\System32\drivers\hidbth.sys [97792 2015-01-29] (Microsoft Corporation) [File not signed]
U3 hidi2c; C:\Windows\System32\drivers\hidi2c.sys [41472 2013-08-22] (Microsoft Corporation) [File not signed]
U3 HidIr; C:\Windows\System32\drivers\hidir.sys [45568 2013-08-22] (Microsoft Corporation) [File not signed]
U3 HidUsb; C:\Windows\System32\drivers\hidusb.sys [33280 2014-11-21] (Microsoft Corporation) [File not signed]
U3 hyperkbd; C:\Windows\System32\drivers\hyperkbd.sys [13824 2013-08-22] (Microsoft Corporation) [File not signed]
U3 HyperVideo; C:\Windows\system32\DRIVERS\HyperVideo.sys [22016 2013-08-22] (Microsoft Corporation) [File not signed]
U3 i8042prt; C:\Windows\System32\drivers\i8042prt.sys [107520 2014-11-21] (Microsoft Corporation) [File not signed]
U1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [126720 2015-04-01] (COMODO)
U3 intelppm; C:\Windows\System32\drivers\intelppm.sys [98816 2013-08-22] (Microsoft Corporation) [File not signed]
U3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [84992 2013-08-22] (Microsoft Corporation) [File not signed]
U3 IPMIDRV; C:\Windows\System32\drivers\IPMIDrv.sys [79872 2014-11-21] (Microsoft Corporation) [File not signed]
U3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [142848 2014-11-21] (Microsoft Corporation) [File not signed]
U3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2013-08-22] (Microsoft Corporation) [File not signed]
U3 kbdhid; C:\Windows\System32\drivers\kbdhid.sys [32256 2014-11-21] (Microsoft Corporation) [File not signed]
U3 kdnic; C:\Windows\system32\DRIVERS\kdnic.sys [19456 2013-08-22] (Microsoft Corporation) [File not signed]
U3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [21248 2013-08-22] (Microsoft Corporation) [File not signed]
U2 lltdio; C:\Windows\system32\DRIVERS\lltdio.sys [59392 2013-08-22] (Microsoft Corporation) [File not signed]
U2 luafv; C:\Windows\system32\drivers\luafv.sys [124416 2014-11-21] (Microsoft Corporation) [File not signed]
U3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
U3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
U3 Modem; C:\Windows\System32\drivers\modem.sys [40960 2013-08-22] (Microsoft Corporation) [File not signed]
U3 monitor; C:\Windows\System32\drivers\monitor.sys [30208 2013-08-22] (Microsoft Corporation) [File not signed]
U3 mouhid; C:\Windows\System32\drivers\mouhid.sys [30208 2014-11-21] (Microsoft Corporation) [File not signed]
U3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [74240 2014-11-21] (Microsoft Corporation) [File not signed]
U3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [140800 2015-02-14] (Microsoft Corporation) [File not signed]
U3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [405504 2014-11-21] (Microsoft Corporation) [File not signed]
U2 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [283648 2014-11-21] (Microsoft Corporation) [File not signed]
U3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [202752 2014-11-21] (Microsoft Corporation) [File not signed]
U3 MsBridge; C:\Windows\system32\DRIVERS\bridge.sys [115712 2014-11-21] (Microsoft Corporation) [File not signed]
U3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2013-08-22] (Microsoft Corporation) [File not signed]
U3 mshidumdf; C:\Windows\System32\drivers\mshidumdf.sys [9728 2013-08-22] (Microsoft Corporation) [File not signed]
U3 MSKSSRV; C:\Windows\system32\drivers\MSKSSRV.sys [10624 2013-08-22] (Microsoft Corporation) [File not signed]
U3 MsLldp; C:\Windows\system32\DRIVERS\mslldp.sys [66560 2014-11-21] (Microsoft Corporation) [File not signed]
U3 MSPCLOCK; C:\Windows\system32\drivers\MSPCLOCK.sys [7040 2013-08-22] (Microsoft Corporation) [File not signed]
U3 MSPQM; C:\Windows\system32\drivers\MSPQM.sys [6784 2013-08-22] (Microsoft Corporation) [File not signed]
U3 MSTEE; C:\Windows\system32\drivers\MSTEE.sys [7936 2013-08-22] (Microsoft Corporation) [File not signed]
U3 MTConfig; C:\Windows\System32\drivers\MTConfig.sys [13312 2013-08-22] (Microsoft Corporation) [File not signed]
U3 NativeWifiP; C:\Windows\system32\DRIVERS\nwifi.sys [445440 2014-11-21] (Microsoft Corporation) [File not signed]
U3 NdisCap; C:\Windows\system32\DRIVERS\ndiscap.sys [43008 2014-11-21] (Microsoft Corporation) [File not signed]
U3 NdisImPlatform; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [126464 2014-11-21] (Microsoft Corporation) [File not signed]
U3 NdisTapi; C:\Windows\system32\DRIVERS\ndistapi.sys [24576 2014-11-21] (Microsoft Corporation) [File not signed]
U3 Ndisuio; C:\Windows\system32\DRIVERS\ndisuio.sys [60416 2013-08-22] (Microsoft Corporation) [File not signed]
U3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation) [File not signed]
U3 NdisWan; C:\Windows\system32\DRIVERS\ndiswan.sys [220672 2013-08-22] (Microsoft Corporation) [File not signed]
U3 NdisWanLegacy; C:\Windows\system32\DRIVERS\ndiswan.sys [220672 2013-08-22] (Microsoft Corporation) [File not signed]
U2 Ndu; C:\Windows\System32\drivers\Ndu.sys [103424 2014-11-21] (Microsoft Corporation) [File not signed]
U1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [48128 2014-11-21] (Microsoft Corporation) [File not signed]
U1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [282624 2013-08-22] (Microsoft Corporation) [File not signed]
U3 netvsc; C:\Windows\System32\drivers\netvsc63.sys [87040 2014-11-21] (Microsoft Corporation) [File not signed]
U1 npsvctrig; C:\Windows\System32\drivers\npsvctrig.sys [23040 2013-08-22] (Microsoft Corporation) [File not signed]
U1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [39424 2014-11-21] (Microsoft Corporation) [File not signed]
U1 Null; C:\Windows\System32\Drivers\Null.sys [5632 2013-08-22] (Microsoft Corporation) [File not signed]
U3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-02-05] (NVIDIA Corporation)
U3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-02-05] (NVIDIA Corporation)
U3 Parport; C:\Windows\System32\drivers\parport.sys [94208 2013-08-22] (Microsoft Corporation) [File not signed]
U2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [663040 2014-11-21] (Microsoft Corporation) [File not signed]
U3 Processor; C:\Windows\System32\drivers\processr.sys [92160 2013-08-22] (Microsoft Corporation) [File not signed]
U1 Psched; C:\Windows\system32\DRIVERS\pacer.sys [151040 2014-11-21] (Microsoft Corporation) [File not signed]
U3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [47104 2014-11-21] (Microsoft Corporation) [File not signed]
U3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [17408 2014-11-21] (Microsoft Corporation) [File not signed]
U3 RasPppoe; C:\Windows\system32\DRIVERS\raspppoe.sys [84992 2013-08-22] (Microsoft Corporation) [File not signed]
U1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [408576 2014-11-21] (Microsoft Corporation) [File not signed]
U3 rdpbus; C:\Windows\System32\drivers\rdpbus.sys [22528 2013-08-22] (Microsoft Corporation) [File not signed]
U3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [195584 2014-11-21] (Microsoft Corporation) [File not signed]
U2 rspndr; C:\Windows\system32\DRIVERS\rspndr.sys [80384 2013-08-22] (Microsoft Corporation) [File not signed]
U3 s3cap; C:\Windows\System32\drivers\vms3cap.sys [7168 2013-08-22] (Microsoft Corporation) [File not signed]
U3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [40960 2014-11-21] (Microsoft Corporation) [File not signed]
U2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2013-08-22] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
U3 Serenum; C:\Windows\System32\drivers\serenum.sys [23040 2013-08-22] (Microsoft Corporation) [File not signed]
U3 Serial; C:\Windows\System32\drivers\serial.sys [83456 2013-08-22] (Microsoft Corporation) [File not signed]
U3 sermouse; C:\Windows\System32\drivers\sermouse.sys [26112 2014-11-21] (Microsoft Corporation) [File not signed]
U3 sfloppy; C:\Windows\System32\drivers\sfloppy.sys [17408 2013-08-22] (Microsoft Corporation) [File not signed]
U2 srv; C:\Windows\System32\DRIVERS\srv.sys [412160 2014-11-21] (Microsoft Corporation) [File not signed]
U3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [678400 2014-11-21] (Microsoft Corporation) [File not signed]
U3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [246272 2014-11-21] (Microsoft Corporation) [File not signed]
U3 storvsp; C:\Windows\System32\drivers\storvsp.sys [68608 2014-11-21] (Microsoft Corporation) [File not signed]
U2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [49152 2014-11-21] (Microsoft Corporation) [File not signed]
U1 tdx; C:\Windows\system32\DRIVERS\tdx.sys [107520 2013-08-22] (Microsoft Corporation) [File not signed]
U3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [56320 2013-08-22] (Microsoft Corporation) [File not signed]
U3 TsUsbGD; C:\Windows\System32\drivers\TsUsbGD.sys [29696 2014-11-21] (Microsoft Corporation) [File not signed]
U3 tunnel; C:\Windows\system32\DRIVERS\tunnel.sys [154112 2013-08-22] (Microsoft Corporation) [File not signed]
U4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [316928 2013-08-22] (Microsoft Corporation) [File not signed]
U3 umbus; C:\Windows\System32\drivers\umbus.sys [46080 2013-08-22] (Microsoft Corporation) [File not signed]
U3 UmPass; C:\Windows\System32\drivers\umpass.sys [11776 2013-08-22] (Microsoft Corporation) [File not signed]
U3 usbcir; C:\Windows\System32\drivers\usbcir.sys [98304 2014-11-21] (Microsoft Corporation) [File not signed]
U3 usbohci; C:\Windows\System32\drivers\usbohci.sys [30208 2013-08-22] (Microsoft Corporation) [File not signed]
U3 usbprint; C:\Windows\System32\drivers\usbprint.sys [26112 2013-08-22] (Microsoft Corporation) [File not signed]
U3 usbuhci; C:\Windows\System32\drivers\usbuhci.sys [37376 2014-11-21] (Microsoft Corporation) [File not signed]
U3 Vid; C:\Windows\System32\drivers\Vid.sys [220672 2014-11-21] (Microsoft Corporation) [File not signed]
U3 VMBusHID; C:\Windows\System32\drivers\VMBusHID.sys [21760 2013-08-22] (Microsoft Corporation) [File not signed]
U3 vmbusr; C:\Windows\System32\drivers\vmbusr.sys [129536 2014-11-21] (Microsoft Corporation) [File not signed]
U3 vpcivsp; C:\Windows\System32\drivers\vpcivsp.sys [65536 2014-11-21] (Microsoft Corporation) [File not signed]
U3 vwifibus; C:\Windows\System32\drivers\vwifibus.sys [24576 2013-08-22] (Microsoft Corporation) [File not signed]
U3 WacomPen; C:\Windows\System32\drivers\wacompen.sys [26752 2013-08-22] (Microsoft Corporation) [File not signed]
U3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
U3 WmiAcpi; C:\Windows\System32\drivers\wmiacpi.sys [16384 2013-08-22] (Microsoft Corporation) [File not signed]
U4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2013-08-22] (Microsoft Corporation) [File not signed]
U3 WSDPrintDevice; C:\Windows\System32\drivers\WSDPrint.sys [20992 2013-08-22] (Microsoft Corporation) [File not signed]
U3 WSDScan; C:\Windows\system32\DRIVERS\WSDScan.sys [23040 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [113664 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WUDFRd; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WUDFSensorLP; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WUDFWpdFs; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-11-21] (Microsoft Corporation) [File not signed]
U3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-11-21] (Microsoft Corporation) [File not signed]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-20 20:47 - 2015-04-20 20:47 - 00019077 _____ () C:\Users\Vilyam\Desktop\Addition.txt
2015-04-20 20:46 - 2015-04-20 20:49 - 00050230 _____ () C:\Users\Vilyam\Desktop\FRST.txt
2015-04-20 20:45 - 2015-04-20 20:48 - 00000000 ____D () C:\FRST
2015-04-20 20:42 - 2015-04-20 20:42 - 02099712 _____ (Farbar) C:\Users\Vilyam\Desktop\FRST64.exe
2015-04-20 20:24 - 2015-04-20 20:36 - 00037358 _____ () C:\WINDOWS\WindowsUpdate.log
2015-04-20 20:23 - 2015-04-20 20:23 - 00000231 _____ () C:\WINDOWS\setupact.log
2015-04-20 20:23 - 2015-04-20 20:23 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-04-20 20:13 - 2015-04-20 20:13 - 00000000 ____D () C:\WINDOWS\pss
2015-04-20 20:07 - 2015-04-20 20:08 - 05344528 _____ (Piriform Ltd) C:\Users\Vilyam\Downloads\ccsetup504.exe
2015-04-20 20:01 - 2015-04-20 20:48 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-04-20 20:01 - 2015-04-20 20:01 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-04-20 19:44 - 2015-04-20 19:44 - 00000020 _____ () C:\Users\Vilyam\AppData\Roaming\appdataFr3.bin
2015-04-20 19:42 - 2015-04-20 19:42 - 00000000 _____ () C:\WINDOWS\SysWOW64\FAP36E7.tmp
2015-04-20 19:34 - 2015-04-20 20:40 - 00663378 _____ () C:\WINDOWS\system32\Drivers\fvstore.dat
2015-04-20 19:34 - 2015-04-20 19:34 - 00000000 ___HD () C:\VTRoot
2015-04-20 19:34 - 2015-04-20 19:34 - 00000000 ____D () C:\Users\Vilyam\AppData\Roaming\Comodo
2015-04-20 19:31 - 2015-04-20 19:31 - 00001886 _____ () C:\Users\Public\Desktop\COMODO Firewall.lnk
2015-04-20 19:31 - 2015-04-20 19:31 - 00001886 _____ () C:\ProgramData\Desktop\COMODO Firewall.lnk
2015-04-20 19:31 - 2015-04-20 19:31 - 00000000 ____D () C:\WINDOWS\System32\Tasks\COMODO
2015-04-20 19:31 - 2015-04-20 19:31 - 00000000 ____D () C:\ProgramData\Shared Space
2015-04-20 19:31 - 2015-04-20 19:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
2015-04-20 19:31 - 2015-04-20 19:31 - 00000000 ____D () C:\Program Files\COMODO
2015-04-20 19:28 - 2015-04-20 19:31 - 00000000 ____D () C:\ProgramData\Comodo
2015-04-20 17:18 - 2015-04-20 20:15 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-04-20 17:18 - 2015-04-20 17:18 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-20 17:18 - 2015-04-20 17:18 - 00001114 _____ () C:\ProgramData\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-20 17:18 - 2015-04-20 17:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-20 17:18 - 2015-04-20 17:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-20 17:18 - 2015-04-20 17:18 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-20 17:18 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-04-20 17:18 - 2015-03-17 06:15 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-04-20 17:18 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-04-20 17:10 - 2015-04-20 17:10 - 00000000 ____D () C:\Users\Vilyam\AppData\Roaming\AVAST Software
2015-04-20 17:09 - 2015-04-20 17:09 - 01047320 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-04-20 17:09 - 2015-04-20 17:09 - 00442264 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-04-20 17:09 - 2015-04-20 17:09 - 00364472 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe
2015-04-20 17:09 - 2015-04-20 17:09 - 00271200 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-04-20 17:09 - 2015-04-20 17:09 - 00136752 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-04-20 17:09 - 2015-04-20 17:09 - 00093528 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-04-20 17:09 - 2015-04-20 17:09 - 00088408 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-04-20 17:09 - 2015-04-20 17:09 - 00065736 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-04-20 17:09 - 2015-04-20 17:09 - 00043112 _____ (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr
2015-04-20 17:09 - 2015-04-20 17:09 - 00029168 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-04-20 17:09 - 2015-04-20 17:09 - 00003924 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-04-20 17:09 - 2015-04-20 17:09 - 00001938 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-04-20 17:09 - 2015-04-20 17:09 - 00001938 _____ () C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2015-04-20 17:09 - 2015-04-20 17:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-04-20 17:08 - 2015-04-20 17:08 - 00000000 ____D () C:\Program Files\AVAST Software
2015-04-20 17:07 - 2015-04-20 17:07 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-04-20 17:05 - 2015-04-20 17:52 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-04-20 17:05 - 2015-04-20 17:12 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-04-20 17:05 - 2015-04-20 17:05 - 00001403 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-04-20 17:05 - 2015-04-20 17:05 - 00001391 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-04-20 17:05 - 2015-04-20 17:05 - 00001391 _____ () C:\ProgramData\Desktop\Spybot-S&D Start Center.lnk
2015-04-20 17:05 - 2015-04-20 17:05 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2015-04-20 17:05 - 2015-04-20 17:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-04-20 17:05 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2015-04-20 14:57 - 2015-04-20 14:57 - 00000000 ____D () C:\ProgramData\{c67d51a5-18b4-9735-c67d-d51a518b4694}
2015-04-20 14:37 - 2015-04-20 14:37 - 00000000 ____D () C:\ProgramData\{3da8412c-d112-6f89-3da8-8412cd1104b3}
2015-04-20 14:35 - 2015-04-20 14:36 - 00000000 ____D () C:\ProgramData\6910977573517045643
2015-04-16 22:04 - 2015-04-16 22:06 - 00000000 ____D () C:\Users\Vilyam\Downloads\Vikings.S03E09.REPACK.HDTV.x264-KILLERS
2015-04-16 21:20 - 2015-04-16 21:20 - 00030372 _____ () C:\Users\Vilyam\Downloads\Vikings.S03E09.REPACK.HDTV.x264-KILLERS.torrent
2015-04-15 08:31 - 2015-03-23 14:59 - 07476032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-04-15 08:31 - 2015-03-23 14:59 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-04-15 08:31 - 2015-03-23 14:59 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2015-04-15 08:31 - 2015-03-23 14:58 - 01498872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-04-15 08:31 - 2015-03-23 14:45 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2015-04-15 08:31 - 2015-03-19 21:12 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2015-04-15 08:31 - 2015-03-19 21:10 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-04-15 08:31 - 2015-03-19 21:10 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-04-15 08:31 - 2015-03-19 20:17 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe
2015-04-15 08:31 - 2015-03-19 19:41 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe
2015-04-15 08:31 - 2015-03-19 19:40 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-04-15 08:31 - 2015-03-19 19:16 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-04-15 08:31 - 2015-03-14 01:54 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-04-15 08:31 - 2015-03-14 01:20 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-04-15 08:31 - 2015-03-14 01:13 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-04-15 08:31 - 2015-03-13 18:56 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-04-15 08:31 - 2015-03-13 18:56 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-04-15 08:31 - 2015-03-13 18:51 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-04-15 08:31 - 2015-03-13 18:37 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-04-15 08:31 - 2015-03-13 18:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-04-15 08:31 - 2015-03-13 17:22 - 03678720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-04-15 08:31 - 2015-03-13 17:12 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-04-15 08:31 - 2015-03-13 17:12 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-04-15 08:31 - 2015-03-13 17:09 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-04-15 08:31 - 2015-03-13 17:08 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-04-15 08:31 - 2015-03-13 17:08 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-04-15 08:31 - 2015-03-13 17:06 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-04-15 08:31 - 2015-03-13 17:06 - 00891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-04-15 08:31 - 2015-03-13 17:02 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-04-15 08:31 - 2015-03-13 17:02 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-04-15 08:31 - 2015-03-13 16:59 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-04-15 08:31 - 2015-03-13 16:59 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-04-15 08:31 - 2015-03-12 21:32 - 24980480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-04-15 08:31 - 2015-03-12 21:08 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-04-15 08:31 - 2015-03-12 21:07 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-04-15 08:31 - 2015-03-12 20:53 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-04-15 08:31 - 2015-03-12 20:50 - 06025216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-04-15 08:31 - 2015-03-12 20:42 - 19695616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-04-15 08:31 - 2015-03-12 20:28 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-04-15 08:31 - 2015-03-12 20:26 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-04-15 08:31 - 2015-03-12 20:22 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-04-15 08:31 - 2015-03-12 20:17 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-04-15 08:31 - 2015-03-12 20:16 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-04-15 08:31 - 2015-03-12 20:08 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-04-15 08:31 - 2015-03-12 20:07 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-04-15 08:31 - 2015-03-12 20:00 - 14397440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-04-15 08:31 - 2015-03-12 19:58 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-04-15 08:31 - 2015-03-12 19:50 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-04-15 08:31 - 2015-03-12 19:49 - 04305408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-04-15 08:31 - 2015-03-12 19:45 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-04-15 08:31 - 2015-03-12 19:44 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-04-15 08:31 - 2015-03-12 19:37 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-04-15 08:31 - 2015-03-12 19:34 - 12825600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-04-15 08:31 - 2015-03-12 19:33 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-04-15 08:31 - 2015-03-12 19:22 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-04-15 08:31 - 2015-03-12 19:20 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-04-15 08:31 - 2015-03-12 19:16 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-04-15 08:31 - 2015-03-12 19:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-04-15 08:31 - 2015-02-20 16:49 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-04-15 08:31 - 2014-10-17 23:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2015-04-15 08:30 - 2015-03-22 15:45 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-04-15 08:30 - 2015-03-22 15:09 - 01111552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-04-15 08:30 - 2015-03-22 15:09 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-04-15 08:30 - 2015-03-22 15:09 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-04-15 08:30 - 2015-03-22 15:09 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-04-15 08:30 - 2015-03-22 15:09 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-04-15 08:30 - 2015-03-22 15:09 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-04-15 08:30 - 2015-03-04 03:25 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2015-04-15 08:30 - 2015-03-03 20:04 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2015-04-15 08:30 - 2015-03-03 19:19 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2015-04-15 08:30 - 2015-02-24 01:32 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2015-04-04 21:50 - 2015-04-04 21:50 - 110780348 _____ () C:\Users\Vilyam\Downloads\5585 - Pokemon - Black Version (DSi Enhanced)(USA) (E).zip
2015-04-04 21:46 - 2015-04-04 21:46 - 01670925 _____ () C:\Users\Vilyam\Downloads\desmume-0.9.10-win64.zip
2015-04-04 12:51 - 2015-04-04 12:51 - 00000000 ____D () C:\Users\Vilyam\Documents\Larian Studios
2015-04-03 19:43 - 2015-04-03 19:44 - 00000000 ___SD () C:\WINDOWS\system32\GWX
2015-04-03 19:43 - 2015-04-03 19:43 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX
2015-04-01 18:50 - 2015-04-01 18:50 - 00820952 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmdguard.sys
2015-04-01 18:50 - 2015-04-01 18:50 - 00126720 _____ (COMODO) C:\WINDOWS\system32\Drivers\inspect.sys
2015-04-01 18:50 - 2015-04-01 18:50 - 00035080 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmdhlp.sys
2015-04-01 18:50 - 2015-04-01 18:50 - 00020696 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmderd.sys
2015-04-01 18:48 - 2015-04-01 18:48 - 00576848 _____ (COMODO) C:\WINDOWS\system32\guard64.dll
2015-04-01 18:48 - 2015-04-01 18:48 - 00444472 _____ (COMODO) C:\WINDOWS\SysWOW64\guard32.dll
2015-04-01 18:48 - 2015-04-01 18:48 - 00041248 _____ (COMODO) C:\WINDOWS\system32\cmdcsr.dll
2015-04-01 18:47 - 2015-04-01 18:47 - 00358104 _____ (COMODO) C:\WINDOWS\system32\cmdvrt64.dll
2015-04-01 18:46 - 2015-04-01 18:46 - 00045784 _____ (COMODO) C:\WINDOWS\system32\cmdkbd64.dll
2015-04-01 18:45 - 2015-04-01 18:45 - 00288472 _____ (COMODO) C:\WINDOWS\SysWOW64\cmdvrt32.dll
2015-04-01 18:45 - 2015-04-01 18:45 - 00040664 _____ (COMODO) C:\WINDOWS\SysWOW64\cmdkbd32.dll
2015-03-30 17:35 - 2015-03-30 17:35 - 00000000 ____D () C:\Users\Vilyam\AppData\Local\Macromedia
2015-03-28 11:50 - 2015-03-28 11:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolphin
2015-03-27 11:19 - 2015-03-27 11:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-03-27 11:19 - 2015-03-27 11:19 - 00000000 ____D () C:\Program Files\Logitech
2015-03-27 11:19 - 2015-03-27 11:19 - 00000000 ____D () C:\Program Files\Common Files\Logitech
2015-03-26 20:30 - 2015-03-26 20:30 - 00000882 _____ () C:\Users\Public\Desktop\Pillars of Eternity.lnk
2015-03-26 20:30 - 2015-03-26 20:30 - 00000882 _____ () C:\ProgramData\Desktop\Pillars of Eternity.lnk
2015-03-26 20:30 - 2015-03-26 20:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pillars of Eternity [GOG.com]
2015-03-26 17:53 - 2015-03-26 20:03 - 00000000 ____D () C:\Users\Vilyam\Downloads\Pillars_of_Eternity_FLT
2015-03-24 13:51 - 2015-03-24 13:51 - 00000000 ____D () C:\WINDOWS\system32\appmgmt
2015-03-24 13:12 - 2015-04-20 17:12 - 00000000 ____D () C:\ProgramData\{28f86f1d-1054-cc11-28f8-86f1d105bc74}
2015-03-24 09:56 - 2015-04-02 13:42 - 00000218 _____ () C:\Users\Vilyam\Documents\Lolo.txt
2015-03-24 08:21 - 2015-03-24 08:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-03-24 08:09 - 2015-03-24 08:09 - 00000000 __SHD () C:\ProgramData\SecuROM
2015-03-24 08:07 - 2015-03-24 08:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2015-03-24 07:42 - 2015-03-24 08:09 - 00000000 ____D () C:\Users\Vilyam\AppData\Local\Rockstar Games
2015-03-24 07:42 - 2015-03-24 08:07 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2015-03-24 07:42 - 2015-03-24 07:42 - 00178800 _____ (Sony DADC Austria AG.) C:\WINDOWS\SysWOW64\CmdLineExt_x64.dll
2015-03-24 07:42 - 2015-03-24 07:42 - 00000000 __RHD () C:\Users\Vilyam\AppData\Roaming\SecuROM
2015-03-24 07:42 - 2015-03-24 07:42 - 00000000 ____D () C:\WINDOWS\SysWOW64\xlive
2015-03-23 13:14 - 2015-04-20 20:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-20 20:30 - 2014-11-21 01:43 - 01170068 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-20 20:29 - 2015-02-10 20:04 - 00000000 ____D () C:\Users\Vilyam\AppData\Roaming\Adobe
2015-04-20 20:28 - 2015-02-10 20:10 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-117805156-1059988709-3418736103-1001
2015-04-20 20:25 - 2015-02-17 12:19 - 00003244 _____ () C:\WINDOWS\System32\Tasks\IORRT
2015-04-20 20:25 - 2015-02-14 16:34 - 00000000 ____D () C:\Users\Vilyam\OneDrive
2015-04-20 20:24 - 2015-02-10 20:14 - 00000904 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-20 20:23 - 2015-02-14 16:09 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-20 20:23 - 2013-08-22 07:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-20 20:22 - 2013-08-22 06:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-04-20 20:20 - 2015-02-10 23:54 - 00000000 ____D () C:\Users\Vilyam\AppData\Roaming\uTorrent
2015-04-20 20:08 - 2015-02-10 21:15 - 00000834 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-04-20 20:08 - 2015-02-10 21:15 - 00000834 _____ () C:\ProgramData\Desktop\CCleaner.lnk
2015-04-20 20:08 - 2015-02-10 21:15 - 00000000 ____D () C:\Program Files\CCleaner
2015-04-20 20:03 - 2015-02-11 18:12 - 00000000 ____D () C:\Users\Vilyam\AppData\Roaming\Curse Client
2015-04-20 20:02 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-04-20 19:27 - 2015-02-24 22:25 - 00003914 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{900B455C-2CE7-43E1-815F-E126E4991D66}
2015-04-20 17:34 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-04-20 17:19 - 2015-02-10 20:14 - 00000908 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-20 14:36 - 2015-02-10 20:51 - 00000000 ____D () C:\Users\Vilyam\AppData\Local\Battle.net
2015-04-20 02:00 - 2015-02-19 17:32 - 00000000 ____D () C:\Users\Vilyam\AppData\Local\Adobe
2015-04-17 12:38 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-04-16 12:36 - 2012-07-26 00:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-04-15 16:02 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-04-15 10:30 - 2015-02-10 21:04 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-04-15 10:29 - 2015-02-10 21:04 - 128913832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-04-15 10:27 - 2015-02-10 22:37 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-04-15 10:27 - 2014-11-21 09:17 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-04-13 16:24 - 2014-11-21 09:23 - 00792056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-04-13 16:24 - 2014-11-21 09:23 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-03 21:22 - 2015-02-19 17:12 - 00000000 ____D () C:\Users\Vilyam\Downloads\Adobe Photoshop CS5.1 Extended Edition
2015-03-28 11:45 - 2015-03-19 14:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-28 11:44 - 2015-02-11 14:00 - 00000000 ____D () C:\Users\Vilyam\Documents\My Games
2015-03-28 11:42 - 2015-02-17 12:12 - 00000000 ____D () C:\Users\Vilyam\AppData\Roaming\DAEMON Tools Lite
2015-03-28 11:19 - 2015-03-01 14:57 - 00000000 ____D () C:\Users\Vilyam\AppData\Local\SKIDROW

==================== Files in the root of some directories =======

2015-04-20 19:44 - 2015-04-20 19:44 - 0000020 _____ () C:\Users\Vilyam\AppData\Roaming\appdataFr3.bin

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe
[2014-11-21 02:17] - [2014-11-21 02:17] - 0572416 ____A (Microsoft Corporation) EC498BAE1F0D3E0E401C963F8D76C437

C:\Windows\System32\wininit.exe
[2014-11-21 02:16] - [2014-11-21 02:16] - 0145920 ____A (Microsoft Corporation) A570A64292214C43E0BA50E6A72A6380

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll
[2014-11-21 02:17] - [2014-11-21 02:17] - 1376256 ____A (Microsoft Corporation) 76C5CF09F53A3B089B5581B9938F8CAE

C:\Windows\System32\userinit.exe
[2014-11-21 02:16] - [2014-11-21 02:16] - 0026112 ____A (Microsoft Corporation) 5C131534A3EA4A461A793FB507A8004F

C:\Windows\SysWOW64\userinit.exe
[2014-11-21 02:18] - [2014-11-21 02:18] - 0022528 ____A (Microsoft Corporation) D10643FC0095434C819316CA6CD748C0

C:\Windows\System32\rpcss.dll
[2014-11-21 02:16] - [2014-11-21 02:16] - 0817664 ____A (Microsoft Corporation) A6F17C299A03BAFEFB9257C462A19E00

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-20 06:16

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-04-2015
Ran by Vilyam at 2015-04-20 20:49:19
Running from C:\Users\Vilyam\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-117805156-1059988709-3418736103-1001\...\uTorrent) (Version: 3.4.2.38656 - BitTorrent Inc.)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.07 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.144 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2215 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
COMODO Firewall (HKLM\...\{73830292-868E-4C82-9AF5-CCFE2047B6A3}) (Version: 8.2.0.4508 - COMODO Security Solutions Inc.)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Divinity: Original Sin (HKLM-x32\...\Steam App 230230) (Version:  - Larian Studios)
EVGA PrecisionX 16 (HKLM-x32\...\{D99289E6-A66A-4D27-A3E0-EC726A7BC82D}) (Version: 5.3.0 - EVGA Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Intel® Network Connections 18.1.59.0 (HKLM\...\PROSetDX) (Version: 18.1.59.0 - Intel)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 37.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.1 - Mozilla)
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Pillars of Eternity (HKLM-x32\...\1207666813_is1) (Version: 2.0.0.1 - GOG.com)
ProcLifter (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{9714eddf}) (Version:  - ProcLifter) <==== ATTENTION
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6853 - Realtek Semiconductor Corp.)
Ruby 2.1.5-p273 (HKU\S-1-5-21-117805156-1059988709-3418736103-1001\...\{64763A89-6347-43AF-833F-3840615C62AE}_is1) (Version: 2.1.5-p273 - RubyInstaller Team)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Sublime Text 2.0.2 (HKLM\...\Sublime Text 2_is1) (Version:  - )
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-117805156-1059988709-3418736103-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points  =========================

Could not list restore points.
Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 06:25 - 2011-04-24 23:58 - 00001211 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0464DFA2-CA8E-4558-B118-A867B2BE49EE} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-04-20] (Avast Software s.r.o.)
Task: {2202E1D0-3A3A-41BD-A8B0-987ED24B6791} - System32\Tasks\Hybrid => C:\IORRT\IORRT.bat [2015-02-17] ()
Task: {2764091C-F234-4EE8-8ED9-7417658F5D99} - System32\Tasks\Microsoft\Windows\Setup\8.1 auto install v2 => C:\Windows\System32\AutoUpdate.exe
Task: {2BC4A5D4-21F9-4D60-A63F-F62829176C43} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {35FAAF03-4248-4006-9BC7-40AFCCA46313} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-23] (Microsoft Corporation)
Task: {36D1F081-1744-446E-B7AB-56DD59937A44} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-10] (Google Inc.)
Task: {45BEA05D-E874-49C8-9692-9EC7908501C7} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {4F3E823E-4FEC-4FBC-A426-DCF8117DCC57} - System32\Tasks\Microsoft\Windows\Setup\8.1 auto install ping => C:\Windows\system32\AutoUpdate.exe
Task: {4FB29A9D-2395-41B3-BFC0-FF93855275C4} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-23] (Microsoft Corporation)
Task: {57451F2F-B104-4780-AED3-494436BA5407} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-23] (Microsoft Corporation)
Task: {5CCD49A2-59C2-4DD4-8442-335CFC9D1DE1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-04-15] (Microsoft Corporation)
Task: {6BFD5CB8-ABD0-4DB2-B313-7FBB376AF197} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-20] (Adobe Systems Incorporated)
Task: {7153101F-4C03-442B-A407-834702DFE503} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-04-01] (COMODO)
Task: {8EAE4A68-1A99-49CF-953D-ABEFD2F6E52A} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {96EB05E6-4814-44FB-8EAA-6605DED154CB} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {9A1DB490-5E7F-4947-A36F-94ADA7BD43CE} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-04-01] (COMODO)
Task: {B5533BF1-C56D-4C9B-8423-DFC082DF94F9} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-04-01] (COMODO)
Task: {D3B3D7F9-927B-435F-B1B7-C01B28275588} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-10] (Google Inc.)
Task: {DA33DBC1-73B7-44CB-8DA6-BF38493DA1A5} - System32\Tasks\IORRT => C:\IORRT\IORRT.bat [2015-02-17] ()
Task: {F7D3730F-9CC2-4230-8A5A-CFFD45061A0D} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-23] (Microsoft Corporation)
Task: {FC3F5201-17F9-4451-9C3F-927428AB7D88} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {FF7B37E9-278D-4FDF-8725-0E172AE9DDBD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-20] (Piriform Ltd)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2015-02-14 16:09 - 2015-02-05 12:07 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-02-14 16:08 - 2012-10-29 00:48 - 00927232 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
2010-01-30 03:40 - 2010-01-30 03:40 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-03-24 22:38 - 2010-03-24 22:38 - 08794976 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2015-02-10 23:57 - 2011-03-02 13:40 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2015-04-20 17:09 - 2015-04-20 17:09 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-20 17:09 - 2015-04-20 17:09 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-04-20 17:09 - 2015-04-20 17:09 - 02926080 _____ () C:\Program Files\AVAST Software\Avast\defs\15042000\algo.dll
2015-02-14 16:08 - 2015-04-20 20:23 - 00030208 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.01\PEbiosinterface32.dll
2015-02-14 16:08 - 2012-05-07 09:04 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.01\ATKEX.dll
2015-04-20 17:05 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-04-20 17:05 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-04-20 17:05 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-04-20 17:05 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-04-20 17:05 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-04-20 17:09 - 2015-04-20 17:09 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2010-01-30 03:41 - 2010-01-30 03:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-03-24 22:17 - 2010-03-24 22:17 - 08794464 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Vilyam\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Vilyam\Downloads\ccsetup504.exe:$CmdTcID
AlternateDataStreams: C:\Users\Vilyam\Downloads\ccsetup504.exe:$CmdZnID

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-117805156-1059988709-3418736103-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Vilyam\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\1080p-tree-on-the-prairie-hd-wallpaper-hd-wallpaper-1920x1200-6-53fb78a307dce-3126.jpg
DNS Servers: 156.154.70.22 - 156.154.71.22

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "AdobeCS5.5ServiceManager"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKU\S-1-5-21-117805156-1059988709-3418736103-1001\...\StartupApproved\StartupFolder: => "Curse.lnk"
HKU\S-1-5-21-117805156-1059988709-3418736103-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-117805156-1059988709-3418736103-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"

==================== Accounts: =============================

Administrator (S-1-5-21-117805156-1059988709-3418736103-500 - Administrator - Disabled)
Guest (S-1-5-21-117805156-1059988709-3418736103-501 - Limited - Disabled)
Vilyam (S-1-5-21-117805156-1059988709-3418736103-1001 - Administrator - Enabled) => C:\Users\Vilyam

==================== Faulty Device Manager Devices =============

Could not list Devices. Check "winmgmt" service or repair WMI.


==================== Event log errors: =========================

Could not start eventlog service, could not read events.

System error 123 has occurred.

The filename, directory name, or volume label syntax is incorrect.


==================== Memory info ===========================

Processor: Intel® Core™ i5-4670K CPU @ 3.40GHz
Percentage of memory in use: 13%
Total physical RAM: 16256.66 MB
Available physical RAM: 14101.28 MB
Total Pagefile: 18688.66 MB
Available Pagefile: 15985.54 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:651.58 GB) (Free:557.53 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:465.76 GB) (Free:380.4 GB) NTFS
Drive g: (Lexar) (Removable) (Total:29.23 GB) (Free:1.47 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: BB4EF6FB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=651.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=279.8 GB) - (Type=05)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 5B625B62)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 29.3 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=29.2 GB) - (Type=0C)

==================== End Of Log ============================


  • 0

Advertisements


#2
zillo396

zillo396

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts

If anyone happens to respond to this topic, I will be asleep. Please do not close as I will see it in the morning.

 

Thank You


  • 0

#3
zillo396

zillo396

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts

I am on now and will be for the remainder of the day to troubleshoot the issue.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP