Hi,
I'm hoping I can have some help please. My anti virus software all of a sudden stopped providing real time protection. I had Avira Antivirus and it couldn't be enabled. I have then tried various other Antivirus software programs (Avast / AVG) and nothing will enable. I have managed to run scans through various adware removal programs and also Trend Micro online and I'm getting messages saying everything has been cleared, but clearly there is an issue. Windows Defender is also disabled and can't be enabled and neither will Windows Update. So at the moment I'm without updates or virus protection and can't resolve it. Please can I have some help.
Here is my Log:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-07-2015
Ran by Matt (administrator) on MATT-PC on 24-07-2015 22:25:18
Running from C:\Users\Matt\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8GZ22TFM
Loaded Profiles: Matt (Available Profiles: Matt & Jo & Mcx1-MATT-PC)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Windows\PLFSetI.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_18_0_0_209_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-05-27] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [206208 2010-12-04] ()
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-05-27] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [265984 2010-06-28] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-10] (Dritek System Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2011-04-08] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-23] (Apple Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-12-11] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Monitor] => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [118272 2014-07-11] (LeapFrog Enterprises, Inc.)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5844800 2015-04-02] (IObit)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-04-18] (Avast Software s.r.o.)
HKLM-x32\...\RunOnce: [20150107] => C:\Program Files\AVAST Software\Avast\setup\emupdate\e93caa8c-8f35-4e9f-ac67-dbce21c8d2b1.exe [183232 2015-07-24] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1492825921-750369754-554371985-1001\...\Run: [KiesPDLR] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-12-11] (Samsung)
HKU\S-1-5-21-1492825921-750369754-554371985-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4283256 2011-05-13] (Microsoft Corporation)
HKU\S-1-5-21-1492825921-750369754-554371985-1001\...\Run: [EPSON Stylus DX7400 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICDE.EXE [213504 2007-04-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1492825921-750369754-554371985-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-12-11] (Samsung)
HKU\S-1-5-21-1492825921-750369754-554371985-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-12-11] (Samsung)
HKU\S-1-5-21-1492825921-750369754-554371985-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-1492825921-750369754-554371985-1001\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\system32\Macromed\Flash\FlashUtil64_17_0_0_190_ActiveX.exe [623792 2015-06-23] (Adobe Systems Incorporated)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-18] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll [2010-05-27] (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x86\psdprotect.dll [2010-05-27] (Egis Technology Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\S-1-5-21-1492825921-750369754-554371985-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.co.uk/
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.goo...&cc=GB&unqvl=86
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.goo...&cc=GB&unqvl=86
SearchScopes: HKU\S-1-5-21-1492825921-750369754-554371985-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1492825921-750369754-554371985-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1492825921-750369754-554371985-1001 -> {5681C7A8-6D2C-4454-8804-EFC7ACE05B89} URL = http://www.buenosear...rchTerms}&r=805
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-18] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-22] (Google Inc.)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-18] (Avast Software s.r.o.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-22] (Google Inc.)
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-04-01] (IObit)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-07-02] (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-22] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-22] (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{3DE1FAC4-B916-448F-A747-E5A362D2FC66}: [DhcpNameServer] 168.95.1.1
Tcpip\..\Interfaces\{4F5B2ED9-FFBF-4297-BE05-E23927C0EBF7}: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\33xeebnx.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_190.dll [2015-07-01] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-07-01] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-10-01] ()
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2011-07-02] (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\33xeebnx.default\user.js [2014-07-08]
FF SearchPlugin: C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\33xeebnx.default\searchplugins\buenosearch.xml [2014-07-08]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\v9.xml [2014-07-08]
FF Extension: Plus-HD-V1.1 - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\33xeebnx.default\Extensions\59def0ae-3df8-4e87-8551-8d6b609a202a@97824100-f5d8-46fa-8c09-0b959f58c578.com [2014-07-08]
FF Extension: foxfilterinspiredeffectnet - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\33xeebnx.default\Extensions\[email protected] [2015-04-02]
FF Extension: 48 dresses - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\33xeebnx.default\Extensions\[email protected] [2015-04-02]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\33xeebnx.default\Extensions\[email protected] [2015-04-17]
FF Extension: SaleePPlus - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\33xeebnx.default\Extensions\[email protected] [2015-04-16]
FF Extension: SAlePPlus - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\33xeebnx.default\Extensions\[email protected] [2015-04-16]
FF Extension: bestadblocker - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\33xeebnx.default\Extensions\[email protected] [2015-04-16]
FF Extension: SAlePlluis - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\33xeebnx.default\Extensions\[email protected] [2015-04-16]
FF Extension: SalePluus - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\33xeebnx.default\Extensions\[email protected] [2015-04-16]
FF Extension: Firefox Certificate Store Hotfix - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\33xeebnx.default\Extensions\[email protected] [2015-04-17]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\33xeebnx.default\extensions\[email protected]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-04-18]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\my-prefs.js [2015-03-25] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\my.cfg [2015-03-25] <==== ATTENTION
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-23]
CHR Extension: (Google Docs) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-23]
CHR Extension: (Google Drive) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-24]
CHR Extension: (YouTube) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-24]
CHR Extension: (Google Search) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-24]
CHR Extension: (Google Sheets) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-23]
CHR Extension: (Avira Browser Safety) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-08-14]
CHR Extension: (Bookmark Manager) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-07-23]
CHR Extension: (Avast Online Security) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-04-17]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-23]
CHR Extension: (Google Wallet) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-01]
CHR Extension: (Quick start) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-08-14]
CHR Extension: (Gmail) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-24]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-18]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-07-08]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Locked "175b006c71bbd734" service could not be unlocked. <===== ATTENTION
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-18] (Avast Software s.r.o.)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [878912 2015-04-02] (IObit)
R2 LeapFrog Connect Device Service; C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe [7241728 2014-07-11] (LeapFrog Enterprises, Inc.) [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2585408 2015-04-02] (IObit)
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-27] (Egis Technology Inc.)
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
U2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
U5 175b006c71bbd734; C:\Windows\System32\Drivers\175b006c71bbd734.sys [41424 2014-08-25] () <===== ATTENTION Necurs Rootkit?
S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-18] ()
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-04-18] (Avast Software s.r.o.)
S1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-18] (Avast Software s.r.o.)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-18] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-18] (Avast Software s.r.o.)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-18] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-04-18] (Avast Software s.r.o.)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-04-18] ()
S3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2015-03-25] (IObit)
S3 FlashUSB; C:\Windows\System32\DRIVERS\FlashUSB.sys [19968 2013-06-21] (Intel Mobile Communications)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-07-18] () [File not signed]
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [128000 2011-04-27] () [File not signed]
S3 msahci; C:\Windows\system32\drivers\msahci.sys [31104 2010-11-20] () [File not signed]
S3 msdsm; C:\Windows\system32\drivers\msdsm.sys [140672 2010-11-20] () [File not signed]
R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2009-07-14] ()
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-14] () [File not signed]
R0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-14] () [File not signed]
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-14] () [File not signed]
S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-14] () [File not signed]
S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-14] () [File not signed]
S3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [366976 2010-11-20] ()
R1 mssmbios; C:\Windows\system32\drivers\mssmbios.sys [32320 2009-07-14] () [File not signed]
S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-14] () [File not signed]
S3 MTConfig; C:\Windows\system32\DRIVERS\MTConfig.sys [15360 2009-07-14] () [File not signed]
R0 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-14] () [File not signed]
R1 mwlPSDFilter; C:\Windows\System32\DRIVERS\mwlPSDFilter.sys [22576 2009-06-03] () [File not signed]
R1 mwlPSDNServ; C:\Windows\System32\DRIVERS\mwlPSDNServ.sys [20016 2009-06-03] () [File not signed]
R1 mwlPSDVDisk; C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys [60464 2009-06-03] () [File not signed]
R3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-14] () [File not signed]
R0 NDIS; C:\Windows\System32\drivers\ndis.sys [950128 2012-08-22] () [File not signed]
S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-14] () [File not signed]
R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-14] () [File not signed]
R3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56832 2010-11-20] () [File not signed]
R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2010-11-20] () [File not signed]
R3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2010-11-20] ()
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-14] () [File not signed]
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [261632 2010-11-20] () [File not signed]
S3 nfrd960; C:\Windows\system32\DRIVERS\nfrd960.sys [51264 2009-07-14] () [File not signed]
S3 npf; C:\Users\Matt\AppData\Local\Temp\HouseCall32\tmase\nmap\npf\x64\npf.sys [36600 2014-08-19] (Riverbed Technology, Inc.)
S3 nvraid; C:\Windows\system32\drivers\nvraid.sys [148352 2011-03-11] () [File not signed]
S3 nvstor; C:\Windows\system32\drivers\nvstor.sys [166272 2011-03-11] () [File not signed]
S3 nv_agp; C:\Windows\system32\drivers\nv_agp.sys [122960 2009-07-14] () [File not signed]
S3 ohci1394; C:\Windows\system32\drivers\ohci1394.sys [72832 2009-07-14] () [File not signed]
S3 Parport; C:\Windows\system32\DRIVERS\parport.sys [97280 2009-07-14] () [File not signed]
R0 partmgr; C:\Windows\System32\drivers\partmgr.sys [75120 2012-03-17] () [File not signed]
R0 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-20] () [File not signed]
S3 pciide; C:\Windows\system32\drivers\pciide.sys [12352 2009-07-14] () [File not signed]
S3 pcmcia; C:\Windows\system32\DRIVERS\pcmcia.sys [220752 2009-07-14] () [File not signed]
R0 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-14] () [File not signed]
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [651264 2009-07-14] () [File not signed]
R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111104 2010-11-20] () [File not signed]
S3 Processor; C:\Windows\system32\DRIVERS\processr.sys [60416 2009-07-14] () [File not signed]
R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2010-11-20] () [File not signed]
S3 ql2300; C:\Windows\system32\DRIVERS\ql2300.sys [1524816 2009-07-14] () [File not signed]
S3 ql40xx; C:\Windows\system32\DRIVERS\ql40xx.sys [128592 2009-07-14] () [File not signed]
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2009-07-14] () [File not signed]
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-14] () [File not signed]
R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-14] () [File not signed]
R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-14] () [File not signed]
R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-14] () [File not signed]
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2010-11-20] () [File not signed]
S3 rdpbus; C:\Windows\system32\DRIVERS\rdpbus.sys [24064 2009-07-14] () [File not signed]
R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-14] () [File not signed]
R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-14] () [File not signed]
R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-14] () [File not signed]
R3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [210944 2012-04-28] ()
R0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-20] () [File not signed]
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2015-03-25] (IObit.com)
R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-14] () [File not signed]
S3 RSUSBSTOR; C:\Windows\System32\Drivers\RtsUStor.sys [246376 2010-06-17] () [File not signed]
S3 sbp2port; C:\Windows\system32\drivers\sbp2port.sys [103808 2010-11-20] () [File not signed]
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2010-11-20] () [File not signed]
R2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] () [File not signed]
S3 Serenum; C:\Windows\system32\DRIVERS\serenum.sys [23552 2009-07-14] () [File not signed]
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] () [File not signed]
S3 sermouse; C:\Windows\system32\DRIVERS\sermouse.sys [26624 2009-07-14] () [File not signed]
S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [14336 2009-07-14] () [File not signed]
S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [13824 2009-07-14] () [File not signed]
S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [14336 2010-11-20] () [File not signed]
S3 sfloppy; C:\Windows\system32\DRIVERS\sfloppy.sys [16896 2009-07-14] () [File not signed]
R3 Sftfs; C:\Windows\System32\DRIVERS\Sftfslh.sys [767144 2013-06-26] () [File not signed]
R3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaylh.sys [273576 2013-06-26] () [File not signed]
R3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirlh.sys [28840 2013-06-26] () [File not signed]
R3 Sftvol; C:\Windows\System32\DRIVERS\Sftvollh.sys [23208 2013-06-26] () [File not signed]
S3 SiSRaid2; C:\Windows\system32\DRIVERS\SiSRaid2.sys [43584 2009-07-14] () [File not signed]
S3 SiSRaid4; C:\Windows\system32\DRIVERS\sisraid4.sys [80464 2009-07-14] () [File not signed]
S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-14] () [File not signed]
R0 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-14] ()
R3 srv; C:\Windows\System32\DRIVERS\srv.sys [467456 2011-04-29] () [File not signed]
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [410112 2011-04-29] () [File not signed]
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [168448 2011-04-29] () [File not signed]
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [204568 2013-10-28] () [File not signed]
S3 stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [24656 2009-07-14] () [File not signed]
R3 swenum; C:\Windows\system32\drivers\swenum.sys [12496 2009-07-14] () [File not signed]
R3 SynTP; C:\Windows\System32\DRIVERS\SynTP.sys [301104 2009-12-10] () [File not signed]
R0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1903552 2014-04-05] () [File not signed]
S3 TCPIP6; C:\Windows\System32\DRIVERS\tcpip.sys [1903552 2014-04-05] () [File not signed]
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [45568 2012-10-03] () [File not signed]
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-14] () [File not signed]
R3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2012-02-17] () [File not signed]
R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [119296 2010-11-20] () [File not signed]
R1 TermDD; C:\Windows\system32\drivers\termdd.sys [63360 2010-11-20] () [File not signed]
R3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [39936 2013-06-15] () [File not signed]
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [59392 2010-11-20] () [File not signed]
S3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2010-11-20] () [File not signed]
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] () [File not signed]
S3 uagp35; C:\Windows\system32\DRIVERS\uagp35.sys [64080 2009-07-14] () [File not signed]
R3 UBHelper; C:\Windows\system32\drivers\UBHelper.sys [17408 2010-07-09] () [File not signed]
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [328192 2010-11-20] () [File not signed]
S3 uliagpkx; C:\Windows\system32\drivers\uliagpkx.sys [64592 2009-07-14] () [File not signed]
R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [48640 2010-11-20] () [File not signed]
R3 UmPass; C:\Windows\System32\DRIVERS\umpass.sys [9728 2009-07-14] () [File not signed]
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2015-03-25] (IObit.com)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] () [File not signed]
R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [99840 2013-11-27] () [File not signed]
S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [100864 2013-07-12] () [File not signed]
R3 usbehci; C:\Windows\system32\drivers\usbehci.sys [53248 2013-11-27] () [File not signed]
R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2013-11-27] () [File not signed]
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2013-11-27] () [File not signed]
S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [25088 2009-07-14] () [File not signed]
S3 usbscan; C:\Windows\System32\DRIVERS\usbscan.sys [42496 2013-07-03] () [File not signed]
S3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [91648 2011-03-11] () [File not signed]
S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [30720 2013-11-27] () [File not signed]
R3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [185344 2013-07-12] () [File not signed]
R0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-14] () [File not signed]
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-14] () [File not signed]
R1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-14] () [File not signed]
S3 vhdmp; C:\Windows\system32\drivers\vhdmp.sys [215936 2010-11-20] () [File not signed]
S3 viaide; C:\Windows\system32\drivers\viaide.sys [17488 2009-07-14] () [File not signed]
R0 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-20] () [File not signed]
R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-20] () [File not signed]
R0 volsnap; C:\Windows\System32\drivers\volsnap.sys [295808 2010-11-20] () [File not signed]
S3 vsmraid; C:\Windows\system32\DRIVERS\vsmraid.sys [161872 2009-07-14] () [File not signed]
R3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [24576 2009-07-14] () [File not signed]
R1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [59904 2009-07-14] () [File not signed]
S3 WacomPen; C:\Windows\system32\DRIVERS\wacompen.sys [27776 2009-07-14] () [File not signed]
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-20] () [File not signed]
R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-20] () [File not signed]
S3 Wd; C:\Windows\system32\DRIVERS\wd.sys [21056 2009-07-14] () [File not signed]
R0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785624 2013-06-25] () [File not signed]
R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-14] () [File not signed]
S3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [22096 2009-07-14] () [File not signed]
S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [41984 2010-11-20] () [File not signed]
R3 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [14336 2009-07-14] () [File not signed]
S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2009-07-14] () [File not signed]
S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [87040 2012-07-26] () [File not signed]
S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [198656 2012-07-26] () [File not signed]
U5 175b006c71bbd734; <===== ATTENTION Locked Service
========================== Drivers MD5 =======================
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\system32\drivers\aswHwid.sys AA0B7720D0CB89DCC3363E5DBDF3EBB6
C:\Windows\system32\drivers\aswMonFlt.sys 3B154DDD747CBAC31E33B276800736B0
C:\Windows\system32\drivers\aswRdr2.sys CF1BFE4B95F0626C10E96A48B9B8EAC6
C:\Windows\System32\Drivers\aswRvrt.sys 67C5C6F9DE8F6B43372EDADEBAD85E67
C:\Windows\system32\drivers\aswSnx.sys BE3D7AC282909F1352742F98DA2C9D18
C:\Windows\system32\drivers\aswSP.sys 2EF2CB17A9C46AE16276A15EF2F3AF74
C:\Windows\system32\drivers\aswStm.sys D4408FE64734D8DA69AB699D8A4AEF0D
C:\Windows\System32\Drivers\aswVmm.sys 8DF6664681FF5ADDBEB0D749B85B6544
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\athrx.sys E642491F64E58CD5BC8FB8B347DCF65F
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ssudbus.sys 955FFE2B1D74A9E0E3E0E558E6A17F3B
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys D409D4A4517865131999FAC96D366CBF
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\FlashUSB.sys 322761FBC5D9439EE46FA997B4F88064
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\SysWOW64\FsUsbExDisk.SYS DDEE99DC54EFA20BD5A442CD733C4462
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HECIx64.sys B6AC71AAA2B10848F57FC49D55A651AF
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStor.sys 1384872112E8E7FD5786ECEB8BDDF4C9
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\igdkmd64.sys 677AA5991026A65ADA128C4B59CF2BAD
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Impcd.sys DD587A55390ED2295BCE6D36AD567DA9
C:\Windows\System32\drivers\RTKVHD64.sys 235362D403D9D677514649D88DB31914
C:\Windows\System32\DRIVERS\IntcDAud.sys 03C74719D48056A1078F3A51CEB76BAA
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\k57nd60a.sys 37E053A2CF8F0082B689ED74106E0CEC
C:\Windows\system32\drivers\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 353009DEDF918B2A51414F330CF72DEC
C:\Windows\System32\Drivers\ksecpkg.sys 1C2D8E18AA8FD50CD04C15CC27F7F5AB
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\system32\drivers\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\drivers\msahci.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\drivers\msdsm.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\Drivers\Msfs.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\drivers\mshidkmdf.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\drivers\msisadrv.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\drivers\MSKSSRV.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\drivers\MSPCLOCK.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\drivers\MSPQM.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\Drivers\MsRPC.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\drivers\mssmbios.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\drivers\MSTEE.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\DRIVERS\MTConfig.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\Drivers\mup.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\mwlPSDFilter.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\mwlPSDNServ.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\nwifi.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\drivers\ndis.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\ndiscap.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\ndistapi.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\ndisuio.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\ndiswan.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\Drivers\NDProxy.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\netbios.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\netbt.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\DRIVERS\nfrd960.sys D41D8CD98F00B204E9800998ECF8427E
C:\Users\Matt\AppData\Local\Temp\HouseCall32\tmase\nmap\npf\x64\npf.sys DE7FCC77F4A503AF4CA6A47D49B3713D
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\system32\drivers\NTIDrvr.sys EE3BA1024594D5D09E314F206B94069E
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\drivers\nvstor.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\drivers\nv_agp.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\drivers\ohci1394.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\DRIVERS\parport.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\drivers\partmgr.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\drivers\pci.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\drivers\pciide.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\DRIVERS\pcmcia.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\drivers\pcw.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\drivers\peauth.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\raspptp.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\DRIVERS\processr.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\pacer.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\DRIVERS\ql2300.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\DRIVERS\ql40xx.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\drivers\qwavedrv.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\rasacd.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\raspppoe.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\rassstp.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\rdbss.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\DRIVERS\rdpbus.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\RDPCDD.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\drivers\rdpencdd.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\drivers\rdprefmp.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\Drivers\RDPWD.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\drivers\rdyboost.sys D41D8CD98F00B204E9800998ECF8427E
C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys 5623E2CC4F1F6DE24BE9DB3319E42D23
C:\Windows\System32\DRIVERS\rspndr.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\Drivers\RtsUStor.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\drivers\sbp2port.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\scfilter.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\Drivers\secdrv.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\DRIVERS\serenum.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\DRIVERS\serial.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\DRIVERS\sermouse.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\drivers\sffdisk.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\drivers\sffp_mmc.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\drivers\sffp_sd.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\DRIVERS\sfloppy.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\Sftfslh.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\Sftplaylh.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\Sftredirlh.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\Sftvollh.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\DRIVERS\SiSRaid2.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\DRIVERS\sisraid4.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\smb.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\Drivers\spldr.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\srv.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\srv2.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\srvnet.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\ssudmdm.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\DRIVERS\stexstor.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\drivers\swenum.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\SynTP.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\drivers\tcpip.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\tcpip.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\drivers\tcpipreg.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\drivers\tdpipe.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\drivers\tdtcp.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\tdx.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\drivers\termdd.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\tssecsrv.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\drivers\tsusbflt.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\tunnel.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\TurboB.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\DRIVERS\uagp35.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\drivers\UBHelper.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\udfs.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\drivers\uliagpkx.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\umbus.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\umpass.sys D41D8CD98F00B204E9800998ECF8427E
C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys 893A6B67C8AA502648AD946CF50DDFD1
C:\Windows\System32\Drivers\usbaapl64.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\usbccgp.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\drivers\usbcir.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\drivers\usbehci.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\usbhub.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\drivers\usbohci.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\usbprint.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\usbscan.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\USBSTOR.SYS D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\drivers\usbuhci.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\Drivers\usbvideo.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\drivers\vdrvroot.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\vgapnp.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\drivers\vga.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\drivers\vhdmp.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\drivers\viaide.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\drivers\volmgr.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\drivers\volmgrx.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\drivers\volsnap.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\DRIVERS\vsmraid.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\vwifibus.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\vwififlt.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\DRIVERS\wacompen.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\wanarp.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\wanarp.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\DRIVERS\wd.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\drivers\Wdf01000.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\wfplwf.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\drivers\wimmount.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\drivers\wmiacpi.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\drivers\ws2ifsl.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\drivers\WudfPf.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\WUDFRd.sys D41D8CD98F00B204E9800998ECF8427E
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-24 22:24 - 2015-07-24 22:25 - 00000000 ____D C:\FRST
2015-07-23 12:42 - 2015-07-23 12:47 - 00000281 _____ C:\Users\Matt\Desktop\IMAC Comparison.txt
2015-07-18 22:10 - 2015-07-24 14:38 - 00000000 ____D C:\Users\Matt\AppData\Local\{E7DF2EB8-FD6E-4D97-947F-8195E6F3E7D2}
2015-07-11 11:02 - 2015-07-11 11:02 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-11 09:01 - 2015-07-11 09:02 - 00000000 ____D C:\Users\Jo\AppData\Local\{252270E9-4272-4809-9F13-3FC4FC5EC7E3}
2015-07-05 00:37 - 2015-07-10 18:32 - 00000000 ____D C:\Users\Matt\AppData\Local\{273F4760-3105-46FE-9F60-7FB0FA96E33C}
2015-06-28 22:45 - 2015-07-04 07:14 - 00000000 ____D C:\Users\Matt\AppData\Local\{AF14753A-D933-4377-B0D3-0E0718943F04}
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-24 22:15 - 2015-04-02 09:15 - 00001312 _____ C:\Windows\Tasks\48_dresses_notification_service.job
2015-07-24 22:13 - 2014-07-08 22:13 - 00003112 _____ C:\Windows\Tasks\a3de7ad0-a595-4db3-885a-a7cfd62c8e3d-3.job
2015-07-24 22:13 - 2014-07-08 22:13 - 00002198 _____ C:\Windows\Tasks\a3de7ad0-a595-4db3-885a-a7cfd62c8e3d-4.job
2015-07-24 22:13 - 2014-07-08 22:13 - 00001532 _____ C:\Windows\Tasks\a3de7ad0-a595-4db3-885a-a7cfd62c8e3d-1.job
2015-07-24 22:13 - 2014-07-08 22:13 - 00001528 _____ C:\Windows\Tasks\a3de7ad0-a595-4db3-885a-a7cfd62c8e3d-6.job
2015-07-24 22:13 - 2014-07-08 22:13 - 00001462 _____ C:\Windows\Tasks\a3de7ad0-a595-4db3-885a-a7cfd62c8e3d-7.job
2015-07-24 22:13 - 2014-07-08 22:13 - 00001448 _____ C:\Windows\Tasks\a3de7ad0-a595-4db3-885a-a7cfd62c8e3d-5_user.job
2015-07-24 22:13 - 2014-07-08 22:13 - 00001430 _____ C:\Windows\Tasks\a3de7ad0-a595-4db3-885a-a7cfd62c8e3d-5.job
2015-07-24 22:13 - 2014-07-08 22:13 - 00001348 _____ C:\Windows\Tasks\a3de7ad0-a595-4db3-885a-a7cfd62c8e3d-2.job
2015-07-24 22:13 - 2014-07-08 22:13 - 00001278 _____ C:\Windows\Tasks\a3de7ad0-a595-4db3-885a-a7cfd62c8e3d-10.job
2015-07-24 22:13 - 2014-07-08 22:13 - 00000576 _____ C:\Windows\Tasks\a3de7ad0-a595-4db3-885a-a7cfd62c8e3d-11.job
2015-07-24 22:04 - 2012-11-10 17:16 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-24 22:03 - 2011-12-21 22:22 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-24 21:45 - 2015-04-02 09:15 - 00000674 _____ C:\Windows\Tasks\48_dresses_updating_service.job
2015-07-24 14:46 - 2011-12-21 22:22 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-24 14:38 - 2015-04-02 09:15 - 00000994 _____ C:\Windows\Tasks\qflnTLaE9hxkp.job
2015-07-23 19:23 - 2012-11-10 17:16 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-23 19:23 - 2012-11-10 17:16 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-23 19:23 - 2011-09-18 10:28 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-20 07:31 - 2012-01-29 23:46 - 00024264 _____ C:\Users\Matt\Downloads\House expenses.xlsx
2015-07-19 08:04 - 2011-12-21 22:32 - 00002187 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-19 07:58 - 2011-12-21 22:22 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-19 07:58 - 2011-12-21 22:22 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-18 22:17 - 2009-07-14 05:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-18 22:17 - 2009-07-14 05:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-18 22:09 - 2011-05-12 17:35 - 00000000 ____D C:\Users\Matt\Tracing
2015-07-18 22:08 - 2015-04-18 01:47 - 00001480 _____ C:\Windows\setupact.log
2015-07-18 22:08 - 2012-05-30 21:02 - 00000408 _____ C:\Windows\Tasks\PC Optimizer Pro64 startups.job
2015-07-18 22:08 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-11 09:00 - 2011-11-16 14:24 - 00000000 ____D C:\Users\Jo\Tracing
2015-07-11 08:59 - 2009-07-14 05:45 - 00414704 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-28 22:43 - 2015-04-18 01:46 - 00360944 _____ C:\Windows\PFRO.log
2015-06-28 22:43 - 2013-03-15 17:09 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-06-28 22:43 - 2013-03-15 17:09 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-06-25 17:05 - 2011-05-10 20:24 - 00000000 ____D C:\Users\Matt\AppData\Roaming\SoftGrid Client
2015-06-24 18:27 - 2015-05-26 19:40 - 00000000 ____D C:\Users\Jo\AppData\Local\{8A3CB51E-98AB-45BB-BF46-EC81C91AE3E2}
==================== Files in the root of some directories =======
2014-07-08 22:07 - 2014-07-08 22:08 - 0001256 _____ () C:\Users\Matt\AppData\Roaming\Bubble Dock.boostrap.log
2014-07-08 22:07 - 2014-07-08 22:08 - 0009027 _____ () C:\Users\Matt\AppData\Roaming\Bubble Dock.installation.log
2013-11-26 00:16 - 2013-11-26 00:16 - 0025757 _____ () C:\Users\Matt\AppData\Roaming\UserTile.png
2011-11-09 14:16 - 2015-04-18 15:32 - 0105348 _____ () C:\Users\Matt\AppData\Local\ars.cache
2011-11-09 14:21 - 2015-04-18 15:33 - 7219139 _____ () C:\Users\Matt\AppData\Local\census.cache
2011-11-09 12:09 - 2011-11-09 12:09 - 0000036 _____ () C:\Users\Matt\AppData\Local\housecall.guid.cache
2015-04-17 00:35 - 2015-04-18 08:43 - 0000010 _____ () C:\Users\Matt\AppData\Local\sponge.last.runtime.cache
2010-08-30 10:12 - 2010-03-02 23:59 - 0131984 _____ () C:\ProgramData\FullRemove.exe
Some files in TEMP:
====================
C:\Users\Jo\AppData\Local\Temp\AskSLib.dll
C:\Users\Jo\AppData\Local\Temp\avgnt.exe
C:\Users\Jo\AppData\Local\Temp\GoogleToolbarInstaller_en32_signed.exe
C:\Users\Jo\AppData\Local\Temp\MSN4A2C.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe IS MISSING <==== ATTENTION!.
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys
[2011-06-02 15:55] - [2010-11-20 14:34] - 0295808 ____A () D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\Drivers\volsnap.sys No Company Name <===== ATTENTION!
testsigning: ==> testsigning is on. Check for possible unsigned rootkit driver <===== ATTENTION!
==================== BCD ================================
Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=\Device\HarddiskVolume2
description Windows Boot Manager
locale en-US
inherit {globalsettings}
default {current}
resumeobject {97b4ea67-ffa5-11df-a62b-dbd01fb2883b}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Windows Boot Loader
-------------------
identifier {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale en-US
inherit {bootloadersettings}
recoverysequence {97b4ea69-ffa5-11df-a62b-dbd01fb2883b}
recoveryenabled Yes
testsigning Yes
osdevice partition=C:
systemroot \Windows
resumeobject {97b4ea67-ffa5-11df-a62b-dbd01fb2883b}
nx OptIn
Windows Boot Loader
-------------------
identifier {97b4ea69-ffa5-11df-a62b-dbd01fb2883b}
device ramdisk=[C:]\Recovery\97b4ea69-ffa5-11df-a62b-dbd01fb2883b\Winre.wim,{97b4ea6a-ffa5-11df-a62b-dbd01fb2883b}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\97b4ea69-ffa5-11df-a62b-dbd01fb2883b\Winre.wim,{97b4ea6a-ffa5-11df-a62b-dbd01fb2883b}
systemroot \windows
nx OptIn
winpe Yes
Resume from Hibernate
---------------------
identifier {97b4ea67-ffa5-11df-a62b-dbd01fb2883b}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale en-US
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No
Windows Memory Tester
---------------------
identifier {memdiag}
device partition=\Device\HarddiskVolume2
path \boot\memtest.exe
description Windows Memory Diagnostic
locale en-US
inherit {globalsettings}
badmemoryaccess Yes
EMS Settings
------------
identifier {emssettings}
bootems Yes
Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
RAM Defects
-----------
identifier {badmemory}
Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}
Device options
--------------
identifier {97b4ea6a-ffa5-11df-a62b-dbd01fb2883b}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\97b4ea69-ffa5-11df-a62b-dbd01fb2883b\boot.sdi
LastRegBack: 2015-06-11 07:28
==================== End of log ============================
Thanks,
Matt