First and foremost, I am thanking whomever comes to my aid now and will continue the much deserved thanks till the problem is resolved. I have some sensitive documents on the PC that has been infected, so, I am a little hesitant to backup my files and just nuke the PC.
1. I am not entirely sure what I have done for the PC to suddenly become infected but it started happening around 4:00 pm today. I launched my browser, Chrome, then suddenly I was re-directed to some PC support Page, I knew something was wrong and immediately disconnected my internet.
2. Up until this point I have had no virus protection installed, anti-malware, adware, spyware etc installed other than Windows Defender. I did run a full system scan with WD and it found nothing. I turned my net back on and launched a browser and to no avail was re-directed again to some credit coupon webpage, so I proceeded to shut off my net again.
3. I downloaded, Avast, Spybot Search & Destroy Malwarebytes and Comodo, they all found somethings and proceeded to remove it, however; the problem still persists because Avast blocker keeps coming up and mentioning that a virus has been blocked known as MAL: 32. And these are some of the viruses that have been blocked by Avast as well:
kds3fxhsxipje.dll - c:\program files (x86)\keeperrsext - Win32:Adware-Gen [Adw] and there are a few similar to this one.
The main thing that's happening is my webpage is being re-directed and trying to download to my guess more viruses. I ran FRST and Addition Texts are below.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-04-2015
Ran by Vilyam (administrator) on WILL on 20-04-2015 20:48:46
Running from C:\Users\Vilyam\Desktop
Loaded Profiles: Vilyam (Available profiles: Vilyam)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7156296 2013-03-05] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1426136 2015-04-01] (COMODO)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-04-20] (Avast Software s.r.o.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-117805156-1059988709-3418736103-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-04-20] (Piriform Ltd)
HKU\S-1-5-21-117805156-1059988709-3418736103-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-20] (Avast Software s.r.o.)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-117805156-1059988709-3418736103-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-20] (Avast Software s.r.o.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-20] (Avast Software s.r.o.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 71.10.216.1 71.10.216.2
Tcpip\..\Interfaces\{B9AE0BC8-D283-42AE-90E5-B778DF273A2A}: [NameServer] 156.154.70.22,156.154.71.22
FireFox:
========
FF ProfilePath: C:\Users\Vilyam\AppData\Roaming\Mozilla\Firefox\Profiles\qrnhcizq.default
FF Homepage: https://www.google.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-20] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-29] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-20] ()
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-10] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-29] (Adobe Systems)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-02-19]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: No Name - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-04-20]
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HomePage: Default ->
CHR Profile: C:\Users\Vilyam\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Vilyam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-10]
CHR Extension: (Google Search) - C:\Users\Vilyam\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-10]
CHR Extension: (Google Wallet) - C:\Users\Vilyam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-10]
CHR Extension: (Gmail) - C:\Users\Vilyam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-10]
CHR Extension: (Avast Online Security) - C:\Users\Vilyam\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-04-20]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-20]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 gpsvc; C:\Windows\System32\gpsvc.dll [1360896 2014-11-21] (Microsoft Corporation) [File not signed]
R2 nsi; C:\Windows\System32\nsisvc.dll [28672 2014-11-21] (Microsoft Corporation) [File not signed]
U4 SharedAccess; C:\Windows\System32\ipnathlp.dll [452608 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [802816 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WinHttpAutoProxySvc; C:\Windows\SysWOW64\winhttp.dll [631808 2014-11-21] (Microsoft Corporation) [File not signed]
U3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [214528 2014-11-21] (Microsoft Corporation) [File not signed]
U3 ALG; C:\Windows\System32\alg.exe [96768 2014-11-21] (Microsoft Corporation) [File not signed]
U3 AppIDSvc; C:\Windows\System32\appidsvc.dll [39424 2014-11-21] (Microsoft Corporation) [File not signed]
R3 Appinfo; C:\Windows\System32\appinfo.dll [110080 2014-11-21] (Microsoft Corporation) [File not signed]
U3 AppMgmt; C:\Windows\System32\appmgmts.dll [187904 2014-11-21] (Microsoft Corporation) [File not signed]
U3 AppMgmt; C:\Windows\SysWOW64\appmgmts.dll [155648 2014-11-21] (Microsoft Corporation) [File not signed]
U3 AppReadiness; C:\Windows\system32\AppReadiness.dll [562688 2014-11-21] (Microsoft Corporation) [File not signed]
U3 AppXSvc; C:\Windows\system32\appxdeploymentserver.dll [1348096 2014-11-21] (Microsoft Corporation) [File not signed]
U2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe [927232 2012-10-29] () [File not signed]
U2 AudioEndpointBuilder; C:\Windows\System32\AudioEndpointBuilder.dll [229888 2015-02-14] (Microsoft Corporation) [File not signed]
R2 Audiosrv; C:\Windows\System32\Audiosrv.dll [911360 2014-11-21] (Microsoft Corporation) [File not signed]
U2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-20] (Avast Software s.r.o.)
U3 AxInstSV; C:\Windows\System32\AxInstSV.dll [111104 2014-11-21] (Microsoft Corporation) [File not signed]
U3 BDESVC; C:\Windows\System32\bdesvc.dll [348672 2014-11-21] (Microsoft Corporation) [File not signed]
U2 BFE; C:\Windows\System32\bfe.dll [845312 2014-11-21] (Microsoft Corporation) [File not signed]
U2 BITS; C:\Windows\System32\qmgr.dll [933376 2014-11-21] (Microsoft Corporation) [File not signed]
U2 BrokerInfrastructure; C:\Windows\System32\bisrv.dll [270336 2014-11-21] (Microsoft Corporation) [File not signed]
U3 Browser; C:\Windows\System32\browser.dll [135168 2014-11-21] (Microsoft Corporation) [File not signed]
U3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation) [File not signed]
U3 bthserv; C:\Windows\system32\bthserv.dll [94720 2014-11-21] (Microsoft Corporation) [File not signed]
U3 CertPropSvc; C:\Windows\System32\certprop.dll [156160 2014-11-21] (Microsoft Corporation) [File not signed]
U2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5540424 2015-04-01] (COMODO)
U3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265816 2015-04-01] (COMODO)
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [131584 2014-11-21] (Microsoft Corporation) [File not signed]
U2 CscService; C:\Windows\System32\cscsvc.dll [802304 2014-11-21] (Microsoft Corporation) [File not signed]
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [817664 2014-11-21] (Microsoft Corporation) [File not signed]
U3 defragsvc; C:\Windows\System32\defragsvc.dll [524288 2014-11-21] (Microsoft Corporation) [File not signed]
U2 DeviceAssociationService; C:\Windows\system32\das.dll [407040 2014-11-21] (Microsoft Corporation) [File not signed]
U3 DeviceInstall; C:\Windows\system32\umpnpmgr.dll [116736 2014-11-21] (Microsoft Corporation) [File not signed]
U2 Dhcp; C:\Windows\system32\dhcpcore.dll [365056 2014-11-21] (Microsoft Corporation) [File not signed]
U2 Dhcp; C:\Windows\SysWOW64\dhcpcore.dll [292864 2014-11-21] (Microsoft Corporation) [File not signed]
U2 Dnscache; C:\Windows\System32\dnsrslvr.dll [252416 2014-11-21] (Microsoft Corporation) [File not signed]
U3 dot3svc; C:\Windows\System32\dot3svc.dll [262144 2014-11-21] (Microsoft Corporation) [File not signed]
U2 DPS; C:\Windows\system32\dps.dll [174080 2014-11-21] (Microsoft Corporation) [File not signed]
U3 DsmSvc; C:\Windows\System32\DeviceSetupManager.dll [206848 2014-11-21] (Microsoft Corporation) [File not signed]
U3 Eaphost; C:\Windows\System32\eapsvc.dll [110592 2014-11-21] (Microsoft Corporation) [File not signed]
U3 EFS; C:\Windows\system32\efssvc.dll [41472 2014-11-21] (Microsoft Corporation) [File not signed]
U2 EventLog; C:\Windows\System32\wevtsvc.dll [1696256 2014-11-21] (Microsoft Corporation) [File not signed]
U2 EventSystem; C:\Windows\system32\es.dll [516608 2014-11-21] (Microsoft Corporation) [File not signed]
U2 EventSystem; C:\Windows\SysWOW64\es.dll [367616 2014-11-21] (Microsoft Corporation) [File not signed]
U3 Fax; C:\Windows\system32\fxssvc.exe [658944 2014-11-21] (Microsoft Corporation) [File not signed]
U3 fdPHost; C:\Windows\system32\fdPHost.dll [22016 2014-11-21] (Microsoft Corporation) [File not signed]
U3 FDResPub; C:\Windows\system32\fdrespub.dll [34816 2014-11-21] (Microsoft Corporation) [File not signed]
U3 fhsvc; C:\Windows\system32\fhsvc.dll [121856 2014-11-21] (Microsoft Corporation) [File not signed]
U2 FontCache; C:\Windows\system32\FntCache.dll [1390080 2014-11-21] (Microsoft Corporation) [File not signed]
U2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2015-02-05] (NVIDIA Corporation)
U3 hidserv; C:\Windows\system32\hidserv.dll [33792 2014-11-21] (Microsoft Corporation) [File not signed]
U3 hidserv; C:\Windows\SysWOW64\hidserv.dll [30720 2014-11-21] (Microsoft Corporation) [File not signed]
U3 hkmsvc; C:\Windows\system32\kmsvc.dll [101376 2014-11-21] (Microsoft Corporation) [File not signed]
U3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [275968 2014-11-21] (Microsoft Corporation) [File not signed]
U3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [445952 2014-11-21] (Microsoft Corporation) [File not signed]
U3 HomeGroupProvider; C:\Windows\SysWOW64\provsvc.dll [366080 2014-11-21] (Microsoft Corporation) [File not signed]
U3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [114688 2014-11-21] (Microsoft Corporation) [File not signed]
U2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
U3 IKEEXT; C:\Windows\System32\ikeext.dll [1084416 2014-11-21] (Microsoft Corporation) [File not signed]
U2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [926208 2014-11-21] (Microsoft Corporation) [File not signed]
U3 KeyIso; C:\Windows\system32\keyiso.dll [62464 2014-11-21] (Microsoft Corporation) [File not signed]
U3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [46592 2014-11-21] (Microsoft Corporation) [File not signed]
U3 KtmRm; C:\Windows\system32\msdtckrm.dll [373248 2014-11-21] (Microsoft Corporation) [File not signed]
U2 LanmanServer; C:\Windows\system32\srvsvc.dll [329216 2014-11-21] (Microsoft Corporation) [File not signed]
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [289280 2014-11-21] (Microsoft Corporation) [File not signed]
U3 lfsvc; C:\Windows\System32\GeofenceMonitorService.dll [521728 2014-11-21] (Microsoft Corporation) [File not signed]
U3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [367104 2014-11-21] (Microsoft Corporation) [File not signed]
U3 lltdsvc; C:\Windows\System32\lltdsvc.dll [279040 2014-11-21] (Microsoft Corporation) [File not signed]
U2 lmhosts; C:\Windows\System32\lmhsvc.dll [24576 2014-11-21] (Microsoft Corporation) [File not signed]
U2 LSM; C:\Windows\System32\lsm.dll [780800 2015-02-20] (Microsoft Corporation) [File not signed]
U2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
U2 MMCSS; C:\Windows\system32\mmcss.dll [71168 2014-11-21] (Microsoft Corporation) [File not signed]
U2 MpsSvc; C:\Windows\system32\mpssvc.dll [880640 2014-11-21] (Microsoft Corporation) [File not signed]
U3 MSDTC; C:\Windows\System32\msdtc.exe [144384 2014-11-21] (Microsoft Corporation) [File not signed]
U3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [151040 2014-11-21] (Microsoft Corporation) [File not signed]
S3 msiserver; C:\Windows\System32\msiexec.exe [64512 2014-11-21] (Microsoft Corporation) [File not signed]
S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [59904 2014-11-21] (Microsoft Corporation) [File not signed]
U3 napagent; C:\Windows\system32\qagentRT.dll [446464 2014-11-21] (Microsoft Corporation) [File not signed]
U3 NcaSvc; C:\Windows\System32\ncasvc.dll [166400 2014-11-21] (Microsoft Corporation) [File not signed]
U3 NcbService; C:\Windows\System32\ncbservice.dll [154112 2014-11-21] (Microsoft Corporation) [File not signed]
U3 NcdAutoSetup; C:\Windows\System32\NcdAutoSetup.dll [74752 2014-11-21] (Microsoft Corporation) [File not signed]
U3 Netlogon; C:\Windows\system32\netlogon.dll [838656 2014-11-21] (Microsoft Corporation) [File not signed]
U3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [695296 2014-11-21] (Microsoft Corporation) [File not signed]
U3 Netman; C:\Windows\System32\netman.dll [266752 2014-11-21] (Microsoft Corporation) [File not signed]
U3 netprofm; C:\Windows\System32\netprofmsvc.dll [550912 2014-11-21] (Microsoft Corporation) [File not signed]
U2 NlaSvc; C:\Windows\System32\nlasvc.dll [391680 2015-02-14] (Microsoft Corporation) [File not signed]
U2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-02-05] (NVIDIA Corporation)
U2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2015-02-05] (NVIDIA Corporation)
U3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [380416 2014-11-21] (Microsoft Corporation) [File not signed]
U3 p2psvc; C:\Windows\system32\p2psvc.dll [440832 2014-11-21] (Microsoft Corporation) [File not signed]
U2 PcaSvc; C:\Windows\System32\pcasvc.dll [474112 2014-11-21] (Microsoft Corporation) [File not signed]
U3 PeerDistSvc; C:\Windows\system32\peerdistsvc.dll [2252800 2014-11-21] (Microsoft Corporation) [File not signed]
U3 PerfHost; C:\Windows\SysWow64\perfhost.exe [21504 2013-08-21] (Microsoft Corporation) [File not signed]
U3 pla; C:\Windows\system32\pla.dll [1526784 2014-11-21] (Microsoft Corporation) [File not signed]
U3 pla; C:\Windows\SysWOW64\pla.dll [1534464 2014-11-21] (Microsoft Corporation) [File not signed]
U3 PlugPlay; C:\Windows\system32\umpnpmgr.dll [116736 2014-11-21] (Microsoft Corporation) [File not signed]
U3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [26624 2014-11-21] (Microsoft Corporation) [File not signed]
U3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [380416 2014-11-21] (Microsoft Corporation) [File not signed]
U3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [397312 2014-11-21] (Microsoft Corporation) [File not signed]
U2 Power; C:\Windows\system32\umpo.dll [80384 2014-11-21] (Microsoft Corporation) [File not signed]
U3 PrintNotify; C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll [2987520 2014-11-21] (Microsoft Corporation) [File not signed]
U2 ProfSvc; C:\Windows\system32\profsvc.dll [225280 2015-02-14] (Microsoft Corporation) [File not signed]
U3 QWAVE; C:\Windows\system32\qwave.dll [303104 2014-11-21] (Microsoft Corporation) [File not signed]
S3 RasAuto; C:\Windows\System32\rasauto.dll [102912 2014-11-21] (Microsoft Corporation) [File not signed]
S3 RasMan; C:\Windows\System32\rasmans.dll [542208 2014-11-21] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [226816 2014-11-21] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [183296 2014-11-21] (Microsoft Corporation) [File not signed]
U4 RemoteRegistry; C:\Windows\system32\regsvc.dll [166400 2014-11-21] (Microsoft Corporation) [File not signed]
R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [80896 2014-11-21] (Microsoft Corporation) [File not signed]
U3 RpcLocator; C:\Windows\system32\locator.exe [10240 2014-11-21] (Microsoft Corporation) [File not signed]
R2 RpcSs; C:\Windows\system32\rpcss.dll [817664 2014-11-21] (Microsoft Corporation) [File not signed]
U4 SCardSvr; C:\Windows\System32\SCardSvr.dll [194048 2014-11-21] (Microsoft Corporation) [File not signed]
U3 ScDeviceEnum; C:\Windows\System32\ScDeviceEnum.dll [131072 2014-11-21] (Microsoft Corporation) [File not signed]
U2 Schedule; C:\Windows\system32\schedsvc.dll [1265152 2014-11-21] (Microsoft Corporation) [File not signed]
U3 SCPolicySvc; C:\Windows\System32\certprop.dll [156160 2014-11-21] (Microsoft Corporation) [File not signed]
U2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
U2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
U2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
U3 seclogon; C:\Windows\system32\seclogon.dll [31744 2014-11-21] (Microsoft Corporation) [File not signed]
R2 SENS; C:\Windows\System32\sens.dll [73728 2014-11-21] (Microsoft Corporation) [File not signed]
U3 SensrSvc; C:\Windows\system32\sensrsvc.dll [243200 2014-11-21] (Microsoft Corporation) [File not signed]
U3 SessionEnv; C:\Windows\system32\sessenv.dll [339968 2014-11-21] (Microsoft Corporation) [File not signed]
U3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [296448 2014-11-21] (Microsoft Corporation) [File not signed]
U2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [640000 2014-11-21] (Microsoft Corporation) [File not signed]
U2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [576512 2014-11-21] (Microsoft Corporation) [File not signed]
U3 smphost; C:\Windows\System32\smphost.dll [13312 2014-11-21] (Microsoft Corporation) [File not signed]
U3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2014-11-21] (Microsoft Corporation) [File not signed]
U3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14848 2014-11-21] (Microsoft Corporation) [File not signed]
R2 Spooler; C:\Windows\System32\spoolsv.exe [827392 2014-11-21] (Microsoft Corporation) [File not signed]
U3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [249344 2014-11-21] (Microsoft Corporation) [File not signed]
U3 SstpSvc; C:\Windows\system32\sstpsvc.dll [142848 2014-11-21] (Microsoft Corporation) [File not signed]
U2 stisvc; C:\Windows\System32\wiaservc.dll [670720 2014-11-21] (Microsoft Corporation) [File not signed]
U3 StorSvc; C:\Windows\system32\storsvc.dll [20480 2014-11-21] (Microsoft Corporation) [File not signed]
U3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [17920 2014-11-21] (Microsoft Corporation) [File not signed]
U3 svsvc; C:\Windows\system32\svsvc.dll [13312 2014-11-21] (Microsoft Corporation) [File not signed]
U3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
U3 swprv; C:\Windows\System32\swprv.dll [706048 2014-11-21] (Microsoft Corporation) [File not signed]
U2 SysMain; C:\Windows\system32\sysmain.dll [1217024 2014-11-21] (Microsoft Corporation) [File not signed]
U2 SystemEventsBroker; C:\Windows\System32\SystemEventsBrokerServer.dll [294912 2014-11-21] (Microsoft Corporation) [File not signed]
U3 TabletInputService; C:\Windows\System32\TabSvc.dll [154624 2014-11-21] (Microsoft Corporation) [File not signed]
U3 TapiSrv; C:\Windows\System32\tapisrv.dll [313344 2014-11-21] (Microsoft Corporation) [File not signed]
U3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [254464 2014-11-21] (Microsoft Corporation) [File not signed]
S3 TermService; C:\Windows\System32\termsrv.dll [1114624 2014-11-21] (Microsoft Corporation) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [59392 2014-11-21] (Microsoft Corporation) [File not signed]
U3 THREADORDER; C:\Windows\system32\mmcss.dll [71168 2014-11-21] (Microsoft Corporation) [File not signed]
U3 TimeBroker; C:\Windows\System32\TimeBrokerServer.dll [262656 2014-11-21] (Microsoft Corporation) [File not signed]
U2 TrkWks; C:\Windows\System32\trkwks.dll [124416 2014-11-21] (Microsoft Corporation) [File not signed]
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [106496 2014-11-21] (Microsoft Corporation) [File not signed]
U3 UI0Detect; C:\Windows\system32\UI0Detect.exe [41984 2014-11-21] (Microsoft Corporation) [File not signed]
U3 UmRdpService; C:\Windows\System32\umrdp.dll [300032 2014-11-21] (Microsoft Corporation) [File not signed]
U3 upnphost; C:\Windows\System32\upnphost.dll [457728 2014-11-21] (Microsoft Corporation) [File not signed]
U3 upnphost; C:\Windows\SysWOW64\upnphost.dll [331776 2014-11-21] (Microsoft Corporation) [File not signed]
U3 VaultSvc; C:\Windows\System32\vaultsvc.dll [260608 2014-11-21] (Microsoft Corporation) [File not signed]
U3 vds; C:\Windows\System32\vds.exe [1313792 2014-11-21] (Microsoft Corporation) [File not signed]
U3 vmicguestinterface; C:\Windows\System32\ICSvc.dll [524800 2014-11-21] (Microsoft Corporation) [File not signed]
U3 vmicheartbeat; C:\Windows\System32\ICSvc.dll [524800 2014-11-21] (Microsoft Corporation) [File not signed]
U3 vmickvpexchange; C:\Windows\System32\ICSvc.dll [524800 2014-11-21] (Microsoft Corporation) [File not signed]
U3 vmicrdv; C:\Windows\System32\ICSvc.dll [524800 2014-11-21] (Microsoft Corporation) [File not signed]
U3 vmicshutdown; C:\Windows\System32\ICSvc.dll [524800 2014-11-21] (Microsoft Corporation) [File not signed]
U3 vmictimesync; C:\Windows\System32\ICSvc.dll [524800 2014-11-21] (Microsoft Corporation) [File not signed]
U3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-11-21] (Microsoft Corporation) [File not signed]
U3 VSS; C:\Windows\system32\vssvc.exe [1454080 2014-11-21] (Microsoft Corporation) [File not signed]
U3 W32Time; C:\Windows\system32\w32time.dll [411648 2014-11-21] (Microsoft Corporation) [File not signed]
U3 wbengine; C:\Windows\system32\wbengine.exe [1571328 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [465920 2014-11-21] (Microsoft Corporation) [File not signed]
U2 Wcmsvc; C:\Windows\System32\wcmsvc.dll [374784 2014-11-21] (Microsoft Corporation) [File not signed]
U3 wcncsvc; C:\Windows\System32\wcncsvc.dll [465920 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [43520 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WcsPlugInService; C:\Windows\SysWOW64\WcsPlugInService.dll [34304 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WdiServiceHost; C:\Windows\system32\wdi.dll [95744 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WdiServiceHost; C:\Windows\SysWOW64\wdi.dll [84992 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WdiSystemHost; C:\Windows\system32\wdi.dll [95744 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WdiSystemHost; C:\Windows\SysWOW64\wdi.dll [84992 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
U3 WebClient; C:\Windows\System32\webclnt.dll [229376 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WebClient; C:\Windows\SysWOW64\webclnt.dll [199168 2014-11-21] (Microsoft Corporation) [File not signed]
U3 Wecsvc; C:\Windows\system32\wecsvc.dll [209408 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WEPHOSTSVC; C:\Windows\system32\wephostsvc.dll [26112 2014-11-21] (Microsoft Corporation) [File not signed]
U3 wercplsupport; C:\Windows\System32\wercplsupport.dll [84992 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WerSvc; C:\Windows\System32\WerSvc.dll [108544 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WiaRpc; C:\Windows\System32\wiarpc.dll [67584 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
U2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [230400 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WinRM; C:\Windows\system32\WsmSvc.dll [2608640 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WinRM; C:\Windows\SysWOW64\WsmSvc.dll [2170368 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WlanSvc; C:\Windows\System32\wlansvc.dll [1547264 2014-11-21] (Microsoft Corporation) [File not signed]
U3 wlidsvc; C:\Windows\system32\wlidsvc.dll [1639424 2014-11-21] (Microsoft Corporation) [File not signed]
U3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [201728 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1478144 2014-11-21] (Microsoft Corporation) [File not signed]
U3 workfolderssvc; C:\Windows\system32\workfolderssvc.dll [1668096 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WPCSvc; C:\Windows\SysWOW64\wpcsvc.dll [10240 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [86528 2014-11-21] (Microsoft Corporation) [File not signed]
U2 wscsvc; C:\Windows\System32\wscsvc.dll [146944 2014-11-21] (Microsoft Corporation) [File not signed]
U2 WSearch; C:\Windows\system32\SearchIndexer.exe [903168 2014-11-21] (Microsoft Corporation) [File not signed]
U2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [710144 2014-11-21] (Microsoft Corporation) [File not signed]
U3 wuauserv; C:\Windows\system32\wuaueng.dll [3678720 2015-03-13] (Microsoft Corporation) [File not signed]
U3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [104960 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WwanSvc; C:\Windows\System32\wwansvc.dll [513536 2014-11-21] (Microsoft Corporation) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U3 1394ohci; C:\Windows\System32\drivers\1394ohci.sys [231424 2013-08-22] (Microsoft Corporation) [File not signed]
U3 acpipagr; C:\Windows\System32\drivers\acpipagr.sys [10240 2013-08-22] (Microsoft Corporation) [File not signed]
U3 AcpiPmi; C:\Windows\System32\drivers\acpipmi.sys [12288 2013-08-22] (Microsoft Corporation) [File not signed]
U3 acpitime; C:\Windows\System32\drivers\acpitime.sys [10752 2013-08-22] (Microsoft Corporation) [File not signed]
U1 AFD; C:\Windows\system32\drivers\afd.sys [563200 2014-11-21] (Microsoft Corporation) [File not signed]
U1 ahcache; C:\Windows\System32\DRIVERS\ahcache.sys [75776 2015-02-14] (Microsoft Corporation) [File not signed]
U3 AmdK8; C:\Windows\System32\drivers\amdk8.sys [95744 2013-08-22] (Microsoft Corporation) [File not signed]
U3 AmdPPM; C:\Windows\System32\drivers\amdppm.sys [98816 2013-08-22] (Microsoft Corporation) [File not signed]
U3 AppID; C:\Windows\system32\drivers\appid.sys [82944 2014-11-21] (Microsoft Corporation) [File not signed]
U1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2012-05-07] ()
U2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-20] ()
U2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-04-20] (Avast Software s.r.o.)
U1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-20] (Avast Software s.r.o.)
U0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-20] ()
U1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-20] (Avast Software s.r.o.)
U1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-20] (Avast Software s.r.o.)
U2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-04-20] (Avast Software s.r.o.)
U0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-04-20] ()
U1 BasicDisplay; C:\Windows\System32\drivers\BasicDisplay.sys [50688 2013-08-22] (Microsoft Corporation) [File not signed]
U1 BasicRender; C:\Windows\System32\drivers\BasicRender.sys [33280 2014-11-21] (Microsoft Corporation) [File not signed]
U3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [102912 2013-08-22] (Microsoft Corporation) [File not signed]
U3 BthAvrcpTg; C:\Windows\System32\drivers\BthAvrcpTg.sys [36992 2013-08-22] (Microsoft Corporation) [File not signed]
U3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [57856 2014-11-21] (Microsoft Corporation) [File not signed]
U3 bthhfhid; C:\Windows\System32\drivers\BthHFHid.sys [30720 2013-08-22] (Microsoft Corporation) [File not signed]
U3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [64000 2014-11-21] (Microsoft Corporation) [File not signed]
U4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [88576 2013-08-22] (Microsoft Corporation) [File not signed]
U1 cdrom; C:\Windows\System32\drivers\cdrom.sys [164352 2013-08-22] (Microsoft Corporation) [File not signed]
U3 circlass; C:\Windows\System32\drivers\circlass.sys [44032 2013-08-22] (Microsoft Corporation) [File not signed]
U3 CmBatt; C:\Windows\System32\drivers\CmBatt.sys [25472 2013-08-22] (Microsoft Corporation) [File not signed]
U1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20696 2015-04-01] (COMODO)
U1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [820952 2015-04-01] (COMODO)
U1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [35080 2015-04-01] (COMODO)
U3 CompositeBus; C:\Windows\System32\drivers\CompositeBus.sys [36352 2013-08-22] (Microsoft Corporation) [File not signed]
U3 condrv; C:\Windows\System32\drivers\condrv.sys [43008 2013-08-22] (Microsoft Corporation) [File not signed]
U1 CSC; C:\Windows\System32\drivers\csc.sys [559104 2014-11-21] (Microsoft Corporation) [File not signed]
U1 Dfsc; C:\Windows\System32\Drivers\dfsc.sys [134144 2014-11-21] (Microsoft Corporation) [File not signed]
U3 dmvsc; C:\Windows\System32\drivers\dmvsc.sys [29696 2013-08-22] (Microsoft Corporation) [File not signed]
U1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2015-02-17] (Disc Soft Ltd)
U3 e1iexpress; C:\Windows\system32\DRIVERS\e1i63x64.sys [460288 2013-06-18] (Intel Corporation) [File not signed]
U3 ErrDev; C:\Windows\System32\drivers\errdev.sys [10240 2013-08-22] (Microsoft Corporation) [File not signed]
U3 exfat; C:\Windows\System32\Drivers\exfat.sys [200704 2013-08-22] (Microsoft Corporation) [File not signed]
U3 fdc; C:\Windows\System32\drivers\fdc.sys [30720 2013-08-22] (Microsoft Corporation) [File not signed]
U3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34816 2013-08-22] (Microsoft Corporation) [File not signed]
U3 flpydisk; C:\Windows\System32\drivers\flpydisk.sys [25088 2013-08-22] (Microsoft Corporation) [File not signed]
U3 FxPPM; C:\Windows\System32\drivers\fxppm.sys [27136 2013-08-22] (Microsoft Corporation) [File not signed]
U3 gencounter; C:\Windows\System32\drivers\vmgencounter.sys [11264 2013-08-22] (Microsoft Corporation) [File not signed]
U3 HdAudAddService; C:\Windows\system32\drivers\HdAudio.sys [395776 2013-08-22] (Microsoft Corporation) [File not signed]
U3 HDAudBus; C:\Windows\System32\drivers\HDAudBus.sys [76800 2014-11-21] (Microsoft Corporation) [File not signed]
U3 HidBatt; C:\Windows\System32\drivers\HidBatt.sys [26624 2013-08-22] (Microsoft Corporation) [File not signed]
U3 HidBth; C:\Windows\System32\drivers\hidbth.sys [97792 2015-01-29] (Microsoft Corporation) [File not signed]
U3 hidi2c; C:\Windows\System32\drivers\hidi2c.sys [41472 2013-08-22] (Microsoft Corporation) [File not signed]
U3 HidIr; C:\Windows\System32\drivers\hidir.sys [45568 2013-08-22] (Microsoft Corporation) [File not signed]
U3 HidUsb; C:\Windows\System32\drivers\hidusb.sys [33280 2014-11-21] (Microsoft Corporation) [File not signed]
U3 hyperkbd; C:\Windows\System32\drivers\hyperkbd.sys [13824 2013-08-22] (Microsoft Corporation) [File not signed]
U3 HyperVideo; C:\Windows\system32\DRIVERS\HyperVideo.sys [22016 2013-08-22] (Microsoft Corporation) [File not signed]
U3 i8042prt; C:\Windows\System32\drivers\i8042prt.sys [107520 2014-11-21] (Microsoft Corporation) [File not signed]
U1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [126720 2015-04-01] (COMODO)
U3 intelppm; C:\Windows\System32\drivers\intelppm.sys [98816 2013-08-22] (Microsoft Corporation) [File not signed]
U3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [84992 2013-08-22] (Microsoft Corporation) [File not signed]
U3 IPMIDRV; C:\Windows\System32\drivers\IPMIDrv.sys [79872 2014-11-21] (Microsoft Corporation) [File not signed]
U3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [142848 2014-11-21] (Microsoft Corporation) [File not signed]
U3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2013-08-22] (Microsoft Corporation) [File not signed]
U3 kbdhid; C:\Windows\System32\drivers\kbdhid.sys [32256 2014-11-21] (Microsoft Corporation) [File not signed]
U3 kdnic; C:\Windows\system32\DRIVERS\kdnic.sys [19456 2013-08-22] (Microsoft Corporation) [File not signed]
U3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [21248 2013-08-22] (Microsoft Corporation) [File not signed]
U2 lltdio; C:\Windows\system32\DRIVERS\lltdio.sys [59392 2013-08-22] (Microsoft Corporation) [File not signed]
U2 luafv; C:\Windows\system32\drivers\luafv.sys [124416 2014-11-21] (Microsoft Corporation) [File not signed]
U3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
U3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
U3 Modem; C:\Windows\System32\drivers\modem.sys [40960 2013-08-22] (Microsoft Corporation) [File not signed]
U3 monitor; C:\Windows\System32\drivers\monitor.sys [30208 2013-08-22] (Microsoft Corporation) [File not signed]
U3 mouhid; C:\Windows\System32\drivers\mouhid.sys [30208 2014-11-21] (Microsoft Corporation) [File not signed]
U3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [74240 2014-11-21] (Microsoft Corporation) [File not signed]
U3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [140800 2015-02-14] (Microsoft Corporation) [File not signed]
U3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [405504 2014-11-21] (Microsoft Corporation) [File not signed]
U2 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [283648 2014-11-21] (Microsoft Corporation) [File not signed]
U3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [202752 2014-11-21] (Microsoft Corporation) [File not signed]
U3 MsBridge; C:\Windows\system32\DRIVERS\bridge.sys [115712 2014-11-21] (Microsoft Corporation) [File not signed]
U3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2013-08-22] (Microsoft Corporation) [File not signed]
U3 mshidumdf; C:\Windows\System32\drivers\mshidumdf.sys [9728 2013-08-22] (Microsoft Corporation) [File not signed]
U3 MSKSSRV; C:\Windows\system32\drivers\MSKSSRV.sys [10624 2013-08-22] (Microsoft Corporation) [File not signed]
U3 MsLldp; C:\Windows\system32\DRIVERS\mslldp.sys [66560 2014-11-21] (Microsoft Corporation) [File not signed]
U3 MSPCLOCK; C:\Windows\system32\drivers\MSPCLOCK.sys [7040 2013-08-22] (Microsoft Corporation) [File not signed]
U3 MSPQM; C:\Windows\system32\drivers\MSPQM.sys [6784 2013-08-22] (Microsoft Corporation) [File not signed]
U3 MSTEE; C:\Windows\system32\drivers\MSTEE.sys [7936 2013-08-22] (Microsoft Corporation) [File not signed]
U3 MTConfig; C:\Windows\System32\drivers\MTConfig.sys [13312 2013-08-22] (Microsoft Corporation) [File not signed]
U3 NativeWifiP; C:\Windows\system32\DRIVERS\nwifi.sys [445440 2014-11-21] (Microsoft Corporation) [File not signed]
U3 NdisCap; C:\Windows\system32\DRIVERS\ndiscap.sys [43008 2014-11-21] (Microsoft Corporation) [File not signed]
U3 NdisImPlatform; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [126464 2014-11-21] (Microsoft Corporation) [File not signed]
U3 NdisTapi; C:\Windows\system32\DRIVERS\ndistapi.sys [24576 2014-11-21] (Microsoft Corporation) [File not signed]
U3 Ndisuio; C:\Windows\system32\DRIVERS\ndisuio.sys [60416 2013-08-22] (Microsoft Corporation) [File not signed]
U3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation) [File not signed]
U3 NdisWan; C:\Windows\system32\DRIVERS\ndiswan.sys [220672 2013-08-22] (Microsoft Corporation) [File not signed]
U3 NdisWanLegacy; C:\Windows\system32\DRIVERS\ndiswan.sys [220672 2013-08-22] (Microsoft Corporation) [File not signed]
U2 Ndu; C:\Windows\System32\drivers\Ndu.sys [103424 2014-11-21] (Microsoft Corporation) [File not signed]
U1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [48128 2014-11-21] (Microsoft Corporation) [File not signed]
U1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [282624 2013-08-22] (Microsoft Corporation) [File not signed]
U3 netvsc; C:\Windows\System32\drivers\netvsc63.sys [87040 2014-11-21] (Microsoft Corporation) [File not signed]
U1 npsvctrig; C:\Windows\System32\drivers\npsvctrig.sys [23040 2013-08-22] (Microsoft Corporation) [File not signed]
U1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [39424 2014-11-21] (Microsoft Corporation) [File not signed]
U1 Null; C:\Windows\System32\Drivers\Null.sys [5632 2013-08-22] (Microsoft Corporation) [File not signed]
U3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-02-05] (NVIDIA Corporation)
U3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-02-05] (NVIDIA Corporation)
U3 Parport; C:\Windows\System32\drivers\parport.sys [94208 2013-08-22] (Microsoft Corporation) [File not signed]
U2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [663040 2014-11-21] (Microsoft Corporation) [File not signed]
U3 Processor; C:\Windows\System32\drivers\processr.sys [92160 2013-08-22] (Microsoft Corporation) [File not signed]
U1 Psched; C:\Windows\system32\DRIVERS\pacer.sys [151040 2014-11-21] (Microsoft Corporation) [File not signed]
U3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [47104 2014-11-21] (Microsoft Corporation) [File not signed]
U3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [17408 2014-11-21] (Microsoft Corporation) [File not signed]
U3 RasPppoe; C:\Windows\system32\DRIVERS\raspppoe.sys [84992 2013-08-22] (Microsoft Corporation) [File not signed]
U1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [408576 2014-11-21] (Microsoft Corporation) [File not signed]
U3 rdpbus; C:\Windows\System32\drivers\rdpbus.sys [22528 2013-08-22] (Microsoft Corporation) [File not signed]
U3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [195584 2014-11-21] (Microsoft Corporation) [File not signed]
U2 rspndr; C:\Windows\system32\DRIVERS\rspndr.sys [80384 2013-08-22] (Microsoft Corporation) [File not signed]
U3 s3cap; C:\Windows\System32\drivers\vms3cap.sys [7168 2013-08-22] (Microsoft Corporation) [File not signed]
U3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [40960 2014-11-21] (Microsoft Corporation) [File not signed]
U2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2013-08-22] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
U3 Serenum; C:\Windows\System32\drivers\serenum.sys [23040 2013-08-22] (Microsoft Corporation) [File not signed]
U3 Serial; C:\Windows\System32\drivers\serial.sys [83456 2013-08-22] (Microsoft Corporation) [File not signed]
U3 sermouse; C:\Windows\System32\drivers\sermouse.sys [26112 2014-11-21] (Microsoft Corporation) [File not signed]
U3 sfloppy; C:\Windows\System32\drivers\sfloppy.sys [17408 2013-08-22] (Microsoft Corporation) [File not signed]
U2 srv; C:\Windows\System32\DRIVERS\srv.sys [412160 2014-11-21] (Microsoft Corporation) [File not signed]
U3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [678400 2014-11-21] (Microsoft Corporation) [File not signed]
U3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [246272 2014-11-21] (Microsoft Corporation) [File not signed]
U3 storvsp; C:\Windows\System32\drivers\storvsp.sys [68608 2014-11-21] (Microsoft Corporation) [File not signed]
U2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [49152 2014-11-21] (Microsoft Corporation) [File not signed]
U1 tdx; C:\Windows\system32\DRIVERS\tdx.sys [107520 2013-08-22] (Microsoft Corporation) [File not signed]
U3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [56320 2013-08-22] (Microsoft Corporation) [File not signed]
U3 TsUsbGD; C:\Windows\System32\drivers\TsUsbGD.sys [29696 2014-11-21] (Microsoft Corporation) [File not signed]
U3 tunnel; C:\Windows\system32\DRIVERS\tunnel.sys [154112 2013-08-22] (Microsoft Corporation) [File not signed]
U4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [316928 2013-08-22] (Microsoft Corporation) [File not signed]
U3 umbus; C:\Windows\System32\drivers\umbus.sys [46080 2013-08-22] (Microsoft Corporation) [File not signed]
U3 UmPass; C:\Windows\System32\drivers\umpass.sys [11776 2013-08-22] (Microsoft Corporation) [File not signed]
U3 usbcir; C:\Windows\System32\drivers\usbcir.sys [98304 2014-11-21] (Microsoft Corporation) [File not signed]
U3 usbohci; C:\Windows\System32\drivers\usbohci.sys [30208 2013-08-22] (Microsoft Corporation) [File not signed]
U3 usbprint; C:\Windows\System32\drivers\usbprint.sys [26112 2013-08-22] (Microsoft Corporation) [File not signed]
U3 usbuhci; C:\Windows\System32\drivers\usbuhci.sys [37376 2014-11-21] (Microsoft Corporation) [File not signed]
U3 Vid; C:\Windows\System32\drivers\Vid.sys [220672 2014-11-21] (Microsoft Corporation) [File not signed]
U3 VMBusHID; C:\Windows\System32\drivers\VMBusHID.sys [21760 2013-08-22] (Microsoft Corporation) [File not signed]
U3 vmbusr; C:\Windows\System32\drivers\vmbusr.sys [129536 2014-11-21] (Microsoft Corporation) [File not signed]
U3 vpcivsp; C:\Windows\System32\drivers\vpcivsp.sys [65536 2014-11-21] (Microsoft Corporation) [File not signed]
U3 vwifibus; C:\Windows\System32\drivers\vwifibus.sys [24576 2013-08-22] (Microsoft Corporation) [File not signed]
U3 WacomPen; C:\Windows\System32\drivers\wacompen.sys [26752 2013-08-22] (Microsoft Corporation) [File not signed]
U3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
U3 WmiAcpi; C:\Windows\System32\drivers\wmiacpi.sys [16384 2013-08-22] (Microsoft Corporation) [File not signed]
U4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2013-08-22] (Microsoft Corporation) [File not signed]
U3 WSDPrintDevice; C:\Windows\System32\drivers\WSDPrint.sys [20992 2013-08-22] (Microsoft Corporation) [File not signed]
U3 WSDScan; C:\Windows\system32\DRIVERS\WSDScan.sys [23040 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [113664 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WUDFRd; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WUDFSensorLP; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-11-21] (Microsoft Corporation) [File not signed]
U3 WUDFWpdFs; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-11-21] (Microsoft Corporation) [File not signed]
U3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-11-21] (Microsoft Corporation) [File not signed]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-20 20:47 - 2015-04-20 20:47 - 00019077 _____ () C:\Users\Vilyam\Desktop\Addition.txt
2015-04-20 20:46 - 2015-04-20 20:49 - 00050230 _____ () C:\Users\Vilyam\Desktop\FRST.txt
2015-04-20 20:45 - 2015-04-20 20:48 - 00000000 ____D () C:\FRST
2015-04-20 20:42 - 2015-04-20 20:42 - 02099712 _____ (Farbar) C:\Users\Vilyam\Desktop\FRST64.exe
2015-04-20 20:24 - 2015-04-20 20:36 - 00037358 _____ () C:\WINDOWS\WindowsUpdate.log
2015-04-20 20:23 - 2015-04-20 20:23 - 00000231 _____ () C:\WINDOWS\setupact.log
2015-04-20 20:23 - 2015-04-20 20:23 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-04-20 20:13 - 2015-04-20 20:13 - 00000000 ____D () C:\WINDOWS\pss
2015-04-20 20:07 - 2015-04-20 20:08 - 05344528 _____ (Piriform Ltd) C:\Users\Vilyam\Downloads\ccsetup504.exe
2015-04-20 20:01 - 2015-04-20 20:48 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-04-20 20:01 - 2015-04-20 20:01 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-04-20 19:44 - 2015-04-20 19:44 - 00000020 _____ () C:\Users\Vilyam\AppData\Roaming\appdataFr3.bin
2015-04-20 19:42 - 2015-04-20 19:42 - 00000000 _____ () C:\WINDOWS\SysWOW64\FAP36E7.tmp
2015-04-20 19:34 - 2015-04-20 20:40 - 00663378 _____ () C:\WINDOWS\system32\Drivers\fvstore.dat
2015-04-20 19:34 - 2015-04-20 19:34 - 00000000 ___HD () C:\VTRoot
2015-04-20 19:34 - 2015-04-20 19:34 - 00000000 ____D () C:\Users\Vilyam\AppData\Roaming\Comodo
2015-04-20 19:31 - 2015-04-20 19:31 - 00001886 _____ () C:\Users\Public\Desktop\COMODO Firewall.lnk
2015-04-20 19:31 - 2015-04-20 19:31 - 00001886 _____ () C:\ProgramData\Desktop\COMODO Firewall.lnk
2015-04-20 19:31 - 2015-04-20 19:31 - 00000000 ____D () C:\WINDOWS\System32\Tasks\COMODO
2015-04-20 19:31 - 2015-04-20 19:31 - 00000000 ____D () C:\ProgramData\Shared Space
2015-04-20 19:31 - 2015-04-20 19:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
2015-04-20 19:31 - 2015-04-20 19:31 - 00000000 ____D () C:\Program Files\COMODO
2015-04-20 19:28 - 2015-04-20 19:31 - 00000000 ____D () C:\ProgramData\Comodo
2015-04-20 17:18 - 2015-04-20 20:15 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-04-20 17:18 - 2015-04-20 17:18 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-20 17:18 - 2015-04-20 17:18 - 00001114 _____ () C:\ProgramData\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-20 17:18 - 2015-04-20 17:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-20 17:18 - 2015-04-20 17:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-20 17:18 - 2015-04-20 17:18 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-20 17:18 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-04-20 17:18 - 2015-03-17 06:15 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-04-20 17:18 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-04-20 17:10 - 2015-04-20 17:10 - 00000000 ____D () C:\Users\Vilyam\AppData\Roaming\AVAST Software
2015-04-20 17:09 - 2015-04-20 17:09 - 01047320 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-04-20 17:09 - 2015-04-20 17:09 - 00442264 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-04-20 17:09 - 2015-04-20 17:09 - 00364472 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe
2015-04-20 17:09 - 2015-04-20 17:09 - 00271200 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-04-20 17:09 - 2015-04-20 17:09 - 00136752 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-04-20 17:09 - 2015-04-20 17:09 - 00093528 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-04-20 17:09 - 2015-04-20 17:09 - 00088408 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-04-20 17:09 - 2015-04-20 17:09 - 00065736 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-04-20 17:09 - 2015-04-20 17:09 - 00043112 _____ (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr
2015-04-20 17:09 - 2015-04-20 17:09 - 00029168 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-04-20 17:09 - 2015-04-20 17:09 - 00003924 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-04-20 17:09 - 2015-04-20 17:09 - 00001938 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-04-20 17:09 - 2015-04-20 17:09 - 00001938 _____ () C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2015-04-20 17:09 - 2015-04-20 17:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-04-20 17:08 - 2015-04-20 17:08 - 00000000 ____D () C:\Program Files\AVAST Software
2015-04-20 17:07 - 2015-04-20 17:07 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-04-20 17:05 - 2015-04-20 17:52 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-04-20 17:05 - 2015-04-20 17:12 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-04-20 17:05 - 2015-04-20 17:05 - 00001403 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-04-20 17:05 - 2015-04-20 17:05 - 00001391 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-04-20 17:05 - 2015-04-20 17:05 - 00001391 _____ () C:\ProgramData\Desktop\Spybot-S&D Start Center.lnk
2015-04-20 17:05 - 2015-04-20 17:05 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2015-04-20 17:05 - 2015-04-20 17:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-04-20 17:05 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2015-04-20 14:57 - 2015-04-20 14:57 - 00000000 ____D () C:\ProgramData\{c67d51a5-18b4-9735-c67d-d51a518b4694}
2015-04-20 14:37 - 2015-04-20 14:37 - 00000000 ____D () C:\ProgramData\{3da8412c-d112-6f89-3da8-8412cd1104b3}
2015-04-20 14:35 - 2015-04-20 14:36 - 00000000 ____D () C:\ProgramData\6910977573517045643
2015-04-16 22:04 - 2015-04-16 22:06 - 00000000 ____D () C:\Users\Vilyam\Downloads\Vikings.S03E09.REPACK.HDTV.x264-KILLERS
2015-04-16 21:20 - 2015-04-16 21:20 - 00030372 _____ () C:\Users\Vilyam\Downloads\Vikings.S03E09.REPACK.HDTV.x264-KILLERS.torrent
2015-04-15 08:31 - 2015-03-23 14:59 - 07476032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-04-15 08:31 - 2015-03-23 14:59 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-04-15 08:31 - 2015-03-23 14:59 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2015-04-15 08:31 - 2015-03-23 14:58 - 01498872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-04-15 08:31 - 2015-03-23 14:45 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2015-04-15 08:31 - 2015-03-19 21:12 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2015-04-15 08:31 - 2015-03-19 21:10 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-04-15 08:31 - 2015-03-19 21:10 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-04-15 08:31 - 2015-03-19 20:17 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe
2015-04-15 08:31 - 2015-03-19 19:41 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe
2015-04-15 08:31 - 2015-03-19 19:40 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-04-15 08:31 - 2015-03-19 19:16 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-04-15 08:31 - 2015-03-14 01:54 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-04-15 08:31 - 2015-03-14 01:20 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-04-15 08:31 - 2015-03-14 01:13 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-04-15 08:31 - 2015-03-13 18:56 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-04-15 08:31 - 2015-03-13 18:56 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-04-15 08:31 - 2015-03-13 18:51 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-04-15 08:31 - 2015-03-13 18:37 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-04-15 08:31 - 2015-03-13 18:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-04-15 08:31 - 2015-03-13 17:22 - 03678720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-04-15 08:31 - 2015-03-13 17:12 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-04-15 08:31 - 2015-03-13 17:12 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-04-15 08:31 - 2015-03-13 17:09 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-04-15 08:31 - 2015-03-13 17:08 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-04-15 08:31 - 2015-03-13 17:08 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-04-15 08:31 - 2015-03-13 17:06 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-04-15 08:31 - 2015-03-13 17:06 - 00891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-04-15 08:31 - 2015-03-13 17:02 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-04-15 08:31 - 2015-03-13 17:02 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-04-15 08:31 - 2015-03-13 16:59 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-04-15 08:31 - 2015-03-13 16:59 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-04-15 08:31 - 2015-03-12 21:32 - 24980480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-04-15 08:31 - 2015-03-12 21:08 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-04-15 08:31 - 2015-03-12 21:07 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-04-15 08:31 - 2015-03-12 20:53 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-04-15 08:31 - 2015-03-12 20:50 - 06025216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-04-15 08:31 - 2015-03-12 20:42 - 19695616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-04-15 08:31 - 2015-03-12 20:28 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-04-15 08:31 - 2015-03-12 20:26 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-04-15 08:31 - 2015-03-12 20:22 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-04-15 08:31 - 2015-03-12 20:17 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-04-15 08:31 - 2015-03-12 20:16 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-04-15 08:31 - 2015-03-12 20:08 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-04-15 08:31 - 2015-03-12 20:07 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-04-15 08:31 - 2015-03-12 20:00 - 14397440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-04-15 08:31 - 2015-03-12 19:58 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-04-15 08:31 - 2015-03-12 19:50 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-04-15 08:31 - 2015-03-12 19:49 - 04305408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-04-15 08:31 - 2015-03-12 19:45 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-04-15 08:31 - 2015-03-12 19:44 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-04-15 08:31 - 2015-03-12 19:37 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-04-15 08:31 - 2015-03-12 19:34 - 12825600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-04-15 08:31 - 2015-03-12 19:33 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-04-15 08:31 - 2015-03-12 19:22 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-04-15 08:31 - 2015-03-12 19:20 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-04-15 08:31 - 2015-03-12 19:16 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-04-15 08:31 - 2015-03-12 19:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-04-15 08:31 - 2015-02-20 16:49 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-04-15 08:31 - 2014-10-17 23:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2015-04-15 08:30 - 2015-03-22 15:45 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-04-15 08:30 - 2015-03-22 15:09 - 01111552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-04-15 08:30 - 2015-03-22 15:09 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-04-15 08:30 - 2015-03-22 15:09 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-04-15 08:30 - 2015-03-22 15:09 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-04-15 08:30 - 2015-03-22 15:09 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-04-15 08:30 - 2015-03-22 15:09 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-04-15 08:30 - 2015-03-04 03:25 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2015-04-15 08:30 - 2015-03-03 20:04 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2015-04-15 08:30 - 2015-03-03 19:19 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2015-04-15 08:30 - 2015-02-24 01:32 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2015-04-04 21:50 - 2015-04-04 21:50 - 110780348 _____ () C:\Users\Vilyam\Downloads\5585 - Pokemon - Black Version (DSi Enhanced)(USA) (E).zip
2015-04-04 21:46 - 2015-04-04 21:46 - 01670925 _____ () C:\Users\Vilyam\Downloads\desmume-0.9.10-win64.zip
2015-04-04 12:51 - 2015-04-04 12:51 - 00000000 ____D () C:\Users\Vilyam\Documents\Larian Studios
2015-04-03 19:43 - 2015-04-03 19:44 - 00000000 ___SD () C:\WINDOWS\system32\GWX
2015-04-03 19:43 - 2015-04-03 19:43 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX
2015-04-01 18:50 - 2015-04-01 18:50 - 00820952 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmdguard.sys
2015-04-01 18:50 - 2015-04-01 18:50 - 00126720 _____ (COMODO) C:\WINDOWS\system32\Drivers\inspect.sys
2015-04-01 18:50 - 2015-04-01 18:50 - 00035080 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmdhlp.sys
2015-04-01 18:50 - 2015-04-01 18:50 - 00020696 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmderd.sys
2015-04-01 18:48 - 2015-04-01 18:48 - 00576848 _____ (COMODO) C:\WINDOWS\system32\guard64.dll
2015-04-01 18:48 - 2015-04-01 18:48 - 00444472 _____ (COMODO) C:\WINDOWS\SysWOW64\guard32.dll
2015-04-01 18:48 - 2015-04-01 18:48 - 00041248 _____ (COMODO) C:\WINDOWS\system32\cmdcsr.dll
2015-04-01 18:47 - 2015-04-01 18:47 - 00358104 _____ (COMODO) C:\WINDOWS\system32\cmdvrt64.dll
2015-04-01 18:46 - 2015-04-01 18:46 - 00045784 _____ (COMODO) C:\WINDOWS\system32\cmdkbd64.dll
2015-04-01 18:45 - 2015-04-01 18:45 - 00288472 _____ (COMODO) C:\WINDOWS\SysWOW64\cmdvrt32.dll
2015-04-01 18:45 - 2015-04-01 18:45 - 00040664 _____ (COMODO) C:\WINDOWS\SysWOW64\cmdkbd32.dll
2015-03-30 17:35 - 2015-03-30 17:35 - 00000000 ____D () C:\Users\Vilyam\AppData\Local\Macromedia
2015-03-28 11:50 - 2015-03-28 11:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolphin
2015-03-27 11:19 - 2015-03-27 11:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-03-27 11:19 - 2015-03-27 11:19 - 00000000 ____D () C:\Program Files\Logitech
2015-03-27 11:19 - 2015-03-27 11:19 - 00000000 ____D () C:\Program Files\Common Files\Logitech
2015-03-26 20:30 - 2015-03-26 20:30 - 00000882 _____ () C:\Users\Public\Desktop\Pillars of Eternity.lnk
2015-03-26 20:30 - 2015-03-26 20:30 - 00000882 _____ () C:\ProgramData\Desktop\Pillars of Eternity.lnk
2015-03-26 20:30 - 2015-03-26 20:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pillars of Eternity [GOG.com]
2015-03-26 17:53 - 2015-03-26 20:03 - 00000000 ____D () C:\Users\Vilyam\Downloads\Pillars_of_Eternity_FLT
2015-03-24 13:51 - 2015-03-24 13:51 - 00000000 ____D () C:\WINDOWS\system32\appmgmt
2015-03-24 13:12 - 2015-04-20 17:12 - 00000000 ____D () C:\ProgramData\{28f86f1d-1054-cc11-28f8-86f1d105bc74}
2015-03-24 09:56 - 2015-04-02 13:42 - 00000218 _____ () C:\Users\Vilyam\Documents\Lolo.txt
2015-03-24 08:21 - 2015-03-24 08:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-03-24 08:09 - 2015-03-24 08:09 - 00000000 __SHD () C:\ProgramData\SecuROM
2015-03-24 08:07 - 2015-03-24 08:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2015-03-24 07:42 - 2015-03-24 08:09 - 00000000 ____D () C:\Users\Vilyam\AppData\Local\Rockstar Games
2015-03-24 07:42 - 2015-03-24 08:07 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2015-03-24 07:42 - 2015-03-24 07:42 - 00178800 _____ (Sony DADC Austria AG.) C:\WINDOWS\SysWOW64\CmdLineExt_x64.dll
2015-03-24 07:42 - 2015-03-24 07:42 - 00000000 __RHD () C:\Users\Vilyam\AppData\Roaming\SecuROM
2015-03-24 07:42 - 2015-03-24 07:42 - 00000000 ____D () C:\WINDOWS\SysWOW64\xlive
2015-03-23 13:14 - 2015-04-20 20:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-20 20:30 - 2014-11-21 01:43 - 01170068 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-20 20:29 - 2015-02-10 20:04 - 00000000 ____D () C:\Users\Vilyam\AppData\Roaming\Adobe
2015-04-20 20:28 - 2015-02-10 20:10 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-117805156-1059988709-3418736103-1001
2015-04-20 20:25 - 2015-02-17 12:19 - 00003244 _____ () C:\WINDOWS\System32\Tasks\IORRT
2015-04-20 20:25 - 2015-02-14 16:34 - 00000000 ____D () C:\Users\Vilyam\OneDrive
2015-04-20 20:24 - 2015-02-10 20:14 - 00000904 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-20 20:23 - 2015-02-14 16:09 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-20 20:23 - 2013-08-22 07:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-20 20:22 - 2013-08-22 06:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-04-20 20:20 - 2015-02-10 23:54 - 00000000 ____D () C:\Users\Vilyam\AppData\Roaming\uTorrent
2015-04-20 20:08 - 2015-02-10 21:15 - 00000834 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-04-20 20:08 - 2015-02-10 21:15 - 00000834 _____ () C:\ProgramData\Desktop\CCleaner.lnk
2015-04-20 20:08 - 2015-02-10 21:15 - 00000000 ____D () C:\Program Files\CCleaner
2015-04-20 20:03 - 2015-02-11 18:12 - 00000000 ____D () C:\Users\Vilyam\AppData\Roaming\Curse Client
2015-04-20 20:02 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-04-20 19:27 - 2015-02-24 22:25 - 00003914 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{900B455C-2CE7-43E1-815F-E126E4991D66}
2015-04-20 17:34 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-04-20 17:19 - 2015-02-10 20:14 - 00000908 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-20 14:36 - 2015-02-10 20:51 - 00000000 ____D () C:\Users\Vilyam\AppData\Local\Battle.net
2015-04-20 02:00 - 2015-02-19 17:32 - 00000000 ____D () C:\Users\Vilyam\AppData\Local\Adobe
2015-04-17 12:38 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-04-16 12:36 - 2012-07-26 00:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-04-15 16:02 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-04-15 10:30 - 2015-02-10 21:04 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-04-15 10:29 - 2015-02-10 21:04 - 128913832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-04-15 10:27 - 2015-02-10 22:37 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-04-15 10:27 - 2014-11-21 09:17 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-04-13 16:24 - 2014-11-21 09:23 - 00792056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-04-13 16:24 - 2014-11-21 09:23 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-03 21:22 - 2015-02-19 17:12 - 00000000 ____D () C:\Users\Vilyam\Downloads\Adobe Photoshop CS5.1 Extended Edition
2015-03-28 11:45 - 2015-03-19 14:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-28 11:44 - 2015-02-11 14:00 - 00000000 ____D () C:\Users\Vilyam\Documents\My Games
2015-03-28 11:42 - 2015-02-17 12:12 - 00000000 ____D () C:\Users\Vilyam\AppData\Roaming\DAEMON Tools Lite
2015-03-28 11:19 - 2015-03-01 14:57 - 00000000 ____D () C:\Users\Vilyam\AppData\Local\SKIDROW
==================== Files in the root of some directories =======
2015-04-20 19:44 - 2015-04-20 19:44 - 0000020 _____ () C:\Users\Vilyam\AppData\Roaming\appdataFr3.bin
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe
[2014-11-21 02:17] - [2014-11-21 02:17] - 0572416 ____A (Microsoft Corporation) EC498BAE1F0D3E0E401C963F8D76C437
C:\Windows\System32\wininit.exe
[2014-11-21 02:16] - [2014-11-21 02:16] - 0145920 ____A (Microsoft Corporation) A570A64292214C43E0BA50E6A72A6380
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll
[2014-11-21 02:17] - [2014-11-21 02:17] - 1376256 ____A (Microsoft Corporation) 76C5CF09F53A3B089B5581B9938F8CAE
C:\Windows\System32\userinit.exe
[2014-11-21 02:16] - [2014-11-21 02:16] - 0026112 ____A (Microsoft Corporation) 5C131534A3EA4A461A793FB507A8004F
C:\Windows\SysWOW64\userinit.exe
[2014-11-21 02:18] - [2014-11-21 02:18] - 0022528 ____A (Microsoft Corporation) D10643FC0095434C819316CA6CD748C0
C:\Windows\System32\rpcss.dll
[2014-11-21 02:16] - [2014-11-21 02:16] - 0817664 ____A (Microsoft Corporation) A6F17C299A03BAFEFB9257C462A19E00
ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-20 06:16
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-04-2015
Ran by Vilyam at 2015-04-20 20:49:19
Running from C:\Users\Vilyam\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-117805156-1059988709-3418736103-1001\...\uTorrent) (Version: 3.4.2.38656 - BitTorrent Inc.)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.07 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.144 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2215 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
COMODO Firewall (HKLM\...\{73830292-868E-4C82-9AF5-CCFE2047B6A3}) (Version: 8.2.0.4508 - COMODO Security Solutions Inc.)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Divinity: Original Sin (HKLM-x32\...\Steam App 230230) (Version: - Larian Studios)
EVGA PrecisionX 16 (HKLM-x32\...\{D99289E6-A66A-4D27-A3E0-EC726A7BC82D}) (Version: 5.3.0 - EVGA Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Intel® Network Connections 18.1.59.0 (HKLM\...\PROSetDX) (Version: 18.1.59.0 - Intel)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 37.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.1 - Mozilla)
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Pillars of Eternity (HKLM-x32\...\1207666813_is1) (Version: 2.0.0.1 - GOG.com)
ProcLifter (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{9714eddf}) (Version: - ProcLifter) <==== ATTENTION
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6853 - Realtek Semiconductor Corp.)
Ruby 2.1.5-p273 (HKU\S-1-5-21-117805156-1059988709-3418736103-1001\...\{64763A89-6347-43AF-833F-3840615C62AE}_is1) (Version: 2.1.5-p273 - RubyInstaller Team)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Sublime Text 2.0.2 (HKLM\...\Sublime Text 2_is1) (Version: - )
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-117805156-1059988709-3418736103-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Restore Points =========================
Could not list restore points.
Check "winmgmt" service or repair WMI.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 06:25 - 2011-04-24 23:58 - 00001211 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0464DFA2-CA8E-4558-B118-A867B2BE49EE} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-04-20] (Avast Software s.r.o.)
Task: {2202E1D0-3A3A-41BD-A8B0-987ED24B6791} - System32\Tasks\Hybrid => C:\IORRT\IORRT.bat [2015-02-17] ()
Task: {2764091C-F234-4EE8-8ED9-7417658F5D99} - System32\Tasks\Microsoft\Windows\Setup\8.1 auto install v2 => C:\Windows\System32\AutoUpdate.exe
Task: {2BC4A5D4-21F9-4D60-A63F-F62829176C43} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {35FAAF03-4248-4006-9BC7-40AFCCA46313} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-23] (Microsoft Corporation)
Task: {36D1F081-1744-446E-B7AB-56DD59937A44} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-10] (Google Inc.)
Task: {45BEA05D-E874-49C8-9692-9EC7908501C7} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {4F3E823E-4FEC-4FBC-A426-DCF8117DCC57} - System32\Tasks\Microsoft\Windows\Setup\8.1 auto install ping => C:\Windows\system32\AutoUpdate.exe
Task: {4FB29A9D-2395-41B3-BFC0-FF93855275C4} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-23] (Microsoft Corporation)
Task: {57451F2F-B104-4780-AED3-494436BA5407} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-23] (Microsoft Corporation)
Task: {5CCD49A2-59C2-4DD4-8442-335CFC9D1DE1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-04-15] (Microsoft Corporation)
Task: {6BFD5CB8-ABD0-4DB2-B313-7FBB376AF197} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-20] (Adobe Systems Incorporated)
Task: {7153101F-4C03-442B-A407-834702DFE503} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-04-01] (COMODO)
Task: {8EAE4A68-1A99-49CF-953D-ABEFD2F6E52A} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {96EB05E6-4814-44FB-8EAA-6605DED154CB} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {9A1DB490-5E7F-4947-A36F-94ADA7BD43CE} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-04-01] (COMODO)
Task: {B5533BF1-C56D-4C9B-8423-DFC082DF94F9} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-04-01] (COMODO)
Task: {D3B3D7F9-927B-435F-B1B7-C01B28275588} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-10] (Google Inc.)
Task: {DA33DBC1-73B7-44CB-8DA6-BF38493DA1A5} - System32\Tasks\IORRT => C:\IORRT\IORRT.bat [2015-02-17] ()
Task: {F7D3730F-9CC2-4230-8A5A-CFFD45061A0D} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-23] (Microsoft Corporation)
Task: {FC3F5201-17F9-4451-9C3F-927428AB7D88} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {FF7B37E9-278D-4FDF-8725-0E172AE9DDBD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-20] (Piriform Ltd)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2015-02-14 16:09 - 2015-02-05 12:07 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-02-14 16:08 - 2012-10-29 00:48 - 00927232 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
2010-01-30 03:40 - 2010-01-30 03:40 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-03-24 22:38 - 2010-03-24 22:38 - 08794976 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2015-02-10 23:57 - 2011-03-02 13:40 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2015-04-20 17:09 - 2015-04-20 17:09 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-20 17:09 - 2015-04-20 17:09 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-04-20 17:09 - 2015-04-20 17:09 - 02926080 _____ () C:\Program Files\AVAST Software\Avast\defs\15042000\algo.dll
2015-02-14 16:08 - 2015-04-20 20:23 - 00030208 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.01\PEbiosinterface32.dll
2015-02-14 16:08 - 2012-05-07 09:04 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.01\ATKEX.dll
2015-04-20 17:05 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-04-20 17:05 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-04-20 17:05 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-04-20 17:05 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-04-20 17:05 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-04-20 17:09 - 2015-04-20 17:09 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2010-01-30 03:41 - 2010-01-30 03:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-03-24 22:17 - 2010-03-24 22:17 - 08794464 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Vilyam\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Vilyam\Downloads\ccsetup504.exe:$CmdTcID
AlternateDataStreams: C:\Users\Vilyam\Downloads\ccsetup504.exe:$CmdZnID
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-117805156-1059988709-3418736103-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Vilyam\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\1080p-tree-on-the-prairie-hd-wallpaper-hd-wallpaper-1920x1200-6-53fb78a307dce-3126.jpg
DNS Servers: 156.154.70.22 - 156.154.71.22
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "AdobeCS5.5ServiceManager"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKU\S-1-5-21-117805156-1059988709-3418736103-1001\...\StartupApproved\StartupFolder: => "Curse.lnk"
HKU\S-1-5-21-117805156-1059988709-3418736103-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-117805156-1059988709-3418736103-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
==================== Accounts: =============================
Administrator (S-1-5-21-117805156-1059988709-3418736103-500 - Administrator - Disabled)
Guest (S-1-5-21-117805156-1059988709-3418736103-501 - Limited - Disabled)
Vilyam (S-1-5-21-117805156-1059988709-3418736103-1001 - Administrator - Enabled) => C:\Users\Vilyam
==================== Faulty Device Manager Devices =============
Could not list Devices. Check "winmgmt" service or repair WMI.
==================== Event log errors: =========================
Could not start eventlog service, could not read events.
System error 123 has occurred.
The filename, directory name, or volume label syntax is incorrect.
==================== Memory info ===========================
Processor: Intel® Core™ i5-4670K CPU @ 3.40GHz
Percentage of memory in use: 13%
Total physical RAM: 16256.66 MB
Available physical RAM: 14101.28 MB
Total Pagefile: 18688.66 MB
Available Pagefile: 15985.54 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:651.58 GB) (Free:557.53 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:465.76 GB) (Free:380.4 GB) NTFS
Drive g: (Lexar) (Removable) (Total:29.23 GB) (Free:1.47 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: BB4EF6FB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=651.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=279.8 GB) - (Type=05)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 5B625B62)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 29.3 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=29.2 GB) - (Type=0C)
==================== End Of Log ============================
Sign In
Create Account
