Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Windows Explorer not working and Malware [Solved]

Started by Smithy1 , Apr 21 2015 06:12 PM
Win 7 64bit BSOD Help Newbie

  • This topic is locked This topic is locked

#1
Smithy1
Posted 21 April 2015 - 06:12 PM

Smithy1

    Member

  • Member
  • PipPip
  • 18 posts

Hello,

 

I have a Dell Vostro PC running Windows 7 Professional Service Pack 1 (X64) that the windows explorer tool keep crashing.

 

I have been working on getting a couple of computers back to an operational state and have received awesome help and advice from a few members, thanks heaps. The things that I have learnt are that I need to do one PC at a time, make sure that you read the Tutorial for Farbar Recovery Scan Tool, I am in Australia so I am getting advice from across the other side of the world and will be replying when others are asleep and vice versa.

 

PC no 1 I have been working through the Blue Screen of Death - Fixed and I am now able to use my PC again and have just ran the Farbar Recover Scan Toolkit and I am now logging this post into the Malware section following advice from a member.

 

I would really like to learn how to do this myself in the future and am willing to learn, I do however have limited PC knowledge.

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-04-2015
Ran by Brad (administrator) on BRAD on 22-04-2015 09:20:18
Running from C:\Users\Brad\Desktop
Loaded Profiles: Brad (Available profiles: Brad)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Data Perceptions / PowerProgrammer) C:\Windows\SysWOW64\WebUpdateSvc4.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Adobe Systems, Inc.) C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(OrgBusiness Software) C:\Program Files (x86)\OrgScheduler1p1User\CLIENT\BIN\OrgScheduler1plus1.exe
() C:\Program Files (x86)\Business-in-a-Box\BIBLauncher.exe
(Dropbox, Inc.) C:\Users\Brad\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\Program Files (x86)\Sit Right\Sit Right.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Config.Msi\174dfb30.rbf
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Steve Foxover) C:\Users\Brad\Desktop\Computer Tools\FOX Password Safe.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_17_0_0_169_ActiveX.exe
(Microsoft Corporation) C:\Users\Brad\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle Corporation)
HKU\S-1-5-21-2006745713-1683086816-4265226290-1000\...\Run: [AdobeBridge] => C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe [12008296 2011-03-02] (Adobe Systems, Inc.)
HKU\S-1-5-21-2006745713-1683086816-4265226290-1000\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [44544 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2006745713-1683086816-4265226290-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
HKU\S-1-5-21-2006745713-1683086816-4265226290-1000\...\Run: [OrgScheduler 1+1] => C:\Program Files (x86)\OrgScheduler1p1User\CLIENT\BIN\AutoStartup.lnk [1229 2014-04-16] ()
HKU\S-1-5-21-2006745713-1683086816-4265226290-1000\...\Run: [BIBLauncher] => C:\Program Files (x86)\Business-in-a-Box\BIBLauncher.exe [901600 2011-03-15] ()
HKU\S-1-5-21-2006745713-1683086816-4265226290-1000\...\Run: [OneDrive] => C:\Users\Brad\AppData\Local\Microsoft\OneDrive\OneDrive.exe [281248 2015-04-15] (Microsoft Corporation)
HKU\S-1-5-21-2006745713-1683086816-4265226290-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2006745713-1683086816-4265226290-1000\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2011-09-18] (Microsoft Corporation) <==== ATTENTION
Startup: C:\Users\Brad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-03-16]
ShortcutTarget: Dropbox.lnk -> C:\Users\Brad\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Brad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MailWasherPro.lnk [2015-04-16]
ShortcutTarget: MailWasherPro.lnk -> C:\Program Files (x86)\FireTrust\MailWasher\MailWasherPro.exe (Firetrust)
Startup: C:\Users\Brad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sit Right.lnk [2015-04-15]
ShortcutTarget: Sit Right.lnk -> C:\Program Files (x86)\Sit Right\Sit Right.exe ()
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Brad\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll [2015-04-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Brad\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll [2015-04-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Brad\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll [2015-04-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Brad\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll [2015-04-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Brad\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll [2015-04-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Brad\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Brad\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Brad\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Brad\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Brad\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll [2015-04-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Brad\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll [2015-04-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Brad\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll [2015-04-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Brad\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll [2015-04-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Brad\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll [2015-04-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Brad\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Brad\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Brad\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2006745713-1683086816-4265226290-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/USSMB/19
SearchScopes: HKLM-x32 -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2006745713-1683086816-4265226290-1000 -> {29B342E9-E246-4C9E-A145-2D9C5B156A5F} URL = http://www.google.co...age={startPage}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-16] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: CutePDF Form Filler Helper -> {D41289F2-69C6-417B-897E-C653D677CBAF} -> C:\Program Files (x86)\Acro Software\CutePDF Pro\CPFillerCo.dll [2014-03-27] (Acro Software Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-16] (Oracle Corporation)
DPF: HKLM-x32 {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell...r/SysProExe.CAB
DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...rl.cab?lmi=1007
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 -  No File
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Brad\AppData\Roaming\Mozilla\Firefox\Profiles\ebnhq2l0.default
FF DefaultSearchEngine: Google Australia Verbatim
FF SelectedSearchEngine: Google Australia Verbatim
FF Homepage: https://www.google.com.au/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-21] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-21] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-05] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-08] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-16] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-08-09] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-08-09] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2006745713-1683086816-4265226290-1000: @squareclock.com/SQ3DPlayer_Production_HBMV1 -> C:\Users\Brad\AppData\Local\SquareClock.Production_HBMV1\NPSQ3D.dll [2014-10-24] (SquareClock SAS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-10-29] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-10-29] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-10-29] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-10-29] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-10-29] (Apple Inc.)
FF SearchPlugin: C:\Users\Brad\AppData\Roaming\Mozilla\Firefox\Profiles\ebnhq2l0.default\searchplugins\google-australia-verbatim.xml [2013-12-06]
FF Extension: Garmin Communicator - C:\Users\Brad\AppData\Roaming\Mozilla\Firefox\Profiles\ebnhq2l0.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2013-11-20]
FF Extension: Empty Cache Button - C:\Users\Brad\AppData\Roaming\Mozilla\Firefox\Profiles\ebnhq2l0.default\Extensions\{4cc4a13b-94a6-7568-370d-5f9de54a9c7f} [2014-10-14]
FF Extension: Media Converter - C:\Users\Brad\AppData\Roaming\Mozilla\Firefox\Profiles\ebnhq2l0.default\Extensions\{6e764c17-863a-450f-bdd0-6772bd5aaa18} [2011-09-29]
FF Extension: Qualys BrowserCheck - C:\Users\Brad\AppData\Roaming\Mozilla\Firefox\Profiles\ebnhq2l0.default\Extensions\{7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D} [2015-03-23]
FF Extension: Live HTTP headers - C:\Users\Brad\AppData\Roaming\Mozilla\Firefox\Profiles\ebnhq2l0.default\Extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} [2013-08-15]
FF Extension: FireFTP - C:\Users\Brad\AppData\Roaming\Mozilla\Firefox\Profiles\ebnhq2l0.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2015-01-19]
FF Extension: DownThemAll! AntiContainer - C:\Users\Brad\AppData\Roaming\Mozilla\Firefox\Profiles\ebnhq2l0.default\Extensions\[email protected] [2013-10-15]
FF Extension: Firebug - C:\Users\Brad\AppData\Roaming\Mozilla\Firefox\Profiles\ebnhq2l0.default\Extensions\[email protected] [2014-05-28]
FF Extension: CatchOfTheDay.com.au - C:\Users\Brad\AppData\Roaming\Mozilla\Firefox\Profiles\ebnhq2l0.default\Extensions\[email protected] [2014-05-12]
FF Extension: No Name - C:\Users\Brad\AppData\Roaming\Mozilla\Firefox\Profiles\ebnhq2l0.default\Extensions\[email protected] [2015-01-19]
FF Extension: No Name - C:\Users\Brad\AppData\Roaming\Mozilla\Firefox\Profiles\ebnhq2l0.default\Extensions\[email protected] [2015-01-19]
FF Extension: No Name - C:\Users\Brad\AppData\Roaming\Mozilla\Firefox\Profiles\ebnhq2l0.default\Extensions\[email protected] [2015-04-15]
FF Extension: 1-Click YouTube Video Downloader - C:\Users\Brad\AppData\Roaming\Mozilla\Firefox\Profiles\ebnhq2l0.default\Extensions\[email protected] [2013-10-11]
FF Extension: Facebook Phishing Protector - C:\Users\Brad\AppData\Roaming\Mozilla\Firefox\Profiles\ebnhq2l0.default\Extensions\{023e9ca0-63f3-47b1-bcb2-9badf9d9ef28}.xpi [2013-07-16]
FF Extension: Font Information - C:\Users\Brad\AppData\Roaming\Mozilla\Firefox\Profiles\ebnhq2l0.default\Extensions\{70ded480-0a45-4099-84d1-65aa1cb1575e}.xpi [2011-10-05]
FF Extension: NoScript - C:\Users\Brad\AppData\Roaming\Mozilla\Firefox\Profiles\ebnhq2l0.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2011-09-29]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Brad\AppData\Roaming\Mozilla\Firefox\Profiles\ebnhq2l0.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2014-02-03]
FF Extension: Pixlr Grabber - C:\Users\Brad\AppData\Roaming\Mozilla\Firefox\Profiles\ebnhq2l0.default\Extensions\{d47a9f51-8281-43fa-f450-f28ef8735e9a}.xpi [2011-10-05]
FF Extension: DownThemAll! - C:\Users\Brad\AppData\Roaming\Mozilla\Firefox\Profiles\ebnhq2l0.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2011-09-29]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-04-21]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-04-21]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-04-21]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-04-21]
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2015-04-21]
FF HKLM-x32\...\Mozilla Firefox 37.0.2\Extensions: [Components] - C:\Program Files (x86)\Mozilla Firefox\components
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\components [2015-04-21]
FF HKLM-x32\...\Mozilla Firefox 37.0.2\Extensions: [Plugins] - C:\Program Files (x86)\Mozilla Firefox\plugins
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\plugins [2015-04-21]
FF HKU\S-1-5-21-2006745713-1683086816-4265226290-1000\...\Mozilla Firefox 37.0.2\Extensions: [Components] - C:\Program Files (x86)\Mozilla Firefox\components
FF HKU\S-1-5-21-2006745713-1683086816-4265226290-1000\...\Mozilla Firefox 37.0.2\Extensions: [Plugins] - C:\Program Files (x86)\Mozilla Firefox\plugins
StartMenuInternet: FIREFOX.EXE - "C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\channel-prefs.js [2015-04-21]

Chrome:
=======
CHR Profile: C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-04]
CHR Extension: (Google Drive) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-04]
CHR Extension: (YouTube) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-04]
CHR Extension: (news.net) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmbbgcooaabknohabmoaikiakkoignai [2013-06-26]
CHR Extension: (Google Search) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-04]
CHR Extension: (avast! Online Security) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-12-04]
CHR Extension: (Skype Click to Call) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-12-04]
CHR Extension: (Google Wallet) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-04]
CHR Extension: (Gmail) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-04]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]

==================== Services (All) ========================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [81088 2015-03-07] (Adobe Systems Incorporated)
R3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [72192 2009-07-14] (Microsoft Corporation)
S4 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [98208 2009-11-18] (Andrea Electronics Corporation)
S3 ALG; C:\Windows\System32\alg.exe [79360 2009-07-14] (Microsoft Corporation)
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [32256 2015-02-03] (Microsoft Corporation)
R3 Appinfo; C:\Windows\System32\appinfo.dll [70144 2013-02-27] (Microsoft Corporation)
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S3 AppMgmt; C:\Windows\System32\appmgmts.dll [193536 2009-07-14] (Microsoft Corporation)
S3 AppMgmt; C:\Windows\SysWOW64\appmgmts.dll [149504 2009-07-14] (Microsoft Corporation)
S3 aspnet_state; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [50864 2014-04-11] (Microsoft Corporation)
R2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [680960 2015-02-03] (Microsoft Corporation)
R2 AudioSrv; C:\Windows\System32\Audiosrv.dll [680960 2015-02-03] (Microsoft Corporation)
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [114688 2010-11-21] (Microsoft Corporation)
S3 BDESVC; C:\Windows\System32\bdesvc.dll [100864 2009-07-14] (Microsoft Corporation)
R2 BFE; C:\Windows\System32\bfe.dll [705024 2010-11-21] (Microsoft Corporation)
S3 BITS; C:\Windows\System32\qmgr.dll [849920 2010-11-21] (Microsoft Corporation)
S4 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [462184 2011-08-30] (Apple Inc.)
S4 BroadCamService; C:\Program Files (x86)\NCH Software\BroadCam\broadcam.exe [2469380 2012-04-10] (NCH Software) [File not signed]
R3 Browser; C:\Windows\System32\browser.dll [136704 2012-07-05] (Microsoft Corporation)
S3 bthserv; C:\Windows\system32\bthserv.dll [83968 2009-07-14] (Microsoft Corporation)
S3 CertPropSvc; C:\Windows\System32\certprop.dll [80384 2010-11-21] (Microsoft Corporation)
S4 clr_optimization_v2.0.50727_32; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [67224 2014-03-21] (Microsoft Corporation)
S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-21] (Microsoft Corporation)
S2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [103608 2014-04-11] (Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [124088 2014-04-11] (Microsoft Corporation)
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [187904 2015-02-03] (Microsoft Corporation)
R2 CryptSvc; C:\Windows\SysWOW64\cryptsvc.dll [143872 2015-02-03] (Microsoft Corporation)
R2 CscService; C:\Windows\System32\cscsvc.dll [692224 2010-11-21] (Microsoft Corporation)
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [512000 2010-11-21] (Microsoft Corporation)
S3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-14] (Microsoft Corporation)
S4 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2552528 2015-01-31] (Dell Inc.)
S4 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201424 2015-01-31] (Dell Inc.)
S4 DellDigitalDelivery; C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [162816 2011-10-26] (Dell Products, LP.) [File not signed]
R2 Dhcp; C:\Windows\system32\dhcpcore.dll [317952 2010-11-21] (Microsoft Corporation)
R2 Dhcp; C:\Windows\SysWOW64\dhcpcore.dll [254464 2010-11-21] (Microsoft Corporation)
R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [183296 2011-09-18] (Microsoft Corporation)
S3 dot3svc; C:\Windows\System32\dot3svc.dll [252416 2010-11-21] (Microsoft Corporation)
R2 DPS; C:\Windows\system32\dps.dll [162816 2010-11-21] (Microsoft Corporation)
S4 DragonSvc; C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe [296808 2010-07-23] (Nuance Communications, Inc.)
S3 EapHost; C:\Windows\System32\eapsvc.dll [111104 2009-07-14] (Microsoft Corporation)
S3 EFS; C:\Windows\System32\lsass.exe [31232 2015-03-17] (Microsoft Corporation)
S3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [696832 2010-11-21] (Microsoft Corporation)
S3 ehSched; C:\Windows\ehome\ehsched.exe [127488 2009-07-14] (Microsoft Corporation)
R2 eventlog; C:\Windows\System32\wevtsvc.dll [1646080 2010-11-21] (Microsoft Corporation)
R2 EventSystem; C:\Windows\system32\es.dll [402944 2009-07-14] (Microsoft Corporation)
R2 EventSystem; C:\Windows\SysWOW64\es.dll [271360 2009-07-14] (Microsoft Corporation)
S4 EwDatabase; C:\Agiloft\mysql\bin\mysqld.exe [12915712 2013-09-10] () [File not signed]
S4 EwServer; C:\Agiloft\jboss\bin\jbosssvc.exe [40448 2007-07-24] (Red Hat®, Inc.) [File not signed]
S3 Fax; C:\Windows\system32\fxssvc.exe [689152 2010-11-21] (Microsoft Corporation)
R2 fdPHost; C:\Windows\system32\fdPHost.dll [16384 2009-07-14] (Microsoft Corporation)
R2 FDResPub; C:\Windows\system32\fdrespub.dll [34816 2009-07-14] (Microsoft Corporation)
S4 FileOpenManager; C:\Program Files\FileOpen\Services\FileOpenManager64.exe [337264 2013-03-19] (FileOpen Systems Inc.)
R2 FontCache; C:\Windows\system32\FntCache.dll [1175552 2013-01-14] (Microsoft Corporation)
S3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-21] (Microsoft Corporation)
S4 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [250712 2013-12-30] (Garmin Ltd or its subsidiaries)
R2 gpsvc; C:\Windows\System32\gpsvc.dll [777728 2010-11-21] (Microsoft Corporation)
S2 gupdate; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107912 2014-10-20] (Google Inc.)
S3 gupdatem; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107912 2014-10-20] (Google Inc.)
R3 hidserv; C:\Windows\system32\hidserv.dll [38912 2009-07-14] (Microsoft Corporation)
R3 hidserv; C:\Windows\SysWOW64\hidserv.dll [49152 2009-07-14] (Microsoft Corporation)
S3 hkmsvc; C:\Windows\system32\kmsvc.dll [90624 2010-11-21] (Microsoft Corporation)
R3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [232448 2010-11-21] (Microsoft Corporation)
R2 HomeGroupProvider; C:\Windows\system32\provsvc.dll [187904 2010-11-21] (Microsoft Corporation)
R2 HomeGroupProvider; C:\Windows\SysWOW64\provsvc.dll [165376 2010-11-21] (Microsoft Corporation)
S4 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [13336 2010-09-13] (Intel Corporation)
S3 idsvc; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe [859280 2014-07-01] (Microsoft Corporation)
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [114688 2015-03-13] (Microsoft Corporation)
R2 IKEEXT; C:\Windows\System32\ikeext.dll [859648 2013-10-12] (Microsoft Corporation)
R2 IPBusEnum; C:\Windows\system32\ipbusenum.dll [101888 2009-07-14] (Microsoft Corporation)
R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [569344 2012-10-04] (Microsoft Corporation)
S4 iPod Service; C:\Program Files\iPod\bin\iPodService.exe [643880 2015-02-13] (Apple Inc.)
S3 KeyIso; C:\Windows\system32\lsass.exe [31232 2015-03-17] (Microsoft Corporation)
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [368640 2009-07-14] (Microsoft Corporation)
R2 LanmanServer; C:\Windows\system32\srvsvc.dll [236032 2010-11-21] (Microsoft Corporation)
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [118784 2010-11-21] (Microsoft Corporation)
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [300032 2009-07-14] (Microsoft Corporation)
R2 lmhosts; C:\Windows\System32\lmhsvc.dll [23552 2009-07-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [84992 2010-11-21] (Microsoft Corporation)
R2 MMCSS; C:\Windows\system32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation)
S3 MozillaMaintenance; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [148080 2015-04-21] (Mozilla Foundation)
R2 MpsSvc; C:\Windows\system32\mpssvc.dll [828416 2010-11-21] (Microsoft Corporation)
S3 MSDTC; C:\Windows\System32\msdtc.exe [141824 2009-07-14] (Microsoft Corporation)
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [156672 2009-07-14] (Microsoft Corporation)
S3 msiserver; C:\Windows\System32\msiexec.exe [128000 2010-11-21] (Microsoft Corporation)
S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [73216 2010-11-21] (Microsoft Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
S3 napagent; C:\Windows\system32\qagentRT.dll [476160 2010-11-21] (Microsoft Corporation)
S3 Netlogon; C:\Windows\system32\lsass.exe [31232 2015-03-17] (Microsoft Corporation)
R3 Netman; C:\Windows\System32\netman.dll [360448 2009-07-14] (Microsoft Corporation)
S4 NetMsmqActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139944 2014-04-12] (Microsoft Corporation)
S4 NetPipeActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139944 2014-04-12] (Microsoft Corporation)
R2 netprofm; C:\Windows\System32\netprofm.dll [459776 2009-07-14] (Microsoft Corporation)
R2 netprofm; C:\Windows\SysWOW64\netprofm.dll [360448 2009-07-14] (Microsoft Corporation)
S4 NetTcpActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139944 2014-04-12] (Microsoft Corporation)
S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139944 2014-04-12] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\nlasvc.dll [303616 2014-12-06] (Microsoft Corporation)
S4 NOBU; C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2823000 2010-08-25] (Dell, Inc.)
R2 nsi; C:\Windows\system32\nsisvc.dll [25600 2009-07-14] (Microsoft Corporation)
S4 NVSvc; C:\Windows\system32\nvvsvc.exe [893728 2013-08-10] (NVIDIA Corporation)
S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [149352 2010-01-09] (Microsoft Corporation)
R3 osppsvc; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [4925184 2010-01-09] (Microsoft Corporation)
R3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-14] (Microsoft Corporation)
R3 p2psvc; C:\Windows\system32\p2psvc.dll [438784 2009-07-14] (Microsoft Corporation)
R2 PcaSvc; C:\Windows\System32\pcasvc.dll [188416 2015-02-03] (Microsoft Corporation)
S3 PeerDistSvc; C:\Windows\system32\peerdistsvc.dll [1361920 2009-07-14] (Microsoft Corporation)
S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 pla; C:\Windows\system32\pla.dll [1389056 2010-11-21] (Microsoft Corporation)
S3 pla; C:\Windows\SysWOW64\pla.dll [1508864 2010-11-21] (Microsoft Corporation)
R2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [404480 2011-09-18] (Microsoft Corporation)
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [25088 2009-07-14] (Microsoft Corporation)
R3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-14] (Microsoft Corporation)
R3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [501248 2010-11-21] (Microsoft Corporation)
R2 Power; C:\Windows\system32\umpo.dll [163840 2009-07-14] (Microsoft Corporation)
R2 ProfSvc; C:\Windows\system32\profsvc.dll [210432 2014-12-19] (Microsoft Corporation)
S3 ProtectedStorage; C:\Windows\system32\lsass.exe [31232 2015-03-17] (Microsoft Corporation)
S3 QWAVE; C:\Windows\system32\qwave.dll [242688 2009-07-14] (Microsoft Corporation)
R2 RapiMgr; C:\Windows\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation)
S3 RasAuto; C:\Windows\System32\rasauto.dll [99328 2009-07-14] (Microsoft Corporation)
S3 RasMan; C:\Windows\System32\rasmans.dll [344064 2010-11-21] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [97792 2009-07-14] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [75264 2009-07-14] (Microsoft Corporation)
S3 RemoteRegistry; C:\Windows\system32\regsvc.dll [159232 2009-07-14] (Microsoft Corporation)
S4 RoxMediaDB12OEM; C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [1116656 2010-11-25] (Sonic Solutions)
S4 RoxWatch12; C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [219632 2010-11-25] (Sonic Solutions)
R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [67072 2009-07-14] (Microsoft Corporation)
S3 RpcLocator; C:\Windows\system32\locator.exe [10240 2009-07-14] (Microsoft Corporation)
R2 RpcSs; C:\Windows\system32\rpcss.dll [512000 2010-11-21] (Microsoft Corporation)
R2 SamSs; C:\Windows\system32\lsass.exe [31232 2015-03-17] (Microsoft Corporation)
S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [190976 2009-07-14] (Microsoft Corporation)
R2 Schedule; C:\Windows\system32\schedsvc.dll [1110016 2010-11-21] (Microsoft Corporation)
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [80384 2010-11-21] (Microsoft Corporation)
S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [170496 2010-11-21] (Microsoft Corporation)
R3 seclogon; C:\Windows\system32\seclogon.dll [30720 2010-11-21] (Microsoft Corporation)
R2 SENS; C:\Windows\System32\sens.dll [64512 2009-07-14] (Microsoft Corporation)
R2 SENS; C:\Windows\SysWOW64\sens.dll [49664 2009-07-14] (Microsoft Corporation)
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [29184 2009-07-14] (Microsoft Corporation)
S3 SessionEnv; C:\Windows\system32\sessenv.dll [121856 2010-11-21] (Microsoft Corporation)
S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [113664 2010-11-21] (Microsoft Corporation)
S4 SharedAccess; C:\Windows\System32\ipnathlp.dll [359424 2009-07-14] (Microsoft Corporation)
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [370688 2010-11-21] (Microsoft Corporation)
R2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [328192 2010-11-21] (Microsoft Corporation)
S4 SkypeUpdate; C:\Program Files (x86)\Skype\Updater\Updater.exe [315488 2015-02-18] (Skype Technologies)
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14336 2009-07-14] (Microsoft Corporation)
R2 Spooler; C:\Windows\System32\spoolsv.exe [559104 2012-02-11] (Microsoft Corporation)
S2 sppsvc; C:\Windows\system32\sppsvc.exe [3524608 2010-11-21] (Microsoft Corporation)
S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [65536 2009-07-14] (Microsoft Corporation)
R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [193024 2009-07-14] (Microsoft Corporation)
S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [75264 2009-07-14] (Microsoft Corporation)
S4 Stereo Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [413472 2013-08-09] (NVIDIA Corporation)
R2 stisvc; C:\Windows\System32\wiaservc.dll [580096 2010-11-21] (Microsoft Corporation)
S4 stllssvr; C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe [74392 2010-11-08] (MicroVision Development, Inc.)
S3 StorSvc; C:\Windows\system32\storsvc.dll [17920 2009-07-14] (Microsoft Corporation)
S4 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [19288 2015-02-19] (Dell Inc.)
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 swprv; C:\Windows\System32\swprv.dll [524288 2009-07-14] (Microsoft Corporation)
R2 SysMain; C:\Windows\system32\sysmain.dll [1743360 2010-11-21] (Microsoft Corporation)
S3 TabletInputService; C:\Windows\System32\TabSvc.dll [92672 2010-11-21] (Microsoft Corporation)
S3 TapiSrv; C:\Windows\System32\tapisrv.dll [316928 2010-11-21] (Microsoft Corporation)
S3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [242176 2010-11-21] (Microsoft Corporation)
S3 TBS; C:\Windows\System32\tbssvc.dll [65536 2009-07-14] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448464 2015-03-30] (TeamViewer GmbH)
S3 TermService; C:\Windows\System32\termsrv.dll [683520 2014-10-14] (Microsoft Corporation)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-14] (Microsoft Corporation)
S3 THREADORDER; C:\Windows\system32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation)
R2 TrkWks; C:\Windows\System32\trkwks.dll [119808 2009-07-14] (Microsoft Corporation)
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [194048 2010-11-21] (Microsoft Corporation)
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [40960 2009-07-14] (Microsoft Corporation)
S3 UmRdpService; C:\Windows\System32\umrdp.dll [214528 2010-11-21] (Microsoft Corporation)
R3 upnphost; C:\Windows\System32\upnphost.dll [353792 2009-07-14] (Microsoft Corporation)
R3 upnphost; C:\Windows\SysWOW64\upnphost.dll [266752 2009-07-14] (Microsoft Corporation)
R2 UxSms; C:\Windows\System32\uxsms.dll [38912 2009-07-14] (Microsoft Corporation)
R3 VaultSvc; C:\Windows\system32\lsass.exe [31232 2015-03-17] (Microsoft Corporation)
S3 vds; C:\Windows\System32\vds.exe [533504 2010-11-21] (Microsoft Corporation)
S3 VSS; C:\Windows\system32\vssvc.exe [1600512 2010-11-21] (Microsoft Corporation)
S3 W32Time; C:\Windows\system32\w32time.dll [381952 2009-07-14] (Microsoft Corporation)
S3 WatAdminSvc; C:\Windows\system32\Wat\WatAdminSvc.exe [1255736 2011-09-26] (Microsoft Corporation)
S3 wbengine; C:\Windows\system32\wbengine.exe [1504256 2010-11-21] (Microsoft Corporation)
S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [202240 2009-07-14] (Microsoft Corporation)
R2 WcesComm; C:\Windows\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation)
R3 wcncsvc; C:\Windows\System32\wcncsvc.dll [367104 2010-11-21] (Microsoft Corporation)
R3 wcncsvc; C:\Windows\SysWOW64\wcncsvc.dll [276992 2010-11-21] (Microsoft Corporation)
S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [40960 2009-07-14] (Microsoft Corporation)
S3 WcsPlugInService; C:\Windows\SysWOW64\WcsPlugInService.dll [32768 2009-07-14] (Microsoft Corporation)
R3 WdiServiceHost; C:\Windows\system32\wdi.dll [90624 2009-07-14] (Microsoft Corporation)
R3 WdiServiceHost; C:\Windows\SysWOW64\wdi.dll [76288 2009-07-14] (Microsoft Corporation)
S3 WdiSystemHost; C:\Windows\system32\wdi.dll [90624 2009-07-14] (Microsoft Corporation)
S3 WdiSystemHost; C:\Windows\SysWOW64\wdi.dll [76288 2009-07-14] (Microsoft Corporation)
S3 WebClient; C:\Windows\System32\webclnt.dll [259584 2013-07-04] (Microsoft Corporation)
S3 WebClient; C:\Windows\SysWOW64\webclnt.dll [205824 2013-07-04] (Microsoft Corporation)
R2 WebUpdate4; C:\Windows\SysWOW64\WebUpdateSvc4.exe [412776 2013-11-26] (Data Perceptions / PowerProgrammer)
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [237568 2009-07-14] (Microsoft Corporation)
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [84480 2009-07-14] (Microsoft Corporation)
S3 WerSvc; C:\Windows\System32\WerSvc.dll [76800 2009-07-14] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [444416 2010-11-21] (Microsoft Corporation)
S3 WinHttpAutoProxySvc; C:\Windows\SysWOW64\winhttp.dll [351232 2010-11-21] (Microsoft Corporation)
R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [242688 2009-07-14] (Microsoft Corporation)
S3 WinRM; C:\Windows\system32\WsmSvc.dll [2020352 2014-10-03] (Microsoft Corporation)
S3 WinRM; C:\Windows\SysWOW64\WsmSvc.dll [1177088 2014-10-03] (Microsoft Corporation)
S3 Wlansvc; C:\Windows\System32\wlansvc.dll [886784 2009-07-14] (Microsoft Corporation)
S4 wlcrasvc; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [57184 2010-09-22] (Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2286976 2010-09-21] (Microsoft Corp.)
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [203264 2009-07-14] (Microsoft Corporation)
R2 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1525248 2010-11-21] (Microsoft Corporation)
S3 WMZuneComm; C:\Program Files\Zune\WMZuneComm.exe [306400 2011-08-05] (Microsoft Corporation)
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-14] (Microsoft Corporation)
S3 WPCSvc; C:\Windows\SysWOW64\wpcsvc.dll [10752 2009-07-14] (Microsoft Corporation)
S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [117248 2010-11-21] (Microsoft Corporation)
R2 wscsvc; C:\Windows\System32\wscsvc.dll [97280 2009-07-14] (Microsoft Corporation)
R2 WSearch; C:\Windows\system32\SearchIndexer.exe [591872 2011-09-18] (Microsoft Corporation)
R2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [427520 2011-09-18] (Microsoft Corporation)
R2 wuauserv; C:\Windows\system32\wuaueng.dll [2553856 2015-03-25] (Microsoft Corporation)
R3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [84992 2012-07-26] (Microsoft Corporation)
S3 WwanSvc; C:\Windows\System32\wwansvc.dll [228864 2014-01-28] (Microsoft Corporation)
S3 ZuneNetworkSvc; C:\Program Files\Zune\ZuneNss.exe [8277728 2011-08-05] (Microsoft Corporation)
S3 ZuneWlanCfgSvc; C:\Program Files\Zune\ZuneWlanCfgSvc.exe [467680 2011-08-05] (Microsoft Corporation)
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}

==================== Drivers (All) ==========================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 1394ohci; C:\Windows\system32\drivers\1394ohci.sys [229888 2010-11-21] (Microsoft Corporation)
R0 ACPI; C:\Windows\System32\drivers\ACPI.sys [334208 2010-11-21] (Microsoft Corporation)
S3 AcpiPmi; C:\Windows\system32\drivers\acpipmi.sys [12800 2010-11-21] (Microsoft Corporation)
S3 adp94xx; C:\Windows\system32\drivers\adp94xx.sys [491088 2009-07-14] (Adaptec, Inc.)
S3 adpahci; C:\Windows\system32\drivers\adpahci.sys [339536 2009-07-14] (Adaptec, Inc.)
S3 adpu320; C:\Windows\system32\drivers\adpu320.sys [182864 2009-07-14] (Adaptec, Inc.)
R3 Afc; C:\Windows\SysWow64\drivers\Afc.sys [22784 2006-11-14] (Arcsoft, Inc.)
R1 AFD; C:\Windows\system32\drivers\afd.sys [497152 2014-05-30] (Microsoft Corporation)
S3 agp440; C:\Windows\system32\drivers\agp440.sys [61008 2009-07-14] (Microsoft Corporation)
S3 aliide; C:\Windows\system32\drivers\aliide.sys [15440 2009-07-14] (Acer Laboratories Inc.)
S3 amdide; C:\Windows\system32\drivers\amdide.sys [15440 2009-07-14] (Microsoft Corporation)
S3 AmdK8; C:\Windows\system32\drivers\amdk8.sys [64512 2009-07-14] (Microsoft Corporation)
S3 AmdPPM; C:\Windows\system32\drivers\amdppm.sys [60928 2009-07-14] (Microsoft Corporation)
S3 amdsata; C:\Windows\system32\drivers\amdsata.sys [107904 2011-09-18] (Advanced Micro Devices)
S3 amdsbs; C:\Windows\system32\drivers\amdsbs.sys [194128 2009-07-14] (AMD Technologies Inc.)
R0 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2011-09-18] (Advanced Micro Devices)
S3 AppID; C:\Windows\system32\drivers\appid.sys [61440 2015-02-03] (Microsoft Corporation)
S3 arc; C:\Windows\system32\drivers\arc.sys [87632 2009-07-14] (Adaptec, Inc.)
S3 arcsas; C:\Windows\system32\drivers\arcsas.sys [97856 2009-07-14] (Adaptec, Inc.)
R3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-14] (Microsoft Corporation)
S3 atapi; C:\Windows\system32\drivers\atapi.sys [24128 2009-07-14] (Microsoft Corporation)
S3 b06bdrv; C:\Windows\system32\drivers\bxvbda.sys [468480 2009-06-11] (Broadcom Corporation)
S3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-11] (Broadcom Corporation)
U5 BattC; C:\Windows\System32\Drivers\BattC.sys [28240 2009-07-14] (Microsoft Corporation)
R1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-14] (Microsoft Corporation)
R1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [45056 2009-07-14] (Microsoft Corporation)
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2011-02-23] (Microsoft Corporation)
S3 BrFiltLo; C:\Windows\system32\drivers\BrFiltLo.sys [18432 2009-06-11] (Brother Industries, Ltd.)
S3 BrFiltUp; C:\Windows\system32\drivers\BrFiltUp.sys [8704 2009-06-11] (Brother Industries, Ltd.)
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-14] (Brother Industries Ltd.)
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-11] (Brother Industries Ltd.)
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-11] (Brother Industries Ltd.)
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-11] (Brother Industries Ltd.)
S3 BTHMODEM; C:\Windows\system32\drivers\bthmodem.sys [72192 2009-07-14] (Microsoft Corporation)
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-14] (Microsoft Corporation)
R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [147456 2010-11-21] (Microsoft Corporation)
S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [58368 2009-06-02] (www.winchiphead.com)
S3 circlass; C:\Windows\system32\drivers\circlass.sys [45568 2009-07-14] (Microsoft Corporation)
R0 CLFS; C:\Windows\System32\CLFS.sys [367552 2015-03-04] (Microsoft Corporation)
S3 CmBatt; C:\Windows\system32\drivers\CmBatt.sys [17664 2009-07-14] (Microsoft Corporation)
S3 cmdide; C:\Windows\system32\drivers\cmdide.sys [17488 2009-07-14] (CMD Technology, Inc.)
R0 CNG; C:\Windows\System32\Drivers\cng.sys [459336 2015-01-31] (Microsoft Corporation)
S3 Compbatt; C:\Windows\system32\drivers\compbatt.sys [21584 2009-07-14] (Microsoft Corporation)
R3 CompositeBus; C:\Windows\System32\DRIVERS\CompositeBus.sys [38912 2010-11-21] (Microsoft Corporation)
S4 crcdisk; C:\Windows\system32\drivers\crcdisk.sys [24144 2009-07-14] (Microsoft Corporation)
R1 CSC; C:\Windows\System32\drivers\csc.sys [514560 2010-11-21] (Microsoft Corporation)
R3 dc3d; C:\Windows\System32\DRIVERS\dc3d.sys [76496 2014-03-19] (Microsoft Corporation)
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [23760 2015-01-31] (Dell Computer Corporation)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [23312 2015-01-31] (Dell Computer Corporation)
R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2010-11-21] (Microsoft Corporation)
R1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-14] (Microsoft Corporation)
R0 Disk; C:\Windows\System32\drivers\disk.sys [73280 2009-07-14] (Microsoft Corporation)
S3 dmvsc; C:\Windows\system32\drivers\dmvsc.sys [71168 2010-11-21] (Microsoft Corporation)
S3 drmkaud; C:\Windows\system32\drivers\drmkaud.sys [5632 2009-07-14] (Microsoft Corporation)
R3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [985536 2014-06-16] (Microsoft Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-11] (Broadcom Corporation)
S3 elxstor; C:\Windows\system32\drivers\elxstor.sys [530496 2009-07-14] (Emulex)
S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [9728 2009-07-14] (Microsoft Corporation)
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-14] (Microsoft Corporation)
R3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-14] (Microsoft Corporation)
S3 fdc; C:\Windows\system32\drivers\fdc.sys [29696 2009-07-14] (Microsoft Corporation)
R0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-14] (Microsoft Corporation)
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-14] (Microsoft Corporation)
S3 flpydisk; C:\Windows\system32\drivers\flpydisk.sys [24576 2009-07-14] (Microsoft Corporation)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-21] (Microsoft Corporation)
S3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [55376 2009-07-14] (Microsoft Corporation)
U0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23408 2012-03-01] (Microsoft Corporation)
R0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223752 2013-01-24] (Microsoft Corporation)
S3 gagp30kx; C:\Windows\system32\drivers\gagp30kx.sys [65088 2009-07-14] (Microsoft Corporation)
R3 GEARAspiWDM; C:\Windows\System32\DRIVERS\GEARAspiWDM.sys [33240 2012-08-21] (GEAR Software Inc.)
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [19304 2012-04-18] (GARMIN Corp.)
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-11] (Hauppauge Computer Works, Inc.)
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [122368 2010-11-21] (Microsoft Corporation)
S3 HidBatt; C:\Windows\system32\drivers\HidBatt.sys [26624 2009-07-14] (Microsoft Corporation)
S3 HidBth; C:\Windows\system32\drivers\hidbth.sys [100864 2009-07-14] (Microsoft Corporation)
S3 HidIr; C:\Windows\system32\drivers\hidir.sys [46592 2009-07-14] (Microsoft Corporation)
R3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [30208 2010-11-21] (Microsoft Corporation)
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [37456 2011-01-21] (Paragon Software Group)
S3 HpSAMD; C:\Windows\system32\drivers\HpSAMD.sys [78720 2010-11-21] (Hewlett-Packard Company)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [File not signed]
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [754688 2015-02-25] (Microsoft Corporation)
R0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-21] (Microsoft Corporation)
S3 i8042prt; C:\Windows\system32\drivers\i8042prt.sys [105472 2009-07-14] (Microsoft Corporation)
R0 iaStor; C:\Windows\System32\drivers\iaStor.sys [437272 2010-09-14] (Intel Corporation)
S3 iaStorV; C:\Windows\system32\drivers\iaStorV.sys [410496 2011-09-18] (Intel Corporation)
S3 iirsp; C:\Windows\system32\drivers\iirsp.sys [44112 2009-07-14] (Intel Corp./ICP vortex GmbH)
S3 Impcd; C:\Windows\system32\drivers\Impcd.sys [158976 2010-02-28] (Intel Corporation)
R3 IntcAzAudAddService; C:\Windows\System32\drivers\RTKVHD64.sys [2399848 2010-06-23] (Realtek Semiconductor Corp.)
R3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [317440 2010-10-16] (Intel® Corporation)
S3 intelide; C:\Windows\system32\drivers\intelide.sys [16960 2009-07-14] (Microsoft Corporation)
R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [62464 2009-07-14] (Microsoft Corporation)
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2010-11-21] (Microsoft Corporation)
S3 IPMIDRV; C:\Windows\system32\drivers\IPMIDrv.sys [78848 2010-11-21] (Microsoft Corporation)
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-14] (Microsoft Corporation)
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-14] (Microsoft Corporation)
S3 isapnp; C:\Windows\system32\drivers\isapnp.sys [20544 2009-07-14] (Microsoft Corporation)
S3 iScsiPrt; C:\Windows\system32\drivers\msiscsi.sys [274880 2014-02-04] (Microsoft Corporation)
R3 k57nd60a; C:\Windows\System32\DRIVERS\k57nd60a.sys [406056 2010-06-08] (Broadcom Corporation)
R3 kbdclass; C:\Windows\System32\DRIVERS\kbdclass.sys [50768 2009-07-14] (Microsoft Corporation)
R3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [33280 2010-11-21] (Microsoft Corporation)
R0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95672 2015-03-17] (Microsoft Corporation)
R0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [155576 2015-03-17] (Microsoft Corporation)
R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [20992 2009-07-14] (Microsoft Corporation)
R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-14] (Microsoft Corporation)
S3 LSI_FC; C:\Windows\system32\drivers\lsi_fc.sys [114752 2009-07-14] (LSI Corporation)
R0 LSI_SAS; C:\Windows\system32\drivers\lsi_sas.sys [106560 2009-07-14] (LSI Corporation)
S3 LSI_SAS2; C:\Windows\system32\drivers\lsi_sas2.sys [65600 2009-07-14] (LSI Corporation)
S3 LSI_SCSI; C:\Windows\system32\drivers\lsi_scsi.sys [115776 2009-07-14] (LSI Corporation)
R2 luafv; C:\Windows\system32\drivers\luafv.sys [113152 2009-07-14] (Microsoft Corporation)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [107736 2015-03-17] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-22] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)
S3 megasas; C:\Windows\system32\drivers\megasas.sys [35392 2009-07-14] (LSI Corporation)
S3 MegaSR; C:\Windows\system32\drivers\MegaSR.sys [284736 2009-07-14] (LSI Corporation, Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\HECIx64.sys [56344 2010-10-19] (Intel Corporation)
S3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-14] (Microsoft Corporation)
R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-14] (Microsoft Corporation)
R3 mouclass; C:\Windows\System32\DRIVERS\mouclass.sys [49216 2009-07-14] (Microsoft Corporation)
R3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [31232 2009-07-14] (Microsoft Corporation)
R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94656 2015-02-03] (Microsoft Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
S3 mpio; C:\Windows\system32\drivers\mpio.sys [155008 2010-11-21] (Microsoft Corporation)
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-14] (Microsoft Corporation)
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [141312 2014-12-19] (Microsoft Corporation)
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [158208 2011-09-18] (Microsoft Corporation)
R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [288768 2011-07-09] (Microsoft Corporation)
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [128000 2011-09-18] (Microsoft Corporation)
S3 msahci; C:\Windows\system32\drivers\msahci.sys [31104 2010-11-21] (Microsoft Corporation)
S3 msdsm; C:\Windows\system32\drivers\msdsm.sys [140672 2010-11-21] (Microsoft Corporation)
R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2009-07-14] (Microsoft Corporation)
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-14] (Microsoft Corporation)
R0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-14] (Microsoft Corporation)
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-14] (Microsoft Corporation)
S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-14] (Microsoft Corporation)
S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-14] (Microsoft Corporation)
S3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [366976 2010-11-21] (Microsoft Corporation)
R1 mssmbios; C:\Windows\System32\DRIVERS\mssmbios.sys [32320 2009-07-14] (Microsoft Corporation)
S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-14] (Microsoft Corporation)
S3 MTConfig; C:\Windows\system32\drivers\MTConfig.sys [15360 2009-07-14] (Microsoft Corporation)
R0 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-14] (Microsoft Corporation)
S3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-14] (Microsoft Corporation)
R0 NDIS; C:\Windows\System32\drivers\ndis.sys [950128 2012-08-23] (Microsoft Corporation)
S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-14] (Microsoft Corporation)
R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-14] (Microsoft Corporation)
S3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56832 2010-11-21] (Microsoft Corporation)
R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2010-11-21] (Microsoft Corporation)
R3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2010-11-21] (Microsoft Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [23040 2013-07-25] (Apple Inc.)
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-14] (Microsoft Corporation)
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [261632 2010-11-21] (Microsoft Corporation)
S3 netvsc; C:\Windows\System32\DRIVERS\netvsc60.sys [168448 2010-11-21] (Microsoft Corporation)
S3 nfrd960; C:\Windows\system32\drivers\nfrd960.sys [51264 2009-07-14] (IBM Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44032 2009-07-14] (Microsoft Corporation)
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-14] (Microsoft Corporation)
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1684928 2014-01-24] (Microsoft Corporation)
R3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [29904 2014-01-07] (Microsoft Corporation)
R1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-14] (Microsoft Corporation)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [75264 2009-10-27] (NEC Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [176640 2009-10-27] (NEC Electronics Corporation)
R3 NVHDA; C:\Windows\System32\drivers\nvhda64v.sys [189288 2013-02-18] (NVIDIA Corporation)
R3 nvlddmkm; C:\Windows\System32\DRIVERS\nvlddmkm.sys [11248416 2013-08-20] (NVIDIA Corporation)
S3 nvraid; C:\Windows\system32\drivers\nvraid.sys [148352 2011-09-18] (NVIDIA Corporation)
S3 nvstor; C:\Windows\system32\drivers\nvstor.sys [166272 2011-09-18] (NVIDIA Corporation)
S3 nv_agp; C:\Windows\system32\drivers\nv_agp.sys [122960 2009-07-14] (Microsoft Corporation)
S3 ohci1394; C:\Windows\system32\drivers\ohci1394.sys [72832 2009-07-14] (Microsoft Corporation)
S3 Parport; C:\Windows\system32\drivers\parport.sys [97280 2009-07-14] (Microsoft Corporation)
R0 partmgr; C:\Windows\System32\drivers\partmgr.sys [75120 2012-03-17] (Microsoft Corporation)
R0 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-21] (Microsoft Corporation)
S3 pciide; C:\Windows\system32\drivers\pciide.sys [12352 2009-07-14] (Microsoft Corporation)
S3 pcmcia; C:\Windows\system32\drivers\pcmcia.sys [220752 2009-07-14] (Microsoft Corporation)
R0 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-14] (Microsoft Corporation)
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [663552 2015-02-03] (Microsoft Corporation)
R3 Point64; C:\Windows\System32\DRIVERS\point64.sys [50896 2014-03-19] (Microsoft Corporation)
R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111104 2010-11-21] (Microsoft Corporation)
S3 Processor; C:\Windows\system32\drivers\processr.sys [60416 2009-07-14] (Microsoft Corporation)
R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2010-11-21] (Microsoft Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [55856 2010-03-19] (Sonic Solutions)
S3 ql2300; C:\Windows\system32\drivers\ql2300.sys [1524816 2009-07-14] (QLogic Corporation)
S3 ql40xx; C:\Windows\system32\drivers\ql40xx.sys [128592 2009-07-14] (QLogic Corporation)
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2009-07-14] (Microsoft Corporation)
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-14] (Microsoft Corporation)
R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-14] (Microsoft Corporation)
R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [129536 2010-11-21] (Microsoft Corporation)
R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-14] (Microsoft Corporation)
R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-14] (Microsoft Corporation)
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2010-11-21] (Microsoft Corporation)
R3 rdpbus; C:\Windows\System32\DRIVERS\rdpbus.sys [24064 2009-07-14] (Microsoft Corporation)
R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-14] (Microsoft Corporation)
S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [165888 2010-11-21] (Microsoft Corporation)
R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-14] (Microsoft Corporation)
R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-14] (Microsoft Corporation)
S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [19456 2012-08-24] (Microsoft Corporation)
S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [212480 2014-07-17] (Microsoft Corporation)
R0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-21] (Microsoft Corporation)
R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-14] (Microsoft Corporation)
S3 s3cap; C:\Windows\system32\drivers\vms3cap.sys [6656 2010-11-21] (Microsoft Corporation)
S3 sbp2port; C:\Windows\system32\drivers\sbp2port.sys [103808 2010-11-21] (Microsoft Corporation)
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2010-11-21] (Microsoft Corporation)
R3 ScreamBAudioSvc; C:\Windows\System32\drivers\ScreamingBAudio64.sys [38992 2009-12-01] (Screaming Bee LLC)
R2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-11] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S3 Ser2pl; C:\Windows\System32\DRIVERS\ser2pl64.sys [95744 2009-07-17] (Prolific Technology Inc.)
S3 Serenum; C:\Windows\System32\DRIVERS\serenum.sys [23552 2009-07-14] (Microsoft Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 sermouse; C:\Windows\system32\drivers\sermouse.sys [26624 2009-07-14] (Microsoft Corporation)
S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [14336 2009-07-14] (Microsoft Corporation)
S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [13824 2009-07-14] (Microsoft Corporation)
S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [14336 2010-11-21] (Microsoft Corporation)
S3 sfloppy; C:\Windows\system32\drivers\sfloppy.sys [16896 2009-07-14] (Microsoft Corporation)
S3 SiSRaid2; C:\Windows\system32\drivers\SiSRaid2.sys [43584 2009-07-14] (Silicon Integrated Systems Corp.)
S3 SiSRaid4; C:\Windows\system32\drivers\sisraid4.sys [80464 2009-07-14] (Silicon Integrated Systems)
S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-14] (Microsoft Corporation)
R0 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-14] (Microsoft Corporation)
R3 srv; C:\Windows\System32\DRIVERS\srv.sys [467456 2011-09-18] (Microsoft Corporation)
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [410112 2011-09-18] (Microsoft Corporation)
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [168448 2011-09-18] (Microsoft Corporation)
S3 stexstor; C:\Windows\system32\drivers\stexstor.sys [24656 2009-07-14] (Promise Technology)
S3 storvsc; C:\Windows\system32\drivers\storvsc.sys [34688 2010-11-21] (Microsoft Corporation)
R3 swenum; C:\Windows\System32\DRIVERS\swenum.sys [12496 2009-07-14] (Microsoft Corporation)
S3 SynthVid; C:\Windows\System32\DRIVERS\VMBusVideoM.sys [22528 2010-11-21] (Microsoft Corporation)
R0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1903552 2014-04-05] (Microsoft Corporation)
S3 TCPIP6; C:\Windows\System32\DRIVERS\tcpip.sys [1903552 2014-04-05] (Microsoft Corporation)
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [45568 2012-10-04] (Microsoft Corporation)
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-14] (Microsoft Corporation)
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2012-02-17] (Microsoft Corporation)
R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [119296 2014-11-11] (Microsoft Corporation)
R1 TermDD; C:\Windows\System32\DRIVERS\termdd.sys [63360 2010-11-21] (Microsoft Corporation)
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [39936 2014-07-17] (Microsoft Corporation)
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [56832 2013-10-02] (Microsoft Corporation)
S3 TsUsbGD; C:\Windows\system32\drivers\TsUsbGD.sys [30208 2012-08-24] (Microsoft Corporation)
R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2010-11-21] (Microsoft Corporation)
S3 uagp35; C:\Windows\system32\drivers\uagp35.sys [64080 2009-07-14] (Microsoft Corporation)
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [328192 2010-11-21] (Microsoft Corporation)
R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [53840 2011-01-21] (Windows ® 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [528464 2011-01-21] (Paragon)
S3 uliagpkx; C:\Windows\system32\drivers\uliagpkx.sys [64592 2009-07-14] (Microsoft Corporation)
R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [48640 2010-11-21] (Microsoft Corporation)
S3 UmPass; C:\Windows\system32\drivers\umpass.sys [9728 2009-07-14] (Microsoft Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.)
R3 usbaudio; C:\Windows\system32\drivers\usbaudio.sys [109824 2013-07-12] (Microsoft Corporation)
R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [99840 2013-11-27] (Microsoft Corporation)
S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [100864 2013-07-12] (Microsoft Corporation)
R3 usbehci; C:\Windows\system32\drivers\usbehci.sys [53248 2013-11-27] (Microsoft Corporation)
R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2013-11-27] (Microsoft Corporation)
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2013-11-27] (Microsoft Corporation)
S3 usbprint; C:\Windows\system32\drivers\usbprint.sys [25088 2009-07-14] (Microsoft Corporation)
S3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [91648 2011-09-18] (Microsoft Corporation)
S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [30720 2013-11-27] (Microsoft Corporation)
S3 usb_rndisx; C:\Windows\System32\DRIVERS\usb8023x.sys [19968 2013-02-12] (Microsoft Corporation)
R0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-14] (Microsoft Corporation)
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-14] (Microsoft Corporation)
R1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-14] (Microsoft Corporation)
S3 vhdmp; C:\Windows\system32\drivers\vhdmp.sys [215936 2010-11-21] (Microsoft Corporation)
S3 viaide; C:\Windows\system32\drivers\viaide.sys [17488 2009-07-14] (VIA Technologies, Inc.)
S3 VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [21760 2010-11-21] (Microsoft Corporation)
R0 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-21] (Microsoft Corporation)
R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-21] (Microsoft Corporation)
R0 volsnap; C:\Windows\System32\drivers\volsnap.sys [295808 2010-11-21] (Microsoft Corporation)
R3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [194944 2011-09-18] (Microsoft Corporation)
R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [59392 2011-09-18] (Microsoft Corporation)
R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [95232 2011-09-18] (Microsoft Corporation)
S3 vpcuxd; C:\Windows\System32\DRIVERS\vpcuxd.sys [16384 2011-09-18] (Microsoft Corporation)
R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [360832 2011-09-18] (Microsoft Corporation)
S3 vsmraid; C:\Windows\system32\drivers\vsmraid.sys [161872 2009-07-14] (VIA Technologies Inc.,Ltd)
S3 vwifibus; C:\Windows\System32\drivers\vwifibus.sys [24576 2009-07-14] (Microsoft Corporation)
S3 WacomPen; C:\Windows\system32\drivers\wacompen.sys [27776 2009-07-14] (Microsoft Corporation)
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-21] (Microsoft Corporation)
R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-21] (Microsoft Corporation)
S3 Wd; C:\Windows\system32\drivers\wd.sys [21056 2009-07-14] (Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [14464 2008-05-06] (Western Digital Technologies)
R0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785624 2013-06-26] (Microsoft Corporation)
R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-14] (Microsoft Corporation)
S3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [22096 2009-07-14] (Microsoft Corporation)
S3 WIMMount; C:\Windows\SysWOW64\drivers\wimmount.sys [19008 2009-07-14] (Microsoft Corporation)
U3 Winsock; No ImagePath
S3 WINUSB; C:\Windows\System32\DRIVERS\WinUSB.SYS [41984 2010-11-21] (Microsoft Corporation)
S3 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [14336 2009-07-14] (Microsoft Corporation)
S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2009-07-14] (Microsoft Corporation)
S3 WsAudio_Device; C:\Windows\System32\drivers\VirtualAudio.sys [31080 2014-10-24] (Wondershare)
S3 WsAudio_Device(1); C:\Windows\System32\drivers\VirtualAudio1.sys [31080 2014-11-26] (Wondershare)
S3 WsAudio_Device(2); C:\Windows\System32\drivers\VirtualAudio2.sys [31080 2014-11-26] (Wondershare)
S3 WsAudio_Device(3); C:\Windows\System32\drivers\VirtualAudio3.sys [31080 2014-11-26] (Wondershare)
S3 WsAudio_Device(4); C:\Windows\System32\drivers\VirtualAudio4.sys [31080 2014-11-26] (Wondershare)
S3 WsAudio_Device(5); C:\Windows\System32\drivers\VirtualAudio5.sys [31080 2014-11-26] (Wondershare)
R3 WSDScan; C:\Windows\system32\drivers\WSDScan.sys [25088 2009-07-14] (Microsoft Corporation)
R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [87040 2012-07-26] (Microsoft Corporation)
S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
S3 zgwhsdiag; system32\DRIVERS\zgwhsdiag.sys [X]
S3 zgwhsmdm; system32\DRIVERS\zgwhsmdm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-22 09:20 - 2015-04-22 09:20 - 00074484 _____ () C:\Users\Brad\Desktop\FRST.txt
2015-04-22 09:20 - 2015-04-22 09:20 - 00000000 ____D () C:\Users\Brad\Desktop\FRST-OlderVersion
2015-04-22 09:19 - 2015-04-22 09:19 - 00000000 ____D () C:\Users\Brad\Desktop\Troubleshooting
2015-04-22 08:39 - 2015-04-22 08:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-04-22 08:39 - 2015-04-22 08:39 - 00000000 ____D () C:\Program Files\iPod
2015-04-22 08:39 - 2015-04-22 08:39 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-04-22 08:38 - 2015-04-22 08:39 - 00000000 ____D () C:\Program Files\iTunes
2015-04-22 08:36 - 2015-04-22 08:38 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-04-22 08:34 - 2015-04-22 08:34 - 00000000 ___HD () C:\OneDriveTemp
2015-04-21 09:38 - 2015-04-21 09:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-17 20:28 - 2015-04-17 20:28 - 00000070 _____ () C:\Windows\RAVTC.TMP
2015-04-17 20:27 - 2015-04-17 20:27 - 00000090 _____ () C:\EvtsData.ini
2015-04-17 18:55 - 2015-04-17 20:29 - 00000000 ____D () C:\ProgramData\Panda Security
2015-04-17 18:44 - 2015-04-17 18:47 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-17 18:44 - 2015-04-17 18:44 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-17 18:44 - 2015-04-17 18:44 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-17 18:02 - 2015-04-02 10:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-17 18:02 - 2015-04-02 09:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-17 18:02 - 2015-03-25 13:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-17 18:02 - 2015-03-25 13:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-17 18:02 - 2015-03-25 13:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-17 18:02 - 2015-03-25 13:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-17 18:02 - 2015-03-25 13:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-17 18:02 - 2015-03-25 13:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-17 18:02 - 2015-03-25 13:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-17 18:02 - 2015-03-25 13:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-17 18:02 - 2015-03-25 13:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-17 18:02 - 2015-03-25 13:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-17 18:02 - 2015-03-25 13:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-17 18:02 - 2015-03-25 13:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-17 18:02 - 2015-03-25 13:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-17 18:02 - 2015-03-25 13:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-17 18:02 - 2015-03-25 13:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-17 18:02 - 2015-03-25 13:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-17 18:02 - 2015-03-13 14:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-17 18:02 - 2015-03-13 14:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-17 18:02 - 2015-03-13 14:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-17 18:02 - 2015-03-13 14:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-17 18:02 - 2015-03-13 14:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-17 18:02 - 2015-03-13 14:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-17 18:02 - 2015-03-13 14:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-17 18:02 - 2015-03-13 14:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-17 18:02 - 2015-03-13 14:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-17 18:02 - 2015-03-13 14:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-17 18:02 - 2015-03-13 13:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-17 18:02 - 2015-03-13 13:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-17 18:02 - 2015-03-13 13:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-17 18:02 - 2015-03-13 13:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-17 18:02 - 2015-03-13 13:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-17 18:02 - 2015-03-13 13:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-17 18:02 - 2015-03-13 13:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-17 18:02 - 2015-03-13 13:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-17 18:02 - 2015-03-13 13:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-17 18:02 - 2015-03-13 13:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-17 18:02 - 2015-03-13 13:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-17 18:02 - 2015-03-13 13:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-17 18:02 - 2015-03-13 13:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-17 18:02 - 2015-03-13 13:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-17 18:02 - 2015-03-13 13:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-17 18:02 - 2015-03-13 13:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-17 18:02 - 2015-03-13 13:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-17 18:02 - 2015-03-13 13:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-17 18:02 - 2015-03-13 13:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-17 18:02 - 2015-03-13 13:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-17 18:02 - 2015-03-13 13:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-17 18:02 - 2015-03-13 13:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-17 18:02 - 2015-03-13 13:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-17 18:02 - 2015-03-13 13:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-17 18:02 - 2015-03-13 13:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-17 18:02 - 2015-03-13 13:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-17 18:02 - 2015-03-13 13:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-17 18:02 - 2015-03-13 13:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-17 18:02 - 2015-03-13 13:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-17 18:02 - 2015-03-13 13:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-17 18:02 - 2015-03-13 13:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-17 18:02 - 2015-03-13 13:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-17 18:02 - 2015-03-13 12:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-17 18:02 - 2015-03-13 12:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-17 18:02 - 2015-03-13 12:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-17 18:02 - 2015-03-13 12:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-17 18:02 - 2015-03-13 12:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-17 18:02 - 2015-03-13 12:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-17 18:02 - 2015-03-13 12:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-17 18:02 - 2015-03-13 12:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-17 18:02 - 2015-03-13 12:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-17 18:02 - 2015-03-13 12:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-17 18:02 - 2015-03-13 12:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-17 18:02 - 2015-03-13 12:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-17 18:02 - 2015-03-13 12:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-17 18:02 - 2015-03-13 12:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-17 18:01 - 2015-03-23 13:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-17 18:01 - 2015-03-23 13:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-17 18:01 - 2015-03-23 13:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-17 18:01 - 2015-03-23 13:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-17 18:01 - 2015-03-23 13:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-17 18:01 - 2015-03-23 13:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-17 18:01 - 2015-03-23 13:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-17 18:01 - 2015-03-23 13:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-17 18:01 - 2015-03-17 15:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-17 18:01 - 2015-03-17 15:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-17 18:01 - 2015-03-17 15:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-17 18:01 - 2015-03-17 15:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-17 18:01 - 2015-03-17 15:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-17 18:01 - 2015-03-17 15:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-17 18:01 - 2015-03-17 15:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-17 18:01 - 2015-03-17 15:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-17 18:01 - 2015-03-17 14:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-17 18:01 - 2015-03-17 14:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-17 18:01 - 2015-03-05 15:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-17 18:01 - 2015-03-05 14:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-17 18:01 - 2015-01-28 09:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-04-17 18:00 - 2015-03-17 15:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-17 18:00 - 2015-03-17 15:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-17 18:00 - 2015-03-17 15:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-17 18:00 - 2015-03-17 15:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-17 18:00 - 2015-03-17 15:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-17 18:00 - 2015-03-17 15:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-17 18:00 - 2015-03-17 15:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-17 18:00 - 2015-03-17 15:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-17 18:00 - 2015-03-17 15:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-17 18:00 - 2015-03-17 15:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-17 18:00 - 2015-03-17 15:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-17 18:00 - 2015-03-17 15:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-17 18:00 - 2015-03-17 15:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-17 18:00 - 2015-03-17 15:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-17 18:00 - 2015-03-17 15:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-17 18:00 - 2015-03-17 15:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-17 18:00 - 2015-03-17 15:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-17 18:00 - 2015-03-17 15:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-17 18:00 - 2015-03-17 15:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-17 18:00 - 2015-03-17 15:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-17 18:00 - 2015-03-17 15:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-17 18:00 - 2015-03-17 15:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-17 18:00 - 2015-03-17 15:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-17 18:00 - 2015-03-17 15:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-17 18:00 - 2015-03-17 15:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-17 18:00 - 2015-03-17 15:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-17 18:00 - 2015-03-17 15:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-17 18:00 - 2015-03-17 15:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-17 18:00 - 2015-03-17 15:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 15:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 15:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 15:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 15:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 15:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 15:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 15:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 14:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-17 18:00 - 2015-03-17 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-17 18:00 - 2015-03-17 14:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-17 18:00 - 2015-03-17 14:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-17 18:00 - 2015-03-17 14:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-17 18:00 - 2015-03-17 14:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-17 18:00 - 2015-03-17 14:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-17 18:00 - 2015-03-17 14:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-17 18:00 - 2015-03-17 14:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-17 18:00 - 2015-03-17 14:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-17 18:00 - 2015-03-17 14:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-17 18:00 - 2015-03-17 14:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-17 18:00 - 2015-03-17 14:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-17 18:00 - 2015-03-17 14:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-17 18:00 - 2015-03-17 14:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-17 18:00 - 2015-03-17 14:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-17 18:00 - 2015-03-17 14:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-17 18:00 - 2015-03-17 14:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-17 18:00 - 2015-03-17 14:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-17 18:00 - 2015-03-17 14:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 14:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 14:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 14:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 14:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 14:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 14:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 14:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 14:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 14:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 14:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 14:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 14:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 13:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-17 18:00 - 2015-03-17 13:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-17 18:00 - 2015-03-17 13:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 13:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 13:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-17 18:00 - 2015-03-17 13:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-17 18:00 - 2015-03-10 13:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-17 18:00 - 2015-03-10 13:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-17 18:00 - 2015-03-10 13:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-17 18:00 - 2015-03-10 13:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-17 18:00 - 2015-03-04 14:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-17 18:00 - 2015-03-04 14:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-17 18:00 - 2015-03-04 14:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-17 18:00 - 2015-02-25 13:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-17 15:34 - 2015-04-17 15:55 - 00000000 _____ () C:\Users\Brad\AppData\Roaming\bibstats
2015-04-17 15:30 - 2015-04-17 18:49 - 00000000 ____D () C:\Users\Brad\Documents\Business-in-a-Box Files
2015-04-17 15:30 - 2015-04-17 15:30 - 00001141 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Business-in-a-Box.lnk
2015-04-17 15:30 - 2015-04-17 15:30 - 00001135 _____ () C:\Users\Public\Desktop\Business-in-a-Box.lnk
2015-04-17 15:30 - 2015-04-17 15:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Business-in-a-Box
2015-04-17 15:30 - 2000-10-19 15:05 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll
2015-04-17 15:28 - 2015-04-17 15:30 - 00000000 ____D () C:\Program Files (x86)\Business-in-a-Box
2015-04-16 16:24 - 2015-04-16 16:24 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-04-16 16:23 - 2015-04-16 16:23 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-04-16 15:47 - 2015-04-16 15:47 - 00000000 ____D () C:\Users\Brad\Tracing
2015-04-15 15:25 - 2015-04-22 08:34 - 00000000 ___RD () C:\Users\Brad\OneDrive
2015-04-15 15:25 - 2015-04-15 15:25 - 00002157 _____ () C:\Users\Brad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-04-15 15:25 - 2015-04-15 15:25 - 00002106 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-04-15 15:25 - 2015-04-15 15:25 - 00002106 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-04-15 15:25 - 2015-04-15 15:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft OneDrive
2015-04-15 15:24 - 2015-04-15 15:24 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2015-04-15 09:40 - 2015-04-21 09:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-15 09:40 - 2015-04-15 09:40 - 00001165 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-04-15 09:40 - 2015-04-15 09:40 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-04-15 09:39 - 2015-04-15 09:39 - 00243312 _____ () C:\Users\Brad\Downloads\Firefox Setup Stub 37.0.1.exe
2015-04-13 11:44 - 2015-04-13 11:44 - 00000000 ____D () C:\Users\Brad\AppData\Roaming\Auslogics
2015-04-08 19:05 - 2015-04-08 19:05 - 00002006 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk
2015-04-03 15:04 - 2015-04-03 15:04 - 06420600 _____ (Tim Kosse) C:\Users\Brad\Downloads\FileZilla_3.10.3_win64-setup.exe
2015-04-02 14:47 - 2015-04-02 14:47 - 00000000 ____D () C:\Users\Brad\Desktop\backup-3.27.2015_17-08-44_ehsgcom
2015-04-02 09:50 - 2015-04-22 08:47 - 00000000 ____D () C:\Users\Brad\AppData\Local\CrashDumps
2015-03-31 12:22 - 2015-04-21 10:34 - 00003484 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2015-03-31 12:22 - 2015-04-15 10:55 - 00000000 ____D () C:\ProgramData\PC-Doctor for Windows
2015-03-31 12:22 - 2015-03-31 12:22 - 00004020 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2015-03-31 12:22 - 2015-03-31 12:22 - 00003208 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2015-03-31 12:22 - 2015-03-31 12:22 - 00000000 ____D () C:\Program Files\Dell Support Center
2015-03-27 14:08 - 2015-03-27 14:08 - 06208736 _____ (Tim Kosse) C:\Users\Brad\Downloads\FileZilla_3.10.2_win32-setup.exe
2015-03-27 13:44 - 2015-03-27 15:38 - 00000000 ____D () C:\Users\Brad\Desktop\Downloaded Website Files 270315
2015-03-26 16:16 - 2015-04-17 14:13 - 00093751 _____ () C:\Users\Brad\Desktop\Result.txt
2015-03-25 07:25 - 2015-03-25 07:25 - 00402944 _____ (Farbar) C:\Users\Brad\Desktop\MiniToolBox.exe
2015-03-24 18:35 - 2015-03-24 18:43 - 00053644 _____ () C:\Users\Brad\Desktop\Addition.txt
2015-03-24 18:22 - 2015-04-22 09:20 - 00000000 ____D () C:\FRST
2015-03-24 18:21 - 2015-04-22 09:20 - 02099712 _____ (Farbar) C:\Users\Brad\Desktop\FRST64.exe
2015-03-24 14:24 - 2015-03-24 14:24 - 00000981 _____ () C:\Users\Public\Desktop\WinRAR.lnk
2015-03-24 14:24 - 2015-03-24 14:24 - 00000000 ____D () C:\Users\Brad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-03-24 14:24 - 2015-03-24 14:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-03-24 13:59 - 2015-03-24 14:01 - 65924254 _____ () C:\Users\Brad\Desktop\▶ Confined Space Atmospheric Testing.mp4
2015-03-24 13:59 - 2015-03-24 14:01 - 65924254 _____ () C:\Users\Brad\Desktop\▶ Confined Space Atmospheric Testing - YouTube [360p].mp4
2015-03-24 13:59 - 2015-03-24 14:00 - 14454551 _____ () C:\Users\Brad\Desktop\▶ Confined Space Incident Kills Company Employee and Rescuing Fireman 1984 Phoenix Arizona.mp4
2015-03-24 13:59 - 2015-03-24 13:59 - 00000000 _____ () C:\Users\Brad\Desktop\MSA Altair Gas Monitor_How To Use_ Atmospheric Monitoring.mp4
2015-03-24 13:59 - 2015-03-24 13:59 - 00000000 _____ () C:\Users\Brad\Desktop\▶ Rescue Methods FR1 Con Space Concepts_ Atmospheric Monitoring - YouTube [360p].mp4
2015-03-24 07:51 - 2015-03-24 07:51 - 00000201 _____ () C:\Windows\SysWOW64\WebUpdateSvc4.log
2015-03-24 07:51 - 2015-03-24 07:51 - 00000031 _____ () C:\Windows\WebUpdateSvc4.INI
2015-03-24 07:41 - 2015-03-24 07:41 - 00049165 _____ () C:\Windows\SysWOW64\wuwuninst.exe
2015-03-24 07:41 - 2015-03-24 07:41 - 00000000 ____D () C:\Users\Brad\Documents\DP Animation Maker
2015-03-23 20:36 - 2015-03-23 20:36 - 00000000 ____D () C:\Users\Brad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft ShellExView
2015-03-23 20:36 - 2015-03-23 20:36 - 00000000 ____D () C:\Program Files (x86)\NirSoft
2015-03-23 18:11 - 2015-03-23 18:11 - 00000000 ____D () C:\Users\Brad\AppData\Roaming\qualys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-22 09:12 - 2011-09-29 13:40 - 00000000 ____D () C:\Users\Brad\Documents\Outlook Files
2015-04-22 09:09 - 2011-09-26 16:05 - 00000000 ____D () C:\Users\Brad\AppData\Roaming\Skype
2015-04-22 08:50 - 2011-10-17 09:42 - 00000000 ____D () C:\Users\Brad\AppData\Local\CutePDF Writer
2015-04-22 08:50 - 2009-07-14 14:45 - 00021312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-22 08:50 - 2009-07-14 14:45 - 00021312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-22 08:45 - 2011-09-18 05:42 - 01897481 _____ () C:\Windows\WindowsUpdate.log
2015-04-22 08:39 - 2012-11-06 15:50 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-04-22 08:25 - 2011-09-29 11:40 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-22 02:15 - 2014-07-29 08:07 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-22 02:00 - 2014-08-29 14:02 - 00000000 ____D () C:\Users\Brad\AppData\Local\Adobe
2015-04-21 19:54 - 2014-01-17 08:39 - 00000000 ____D () C:\Users\Brad\AppData\Local\Articulate
2015-04-21 19:54 - 2013-03-18 21:47 - 00000000 ____D () C:\Users\Brad\AppData\Local\Deployment
2015-04-21 17:40 - 2012-04-05 07:37 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-21 17:40 - 2011-12-13 12:21 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-21 10:35 - 2015-02-12 12:19 - 00000426 _____ () C:\Windows\Tasks\Dell SupportAssistAgent AutoUpdate.job
2015-04-20 06:47 - 2014-02-19 15:20 - 00000000 ____D () C:\ProgramData\TEMP
2015-04-18 10:37 - 2011-09-26 12:22 - 00118072 _____ () C:\Users\Brad\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-18 00:48 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-17 21:12 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\rescache
2015-04-17 20:29 - 2013-02-27 02:29 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2015-04-17 20:28 - 2013-02-27 02:30 - 00000000 ____D () C:\Users\Brad\AppData\Roaming\Panda Security
2015-04-17 19:09 - 2012-11-14 10:51 - 00000000 ___RD () C:\Users\Brad\Dropbox
2015-04-17 19:09 - 2012-11-14 10:47 - 00000000 ____D () C:\Users\Brad\AppData\Roaming\Dropbox
2015-04-17 19:06 - 2015-03-13 07:26 - 00000784 _____ () C:\Windows\setupact.log
2015-04-17 19:06 - 2009-07-14 15:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-17 19:06 - 2009-07-14 14:45 - 04989928 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-17 18:46 - 2013-05-13 13:40 - 00752284 _____ () C:\Windows\PFRO.log
2015-04-17 18:44 - 2014-05-07 03:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-17 18:18 - 2011-09-29 10:54 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-17 18:17 - 2011-02-11 00:33 - 00771644 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-17 18:17 - 2009-07-14 15:13 - 00771644 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-17 18:14 - 2013-08-06 07:09 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-17 18:08 - 2011-09-26 14:07 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-17 18:08 - 2009-07-14 12:34 - 00000508 _____ () C:\Windows\win.ini
2015-04-17 17:41 - 2011-09-18 05:51 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-04-16 16:30 - 2012-07-16 16:47 - 00000000 ____D () C:\Users\Brad\AppData\Roaming\Adobe
2015-04-16 16:23 - 2011-09-18 06:00 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-04-16 15:47 - 2011-09-26 12:20 - 00000000 ____D () C:\Users\Brad
2015-04-16 15:46 - 2011-09-26 16:04 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-16 15:46 - 2011-09-26 16:04 - 00000000 ____D () C:\ProgramData\Skype
2015-04-16 14:45 - 2015-03-12 17:23 - 00000000 ____D () C:\Windows\pss
2015-04-16 12:21 - 2013-10-17 13:26 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-16 11:07 - 2011-09-18 05:51 - 00000000 ____D () C:\Program Files\Java
2015-04-16 11:04 - 2014-09-18 09:52 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-04-16 11:04 - 2012-08-07 14:57 - 00000000 ____D () C:\Program Files (x86)\Java
2015-04-15 10:56 - 2015-01-14 17:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-04-15 10:56 - 2015-01-14 17:30 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2015-04-15 10:56 - 2014-05-20 09:25 - 00000000 ____D () C:\Users\Brad\AppData\Local\join.me
2015-04-15 10:56 - 2013-09-04 11:44 - 00000000 ____D () C:\Users\Brad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2015-04-15 10:56 - 2013-05-29 21:05 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2015-04-15 10:56 - 2013-02-26 10:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-04-15 10:56 - 2011-09-29 15:52 - 00000000 ____D () C:\Users\Brad\Desktop\Computer Tools
2015-04-15 10:55 - 2015-03-16 11:58 - 00000000 ____D () C:\Users\Brad\Desktop\Server Old Backup Files
2015-04-15 10:55 - 2015-02-23 18:20 - 00000000 ____D () C:\Users\Brad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firetrust
2015-04-15 10:55 - 2015-02-11 16:36 - 00000000 ____D () C:\Program Files\Dell
2015-04-15 10:55 - 2015-01-14 17:30 - 00000000 ____D () C:\Users\Brad\AppData\Roaming\Notepad++
2015-04-15 10:55 - 2014-12-08 22:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
2015-04-15 10:55 - 2014-12-08 15:27 - 00000000 ____D () C:\Program Files (x86)\SRC Course
2015-04-15 10:55 - 2014-12-05 01:50 - 00000000 ____D () C:\ProgramData\TeamViewer
2015-04-15 10:55 - 2014-12-02 12:18 - 00000000 ____D () C:\Program Files (x86)\Wondershare
2015-04-15 10:55 - 2014-12-02 11:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elcomsoft Password Recovery
2015-04-15 10:55 - 2014-12-02 10:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinUtilities Undelete
2015-04-15 10:55 - 2014-12-02 10:56 - 00000000 ____D () C:\Program Files (x86)\WinUtilities Undelete
2015-04-15 10:55 - 2014-10-08 15:26 - 00000000 ____D () C:\Program Files\Microsoft Synchronization Services
2015-04-15 10:55 - 2014-10-08 15:26 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2015-04-15 10:55 - 2014-09-29 20:05 - 00000000 ____D () C:\Users\Brad\Desktop\Vessel - Essential
2015-04-15 10:55 - 2014-09-27 16:05 - 00000000 ____D () C:\Users\Brad\Documents\Backup
2015-04-15 10:55 - 2014-09-23 16:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Draeger
2015-04-15 10:55 - 2014-09-23 16:53 - 00000000 ____D () C:\Users\Brad\AppData\Roaming\Draeger
2015-04-15 10:55 - 2014-09-08 16:10 - 00000000 ____D () C:\Users\Brad\AppData\Roaming\TeamViewer
2015-04-15 10:55 - 2014-09-08 16:10 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-04-15 10:55 - 2014-08-08 09:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CutePDF
2015-04-15 10:55 - 2014-07-29 08:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-15 10:55 - 2014-06-25 15:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debugmode
2015-04-15 10:55 - 2014-06-02 07:37 - 00000000 ____D () C:\Users\Brad\AppData\Roaming\Firetrust
2015-04-15 10:55 - 2014-06-02 07:36 - 00000000 ____D () C:\ProgramData\Firetrust
2015-04-15 10:55 - 2014-05-15 08:56 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2015-04-15 10:55 - 2014-05-12 18:20 - 00000000 ____D () C:\Users\Brad\AppData\Roaming\Nuance
2015-04-15 10:55 - 2014-05-12 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon NaturallySpeaking 11.0
2015-04-15 10:55 - 2014-05-12 18:16 - 00000000 ____D () C:\ProgramData\Nuance
2015-04-15 10:55 - 2014-05-12 18:16 - 00000000 ____D () C:\Program Files (x86)\Nuance
2015-04-15 10:55 - 2014-04-08 11:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OrgScheduler 1+1
2015-04-15 10:55 - 2014-03-13 07:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoPro
2015-04-15 10:55 - 2014-03-13 07:05 - 00000000 ____D () C:\Users\Brad\AppData\Local\Skype
2015-04-15 10:55 - 2014-03-07 12:53 - 00000000 ____D () C:\Program Files\Sweet Home 3D
2015-04-15 10:55 - 2014-01-30 12:17 - 00000000 ____D () C:\Program Files (x86)\Serena Software Inc
2015-04-15 10:55 - 2014-01-17 13:26 - 00000000 ____D () C:\Program Files\FileOpen
2015-04-15 10:55 - 2014-01-17 12:10 - 00000000 ____D () C:\Users\Brad\AppData\Local\a
2015-04-15 10:55 - 2014-01-17 08:40 - 00000000 ____D () C:\ProgramData\XHEO INC
2015-04-15 10:55 - 2013-11-15 03:20 - 00000000 ____D () C:\Users\Brad\AppData\Local\GoPro
2015-04-15 10:55 - 2013-10-18 16:44 - 00000000 ____D () C:\Users\Brad\Desktop\Toyota Hiace Commuter 2007
2015-04-15 10:55 - 2013-09-04 11:39 - 00000000 ____D () C:\Windows\SysWOW64\Dell
2015-04-15 10:55 - 2013-08-23 20:21 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-04-15 10:55 - 2013-07-28 14:51 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-15 10:55 - 2013-06-27 15:57 - 00000000 ____D () C:\Users\Brad\AppData\Local\Garmin
2015-04-15 10:55 - 2013-06-27 15:57 - 00000000 ____D () C:\ProgramData\Garmin
2015-04-15 10:55 - 2013-06-26 13:42 - 00000000 ____D () C:\Program Files (x86)\Riva
2015-04-15 10:55 - 2013-06-05 09:38 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2015-04-15 10:55 - 2013-05-27 10:31 - 00000000 ____D () C:\Users\Brad\AppData\Roaming\Titanium
2015-04-15 10:55 - 2013-05-27 10:29 - 00000000 ____D () C:\Program Files (x86)\Sit Right
2015-04-15 10:55 - 2013-05-16 17:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-15 10:55 - 2013-05-10 12:18 - 00000000 ____D () C:\Users\Brad\AppData\Roaming\IObit
2015-04-15 10:55 - 2013-05-10 12:18 - 00000000 ____D () C:\ProgramData\IObit
2015-04-15 10:55 - 2013-05-06 13:28 - 00000000 ____D () C:\Users\Brad\AppData\Local\Alcolizer_Pty_Ltd
2015-04-15 10:55 - 2013-04-19 13:44 - 00000000 ____D () C:\Users\Brad\AppData\Roaming\ArcSoft
2015-04-15 10:55 - 2013-03-26 11:34 - 00000000 ____D () C:\Users\Brad\Documents\formoid_files
2015-04-15 10:55 - 2013-03-25 16:05 - 00000000 ____D () C:\WHA
2015-04-15 10:55 - 2013-02-26 22:57 - 00000000 ____D () C:\Program Files (x86)\SecurityXploded
2015-04-15 10:55 - 2013-02-26 15:45 - 00000000 ____D () C:\Users\Brad\Desktop\USBWebserver v8_en
2015-04-15 10:55 - 2013-02-15 03:01 - 00000000 __SHD () C:\Windows\SysWOW64\%APPDATA%
2015-04-15 10:55 - 2013-02-07 10:40 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-04-15 10:55 - 2013-01-16 13:35 - 00000000 ____D () C:\ProgramData\Downloaded Installations
2015-04-15 10:55 - 2012-12-06 17:05 - 00000000 ____D () C:\Users\Brad\AppData\Roaming\Cakewalk
2015-04-15 10:55 - 2012-12-06 16:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cakewalk
2015-04-15 10:55 - 2012-12-06 16:55 - 00000000 ____D () C:\ProgramData\Cakewalk
2015-04-15 10:55 - 2012-11-26 16:09 - 00000000 ____D () C:\Program Files (x86)\Next Dimension Imaging
2015-04-15 10:55 - 2012-11-26 16:08 - 00000000 ____D () C:\Windows\Downloaded Installations
2015-04-15 10:55 - 2012-11-06 15:51 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-04-15 10:55 - 2012-11-06 15:50 - 00000000 ____D () C:\ProgramData\Apple
2015-04-15 10:55 - 2012-09-26 19:30 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2015-04-15 10:55 - 2012-08-20 15:24 - 00000000 ____D () C:\Program Files\Zune
2015-04-15 10:55 - 2012-07-16 16:47 - 00000000 ____D () C:\ProgramData\Adobe
2015-04-15 10:55 - 2012-07-12 09:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2015-04-15 10:55 - 2012-04-10 21:43 - 00000000 ____D () C:\Program Files (x86)\NCH Software
2015-04-15 10:55 - 2012-04-10 21:40 - 00000000 ____D () C:\Program Files (x86)\NCH Swift Sound
2015-04-15 10:55 - 2012-04-10 21:38 - 00000000 ____D () C:\ProgramData\NCH Software
2015-04-15 10:55 - 2012-04-02 12:04 - 00000000 ____D () C:\Program Files\DIFX
2015-04-15 10:55 - 2012-02-29 06:19 - 00000000 ____D () C:\Users\Brad\AppData\Local\arw
2015-04-15 10:55 - 2011-12-06 18:21 - 00000000 ____D () C:\Program Files\NIOSH
2015-04-15 10:55 - 2011-12-06 16:01 - 00000000 ____D () C:\Program Files (x86)\Philips
2015-04-15 10:55 - 2011-12-01 08:42 - 00000000 ____D () C:\Program Files (x86)\Zebra-Media
2015-04-15 10:55 - 2011-11-24 14:12 - 00000000 ____D () C:\Users\Brad\AppData\Roaming\exe
2015-04-15 10:55 - 2011-11-09 12:29 - 00000000 ____D () C:\Users\Brad\AppData\Roaming\PearlMountainSoft
2015-04-15 10:55 - 2011-11-09 12:29 - 00000000 ____D () C:\ProgramData\PearlMountainSoft
2015-04-15 10:55 - 2011-10-29 08:38 - 00000000 ____D () C:\Windows\WindowsMobile
2015-04-15 10:55 - 2011-10-19 13:32 - 00000000 ___RD () C:\Users\Brad\Desktop\Occupational Health & Safety Management Plan
2015-04-15 10:55 - 2011-10-18 20:20 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-04-15 10:55 - 2011-10-18 20:20 - 00000000 ____D () C:\Program Files\Adobe
2015-04-15 10:55 - 2011-10-12 08:56 - 00000000 ____D () C:\Program Files (x86)\Scribus 1.3.3.14
2015-04-15 10:55 - 2011-10-06 02:21 - 00000000 ____D () C:\Users\Brad\AppData\Roaming\Real
2015-04-15 10:55 - 2011-10-06 02:21 - 00000000 ____D () C:\ProgramData\Real
2015-04-15 10:55 - 2011-10-06 01:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Teaching-you
2015-04-15 10:55 - 2011-10-06 01:46 - 00000000 ____D () C:\Program Files (x86)\Teaching-you
2015-04-15 10:55 - 2011-10-05 20:43 - 00000000 ____D () C:\Program Files (x86)\TalkAndWrite
2015-04-15 10:55 - 2011-10-05 20:29 - 00000000 ____D () C:\Users\Brad\AppData\Roaming\mediAvatar
2015-04-15 10:55 - 2011-10-05 18:34 - 00000000 ____D () C:\Users\Brad\AppData\Roaming\Screaming Bee
2015-04-15 10:55 - 2011-10-05 18:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Bee
2015-04-15 10:55 - 2011-10-05 18:30 - 00000000 ____D () C:\Program Files (x86)\Screaming Bee
2015-04-15 10:55 - 2011-10-05 18:20 - 00000000 ____D () C:\Program Files (x86)\Sound Editor Deluxe
2015-04-15 10:55 - 2011-10-05 17:59 - 00000000 ____D () C:\Users\Brad\AppData\Roaming\Syntrillium
2015-04-15 10:55 - 2011-10-04 10:15 - 00000000 ____D () C:\Users\Brad\AppData\Local\Downloaded Installations
2015-04-15 10:55 - 2011-09-29 13:51 - 00000000 ___RD () C:\Users\Brad\Desktop\Y2 Bechtel
2015-04-15 10:55 - 2011-09-29 13:16 - 00000000 ____D () C:\Users\Brad\AppData\Local\MKF_Solutions
2015-04-15 10:55 - 2011-09-29 12:52 - 00000000 ____D () C:\Program Files\Data
2015-04-15 10:55 - 2011-09-29 12:50 - 00000000 ____D () C:\Program Files\App
2015-04-15 10:55 - 2011-09-29 12:41 - 00000000 ____D () C:\Users\Brad\AppData\Roaming\Digiarty
2015-04-15 10:55 - 2011-09-29 12:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digiarty
2015-04-15 10:55 - 2011-09-29 11:40 - 00000000 ____D () C:\Users\Brad\AppData\Local\Google
2015-04-15 10:55 - 2011-09-29 10:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-04-15 10:55 - 2011-09-29 10:54 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-04-15 10:55 - 2011-09-29 06:53 - 00000000 ___SD () C:\Users\Brad\Documents\My Articulate Projects
2015-04-15 10:55 - 2011-09-27 10:00 - 00000000 ____D () C:\Users\Brad\AppData\Roaming\PCDr
2015-04-15 10:55 - 2011-09-27 10:00 - 00000000 ____D () C:\ProgramData\PCDr
2015-04-15 10:55 - 2011-09-27 09:51 - 00000000 ____D () C:\Users\Brad\AppData\Roaming\FLEXnet
2015-04-15 10:55 - 2011-09-27 09:49 - 00000000 ____D () C:\ProgramData\FLEXnet
2015-04-15 10:55 - 2011-09-27 07:12 - 00000000 ____D () C:\Users\Brad\AppData\Local\Apps\2.0
2015-04-15 10:55 - 2011-09-26 15:45 - 00000000 ____D () C:\Program Files\WinRAR
2015-04-15 10:55 - 2011-09-26 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-04-15 10:55 - 2011-09-26 15:25 - 00000000 ____D () C:\Program Files (x86)\Paragon Software
2015-04-15 10:55 - 2011-09-26 14:21 - 00000000 ____D () C:\Program Files\Paint.NET
2015-04-15 10:55 - 2011-09-26 14:21 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-04-15 10:55 - 2011-09-26 14:14 - 00000000 ____D () C:\Users\Brad\AppData\Roaming\Macromedia
2015-04-15 10:55 - 2011-09-26 14:12 - 00000000 ____D () C:\Users\Brad\AppData\Local\Mozilla
2015-04-15 10:55 - 2011-09-26 14:08 - 00000000 ____D () C:\Users\Brad\AppData\Roaming\Mozilla
2015-04-15 10:55 - 2011-09-26 14:08 - 00000000 ____D () C:\Users\Brad\AppData\Roaming\Adobe-BackupByPhotoshopPortable
2015-04-15 10:55 - 2011-09-26 13:53 - 00000000 ____D () C:\Users\Brad\AppData\Local\Sonic_Solutions
2015-04-15 10:55 - 2011-09-26 12:23 - 00000000 ____D () C:\Users\Brad\AppData\Roaming\Roxio
2015-04-15 10:55 - 2011-09-26 12:22 - 00000000 ____D () C:\Users\Brad\AppData\Local\VirtualStore
2015-04-15 10:55 - 2011-09-26 12:20 - 00000000 ___RD () C:\Users\Brad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-15 10:55 - 2011-09-23 09:32 - 00000000 ____D () C:\Users\Brad\Desktop\New Folder
2015-04-15 10:55 - 2011-09-18 20:37 - 00000000 ____D () C:\Program Files\Realtek
2015-04-15 10:55 - 2011-09-18 20:37 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-04-15 10:55 - 2011-09-18 20:33 - 00000000 ____D () C:\Windows\SysWOW64\Drivers\tr-TR
2015-04-15 10:55 - 2011-09-18 20:33 - 00000000 ____D () C:\Windows\SysWOW64\Drivers\th-TH
2015-04-15 10:55 - 2011-09-18 20:33 - 00000000 ____D () C:\Windows\SysWOW64\Drivers\ro-RO
2015-04-15 10:55 - 2011-09-18 20:33 - 00000000 ____D () C:\Program Files (x86)\Windows Virtual PC
2015-04-15 10:55 - 2011-09-18 06:03 - 00000000 ____D () C:\ProgramData\Uninstall
2015-04-15 10:55 - 2011-09-18 06:03 - 00000000 ____D () C:\Program Files\Roxio
2015-04-15 10:55 - 2011-09-18 06:02 - 00000000 ____D () C:\ProgramData\Macrovision
2015-04-15 10:55 - 2011-09-18 06:02 - 00000000 ____D () C:\Program Files (x86)\Roxio
2015-04-15 10:55 - 2011-09-18 06:00 - 00000000 ____D () C:\ProgramData\Adobe-BackupByPhotoshopPortable
2015-04-15 10:55 - 2011-09-18 05:56 - 00000000 ____D () C:\Program Files\Windows Live
2015-04-15 10:55 - 2011-09-18 05:56 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2015-04-15 10:55 - 2011-09-18 05:53 - 00000000 ____D () C:\ProgramData\Dell
2015-04-15 10:55 - 2011-09-18 05:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2015-04-15 10:55 - 2011-09-18 05:49 - 00000000 ____D () C:\Program Files\Windows XP Mode
2015-04-15 10:55 - 2011-09-18 05:43 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2015-04-15 10:55 - 2011-09-18 05:43 - 00000000 ____D () C:\Program Files\Dell Inc
2015-04-15 10:55 - 2010-11-21 17:17 - 00000000 ____D () C:\Program Files\Windows Journal
2015-04-15 10:55 - 2010-11-21 17:06 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2015-04-15 10:55 - 2010-11-21 17:06 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2015-04-15 10:55 - 2010-11-21 17:06 - 00000000 ____D () C:\Windows\SysWOW64\sysprep
2015-04-15 10:55 - 2010-11-21 17:06 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2015-04-15 10:55 - 2010-11-21 17:06 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2015-04-15 10:55 - 2009-07-14 15:32 - 00000000 ____D () C:\Windows\SysWOW64\WindowsPowerShell
2015-04-15 10:55 - 2009-07-14 15:32 - 00000000 ____D () C:\Windows\SysWOW64\restore
2015-04-15 10:55 - 2009-07-14 15:32 - 00000000 ____D () C:\Windows\Performance
2015-04-15 10:55 - 2009-07-14 15:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2015-04-15 10:55 - 2009-07-14 15:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-04-15 10:55 - 2009-07-14 15:32 - 00000000 ____D () C:\Program Files\Windows Defender
2015-04-15 10:55 - 2009-07-14 15:32 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-04-15 10:55 - 2009-07-14 15:32 - 00000000 ____D () C:\Program Files\MSBuild
2015-04-15 10:55 - 2009-07-14 15:32 - 00000000 ____D () C:\Program Files\DVD Maker
2015-04-15 10:55 - 2009-07-14 15:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2015-04-15 10:55 - 2009-07-14 15:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-04-15 10:55 - 2009-07-14 15:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-04-15 10:55 - 2009-07-14 15:32 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-04-15 10:55 - 2009-07-14 14:45 - 00000000 ____D () C:\Windows\Setup
2015-04-15 10:55 - 2009-07-14 13:20 - 00000000 __RSD () C:\Windows\Media
2015-04-15 10:55 - 2009-07-14 13:20 - 00000000 __RHD () C:\Users\Default
2015-04-15 10:55 - 2009-07-14 13:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-15 10:55 - 2009-07-14 13:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-15 10:55 - 2009-07-14 13:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-15 10:55 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\Web
2015-04-15 10:55 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\Vss
2015-04-15 10:55 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\SysWOW64\winevt
2015-04-15 10:55 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\SysWOW64\spp
2015-04-15 10:55 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\SysWOW64\Speech
2015-04-15 10:55 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\SysWOW64\SMI
2015-04-15 10:55 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\SysWOW64\NetworkList
2015-04-15 10:55 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\SysWOW64\NDF
2015-04-15 10:55 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2015-04-15 10:55 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\SysWOW64\Msdtc
2015-04-15 10:55 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2015-04-15 10:55 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\SysWOW64\InstallShield
2015-04-15 10:55 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\SysWOW64\IME
2015-04-15 10:55 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-04-15 10:55 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\SysWOW64\com
2015-04-15 10:55 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\spool
2015-04-15 10:55 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\Speech
2015-04-15 10:55 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\security
2015-04-15 10:55 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\schemas
2015-04-15 10:55 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\Resources
2015-04-15 10:55 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\registration
2015-04-15 10:55 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-15 10:55 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\PLA
2015-04-15 10:55 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\IME
2015-04-15 10:55 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\Help
2015-04-15 10:55 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\Globalization
2015-04-15 10:55 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\Branding
2015-04-15 10:55 - 2009-07-14 13:20 - 00000000 ____D () C:\Program Files\Windows NT
2015-04-15 10:55 - 2009-07-14 13:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-04-15 10:55 - 2009-07-14 13:20 - 00000000 ____D () C:\Program Files\Common Files\SpeechEngines
2015-04-15 10:55 - 2009-07-14 13:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-04-15 10:55 - 2009-07-14 13:20 - 00000000 ____D () C:\Program Files (x86)\Windows NT
2015-04-15 10:54 - 2015-01-16 12:52 - 00000000 ____D () C:\Program Files (x86)\Dell Digital Delivery
2015-04-15 10:54 - 2014-12-02 15:12 - 00000000 ____D () C:\Program Files (x86)\Edraw Max
2015-04-15 10:54 - 2014-12-02 11:57 - 00000000 ____D () C:\Program Files (x86)\Elcomsoft Password Recovery
2015-04-15 10:54 - 2014-12-02 11:57 - 00000000 ____D () C:\Program Files (x86)\Elcomsoft
2015-04-15 10:54 - 2014-10-08 15:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Sync Framework
2015-04-15 10:54 - 2014-10-08 15:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2015-04-15 10:54 - 2014-07-29 08:07 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-15 10:54 - 2014-06-25 17:32 - 00000000 ____D () C:\Program Files (x86)\All-Systems Electronics
2015-04-15 10:54 - 2014-06-25 15:58 - 00000000 ____D () C:\Program Files (x86)\DebugMode
2015-04-15 10:54 - 2014-03-07 11:16 - 00000000 ____D () C:\Agiloft
2015-04-15 10:54 - 2014-01-17 13:26 - 00000000 ____D () C:\Program Files (x86)\FileOpen
2015-04-15 10:54 - 2013-12-05 12:26 - 00000000 ____D () C:\Program Files (x86)\Audacity
2015-04-15 10:54 - 2013-11-14 16:21 - 00000000 ____D () C:\Program Files (x86)\ffdshow
2015-04-15 10:54 - 2013-11-12 13:34 - 00000000 ____D () C:\Program Files (x86)\GoPro
2015-04-15 10:54 - 2013-11-12 13:34 - 00000000 ____D () C:\Program Files (x86)\CineForm
2015-04-15 10:54 - 2013-08-21 19:42 - 00000000 ____D () C:\Program Files (x86)\Main Roads
2015-04-15 10:54 - 2013-05-10 12:18 - 00000000 ____D () C:\Program Files (x86)\IObit
2015-04-15 10:54 - 2013-05-06 14:05 - 00000000 ____D () C:\Program Files (x86)\Alcolizer
2015-04-15 10:54 - 2013-03-26 11:15 - 00000000 ____D () C:\Program Files (x86)\Formoid
2015-04-15 10:54 - 2012-12-06 16:55 - 00000000 ____D () C:\Program Files (x86)\Cakewalk
2015-04-15 10:54 - 2012-11-06 15:50 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-04-15 10:54 - 2012-07-12 09:39 - 00000000 ____D () C:\Program Files (x86)\Auslogics
2015-04-15 10:54 - 2012-05-02 03:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-04-15 10:54 - 2012-04-02 14:38 - 00000000 ____D () C:\Program Files (x86)\Garmin
2015-04-15 10:54 - 2012-02-28 15:51 - 00000000 ____D () C:\Program Files (x86)\Learning Design Tool for VET
2015-04-15 10:54 - 2012-02-17 23:31 - 00000000 ____D () C:\Program Files (x86)\exe
2015-04-15 10:54 - 2011-12-02 17:11 - 00000000 ____D () C:\Program Files (x86)\Caricature Software
2015-04-15 10:54 - 2011-10-17 09:35 - 00000000 ____D () C:\Program Files (x86)\Acro Software
2015-04-15 10:54 - 2011-10-06 01:51 - 00000000 ____D () C:\Program Files (x86)\CommunicationSkills
2015-04-15 10:54 - 2011-10-05 20:58 - 00000000 ____D () C:\Program Files (x86)\FreeMind
2015-04-15 10:54 - 2011-10-05 20:16 - 00000000 ____D () C:\Program Files (x86)\GlobFX
2015-04-15 10:54 - 2011-10-05 18:13 - 00000000 ____D () C:\Program Files (x86)\Levelator
2015-04-15 10:54 - 2011-10-05 14:25 - 00000000 ____D () C:\Hazid9
2015-04-15 10:54 - 2011-10-05 14:20 - 00000000 ___HD () C:\Program Files (x86)\CamStudio
2015-04-15 10:54 - 2011-09-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Citrix
2015-04-15 10:54 - 2011-09-29 13:15 - 00000000 ____D () C:\Program Files (x86)\Database Oasis
2015-04-15 10:54 - 2011-09-29 12:41 - 00000000 ____D () C:\Program Files (x86)\Digiarty
2015-04-15 10:54 - 2011-09-29 11:40 - 00000000 ____D () C:\Program Files (x86)\Google
2015-04-15 10:54 - 2011-09-29 10:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-04-15 10:54 - 2011-09-29 10:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2015-04-15 10:54 - 2011-09-29 10:53 - 00000000 __RHD () C:\MSOCache
2015-04-15 10:54 - 2011-09-29 06:52 - 00000000 ____D () C:\Program Files (x86)\Articulate
2015-04-15 10:54 - 2011-09-27 09:51 - 00000000 ____D () C:\Program Files (x86)\Microsoft Chart Controls
2015-04-15 10:54 - 2011-09-27 09:49 - 00000000 ____D () C:\Program Files (x86)\MYOB
2015-04-15 10:54 - 2011-09-26 15:43 - 00000000 ____D () C:\Program Files (x86)\K-Lite Codec Pack
2015-04-15 10:54 - 2011-09-26 15:06 - 00000000 ____D () C:\Program Files (x86)\FireTrust
2015-04-15 10:54 - 2011-09-26 14:19 - 00000000 ____D () C:\Program Files (x86)\Cute PDF
2015-04-15 10:54 - 2011-09-18 05:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-04-15 10:54 - 2011-09-18 05:51 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-04-15 10:54 - 2011-09-18 05:51 - 00000000 ____D () C:\Program Files (x86)\Dell
2015-04-15 10:54 - 2011-02-11 00:25 - 00000000 ____D () C:\dell
2015-04-15 10:54 - 2009-07-14 15:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-04-14 17:18 - 2012-11-14 10:48 - 00000000 ____D () C:\Users\Brad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-13 16:44 - 2014-07-16 19:09 - 00000000 ____D () C:\Users\Brad\Desktop\Images
2015-04-02 09:41 - 2012-09-04 14:32 - 00000000 ____D () C:\Program Files (x86)\DP Animation Maker
2015-04-01 08:53 - 2015-03-18 00:33 - 00000973 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-04-01 08:53 - 2015-03-18 00:33 - 00000961 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-03-27 14:09 - 2014-10-02 20:37 - 00000000 ____D () C:\Users\Brad\Desktop\Website Tools
2015-03-25 12:21 - 2014-07-29 08:07 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-24 14:17 - 2013-11-14 16:20 - 00001145 _____ () C:\Windows\wmsetup.log
2015-03-24 13:42 - 2011-10-21 15:27 - 00000132 _____ () C:\Users\Brad\AppData\Roaming\Adobe PNG Format CS5 Prefs
2015-03-24 07:58 - 2011-10-05 19:35 - 00000000 ____D () C:\Users\Brad\Desktop\Drawing Tools
2015-03-24 07:58 - 2011-09-30 16:26 - 00000000 ____D () C:\Users\Brad\Desktop\Editing  Tools
2015-03-24 07:41 - 2012-09-04 14:32 - 00163541 _____ () C:\Windows\DP Animation Maker Uninstaller.exe
2015-03-23 19:37 - 2014-09-18 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

==================== Files in the root of some directories =======

2012-08-01 20:10 - 2012-08-02 09:43 - 0000132 _____ () C:\Users\Brad\AppData\Roaming\Adobe BMP Format CS5 Prefs
2013-02-27 10:13 - 2013-02-27 10:13 - 0000132 _____ () C:\Users\Brad\AppData\Roaming\Adobe GIF Format CS5 Prefs
2011-10-21 15:27 - 2015-03-24 13:42 - 0000132 _____ () C:\Users\Brad\AppData\Roaming\Adobe PNG Format CS5 Prefs
2015-04-17 15:34 - 2015-04-17 15:55 - 0000000 _____ () C:\Users\Brad\AppData\Roaming\bibstats
2014-05-14 07:37 - 2014-10-22 12:12 - 0002515 _____ () C:\Users\Brad\AppData\Roaming\SAS7_000.DAT
2013-02-27 10:10 - 2013-02-27 10:10 - 0001456 _____ () C:\Users\Brad\AppData\Local\Adobe Save for Web 12.0 Prefs
2011-11-25 07:55 - 2015-03-12 16:01 - 0012288 _____ () C:\Users\Brad\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-12-12 12:39 - 2012-12-12 12:39 - 0000017 _____ () C:\Users\Brad\AppData\Local\resmon.resmoncfg
2014-10-24 16:49 - 2014-10-24 16:49 - 0353118 _____ () C:\Users\Brad\AppData\Local\SquareClock.Production_HBMV1Icon.ico

ZeroAccess:
C:\Windows\assembly\tmp
C:\Windows\assembly\tmp\{1B372133-BFFA-4dba-9CCF-5474BED6A9F6}

ZeroAccess:
C:\Users\Brad\AppData\Local\dc3de288
C:\Users\Brad\AppData\Local\dc3de288\@
C:\Users\Brad\AppData\Local\dc3de288\U\800000cb.$

Some content of TEMP:
====================
C:\Users\Brad\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpeuyhq8.dll
C:\Users\Brad\AppData\Local\Temp\npp.6.7.5.Installer.exe
C:\Users\Brad\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Brad\AppData\Local\Temp\wuwinstaller.exe
C:\Users\Brad\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Brad\AppData\Local\Temp\{227888ED-2C24-49F6-B3B4-90788F296FEB}.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-14 19:39

==================== End Of Log ============================

 

Regards, Smithy1


  • 0

Advertisements

#2
Dakeyras
Posted 22 April 2015 - 03:35 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi and welcome to Geeks to Go. :)

I would really like to learn how to do this myself in the future and am willing to learn, I do however have limited PC knowledge.

Would you like to learn to fight malware?

Next:

I have bad news I'm afraid, regardless the fact it appears you may have performed a repair install and have possibly compromised backups.

One or more of the identified infections is the extremely severe Zero Access Rootkit plus undoubtedly other comprising malware!

OK since we are dealing with the aforementioned infection(s) I would be providing your good self with a disservice if I did not make you aware of the ramifications below:

This allows hackers to remotely control your computer, steal critical system information and Download and Execute files.

I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Although an attempt could be made to clean this machine, it could never be considered to be truly clean, secure, or trustworthy. We could not say definitively that unknown and unseen malware will have been removed, nor will your system be restored to its pre-infection state. We cannot remedy unknown changes the malware may likely have made in order to allow itself access, nor can we repair the damage it may possibly have caused to vital system files. Additionally, it is quite possible that changes made to the system by the malware may impact negatively on your computer during the removal process. In short, your system may never regain its former stability or its full functionality without a reformat. Therefore, your best and safest course of action is a reformat and reinstallation of the Windows Operating System, and that is the course we strongly recommend.

Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

When Should I Format, How Should I Reinstall

I can attempt to clean this machine(anything I try may not be successful) but I can't guarantee that it will be at all secure afterwards.

Should you have any questions, please feel free to ask.

Please let myself know what you have decided to do in your next post.
  • 1

#3
Smithy1
Posted 22 April 2015 - 01:52 PM

Smithy1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Hi Geek u Moderator,

Although I am shocked at the result, I am prepared to do whatever I need as I value the fact/status of a secure machine. I am just wondering where does the file identify the Zero Malware?

I will review this file further when I get into work, from there I will be able to assess what course of action to follow (with your support).

I am wondering about the files I have will they be able to be cleaned to use or are they history?

Thanks for your awesome assistance and I will reply later today,

Regards Smithy1
  • 0

#4
Smithy1
Posted 22 April 2015 - 05:06 PM

Smithy1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts

Hi Geek U Moderator,

 

I have read the suggested reading files and as previously stated, I am happy to reinstall. However I have a lot of files that must be kept so would obviously need cleaning before reinstalling onto PC.

 

Just before I start fixing this PC, it is connected to a network with the Server PC also playing up - should this be fixed first?

 

This system is a business PC and network where we run a Dell Desktop PC as a server with 8 other PC's in the network. Our website has also been compromised with virus in there also, so I have a big job ahead of me, all with limited knowledge.

 

In response to  Would you like to learn to fight malware? I have read this about the Geek University, and hoping that by fixing this PC and others that I may be able to assist others later. I have only limited time available as I am self employed so most of my time is consumed there, I do however believe in paying it forward so to speak.

 

I have just recently downloaded Avast Premier (Trial Version) to my Pc and have just performed a boot scan and it has returned several zip files corrupted so I have moved them all to the chest for further work. I have also disconnected my PC from the internet and am using another hopefully secure PC.

 

I eagerly await your instructions,

 

Regards Smithy1


  • 0

#5
Dakeyras
Posted 23 April 2015 - 07:27 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

Just before I start fixing this PC, it is connected to a network with the Server PC also playing up - should this be fixed first?

This system is a business PC and network where we run a Dell Desktop PC as a server with 8 other PC's in the network. Our website has also been compromised with virus in there also, so I have a big job ahead of me, all with limited knowledge.

I'm afraid I do not personally provide support for business related machines, only home user only. As for the website problem, you could ask in the Web Development part of the forum to check if anyone can advise you what to do and by all means feel free to mention I advised you etc if you so wish. Also you could enter the URL of the website here to be scanned and that may reveal something pertinent.

Now regarding all these infected machines, you could cut your loss's; backup what is required to say a form of removable storage media and then scan it with both a Anti-Virus and Anti-Malware software to ensure nothing compromised has been saved etc. Then perform a reformat and reinstallation of the Windows Operating System on all machines.

Or you could start a new topic requesting assistance for these machines and or I can ask on your behalf if anyone is willing to assist you in this topic.
  • 0

#6
Smithy1
Posted 23 April 2015 - 08:46 AM

Smithy1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Many thanks Dakeyrus,

I apologise about the business issue, I thought that it was for all systems and encouraging people to learn as they went along.

 

I have reviewed my FST scan log file that I posted yesterday and have found the Zero Access entries, so I am on my way to learning what to do look for (at least more than yesterday), I have also ran the Farbar tool on the other Secure PC and it does not show any Zero Access entries. On my PC I have been desperately saving things, I will then scan for Virus and Malware and then start by reformatting each PC.

 

I am not too concerned with the website issue as I believe that It is fixed now that I have found the problem. I also ran a few checks for Website analysis following your link and it is showing that it is all good now - so one less job.

 

How would I go about posting a new topic (where) requesting assistance for these machines ?

 

It would be awesome If you could ask on my behalf if anyone is willing to assist me in this topic.

 

I have been reviewing the Farbar information and the removal process of malware and it seems like a very complicated process, I will  continue to read what needs to be done to fix the machines and work my way towards an outcome.

 

Once again I dont mean to offend you by the business issue, however we are a small business struggling at the moment with the economic crisis and I have myself in the position of doing the IT myself at all hours to keep our business afloat. I get a huge level of satisfaction when I am able to sort an IT issue out and have learnt a lot over the last year.

 

Thanks very much for your help Daekyrus, it is very much appreciated.

 

Well time for a few hours sleep - Regards, Smithy1


  • 0

#7
Dakeyras
Posted 23 April 2015 - 12:09 PM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

All acknowledged and you're most welcome! Plus no need to apologise I assure you.

How would I go about posting a new topic (where) requesting assistance for these machines ?

You merely create a new topic in this part of the forum requesting assistance etc.

It would be awesome If you could ask on my behalf if anyone is willing to assist me in this topic.

I will gladly enquire on your behalf, however what exactly do you need assistance with if I may ask ? As you mentioned:

start by reformatting each PC.

Are you intending to do this and or ask for each machine to be checked etc ? Let myself know what you actually would like to do in your next reply please.
  • 0

#8
Smithy1
Posted 23 April 2015 - 10:26 PM

Smithy1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts

Hi Dakeyrus,

 

I think that I need to be understanding the reason that the PC's have been able to be exposed to the threat firstly.

 

I use Mozilla Browzer on all PC's with script blocker, run Microsoft Security Essentials, Malwarebytes Pro on all Pc's and run Mailwasher for all emails. I have not been using an Antivirus and over the last few years and have had very little problems, until the last twelve months I have been getting smashed. The Malwarebytes Pro and MSE have been doing a good job however have been using Adw aware, Hitman Pro to use as an occasional scan to pick up ones missed by Malware bytes.

 

I have just downloaded the Avast Premier to trial on all of the machines over the last few days and so far it seems very good.

 

I will get the machines all back to square and monitor how they are going, I have been made to open my eyes up over the last week or so and have just downloaded the Farbar Tool and will learn how to use this over the next week or so whilst reformatting each PC.

 

I will also review more of the posts on here regarding security etc.

 

So I will be in touch.

 

Regards, Smithy1


  • 0

#9
Dakeyras
Posted 24 April 2015 - 10:34 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Acknowledged, good luck and stay safe!
  • 0

#10
Dakeyras
Posted 24 April 2015 - 10:34 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics


Also tagged with one or more of these keywords: Win 7, 64bit, BSOD, Help, Newbie

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP