Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

He's dead Jim; can't get Chrome to run without this message [S


  • This topic is locked This topic is locked

#1
mel2015

mel2015

    Member

  • Member
  • PipPip
  • 14 posts

Windows 7 64 bit.   Had Chrome installed and started getting this message.  Ran Avast, Malwarebytes, Superantispyware, uninstalled chrome, deleted Google folders, used regedit to delette google folders from software sections.  Then re-installed Chrome...same thing.  Firefox works as does IE.  Please help!


  • 0

Advertisements


#2
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,913 posts
Hello,

Can you show me a screenshot of the message? I do not think it is a virus. Please, read the following articles I have listed below and tell me if it resolves your issue.

“He’s Dead Jim” on Google Chrome Is Not A Virus
Error: "He's Dead, Jim!"

Regards,
Valinorum
  • 0

#3
mel2015

mel2015

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Neither article was any help. 

I tried attaching a word doc with a screen capture but got an error message.

The image in the first link looks just like what appears on my screen.

I've tried re-starting as suggested in the 2nd link, and I can't change settings in Chrome as suggested as the only thing that comes up is the He's dead screen. 

Memory has been suggested as the underlying problem, but firefox and IE both work and Chrome has always worked (before) without any issues.

 

 


  • 0

#4
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,913 posts
Hi mel2015, :)

:welcome:

My name is Valinorum and I will be the acolyte today. Before we proceed, please, acknowledge yourself the following(s):
  • Please do not create any new threads on this while we are working on your system as it wastes another volunteer's time. If you are being helped/have solved the issue/no longer wish to continue, notify me in your reply and I will quickly close this thread. Failing to comply will result in denial of future assistance.
  • Please do not install any new software while we are working on this system as it may hinder our process.
  • Malware removal is a complicated process so don't stop following the steps even if the symptoms are not found. Keep up with me until I declare you clean.
  • Please do not try to fix anything without being ask.
  • Please do not attach your logs or put them inside code/quote tags. Do a Copy/Paste of the entire contents of the log file and submit it inside your post unless directed otherwise.
  • Please print or save the instructions I give you for quick reference. We may be using Safe mode which will cut you off from internet and you will not always be able to access this thread.
  • Back up your data. I will not knowingly suggest your any course that might damage your system but sometimes Malware infections are so severe that only option we have is to re-format and re-install the operating system.
  • If you are confused about any instruction, stop and ask. Do not keep on going.
  • Do not repeat the steps if you face any problems.
  • I am not an omniscient. There are things even I cannot foresee. But what I know took years to learn and perfect the skill. This site is run by volunteers who help people in need in their own free time. I would ask you to respect their time and be patient as sometimes real life demands our time and replies to you can be delayed.
  • Private Message(PM) if and only if I have not responded to your thread within three days or your query is offtopic and personal. Do not PM me under any other circumstances. Your thread is the only medium of communication.
  • The fixes are for your system only. Please refrain from using these fixes on other system as it may do serious damage.
 

Uninstall Google Chrome and proceed to step 1.


 
  • Step #1 Scan with Farbar Recovery Scan Tool
    • Please download Farbar Recovery Scan Tool by Farbar to your Desktop from the link below.
      Download link for 32 bit system
      Download link for 64 bit system
    • Right-click on the program and choose Run as administrator;
    • Put tick-mark on all boxes under Whitelist and Optional Scan;
    • Click on Scan;
    • After the scan two notepad files will be opened --
      • FRST.txt;
      • Addition.txt
    • Copy and Paste the contents of the logs in your next reply.
 
  • Required Log(s):
    • Farbar Tool Logs--
      • FRST.txt
      • Addition.txt
Regards,
Valinorum
  • 0

#5
mel2015

mel2015

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:08-06-2015
Ran by mel (administrator) on MEL-PC on 10-06-2015 06:23:40
Running from C:\Users\mel\Desktop
Loaded Profiles: mel (Available Profiles: mel)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_13_0_0_182_ActiveX.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1427648 2015-06-09] (COMODO)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-23] (IDT, Inc.)
HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [320056 2009-06-24] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1930977450-1904899304-3597289394-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-06-17] (Hewlett-Packard Company)
HKU\S-1-5-21-1930977450-1904899304-3597289394-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7799576 2015-05-31] (SUPERAntiSpyware)
HKU\S-1-5-21-1930977450-1904899304-3597289394-1001\...\Policies\system: [WallpaperStyle] 2
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-11-05] (Microsoft Corporation)
HKU\S-1-5-18\...\Policies\system: [WallpaperStyle] 2
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-02] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1930977450-1904899304-3597289394-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
HKU\S-1-5-21-1930977450-1904899304-3597289394-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
SearchScopes: HKLM -> DefaultScope {22348997-7FD7-4759-AB9D-EB2B7A365617} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0809851D-6B6B-49C8-93A3-D43B32E2A276} URL = http://www.ask.com/w...}&l=dis&o=ushpl
SearchScopes: HKLM -> {22348997-7FD7-4759-AB9D-EB2B7A365617} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {22348997-7FD7-4759-AB9D-EB2B7A365617} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0809851D-6B6B-49C8-93A3-D43B32E2A276} URL = http://www.ask.com/w...}&l=dis&o=ushpl
SearchScopes: HKLM-x32 -> {22348997-7FD7-4759-AB9D-EB2B7A365617} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1930977450-1904899304-3597289394-1001 -> {0809851D-6B6B-49C8-93A3-D43B32E2A276} URL = http://www.ask.com/w...}&l=dis&o=ushpl
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-10] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-09] (Avast Software s.r.o.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-04-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-03-04] (Microsoft Corporation)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-09] (Avast Software s.r.o.)
BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll No File
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll No File
Toolbar: HKU\S-1-5-21-1930977450-1904899304-3597289394-1001 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [2009-02-06] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [2009-02-06] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\mel\AppData\Roaming\Mozilla\Firefox\Profiles\ykb0evm2.default
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-10-03] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-08] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-08] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-09-09]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-06]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-08-12] (SUPERAntiSpyware.com)
S4 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-02] (Avast Software s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-05-19] (Microsoft Corporation)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5541960 2015-06-09] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265792 2015-06-09] (COMODO)
S4 HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [124928 2009-07-09] (Hewlett-Packard) [File not signed]
S4 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-05-31] (Malwarebytes Corporation)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [247808 2010-03-23] (IDT, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 gusvc; "C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-02] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-02] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-02] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-02] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-02] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-02] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-02] ()
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20672 2015-06-05] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [797256 2015-06-05] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [45856 2015-06-05] (COMODO)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [104584 2015-06-05] (COMODO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-05-31] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-05-31] (Malwarebytes Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Accelerometer.sys 5C368F4B04ED2A923E6AFCA2D37BAFF5
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
C:\Windows\System32\DRIVERS\agrsm64.sys AF4748EF93416159459769A24A0053AF
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\System32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\System32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys 90C53BD47979FB8814F465A08B885102
C:\Windows\System32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\system32\drivers\aswHwid.sys B5B4C90E9F52DA8586F1E5461AD90A5D
C:\Windows\system32\drivers\aswMonFlt.sys 300CB8E510855189CAD0B72FFB5590CB
C:\Windows\system32\drivers\aswRdr2.sys 6D37D8DB30D086739507C5F6E542656A
C:\Windows\System32\Drivers\aswRvrt.sys 07E32DFCA422A2920482D762D01957EC
C:\Windows\system32\drivers\aswSnx.sys 3B4AC2DBFC86F7247C1FF1FAF2860530
C:\Windows\system32\drivers\aswSP.sys B1368BE5F6BA529E0886F4DA2361BD2D
C:\Windows\system32\drivers\aswStm.sys 6E53278ECCFFBC2ACC2A5006745ED4BB
C:\Windows\System32\Drivers\aswVmm.sys 91782404718C6352C26B3242BAC3F0F1
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\system32\drivers\atikmdag.sys 3EFD964D52221360AF0673CD61C2F4F5
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bcmwl664.sys F99C7AE4BB91BD1506B3572F944307BB
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\cdrom.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys 404B7DF9CA4D1CB675045AF220FF3285
C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cmderd.sys 41208E1CD85966F21E212E21CDF40F9F
C:\Windows\System32\DRIVERS\cmdguard.sys CE5026119307AD5A553432069831FA5C
C:\Windows\System32\DRIVERS\cmdhlp.sys 6AF42EF185D51E4C381BFDBD74BB21D4
C:\Windows\System32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 27667A788130A7F7A5858DE27572E6D7
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\enecir.sys 524C79054636D2E5751169005006460B
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidusb.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hpdskflt.sys 4E0BEC0F78096FFD6D3314B497FC49D3
C:\Windows\System32\DRIVERS\HpqKbFiltr.sys 9AF482D058BE59CC28BCE52E7C4B747C
C:\Windows\System32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys F61634BEC53F73702A10DE69F6DCAF57
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\igdkmd64.sys C6238C6ABD6AC99F5D152DA4E9439A3D
C:\Windows\System32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\inspect.sys A873942D6F7FC279D1EB9EBB44FF4E2B
C:\Windows\System32\drivers\IntcHdmi.sys D485D3BD3E2179AA86853A182F70699F
C:\Windows\System32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\system32\drivers\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys C93EB3A92540830168F2057ECA7DE49A
C:\Windows\System32\Drivers\ksecpkg.sys 43F45C59A472993E5063F2DB2D22C509
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mbam.sys 1E9E32AEC3E1EB1B31B8169F33168B56
C:\Windows\system32\drivers\mwac.sys F49FB3C88E263AE9A246593B0BB29294
C:\Windows\System32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys 87BCD1034CBF33537D4D4C251D39BA26
C:\Windows\System32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys AE3334958D8F631FF14A0AEB3D7EFB3A
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\System32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netw5v64.sys 64428DFDAF6E88366CB51F45A79C5F69
C:\Windows\System32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\System32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ED6E75158D28D33A2E2A020AC5B2B59D
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RtsUStor.sys A5DF2F732A6C95554E548FCB6932BD31
C:\Windows\System32\DRIVERS\Rt64win7.sys 91296F0B2653281B2F11E0FCE56AA427
C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS 3289766038DB2CB14D07DC84392138D5
C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS 58A38E75F3316A83C23DF6173D41F2B5
C:\Windows\System32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\system32\drivers\sdbus.sys 111E0EBC0AD79CB0FA014B907B231CF0
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\VSTAZL6.SYS 0C4540311E11664B245A263E1154CEF8
C:\Windows\System32\DRIVERS\VSTDPV6.SYS 02071D207A9858FBE3A48CBFD59C4A04
C:\Windows\System32\DRIVERS\VSTCNXT6.SYS 18E40C245DBFAF36FD0134A7EF2DF396
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\System32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\stwrt64.sys DFFBC024DFC7BB05B2129E05CBC7A201
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SynTP.sys AC3CC98B1BDB6540021D3FFB105AC2B9
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys 70988118145F5F10EF24720B97F35F65
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys E232A3B43A894BB327FC161529BD9ED1
C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\System32\DRIVERS\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\System32\DRIVERS\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\System32\DRIVERS\yk62x64.sys B3EEACF62445E24FBB2CD4B0FB4DB026

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Three Months Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-10 06:23 - 2015-06-10 06:24 - 00032544 _____ C:\Users\mel\Desktop\FRST.txt
2015-06-10 06:22 - 2015-06-10 06:23 - 00000000 ____D C:\FRST
2015-06-10 06:07 - 2015-06-10 06:07 - 02108928 _____ (Farbar) C:\Users\mel\Desktop\FRST64.exe
2015-06-08 21:34 - 2015-06-08 21:34 - 00931408 _____ (Google Inc.) C:\Users\mel\Downloads\ChromeSetup.exe
2015-06-08 21:33 - 2015-06-08 21:33 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-06-08 21:33 - 2015-06-08 21:33 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-06-08 21:33 - 2015-06-08 21:33 - 00000000 ____D C:\Users\mel\AppData\Roaming\Mozilla
2015-06-08 21:33 - 2015-06-08 21:33 - 00000000 ____D C:\Users\mel\AppData\Local\Mozilla
2015-06-08 21:33 - 2015-06-08 21:33 - 00000000 ____D C:\ProgramData\Mozilla
2015-06-08 21:33 - 2015-06-08 21:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-08 21:33 - 2015-06-08 21:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-08 21:02 - 2015-06-10 06:05 - 00000000 ____D C:\Program Files (x86)\Google
2015-06-08 21:01 - 2015-06-08 21:03 - 00000000 ____D C:\Users\mel\AppData\Local\Deployment
2015-06-08 21:01 - 2015-06-08 21:01 - 00000000 ____D C:\Users\mel\AppData\Local\Apps\2.0
2015-06-03 21:11 - 2015-06-03 21:11 - 00277104 _____ C:\Windows\Minidump\060315-21372-01.dmp
2015-06-02 20:22 - 2015-06-09 18:10 - 00000000 ____D C:\DAD 2015
2015-06-02 20:00 - 2015-06-02 20:00 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-02 20:00 - 2015-06-02 20:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-02 20:00 - 2015-06-02 20:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-02 20:00 - 2015-03-17 00:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-02 20:00 - 2015-03-17 00:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-02 20:00 - 2015-03-17 00:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-02 20:00 - 2015-03-17 00:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-02 20:00 - 2015-03-17 00:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-02 20:00 - 2015-03-17 00:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-02 20:00 - 2015-03-17 00:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-02 20:00 - 2015-03-17 00:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-02 20:00 - 2015-03-17 00:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-02 20:00 - 2015-03-17 00:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-02 20:00 - 2015-03-17 00:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-02 20:00 - 2015-03-17 00:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-02 20:00 - 2015-03-17 00:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-02 20:00 - 2015-03-17 00:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-02 20:00 - 2015-03-17 00:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-02 20:00 - 2015-03-17 00:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-02 20:00 - 2015-03-17 00:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-02 20:00 - 2015-03-17 00:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-02 20:00 - 2015-03-17 00:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-02 20:00 - 2015-03-17 00:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-02 20:00 - 2015-03-17 00:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-02 20:00 - 2015-03-17 00:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-02 20:00 - 2015-03-17 00:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-02 20:00 - 2015-03-17 00:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-02 20:00 - 2015-03-17 00:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-02 20:00 - 2015-03-17 00:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-02 20:00 - 2015-03-17 00:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-02 20:00 - 2015-03-16 23:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-02 20:00 - 2015-03-16 23:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-02 20:00 - 2015-03-16 23:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-02 20:00 - 2015-03-16 23:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-02 20:00 - 2015-03-16 23:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-02 20:00 - 2015-03-16 23:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-02 20:00 - 2015-03-16 23:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-02 20:00 - 2015-03-16 23:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-02 20:00 - 2015-03-16 23:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-02 20:00 - 2015-03-16 23:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-02 20:00 - 2015-03-16 23:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-02 20:00 - 2015-03-16 23:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-31 20:40 - 2015-05-01 08:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-31 20:40 - 2015-05-01 08:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-31 20:35 - 2015-05-04 20:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-31 20:35 - 2015-05-04 20:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-31 20:35 - 2015-04-21 21:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-31 20:35 - 2015-04-21 20:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-31 20:35 - 2015-04-21 12:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-31 20:35 - 2015-04-21 12:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-31 20:35 - 2015-04-21 12:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-31 20:35 - 2015-04-21 11:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-31 20:35 - 2015-04-21 11:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-31 20:35 - 2015-04-21 11:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-31 20:35 - 2015-04-21 11:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-31 20:35 - 2015-04-21 11:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-31 20:35 - 2015-04-21 11:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-31 20:35 - 2015-04-21 11:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-31 20:35 - 2015-04-21 11:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-31 20:35 - 2015-04-21 11:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-31 20:35 - 2015-04-21 11:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-31 20:35 - 2015-04-21 11:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-31 20:35 - 2015-04-21 11:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-31 20:35 - 2015-04-21 11:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-31 20:35 - 2015-04-21 11:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-31 20:35 - 2015-04-21 11:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-31 20:35 - 2015-04-21 11:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-31 20:35 - 2015-04-21 11:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-31 20:35 - 2015-04-21 11:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-31 20:35 - 2015-04-21 11:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-31 20:35 - 2015-04-21 11:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-31 20:35 - 2015-04-21 11:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-31 20:35 - 2015-04-21 11:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-31 20:35 - 2015-04-21 11:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-31 20:35 - 2015-04-21 11:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-31 20:35 - 2015-04-21 11:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-31 20:35 - 2015-04-21 11:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-31 20:35 - 2015-04-21 11:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-31 20:35 - 2015-04-21 11:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-31 20:35 - 2015-04-21 11:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-31 20:35 - 2015-04-21 11:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-31 20:35 - 2015-04-21 11:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-31 20:35 - 2015-04-21 10:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-31 20:35 - 2015-04-21 10:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-31 20:35 - 2015-04-21 10:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-31 20:35 - 2015-04-21 10:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-31 20:35 - 2015-04-21 10:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-31 20:35 - 2015-04-21 10:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-31 20:35 - 2015-04-21 10:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-31 20:35 - 2015-04-21 10:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-31 20:35 - 2015-04-21 10:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-31 20:35 - 2015-04-21 10:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-31 20:35 - 2015-04-21 10:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-31 20:35 - 2015-04-21 10:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-31 20:35 - 2015-04-21 10:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-31 20:35 - 2015-04-21 10:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-31 20:35 - 2015-04-21 10:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-31 20:35 - 2015-04-21 10:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-31 20:35 - 2015-04-21 10:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-31 20:35 - 2015-04-21 10:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-31 20:35 - 2015-04-21 10:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-31 20:35 - 2015-04-21 10:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-31 20:35 - 2015-04-21 10:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-31 20:35 - 2015-04-21 10:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-31 20:35 - 2015-04-21 09:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-31 20:35 - 2015-04-21 09:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-31 20:35 - 2015-04-17 22:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-31 20:35 - 2015-04-17 21:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-31 20:35 - 2015-04-07 22:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-31 20:35 - 2015-04-07 22:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-31 20:35 - 2015-04-03 22:29 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-31 20:35 - 2015-04-03 22:29 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-31 20:35 - 2015-04-03 22:22 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-31 20:35 - 2015-04-03 22:22 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-31 20:35 - 2015-04-03 22:22 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-31 20:35 - 2015-04-03 22:22 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-31 20:35 - 2015-04-03 22:22 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-31 20:35 - 2015-04-03 22:22 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-31 20:35 - 2015-04-03 22:22 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-31 20:35 - 2015-04-03 22:22 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-31 20:35 - 2015-04-03 22:22 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-31 20:35 - 2015-04-03 22:22 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-31 20:35 - 2015-04-03 22:20 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-31 20:35 - 2015-04-03 22:20 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-31 20:35 - 2015-04-03 22:17 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-31 20:35 - 2015-04-03 22:17 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-31 20:35 - 2015-04-03 22:15 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-31 20:35 - 2015-04-03 22:05 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-31 20:35 - 2015-04-03 22:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-31 20:35 - 2015-04-03 22:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-31 20:35 - 2015-04-03 22:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-31 20:35 - 2015-04-03 22:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-31 20:35 - 2015-04-03 22:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-31 20:35 - 2015-04-03 22:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-31 20:35 - 2015-04-03 22:04 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-31 20:35 - 2015-04-03 22:04 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-31 20:35 - 2015-04-03 22:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-31 20:35 - 2015-04-03 22:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-31 20:35 - 2015-04-03 21:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-31 20:34 - 2015-04-19 22:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-31 20:34 - 2015-04-19 22:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-31 20:34 - 2015-04-19 21:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-31 20:34 - 2015-04-19 21:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-31 20:34 - 2015-04-12 22:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-31 20:33 - 2015-05-31 20:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-05-31 20:33 - 2015-05-31 20:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-05-31 20:33 - 2015-03-09 22:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-05-31 20:33 - 2015-03-09 22:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-05-31 20:33 - 2015-03-05 00:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-05-31 20:33 - 2015-03-04 23:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-05-31 20:33 - 2015-02-24 22:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-05-31 20:33 - 2015-02-18 02:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-31 20:33 - 2015-02-18 02:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-31 20:26 - 2015-05-31 20:26 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-05-31 20:26 - 2015-03-03 23:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-05-31 20:26 - 2015-03-03 23:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-05-02 09:22 - 2015-05-02 09:22 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-02 09:22 - 2015-05-02 09:22 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-04-11 20:27 - 2015-04-11 20:30 - 00000000 ___SD C:\Windows\system32\GWX
2015-04-11 20:27 - 2015-04-11 20:27 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-04-11 20:27 - 2015-04-11 20:27 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-04-11 20:27 - 2015-04-11 20:27 - 00000000 ____D C:\Windows\system32\appraiser
2015-04-11 19:17 - 2015-01-08 18:44 - 00419936 _____ C:\Windows\SysWOW64\locale.nls
2015-04-11 19:17 - 2015-01-08 18:43 - 00419936 _____ C:\Windows\system32\locale.nls
2015-04-11 19:03 - 2015-04-11 19:03 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-11 19:03 - 2015-04-11 19:03 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-04-11 19:03 - 2015-04-11 19:03 - 02616320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-04-11 19:03 - 2015-04-11 19:03 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-11 19:03 - 2015-04-11 19:03 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-04-11 19:03 - 2015-04-11 19:03 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-11 19:03 - 2015-04-11 19:03 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-11 19:03 - 2015-04-11 19:03 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-04-11 19:03 - 2015-04-11 19:03 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-04-11 19:03 - 2015-04-11 19:03 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-11 19:03 - 2015-04-11 19:03 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-11 19:03 - 2015-04-11 19:03 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-11 19:03 - 2015-04-11 19:03 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-04-11 19:03 - 2015-04-11 19:03 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-11 19:03 - 2015-04-11 19:03 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-11 19:03 - 2015-04-11 19:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-11 19:03 - 2015-04-11 19:03 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-11 19:03 - 2015-04-11 19:03 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-11 19:03 - 2015-04-11 19:03 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-11 19:03 - 2015-04-11 19:03 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-11 19:03 - 2015-04-11 19:03 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-11 19:03 - 2015-04-11 19:03 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-11 19:03 - 2015-04-11 19:03 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-04-11 19:03 - 2015-04-11 19:03 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-04-11 19:03 - 2015-04-11 19:03 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-11 19:03 - 2015-04-11 19:03 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-11 19:03 - 2015-04-11 19:03 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-11 19:03 - 2015-04-11 19:03 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-11 19:03 - 2015-04-11 19:03 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-11 19:03 - 2015-04-11 19:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-11 19:03 - 2015-04-11 19:03 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-11 19:03 - 2015-04-11 19:03 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-04-11 19:03 - 2015-04-11 19:03 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-11 19:02 - 2015-04-11 19:02 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-04-11 19:02 - 2015-04-11 19:02 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-04-11 19:01 - 2015-04-11 19:01 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2015-04-11 19:01 - 2015-04-11 19:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2015-04-10 14:17 - 2015-04-10 14:17 - 00000000 ____D C:\ProgramData\Google
2015-03-13 19:20 - 2015-03-13 19:20 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-13 19:20 - 2015-03-13 19:20 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-13 19:20 - 2015-03-13 19:20 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-13 19:20 - 2015-03-13 19:20 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-13 19:20 - 2015-03-13 19:20 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-13 19:20 - 2015-03-13 19:20 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-13 19:20 - 2015-02-02 22:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-13 19:19 - 2015-03-13 19:19 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-13 19:19 - 2015-03-13 19:19 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-13 19:19 - 2015-03-13 19:19 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-13 19:19 - 2015-03-13 19:19 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-13 19:19 - 2015-03-13 19:19 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-13 19:19 - 2015-03-13 19:19 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-13 19:19 - 2015-03-13 19:19 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-13 19:19 - 2015-03-13 19:19 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-13 19:19 - 2015-03-13 19:19 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-13 19:19 - 2015-03-13 19:19 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-13 19:19 - 2015-03-13 19:19 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-13 19:19 - 2015-03-13 19:19 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-13 19:19 - 2015-03-13 19:19 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-13 19:19 - 2015-03-13 19:19 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-13 19:19 - 2015-03-13 19:19 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-13 19:19 - 2015-03-13 19:19 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-13 19:19 - 2015-03-13 19:19 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-13 19:19 - 2015-03-13 19:19 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-13 19:19 - 2015-03-13 19:19 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-13 19:19 - 2015-03-13 19:19 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-13 19:19 - 2015-03-13 19:19 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-13 19:17 - 2015-03-13 19:17 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-13 19:17 - 2015-03-13 19:17 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-13 19:17 - 2015-03-13 19:17 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-13 19:17 - 2015-03-13 19:17 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-13 19:17 - 2015-03-13 19:17 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-13 19:17 - 2015-02-19 23:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-13 19:17 - 2015-02-19 23:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-13 19:17 - 2015-02-19 23:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-13 19:17 - 2015-02-19 23:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-13 19:17 - 2015-02-19 23:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-13 19:17 - 2015-02-19 23:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-13 19:17 - 2015-02-19 23:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-13 19:17 - 2015-02-19 23:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-13 19:17 - 2015-02-19 22:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-13 19:17 - 2015-02-19 22:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-13 19:17 - 2015-02-03 22:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-13 19:17 - 2015-01-30 18:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys

==================== Three Months Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-10 06:10 - 2013-09-09 19:30 - 02074211 _____ C:\Windows\WindowsUpdate.log
2015-06-10 06:07 - 2009-07-13 23:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-10 06:07 - 2009-07-13 23:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-10 06:05 - 2013-09-09 18:51 - 00000000 ____D C:\Users\mel\AppData\Local\Google
2015-06-10 05:59 - 2013-09-09 18:51 - 00000888 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-10 05:59 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-10 05:59 - 2009-07-13 23:51 - 00109488 _____ C:\Windows\setupact.log
2015-06-09 20:42 - 2013-09-09 18:51 - 00000892 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-09 17:58 - 2013-10-21 17:57 - 00003592 _____ C:\Windows\system32\Drivers\fvstore.dat
2015-06-09 17:57 - 2013-09-09 18:43 - 00001947 _____ C:\Users\Public\Desktop\COMODO Firewall.lnk
2015-06-09 17:53 - 2013-09-14 16:39 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2015-06-09 17:53 - 2009-08-09 03:12 - 00000000 ____D C:\ProgramData\Temp
2015-06-09 14:05 - 2013-09-09 18:50 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-06-08 21:41 - 2013-09-09 19:40 - 00367002 _____ C:\Windows\PFRO.log
2015-06-08 21:37 - 2013-09-09 18:51 - 00003888 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-06-08 21:37 - 2013-09-09 18:51 - 00003636 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-06-08 21:05 - 2014-04-21 20:09 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-05 08:35 - 2013-06-18 16:16 - 00797256 _____ (COMODO) C:\Windows\system32\Drivers\cmdguard.sys
2015-06-05 08:35 - 2013-06-18 16:16 - 00104584 _____ (COMODO) C:\Windows\system32\Drivers\inspect.sys
2015-06-05 08:35 - 2013-06-18 16:16 - 00045856 _____ (COMODO) C:\Windows\system32\Drivers\cmdhlp.sys
2015-06-05 08:35 - 2013-06-18 16:16 - 00020672 _____ (COMODO) C:\Windows\system32\Drivers\cmderd.sys
2015-06-05 08:34 - 2013-06-18 16:15 - 00576824 _____ (COMODO) C:\Windows\system32\guard64.dll
2015-06-05 08:34 - 2013-06-18 16:15 - 00444448 _____ (COMODO) C:\Windows\SysWOW64\guard32.dll
2015-06-05 08:34 - 2013-06-18 16:15 - 00041224 _____ (COMODO) C:\Windows\system32\cmdcsr.dll
2015-06-05 08:33 - 2013-06-18 16:15 - 00358080 _____ (COMODO) C:\Windows\system32\cmdvrt64.dll
2015-06-05 08:32 - 2013-06-18 16:15 - 00045760 _____ (COMODO) C:\Windows\system32\cmdkbd64.dll
2015-06-05 08:31 - 2013-06-18 16:15 - 00288448 _____ (COMODO) C:\Windows\SysWOW64\cmdvrt32.dll
2015-06-05 08:31 - 2013-06-18 16:15 - 00040640 _____ (COMODO) C:\Windows\SysWOW64\cmdkbd32.dll
2015-06-03 21:11 - 2014-04-27 06:56 - 00000000 ____D C:\Windows\Minidump
2015-06-03 18:42 - 2013-10-02 19:07 - 00000072 _____ C:\Users\Public\LMDebug.log
2015-06-02 20:43 - 2009-08-09 03:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2015-06-02 20:43 - 2009-08-09 03:35 - 00000000 ____D C:\ProgramData\CyberLink
2015-06-02 20:43 - 2009-08-09 03:35 - 00000000 ____D C:\Program Files (x86)\CyberLink
2015-06-02 20:43 - 2009-08-09 02:00 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-02 19:42 - 2013-09-09 19:31 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-06-02 17:27 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2015-05-31 21:15 - 2009-07-13 23:45 - 00451872 _____ C:\Windows\system32\FNTCACHE.DAT
2015-05-31 21:13 - 2013-09-19 19:43 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-31 21:13 - 2013-09-19 19:43 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-31 20:56 - 2014-12-28 19:26 - 00889166 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-05-31 20:55 - 2009-07-14 00:13 - 00889166 _____ C:\Windows\system32\PerfStringBackup.INI
2015-05-31 20:54 - 2013-09-19 20:39 - 00000000 ____D C:\Windows\system32\MRT
2015-05-31 20:44 - 2013-09-19 20:39 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-31 20:39 - 2013-09-19 19:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-31 19:15 - 2014-04-21 20:09 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-31 19:15 - 2014-04-21 20:09 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-31 19:15 - 2014-04-21 20:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-31 19:15 - 2014-04-21 20:09 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-31 19:15 - 2013-09-09 19:21 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-31 19:15 - 2013-09-09 19:21 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-20 13:14 - 2014-08-31 15:05 - 00000000 ____D C:\Users\mel\PRESCHOOL 2014
2015-05-20 13:14 - 2013-10-02 19:07 - 00000736 _____ C:\Users\mel\AppData\Roaming\wklnhst.dat
2015-05-20 13:01 - 2009-07-14 00:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2015-05-19 18:05 - 2014-10-03 21:18 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-05-11 15:03 - 2009-07-14 00:08 - 00032598 _____ C:\Windows\Tasks\SCHEDLGU.TXT

==================== Files in the root of some directories =======

2013-09-09 18:56 - 2013-09-09 18:56 - 4188160 _____ () C:\Program Files (x86)\GUT7EA2.tmp
2013-10-02 19:07 - 2015-05-20 13:14 - 0000736 _____ () C:\Users\mel\AppData\Roaming\wklnhst.dat
2013-09-09 18:31 - 2013-09-09 18:31 - 0000000 _____ () C:\Users\mel\AppData\Local\AtStart.txt
2013-09-09 18:31 - 2013-09-09 18:31 - 0000000 _____ () C:\Users\mel\AppData\Local\DSwitch.txt
2013-09-09 18:31 - 2013-09-09 18:31 - 0000000 _____ () C:\Users\mel\AppData\Local\QSwitch.txt
2013-09-09 18:31 - 2015-06-10 06:00 - 0000509 _____ () C:\ProgramData\HPWALog.txt
2013-09-09 19:56 - 2013-09-09 19:56 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2009-08-09 03:42 - 2009-08-09 03:43 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2013-09-09 19:56 - 2013-09-09 19:56 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2009-08-09 03:36 - 2009-08-09 03:38 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2013-09-09 19:55 - 2013-09-09 19:55 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2013-09-09 19:56 - 2013-09-09 19:56 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2009-08-09 03:35 - 2009-08-09 03:35 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2009-08-09 03:38 - 2009-08-09 03:42 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2013-09-09 19:56 - 2013-09-09 19:57 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

==================== BCD ================================

Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=\Device\HarddiskVolume1
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
extendedinput           Yes
default                 {current}
resumeobject            {f04f848d-78e1-11de-b692-abbf25df600e}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30
customactions           0x1000085000001
                        0x5400000f
custom:5400000f         {c8571e13-19b7-11e3-833c-ce2122a10ef8}

Windows Boot Loader
-------------------
identifier              {572bcd60-ffa7-11d9-aae0-0007e994107d}
device                  ramdisk=[boot]\sources\boot.wim,{ramdiskoptions}
path                    \windows\system32\boot\winload.exe
description             Microsoft Windows PE 2.0
osdevice                ramdisk=[boot]\sources\boot.wim,{ramdiskoptions}
systemroot              \windows
detecthal               Yes
winpe                   Yes
ems                     Yes

Windows Boot Loader
-------------------
identifier              {c8571e13-19b7-11e3-833c-ce2122a10ef8}
device                  ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{c8571e14-19b7-11e3-833c-ce2122a10ef8}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{c8571e14-19b7-11e3-833c-ce2122a10ef8}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {c8571e13-19b7-11e3-833c-ce2122a10ef8}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {f04f848d-78e1-11de-b692-abbf25df600e}
nx                      OptIn

Resume from Hibernate
---------------------
identifier              {f04f848d-78e1-11de-b692-abbf25df600e}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=\Device\HarddiskVolume1
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS Settings
------------
identifier              {emssettings}
bootems                 Yes

Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM Defects
-----------
identifier              {badmemory}

Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}

Setup Ramdisk Options
---------------------
identifier              {ramdiskoptions}
description             Ramdisk Options
ramdisksdidevice        boot
ramdisksdipath          \boot\boot.sdi

Device options
--------------
identifier              {c8571e14-19b7-11e3-833c-ce2122a10ef8}
description             Ramdisk Options
ramdisksdidevice        partition=D:
ramdisksdipath          \Recovery\WindowsRE\boot.sdi

 

LastRegBack: 2015-06-03 19:43

==================== End of log ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:08-06-2015
Ran by mel at 2015-06-10 06:24:41
Running from C:\Users\mel\Desktop
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1930977450-1904899304-3597289394-500 - Administrator - Disabled)
Guest (S-1-5-21-1930977450-1904899304-3597289394-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1930977450-1904899304-3597289394-1002 - Limited - Enabled)
mel (S-1-5-21-1930977450-1904899304-3597289394-1001 - Administrator - Enabled) => C:\Users\mel

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Comodo Defense+ (Enabled - Up to date) {493CE176-EB84-BC8D-9707-B3ACF7598648}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: COMODO Firewall (Enabled) {CA6681B7-87D1-B25B-86E8-21EB720D8B8E}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.1 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.2.2218 - AVAST Software)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.30.21.0 - Broadcom Corporation)
Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden
COMODO Firewall (HKLM\...\{A0BABADE-E154-4F08-97A1-2903CD110E88}) (Version: 6.2.20728.2847 - COMODO Security Solutions Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3101 - CyberLink Corp.)
ENE CIR Receiver Driver (HKLM\...\FFE7D41DF3C645075BB149E21988B63996C34187) (Version: 2.7.4.0 - ENE)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
HP 3D DriveGuard (HKLM\...\{85A42FF0-F0D0-44A3-B226-C124D6E8B1D5}) (Version: 4.0.3.1 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM-x32\...\{5B295588-59C1-4386-9F85-BB4BEDCB0D22}) (Version: 5.7.0.3036 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.0.3123 - Hewlett-Packard)
HP MediaSmart Internet TV (HKLM-x32\...\InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}) (Version: 3.0.1916 - Hewlett-Packard)
HP MediaSmart Live TV (HKLM-x32\...\InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}) (Version: 3.0.1924 - Hewlett-Packard)
HP MediaSmart Movie Themes (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.0.3102 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.0.3123 - Hewlett-Packard)
HP MediaSmart SlingPlayer (HKLM-x32\...\{90F6051D-A69F-4159-9203-7E20430E1056}) (Version: 2.1.1.60 - Sling Media, Inc.)
HP MediaSmart SmartMenu (HKLM\...\{88E60521-1E4E-4785-B9F1-1798A4BD0C30}) (Version: 3.0.30.1 - Hewlett-Packard)
HP MediaSmart Software Notebook Demo (HKLM-x32\...\{82A213BD-B6AA-4281-A2D3-59D51893CC56}) (Version: 1.00.0000 - Hewlett-Packard)
HP MediaSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.1913 - Hewlett-Packard)
HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.3.1 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}) (Version: 1.2.3220.3079 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{4F46FDB9-B906-47BF-B3D5-C62E01B3C5EE}) (Version: 4.1.11.3 - Hewlett-Packard)
HP Update (HKLM-x32\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
HP User Guides 0154 (HKLM-x32\...\{B51605BF-6326-4553-AE96-6D7F1813D5F5}) (Version: 1.01.0001 - Hewlett-Packard)
HP Wireless Assistant (HKLM-x32\...\{54CC7901-804D-4155-B353-21F0CC9112AB}) (Version: 3.50.9.1 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.0.2 - Hewlett-Packard) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6225.0 - IDT)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
Junk Mail filter update (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
LightScribe System Software (HKLM-x32\...\{82EF29B1-9B60-4142-A155-0599216DD053}) (Version: 1.18.6.1 - LightScribe)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.1.94 - LSI Corporation)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4719.1002 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 38.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 en-US)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.5 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
PowerRecover (x32 Version: 5.5.1923 - CyberLink Corp.) Hidden
QLBCASL (x32 Version: 6.40.17.2 - Hewlett-Packard) Hidden
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0007 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30094 - Realtek Semiconductor Corp.)
Samsung Universal Print Driver 2 (HKLM-x32\...\Samsung Universal Print Driver 2) (Version: 2.50.02.00 - Samsung Electronics Co., Ltd.)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1032 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8064.0206 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Restore Points =========================

21-05-2015 16:24:08 Scheduled Checkpoint
31-05-2015 17:31:24 Scheduled Checkpoint
31-05-2015 20:35:51 Windows Update
02-06-2015 20:01:05 Windows Update
02-06-2015 20:27:10 Configured LabelPrint
02-06-2015 20:30:22 Configured PowerDirector
02-06-2015 20:40:55 Configured Power2Go
08-06-2015 18:17:47 Removed SlingBoxWatchYourTVAnyWhere.

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {18EFC5DB-C4A6-47B7-A0D8-9F37A0DBE246} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP TCS\RemEngine.exe [2009-07-08] ()
Task: {260C4FB8-BAC0-4AB9-B212-7C818A98A7AD} - System32\Tasks\CapSchedInst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSchedInst.exe [2009-07-24] (CL)
Task: {529406C6-6613-4D86-AEDA-EE4578236ED7} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP TCS\RemEngine.exe [2009-07-08] ()
Task: {574D128E-2857-4DC9-BA8B-D685F344AB42} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-02] (Avast Software s.r.o.)
Task: {59BA1ECE-40DF-4F95-9818-4E6804055854} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-04-11] (Microsoft Corporation)
Task: {5CD5EEF5-84E8-4BD0-974A-039A5CB93B94} - System32\Tasks\Hewlett-Packard\HP Assistant\First Boot => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe [2009-07-09] (Hewlett-Packard)
Task: {628CC7AF-46EB-40E9-8E23-7B6A98073B61} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-04-11] (Microsoft Corporation)
Task: {6B843B04-99F2-4BD0-994E-F4CD38A86A9A} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2013-11-05] (Microsoft Corporation)
Task: {705EC63D-B8CD-49EC-B698-F9C3D7DD4B87} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-06-09] (COMODO)
Task: {74229D16-80EC-4C09-BAC7-93685692A656} - System32\Tasks\CapSvcInst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSvcInst.exe [2009-07-24] (CL)
Task: {8A68F76C-02E3-460A-9C2F-DB8AB92E3A1E} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-04-11] (Microsoft Corporation)
Task: {91EE8597-2C63-4D5F-B793-AAE1CAA11DC5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-08] (Google Inc.)
Task: {ADA039B5-3258-49A2-9EA4-269321AAFA20} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-03-17] (Microsoft Corporation)
Task: {AEE18AF9-260D-4B47-8CAC-6E81CF55CC3D} - System32\Tasks\CapUninst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapUninst.exe [2009-07-24] (CL)
Task: {B41E7D9C-15A8-4A24-87D7-08035C918CFF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-03-17] (Microsoft Corporation)
Task: {B877D31C-37EB-4DFE-B777-0A73871D6E3D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-05-19] (Microsoft Corporation)
Task: {CE7AD3D8-A9A6-44D8-AC36-C21ED7B4DE7F} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-06-09] (COMODO)
Task: {D217114A-0AED-4144-A441-261E8662CA95} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-05-19] (Microsoft Corporation)
Task: {D24DAEBF-5C14-43AF-AE33-BA5E96BFCA10} - System32\Tasks\TVAgent => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe [2009-07-24] (CyberLink Corp.)
Task: {D4C61A35-5432-4B57-8FED-7E55F1DE02DF} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [2009-07-23] (CyberLink Corp.)
Task: {D5A6EC46-6038-4E08-B56C-2CD929F2F553} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-04-11] (Microsoft Corporation)
Task: {E31B7929-3566-4B05-9222-C4E84B1DBAD4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-08] (Google Inc.)
Task: {F16BD5BD-25F4-4D13-A183-CBE3949D8F8A} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-06-09] (COMODO)
Task: {F4EEC88C-AD91-4E87-8613-E3E73CF5FD64} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-05-19] (Microsoft Corporation)
Task: {FB20195B-F4B0-44BF-BF08-5B0127D250BC} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-07-23] (CyberLink)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-03-17 14:36 - 2015-01-27 10:29 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-10-02 19:04 - 2011-04-11 00:26 - 00034304 _____ () C:\Windows\System32\spe__l.dll
2014-10-03 21:18 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-05-02 09:22 - 2015-05-02 09:22 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-02 09:22 - 2015-05-02 09:22 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-06-09 14:07 - 2015-06-09 14:07 - 02952192 _____ () C:\Program Files\AVAST Software\Avast\defs\15060901\algo.dll
2009-06-17 13:40 - 2009-06-17 13:40 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2009-06-17 13:40 - 2009-06-17 13:40 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2009-06-17 13:40 - 2009-06-17 13:40 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2009-07-23 13:37 - 2009-07-23 13:37 - 00931112 ____N () c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
2015-03-06 17:32 - 2015-03-06 17:32 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows\avastSS.scr:$CmdTcID
AlternateDataStreams: C:\Windows\explorer.exe:$CmdTcID
AlternateDataStreams: C:\Windows\splwow64.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\acmigration.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aepdu.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aitstatic.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\apisetschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidcertstorecheck.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidpolicyconverter.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appraiser.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\audiodg.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\blackbox.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ci.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\crypt32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptnet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\devinv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\drmmgrtn.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\drmv2clt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxmasf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\generaltel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\invagent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mferror.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfpmp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MRT.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msctf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msdxm.ocx:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msmmsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msnetobj.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msscp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mstscax.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml3r.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nlasvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\oleaut32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcadm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcaevts.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcalua.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcasvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcawrk.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\perftrack.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\powertracker.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\profsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\quartz.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdpcorets.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RdpGroupPolicyExtension.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdpudd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rrinstaller.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\scesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\setbcdlocale.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\shell32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\spoolsv.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\spwmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\TSWbPrxy.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wdi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WindowsCodecs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winload.efi:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winload.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winresume.efi:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winresume.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WinSetupUI.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wintrust.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmdrmsdk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmploc.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wu.upgrade.ps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuapp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuauclt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuaueng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wucltux.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wudriver.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wups.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wups2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuwebv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\apisetschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\appidapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\AudioEng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\AUDIOKSE.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\AudioSes.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\blackbox.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\clfsw32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\crypt32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptnet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\drmmgrtn.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\drmv2clt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dxmasf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\explorer.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\instnm.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mferror.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mfpmp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mfps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msctf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msdxm.ocx:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msnetobj.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msscp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mstscax.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msxml3r.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ncsi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nlaapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\oleaut32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\quartz.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\rrinstaller.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\scesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\shell32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\spwmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ubpm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\user.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wdi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\WindowsCodecs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wintrust.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmdrmsdk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\WMPhoto.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmploc.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wuapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wuapp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wudriver.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wups.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wuwebv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\appid.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mbam.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mbamchameleon.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mountmgr.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxdav.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mwac.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\PEAuth.sys:$CmdTcID
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\Users\mel\Desktop\FRST64.exe:$CmdTcID
AlternateDataStreams: C:\Users\mel\Desktop\FRST64.exe:$CmdZnID
AlternateDataStreams: C:\Users\mel\Downloads\23242617-1.pdf:$CmdZnID
AlternateDataStreams: C:\Users\mel\Downloads\23243838-1.pdf:$CmdZnID
AlternateDataStreams: C:\Users\mel\Downloads\ChromeSetup.exe:$CmdTcID
AlternateDataStreams: C:\Users\mel\Downloads\ChromeSetup.exe:$CmdZnID
AlternateDataStreams: C:\Users\mel\Downloads\ThankyouforbeingaFriend.docx:$CmdZnID

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-1930977450-1904899304-3597289394-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1930977450-1904899304-3597289394-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1930977450-1904899304-3597289394-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1930977450-1904899304-3597289394-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1930977450-1904899304-3597289394-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1930977450-1904899304-3597289394-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1930977450-1904899304-3597289394-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-1930977450-1904899304-3597289394-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-1930977450-1904899304-3597289394-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1930977450-1904899304-3597289394-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-1930977450-1904899304-3597289394-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1930977450-1904899304-3597289394-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1930977450-1904899304-3597289394-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1930977450-1904899304-3597289394-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1930977450-1904899304-3597289394-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1930977450-1904899304-3597289394-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1930977450-1904899304-3597289394-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1930977450-1904899304-3597289394-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1930977450-1904899304-3597289394-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1930977450-1904899304-3597289394-1001\...\1001movie.com -> 1001movie.com

There are 6091 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1930977450-1904899304-3597289394-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\mel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AESTFilters => 2
MSCONFIG\Services: AgereModemAudio => 2
MSCONFIG\Services: Com4QLBEx => 3
MSCONFIG\Services: GameConsoleService => 3
MSCONFIG\Services: HP Health Check Service => 2
MSCONFIG\Services: hpqwmiex => 3
MSCONFIG\Services: hpsrv => 2
MSCONFIG\Services: LightScribeService => 2
MSCONFIG\Services: RichVideo => 2
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: HPCam_Menu => "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam"
MSCONFIG\startupreg: SmartMenu => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
MSCONFIG\startupreg: UpdatePRCShortCut => "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D1D9E632-6391-446B-866C-5CD2F45807C9}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{50086076-0489-4413-A6DB-7CA8E5F8283A}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{E1D7F83E-8125-4845-90A7-673ADEF33553}] => (Allow) svchost.exe
FirewallRules: [{B3229E98-0217-4660-8DE6-F3FAB7DC660B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{C4436692-09D3-432C-B28C-77372373BF55}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe
FirewallRules: [{574088E8-F9E2-4D16-9F80-5A22E9138B68}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe
FirewallRules: [{A430E433-7881-4C04-9AF5-B5F38B53D5F5}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe
FirewallRules: [{B613DC65-5DDE-4156-AEAA-681FF6668525}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\TSMAgent.exe
FirewallRules: [{40C0A05B-09BB-4C9C-96B1-45CFA496999C}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{FD4EB478-6972-4868-8459-7510671BEE63}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [{B5009081-7A24-480A-B5DC-F6AE22F52E9F}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe
FirewallRules: [{50F6DE29-FA53-43BD-A897-7DC351CBDDFB}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe
FirewallRules: [{27444132-4310-4E8F-9CAC-8DD090EAABB3}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe
FirewallRules: [{598F2173-E36F-4797-8895-6F621237288B}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
FirewallRules: [{54D7450D-297F-4A4F-8556-F9ED326FFFAF}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{1DE29FB2-0999-4663-B9E8-284D77B2311D}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\QP.exe
FirewallRules: [{5DBFC941-A46C-423F-9A75-B5A743F7B66F}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\QPService.exe
FirewallRules: [{FD5F72C5-6F9A-4C30-A54A-EF0BD7D3BBF5}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Print Driver 2\PrinterSelector\SUPDApp.exe
FirewallRules: [{653A9B96-DE94-46EB-87E2-F249CA3A00D0}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{28D07DD6-099D-496F-8B22-DA08D06F8417}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{6118AEA5-EB0B-47A3-9552-0919D4A6E752}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{A975D1B4-89E9-4C72-AA09-5EF7696C269D}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{3B33762C-249E-45AE-AEC0-9D7F661D6A55}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{60BF7DA1-0C0C-40A0-9864-FDDB915491E2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FB63CEEE-B842-416C-B9A3-268C41D0B3B7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (06/09/2015 05:59:44 PM) (Source: WinMgmt) (EventID: 24) (User: )
Description: CisWmiSELECT * FROM CisFileRatingChangeCisFileRatingChange//./root/cis

Error: (06/09/2015 05:59:44 PM) (Source: WinMgmt) (EventID: 24) (User: )
Description: CisWmiSELECT * FROM CisStatusChangeCisStatusChange//./root/cis

Error: (06/09/2015 05:59:44 PM) (Source: WinMgmt) (EventID: 24) (User: )
Description: CisWmiSELECT * FROM CisNotificationCisNotification//./root/cis

Error: (06/09/2015 05:59:44 PM) (Source: WinMgmt) (EventID: 24) (User: )
Description: CisWmiSELECT * FROM FwAlertFwAlert//./root/cis

Error: (06/09/2015 05:59:44 PM) (Source: WinMgmt) (EventID: 24) (User: )
Description: CisWmiSELECT * FROM DfAlertDfAlert//./root/cis

Error: (06/09/2015 05:59:44 PM) (Source: WinMgmt) (EventID: 24) (User: )
Description: CisWmiSELECT * FROM AvAlertAvAlert//./root/cis

Error: (06/09/2015 05:59:44 PM) (Source: WinMgmt) (EventID: 24) (User: )
Description: CisWmiSELECT * FROM CisAlertCisAlert//./root/cis

Error: (06/09/2015 05:59:44 PM) (Source: WinMgmt) (EventID: 24) (User: )
Description: CisWmiSELECT * FROM CisEventCisEvent//./root/cis

Error: (06/09/2015 05:59:44 PM) (Source: WinMgmt) (EventID: 24) (User: )
Description: SELECT * FROM CisFileRatingChangeCisFileRatingChange//./root/cis

Error: (06/09/2015 05:59:44 PM) (Source: WinMgmt) (EventID: 24) (User: )
Description: SELECT * FROM CisStatusChangeCisStatusChange//./root/cis

System errors:
=============
Error: (06/10/2015 06:08:00 AM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (06/09/2015 08:37:01 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (06/09/2015 06:21:38 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (06/09/2015 06:08:07 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (06/09/2015 05:44:12 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (06/09/2015 05:44:12 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (06/09/2015 05:44:12 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (06/09/2015 05:44:12 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (06/09/2015 05:44:12 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (06/09/2015 05:35:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMService service failed to start due to the following error:
%%1053

Microsoft Office:
=========================
Error: (06/09/2015 05:59:44 PM) (Source: WinMgmt) (EventID: 24) (User: )
Description: CisWmiSELECT * FROM CisFileRatingChangeCisFileRatingChange//./root/cis

Error: (06/09/2015 05:59:44 PM) (Source: WinMgmt) (EventID: 24) (User: )
Description: CisWmiSELECT * FROM CisStatusChangeCisStatusChange//./root/cis

Error: (06/09/2015 05:59:44 PM) (Source: WinMgmt) (EventID: 24) (User: )
Description: CisWmiSELECT * FROM CisNotificationCisNotification//./root/cis

Error: (06/09/2015 05:59:44 PM) (Source: WinMgmt) (EventID: 24) (User: )
Description: CisWmiSELECT * FROM FwAlertFwAlert//./root/cis

Error: (06/09/2015 05:59:44 PM) (Source: WinMgmt) (EventID: 24) (User: )
Description: CisWmiSELECT * FROM DfAlertDfAlert//./root/cis

Error: (06/09/2015 05:59:44 PM) (Source: WinMgmt) (EventID: 24) (User: )
Description: CisWmiSELECT * FROM AvAlertAvAlert//./root/cis

Error: (06/09/2015 05:59:44 PM) (Source: WinMgmt) (EventID: 24) (User: )
Description: CisWmiSELECT * FROM CisAlertCisAlert//./root/cis

Error: (06/09/2015 05:59:44 PM) (Source: WinMgmt) (EventID: 24) (User: )
Description: CisWmiSELECT * FROM CisEventCisEvent//./root/cis

Error: (06/09/2015 05:59:44 PM) (Source: WinMgmt) (EventID: 24) (User: )
Description: SELECT * FROM CisFileRatingChangeCisFileRatingChange//./root/cis

Error: (06/09/2015 05:59:44 PM) (Source: WinMgmt) (EventID: 24) (User: )
Description: SELECT * FROM CisStatusChangeCisStatusChange//./root/cis

==================== Memory info ===========================

Processor: Pentium® Dual-Core CPU T4300 @ 2.10GHz
Percentage of memory in use: 33%
Total physical RAM: 3999.19 MB
Available physical RAM: 2640.75 MB
Total Pagefile: 7996.57 MB
Available Pagefile: 6246.54 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:219.97 GB) (Free:166.45 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:12.72 GB) (Free:2.12 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 2169E425)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=220 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=12.7 GB) - (Type=07 NTFS)

==================== End of log ============================


  • 0

#6
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,913 posts
My apology for the delay. I had severe lag in my internet speed. Please, uninstall Google Chrome if you have not already. Please, enable only one of the follow and disable the rest.
AS: Comodo Defense+ (Enabled - Up to date) {493CE176-EB84-BC8D-9707-B3ACF7598648}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  • Step # Fix with FRST
    Make sure that you still have FRST.exe on your Desktop. If you do not have it, download the suitable version from here to your Desktop.
    • Open Notepad.exe. Do not use any other text editor software;
    • Copy and Paste the contents inside the code-box to your Notepad --
      Start
      CreateRestorePoint:
      CloseProcesses:
      Emptytemp:
      HKLM-x32\...\Run: [] => [X]
      CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
      SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      C:\Program Files (x86)\Google\
      C:\Program Files (x86)\Google\
      CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-06]
      AlternateDataStreams: C:\Windows\avastSS.scr:$CmdTcID
      AlternateDataStreams: C:\Windows\explorer.exe:$CmdTcID
      AlternateDataStreams: C:\Windows\splwow64.exe:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\acmigration.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\aepdu.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\aitstatic.exe:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\apisetschema.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\appidapi.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\appidcertstorecheck.exe:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\appidpolicyconverter.exe:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\appidsvc.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\appraiser.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\audiodg.exe:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\blackbox.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\ci.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\crypt32.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\cryptnet.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\cryptsp.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\cryptsvc.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\cryptui.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\devinv.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\drmmgrtn.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\drmv2clt.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\dxmasf.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\generaltel.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\invagent.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\mf.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\mferror.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\mfpmp.exe:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\MRT.exe:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\msctf.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\msdxm.ocx:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\msmmsp.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\msnetobj.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\msscp.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\mstscax.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\msxml3r.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\nlasvc.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\oleaut32.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\pcadm.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\pcaevts.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\pcalua.exe:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\pcasvc.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\pcawrk.exe:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\perftrack.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\powertracker.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\profsvc.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\quartz.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\rdpcorets.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\RdpGroupPolicyExtension.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\rdpudd.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\rrinstaller.exe:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\scesrv.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\setbcdlocale.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\shell32.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\spoolsv.exe:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\spwmp.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\TSWbPrxy.exe:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\wdi.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\WindowsCodecs.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\winload.efi:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\winload.exe:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\winresume.efi:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\winresume.exe:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\WinSetupUI.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\wintrust.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\wmdrmsdk.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\wmp.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\wmploc.DLL:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\wu.upgrade.ps.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\wuapi.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\wuapp.exe:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\wuauclt.exe:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\wuaueng.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\wucltux.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\wudriver.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\wups.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\wups2.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\wuwebv.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\apisetschema.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\appidapi.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\AudioEng.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\AUDIOKSE.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\AudioSes.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\blackbox.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\clfsw32.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\crypt32.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\cryptnet.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\cryptsp.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\cryptsvc.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\cryptui.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\drmmgrtn.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\drmv2clt.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\dxmasf.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\explorer.exe:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\instnm.exe:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\mf.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\mferror.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\mfpmp.exe:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\mfps.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\msctf.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\msdxm.ocx:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\msnetobj.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\msscp.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\mstscax.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\msxml3r.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\ncsi.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\nlaapi.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\oleaut32.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\quartz.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\rrinstaller.exe:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\scesrv.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\shell32.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\spwmp.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\ubpm.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\user.exe:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\wdi.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\WindowsCodecs.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\wintrust.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\wmdrmsdk.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\wmp.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\WMPhoto.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\wmploc.DLL:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\wuapi.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\wuapp.exe:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\wudriver.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\wups.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\SysWOW64\wuwebv.dll:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\Drivers\appid.sys:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\Drivers\mbam.sys:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\Drivers\mbamchameleon.sys:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\Drivers\mountmgr.sys:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\Drivers\mrxdav.sys:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\Drivers\mwac.sys:$CmdTcID
      AlternateDataStreams: C:\Windows\system32\Drivers\PEAuth.sys:$CmdTcID
      AlternateDataStreams: C:\ProgramData\Temp:5C321E34
      AlternateDataStreams: C:\Users\mel\Desktop\FRST64.exe:$CmdTcID
      AlternateDataStreams: C:\Users\mel\Desktop\FRST64.exe:$CmdZnID
      AlternateDataStreams: C:\Users\mel\Downloads\23242617-1.pdf:$CmdZnID
      AlternateDataStreams: C:\Users\mel\Downloads\23243838-1.pdf:$CmdZnID
      AlternateDataStreams: C:\Users\mel\Downloads\ChromeSetup.exe:$CmdTcID
      AlternateDataStreams: C:\Users\mel\Downloads\ChromeSetup.exe:$CmdZnID
      AlternateDataStreams: C:\Users\mel\Downloads\ThankyouforbeingaFriend.docx:$CmdZnID
      CMD: netsh advfirewall reset
      CMD: netsh advfirewall set allprofiles state on
      End
    • Click on File > Save as...
      • Inside the File Name box type fixlist.txt;
      • From the Save as type drop down list, choose All Files
    • Save the file to your Desktop;
    • Re-run FRST.exe and click Fix;
      • Note: If FRST advises there is a new updated version to be downloaded, do so/allow this.
    • After the completion, a log will be produced;
    • Copy and Paste the contents of the log in your next reply.
 
  • Required Log(s):
    • FRST Fix Log
Regards,
Valinorum
  • 0

#7
mel2015

mel2015

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

this post deleted


Edited by mel2015, 12 June 2015 - 12:59 PM.

  • 0

#8
mel2015

mel2015

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Ignore the previous...wife had Windows defender running so I disabled it and here are the results.

 

Fix result of Farbar Recovery Scan Tool (x64) Version:08-06-2015
Ran by mel at 2015-06-12 13:51:15 Run:2
Running from C:\Users\mel\Desktop
Loaded Profiles: mel (Available Profiles: mel)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
Emptytemp:
HKLM-x32\...\Run: [] => [X]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\Program Files (x86)\Google\
C:\Program Files (x86)\Google\
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-06]
AlternateDataStreams: C:\Windows\avastSS.scr:$CmdTcID
AlternateDataStreams: C:\Windows\explorer.exe:$CmdTcID
AlternateDataStreams: C:\Windows\splwow64.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\acmigration.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aepdu.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aitstatic.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\apisetschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidcertstorecheck.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidpolicyconverter.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appraiser.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\audiodg.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\blackbox.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ci.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\crypt32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptnet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\devinv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\drmmgrtn.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\drmv2clt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxmasf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\generaltel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\invagent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mferror.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfpmp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MRT.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msctf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msdxm.ocx:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msmmsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msnetobj.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msscp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mstscax.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml3r.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nlasvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\oleaut32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcadm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcaevts.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcalua.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcasvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcawrk.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\perftrack.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\powertracker.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\profsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\quartz.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdpcorets.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RdpGroupPolicyExtension.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdpudd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rrinstaller.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\scesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\setbcdlocale.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\shell32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\spoolsv.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\spwmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\TSWbPrxy.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wdi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WindowsCodecs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winload.efi:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winload.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winresume.efi:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winresume.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WinSetupUI.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wintrust.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmdrmsdk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmploc.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wu.upgrade.ps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuapp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuauclt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuaueng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wucltux.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wudriver.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wups.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wups2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuwebv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\apisetschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\appidapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\AudioEng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\AUDIOKSE.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\AudioSes.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\blackbox.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\clfsw32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\crypt32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptnet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\drmmgrtn.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\drmv2clt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dxmasf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\explorer.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\instnm.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mferror.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mfpmp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mfps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msctf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msdxm.ocx:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msnetobj.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msscp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mstscax.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msxml3r.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ncsi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nlaapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\oleaut32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\quartz.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\rrinstaller.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\scesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\shell32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\spwmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ubpm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\user.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wdi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\WindowsCodecs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wintrust.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmdrmsdk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\WMPhoto.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmploc.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wuapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wuapp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wudriver.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wups.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wuwebv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\appid.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mbam.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mbamchameleon.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mountmgr.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxdav.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mwac.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\PEAuth.sys:$CmdTcID
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\Users\mel\Desktop\FRST64.exe:$CmdTcID
AlternateDataStreams: C:\Users\mel\Desktop\FRST64.exe:$CmdZnID
AlternateDataStreams: C:\Users\mel\Downloads\23242617-1.pdf:$CmdZnID
AlternateDataStreams: C:\Users\mel\Downloads\23243838-1.pdf:$CmdZnID
AlternateDataStreams: C:\Users\mel\Downloads\ChromeSetup.exe:$CmdTcID
AlternateDataStreams: C:\Users\mel\Downloads\ChromeSetup.exe:$CmdZnID
AlternateDataStreams: C:\Users\mel\Downloads\ThankyouforbeingaFriend.docx:$CmdZnID
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state on
End
*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value not found.
HKLM\SOFTWARE\Policies\Google => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"C:\Program Files (x86)\Google" => File/Folder not found.
"C:\Program Files (x86)\Google" => File/Folder not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => key not found.
Could not move "C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx" => Scheduled to move on reboot.
"C:\Windows\avastSS.scr" => ":$CmdTcID" ADS not found.
"C:\Windows\explorer.exe" => ":$CmdTcID" ADS not found.
"C:\Windows\splwow64.exe" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\acmigration.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\aeinv.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\aepdu.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\aepic.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\aitstatic.exe" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\apisetschema.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\appidapi.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\appidcertstorecheck.exe" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\appidpolicyconverter.exe" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\appidsvc.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\appraiser.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\audiodg.exe" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\AudioEng.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\AUDIOKSE.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\AudioSes.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\audiosrv.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\blackbox.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\ci.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\crypt32.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\cryptnet.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\cryptsp.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\cryptsvc.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\cryptui.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\devinv.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\drmmgrtn.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\drmv2clt.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\dxmasf.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\EncDump.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\evr.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\generaltel.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\invagent.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\mf.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\mferror.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\mfplat.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\mfpmp.exe" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\mfps.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\MRT.exe" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\msctf.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\msdxm.ocx" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\msmmsp.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\msnetobj.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\msscp.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\mstscax.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\msxml3r.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\nlasvc.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\oleaut32.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\pcadm.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\pcaevts.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\pcalua.exe" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\pcasvc.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\pcawrk.exe" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\perftrack.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\powertracker.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\profsvc.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\qdvd.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\quartz.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\rdpcorets.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\RdpGroupPolicyExtension.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\rdpudd.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\rrinstaller.exe" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\scesrv.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\setbcdlocale.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\shell32.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\spoolsv.exe" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\spwmp.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\TSWbPrxy.exe" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\wdi.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\WindowsCodecs.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\winload.efi" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\winload.exe" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\winresume.efi" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\winresume.exe" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\WinSetupUI.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\wintrust.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\wmdrmsdk.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\wmp.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\wmploc.DLL" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\wu.upgrade.ps.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\wuapi.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\wuapp.exe" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\wuauclt.exe" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\wuaueng.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\wucltux.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\wudriver.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\wups.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\wups2.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\wuwebv.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\apisetschema.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\appidapi.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\AudioEng.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\AUDIOKSE.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\AudioSes.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\blackbox.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\clfsw32.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\crypt32.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\cryptnet.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\cryptsp.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\cryptsvc.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\cryptui.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\drmmgrtn.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\drmv2clt.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\dxmasf.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\evr.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\explorer.exe" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\instnm.exe" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\mf.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\mferror.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\mfplat.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\mfpmp.exe" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\mfps.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\msctf.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\msdxm.ocx" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\msnetobj.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\msscp.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\mstscax.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\msxml3r.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\ncsi.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\nlaapi.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\oleaut32.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\qdvd.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\quartz.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\rrinstaller.exe" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\scesrv.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\shell32.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\spwmp.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\ubpm.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\user.exe" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\wdi.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\WindowsCodecs.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\wintrust.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\wmdrmsdk.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\wmp.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\WMPhoto.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\wmploc.DLL" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\wuapi.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\wuapp.exe" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\wudriver.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\wups.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\wuwebv.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\Drivers\appid.sys" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\Drivers\mbam.sys" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\Drivers\mbamchameleon.sys" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\Drivers\mountmgr.sys" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\Drivers\mrxdav.sys" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\Drivers\mwac.sys" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\Drivers\PEAuth.sys" => ":$CmdTcID" ADS not found.
"C:\ProgramData\Temp" => ":5C321E34" ADS not found.
"C:\Users\mel\Desktop\FRST64.exe" => ":$CmdTcID" ADS not found.
"C:\Users\mel\Desktop\FRST64.exe" => ":$CmdZnID" ADS not found.
"C:\Users\mel\Downloads\23242617-1.pdf" => ":$CmdZnID" ADS not found.
"C:\Users\mel\Downloads\23243838-1.pdf" => ":$CmdZnID" ADS not found.
"C:\Users\mel\Downloads\ChromeSetup.exe" => ":$CmdTcID" ADS not found.
"C:\Users\mel\Downloads\ChromeSetup.exe" => ":$CmdZnID" ADS not found.
"C:\Users\mel\Downloads\ThankyouforbeingaFriend.docx" => ":$CmdZnID" ADS not found.

=========  netsh advfirewall reset =========

Ok.

========= End of CMD: =========

=========  netsh advfirewall set allprofiles state on =========

Ok.

========= End of CMD: =========

EmptyTemp: => 15.5 MB temporary data Removed.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-06-12 13:55:18)<=

"C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx" => Could not move

==== End of Fixlog 13:55:19 ====


  • 0

#9
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,913 posts
Try to install Google Chrome and see if it works.
  • 0

#10
mel2015

mel2015

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Installation failed. The Google Chrome Installer failed to start.


  • 0

Advertisements


#11
mel2015

mel2015

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

I tried three times; once with the standalone installer, once after a reboot.  No luck and the same error message each time.


Edited by mel2015, 13 June 2015 - 11:41 AM.

  • 0

#12
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,913 posts
Please delete the Chrome folder from location: C:\Users\mel\AppData\Local\Google\Chrome\ and try again.
  • 0

#13
mel2015

mel2015

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

C:\Users\mel\   does not contain a folder AppData, so there is nothing to delete.


  • 0

#14
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,913 posts
Enable visibility of hidden files/folders and try again.
  • 0

#15
mel2015

mel2015

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

So before I enabled visibility of hidden filed/folders, I RAN C:\programfiles(x86)\google\update\offline\{55DA3199-C9A3-4687-A2D1-178EEF4B03BE}\{8A69D345-D564-463C-AFF1-A69D9E530F96}\43.0.2357.124_CHROME_INSTALLER.EXE, and was surprised to get chrome to install.  I don't know why it worked,  when it didn't work before using the offline installer. 

 

Is there anything else that should be checked?  The browser seems to be working fine, although it DOES seem like it starts up slower than it used to.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP