Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Acer Timeline 4810 slow and hangs up


  • Please log in to reply

#1
xppc

xppc

    Member

  • Member
  • PipPipPip
  • 147 posts

I have an acer timeline 4810t runninb windows 7 home premium sp 1 64 bit . intel core 2 solo cpu u3500 1.4ghz, 4gb memory.

 

i have comodo antivirus.

 

i have been having issues with slow boot up and sometime shutdown times. When i open firefox, it sometimes hangs and often i get a script error message. I have used the refresh as suggests by mozilla but still the cpu usage goes to 100% and the computer locks up.

 

I also am still having problems with skype voice and video when trying to do conference call. there is no problem when using yahoo im. another friend with an acer has no issues using voice or video on skype.

 

I am considering doing a factory restore and starting over again but thought i would visit my friends on geekstogo again.

 

thanks in advance for your help

 

below ar the frst log files

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-08-2015
Ran by Eddy (administrator) on EDDY-PC (21-08-2015 11:53:32)
Running from C:\Users\Eddy\Desktop
Loaded Profiles: Eddy (Available Profiles: Eddy)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
() C:\Windows\PLFSetI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
() C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe
(Innovative Solutions) C:\Program Files (x86)\Innovative Solutions\DriverMax\innostp.exe
( ) C:\Windows\System32\lxeecoms.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Acer Incorporated) C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
() C:\Windows\snuvcdsm.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
() C:\Program Files (x86)\Lexmark Pro700 Series\lxeemon.exe
() C:\Program Files (x86)\Lexmark Pro700 Series\ezprint.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\EpmNews.exe
() C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Innovative Solutions) C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Comodo Inc.) C:\Program Files (x86)\Comodo\IceDragon\icedragon.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdupd.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Microsoft Corporation) C:\Windows\System32\CompatTel\wicainventory.exe
(Mozilla Corporation) C:\Program Files (x86)\Comodo\IceDragon\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [lxeemon.exe] => C:\Program Files (x86)\Lexmark Pro700 Series\lxeemon.exe [772712 2013-01-30] ()
HKLM\...\Run: [EzPrint] => C:\Program Files (x86)\Lexmark Pro700 Series\ezprint.exe [150264 2013-01-30] ()
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2008-07-29] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-18] (Synaptics Incorporated)
HKLM\...\Run: [ODDPwr] => C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe [221728 2009-09-04] (Acer Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [496160 2009-10-02] (Acer Incorporated)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1427648 2015-08-18] (COMODO)
HKLM\...\Run: [PLFSetL] => C:\Windows\PLFSetL.exe [99712 2015-02-18] (Sonix Technology Co., Ltd.)
HKLM\...\Run: [SNUVCDSM] => C:\Windows\snuvcdsm.exe [30080 2015-02-18] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [FileTransferForMobileGo] => C:\Program Files (x86)\Wondershare\MobileGo for Android\FileTransfer.exe [336272 2014-11-05] (Wondershare)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\EpmNews.exe [2086568 2014-03-06] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [EaseUS EPM Tray Agent] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe [254024 2014-02-13] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-09-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1157640 2009-08-18] (Dritek System Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2015-08-20] (Comodo Security Solutions, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2949447929-3806749029-1979589009-1000\...\Run: [Viber] => C:\Users\Eddy\AppData\Local\Viber\Viber.exe [80036560 2015-05-25] ()
HKU\S-1-5-21-2949447929-3806749029-1979589009-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-2949447929-3806749029-1979589009-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7930136 2015-08-12] (SUPERAntiSpyware)
HKU\S-1-5-21-2949447929-3806749029-1979589009-1000\...\Run: [DriverMax] => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [8921128 2015-07-24] (Innovative Solutions)
HKU\S-1-5-21-2949447929-3806749029-1979589009-1000\...\Run: [DriverMax_RESTART] => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [8921128 2015-07-24] (Innovative Solutions)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk [2015-08-20]
ShortcutTarget: Start GeekBuddy.lnk -> C:\Program Files (x86)\Comodo\GeekBuddy\launcher.exe (Comodo Security Solutions, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MobileGo Service.lnk [2015-02-08]
ShortcutTarget: MobileGo Service.lnk -> C:\Program Files (x86)\Wondershare\MobileGo for Android\MobileGoService.exe (Wondershare)
BootExecute: 0Õ

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{60F4962F-BD99-4C60-ABC1-B5558A7B3F69}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Eddy\AppData\Roaming\Mozilla\Firefox\Profiles\dhxtksxt.default-1435073473531
FF Homepage: hxxps://my.yahoo.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-06-28] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-28] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-05-07] (Adobe Systems, Inc.)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2949447929-3806749029-1979589009-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Eddy\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-11-30] (Citrix Online)

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

BFE" service could not be unlocked. <===== ATTENTION

U2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2015-05-10] (SUPERAntiSpyware.com)
S2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70848 2015-08-20] (Comodo Security Solutions, Inc.)
U2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5542472 2015-08-18] (COMODO)
U3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265792 2015-08-18] (COMODO)
U2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [1994936 2015-06-26] (Comodo)
U2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [786976 2009-10-02] (Acer Incorporated)
U2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2015-08-20] (Comodo Security Solutions, Inc.)
U2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-05-22] (Hewlett-Packard Company)
U2 IceDragonUpdater; C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe [1971384 2015-06-22] ()
U2 lxeeCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxeeserv.exe [45736 2015-08-19] (Lexmark International, Inc.)
S2 lxee_device; C:\Windows\system32\lxeecoms.exe [1052328 2010-04-14] ( )
S2 lxee_device; C:\Windows\SysWOW64\lxeecoms.exe [598696 2010-04-14] ( )
U2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
U3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
U2 ODDPwrSvc; C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [158240 2009-09-04] (Acer Incorporated)
U2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-30] (DEVGURU Co., LTD.)
U3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1903552 2014-04-04] (Microsoft Corporation)
U5 ACPI; C:\Windows\System32\drivers\ACPI.sys [334208 2010-11-20] (Microsoft Corporation)
U5 amdkmafd; C:\Windows\System32\DRIVERS\amdkmafd.sys [21600 2015-04-13] (Advanced Micro Devices, Inc.)
U5 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2011-03-11] (Advanced Micro Devices)
U5 atapi; C:\Windows\System32\drivers\atapi.sys [24128 2009-07-13] (Microsoft Corporation)
U5 CLFS; C:\Windows\System32\CLFS.sys [367552 2015-04-15] (Microsoft Corporation)
U1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [21184 2015-08-04] (COMODO)
U1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [806032 2015-08-04] (COMODO)
U1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [45856 2015-08-04] (COMODO)
U5 CNG; C:\Windows\System32\Drivers\cng.sys [459336 2015-03-12] (Microsoft Corporation)
U5 Compbatt; C:\Windows\System32\DRIVERS\compbatt.sys [21584 2009-07-13] (Microsoft Corporation)
U5 Disk; C:\Windows\System32\drivers\disk.sys [73280 2009-07-13] (Microsoft Corporation)
U3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] () [File not signed]
U3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] () [File not signed]
U3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] () [File not signed]
U3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [File not signed]
U5 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-13] (Microsoft Corporation)
U5 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-20] (Microsoft Corporation)
U5 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23408 2012-03-01] (Microsoft Corporation)
U5 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223752 2013-01-24] (Microsoft Corporation)
U5 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-20] (Microsoft Corporation)
U5 iaStor; C:\Windows\System32\DRIVERS\iaStor.sys [408600 2009-06-04] (Intel Corporation)
U1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [105096 2015-08-04] (COMODO)
U5 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95680 2015-07-14] (Microsoft Corporation)
U5 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [155584 2015-07-14] (Microsoft Corporation)
U3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2015-03-19] (Qualcomm Atheros Co., Ltd.)
U5 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94656 2015-03-12] (Microsoft Corporation)
U5 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-05-14] (Microsoft Corporation)
U5 msahci; C:\Windows\System32\drivers\msahci.sys [31104 2010-11-20] (Microsoft Corporation)
U5 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-13] (Microsoft Corporation)
U5 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-13] (Microsoft Corporation)
U5 MxEFUF; C:\Windows\System32\DRIVERS\MxEFUF64.sys [157696 2015-03-23] (Matrox Graphics Inc.)
U5 NDIS; C:\Windows\System32\drivers\ndis.sys [950128 2012-08-22] (Microsoft Corporation)
U2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-05-14] (Microsoft Corporation)
U5 partmgr; C:\Windows\System32\drivers\partmgr.sys [75120 2012-03-17] (Microsoft Corporation)
U5 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-20] (Microsoft Corporation)
U5 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-13] (Microsoft Corporation)
U3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2015-08-19] (Panda Security, S.L.)
U5 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-20] (Microsoft Corporation)
U1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
U1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
U3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [42696 2015-08-20] (Synaptics Incorporated)
U3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806592 2015-02-18] ()
U5 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-13] (Microsoft Corporation)
U3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16056 2015-06-05] (SlimWare Utilities, Inc.)
U3 v3DDKAdapterKmode; C:\Windows\System32\DRIVERS\v3DDKAdapterKmode.sys [130424 2015-06-01] (datronicsoft)
U5 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-13] (Microsoft Corporation)
U5 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-20] (Microsoft Corporation)
U5 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-20] (Microsoft Corporation)
U5 volsnap; C:\Windows\System32\drivers\volsnap.sys [295808 2010-11-20] (Microsoft Corporation)
U5 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785624 2013-06-25] (Microsoft Corporation)
U5 BFE;  <===== ATTENTION: Locked Service
U3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
U3 RSUSBSTOR; System32\Drivers\RtsUStor.sys [X]
U3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
U3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-21 11:53 - 2015-08-21 11:55 - 00019834 _____ C:\Users\Eddy\Desktop\FRST.txt
2015-08-21 11:27 - 2015-08-21 11:54 - 00000000 ____D C:\FRST
2015-08-21 11:24 - 2015-08-21 11:25 - 02173952 _____ (Farbar) C:\Users\Eddy\Desktop\FRST64.exe
2015-08-21 01:48 - 2015-08-21 01:48 - 00468668 _____ C:\Users\Eddy\AppData\Local\census.cache
2015-08-21 01:48 - 2015-08-21 01:48 - 00181948 _____ C:\Users\Eddy\AppData\Local\ars.cache
2015-08-21 01:37 - 2015-08-21 01:37 - 00000010 _____ C:\Users\Eddy\AppData\Local\sponge.last.runtime.cache
2015-08-21 01:34 - 2015-08-21 01:34 - 00002697 _____ C:\Users\Public\Desktop\Skype.lnk
2015-08-21 01:34 - 2015-08-21 01:34 - 00002697 _____ C:\ProgramData\Desktop\Skype.lnk
2015-08-21 01:34 - 2015-08-21 01:34 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-21 01:34 - 2015-08-21 01:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-21 01:11 - 2015-08-21 01:13 - 00307352 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2015-08-21 01:11 - 2015-08-21 01:11 - 00000036 _____ C:\Users\Eddy\AppData\Local\housecall.guid.cache
2015-08-21 01:10 - 2015-08-21 01:10 - 02494944 _____ (Trend Micro Inc.) C:\Users\Eddy\Downloads\HousecallLauncher64.exe
2015-08-20 20:50 - 2015-08-20 20:51 - 01806216 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2015-08-20 20:50 - 2015-08-20 20:51 - 00042696 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2015-08-20 19:18 - 2015-08-20 19:18 - 00000000 ____D C:\Program Files\Realtek
2015-08-20 17:51 - 2015-08-20 17:51 - 00002043 _____ C:\Users\Public\Desktop\GeekBuddy.lnk
2015-08-20 17:51 - 2015-08-20 17:51 - 00002043 _____ C:\ProgramData\Desktop\GeekBuddy.lnk
2015-08-20 17:51 - 2015-08-20 17:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo Security Solutions Inc
2015-08-19 20:58 - 2015-08-19 20:58 - 01564121 _____ C:\ProgramData\SPL5714.tmp
2015-08-19 20:44 - 2015-08-19 20:44 - 01043237 _____ C:\ProgramData\SPL1E4.tmp
2015-08-19 02:52 - 2015-08-19 01:27 - 00047632 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2015-08-19 01:28 - 2015-08-19 01:28 - 00001286 _____ C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
2015-08-19 01:28 - 2015-08-19 01:28 - 00001286 _____ C:\ProgramData\Desktop\Panda Cloud Cleaner.lnk
2015-08-19 01:27 - 2015-08-19 01:27 - 00000000 ____D C:\Program Files (x86)\Panda Security
2015-08-19 01:22 - 2015-08-19 01:25 - 32518056 _____ (Panda Security ) C:\Users\Eddy\Downloads\PandaCloudCleaner.exe
2015-08-18 22:50 - 2015-08-18 22:50 - 17334297 _____ C:\Users\Eddy\Downloads\usb140201.zip
2015-08-18 15:34 - 2015-08-18 15:34 - 00000000 ____D C:\Users\Eddy\Documents\New Ebooks & Audio
2015-08-18 15:18 - 2015-08-18 15:18 - 00000000 ____D C:\Users\Eddy\Desktop\MCWE books
2015-08-18 14:52 - 2015-08-18 15:29 - 00000000 ____D C:\Users\Eddy\Documents\resumes
2015-08-17 22:44 - 2015-08-18 12:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-17 18:03 - 2015-08-17 18:03 - 29558024 _____ (Anmosoft, Inc. ) C:\Users\Eddy\Downloads\WindowsPasswordResetStandardDemoSetup.exe
2015-07-28 11:11 - 2015-07-28 11:12 - 00000000 ____D C:\Users\Eddy\Desktop\Mindvalley Academy
2015-07-25 13:44 - 2015-07-25 13:44 - 00000000 ____D C:\Users\Eddy\AppData\Local\CEF
2015-07-25 13:27 - 2015-08-20 10:24 - 00068260 _____ C:\ProgramData\lxeeJSW.log
2015-07-25 11:38 - 2015-07-25 11:42 - 00000000 ____D C:\Users\Eddy\Desktop\Manifestation Miracle
2015-07-24 17:48 - 2015-07-24 17:48 - 05896376 _____ (Innovative Solutions ) C:\Users\Eddy\Downloads\drivermax_7_63_cnet.exe
2015-07-22 15:24 - 2015-07-22 15:25 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-22 15:24 - 2015-07-22 15:24 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-22 15:24 - 2015-07-22 15:24 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-22 15:24 - 2015-07-22 15:24 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-22 15:24 - 2015-07-14 23:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-22 15:24 - 2015-07-14 23:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-22 15:24 - 2015-07-14 23:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-22 15:24 - 2015-07-14 22:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-22 15:24 - 2015-07-14 21:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-22 15:24 - 2015-07-14 21:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-21 11:51 - 2015-05-31 16:10 - 00000652 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2949447929-3806749029-1979589009-1000.job
2015-08-21 11:51 - 2014-10-28 15:19 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat
2015-08-21 11:47 - 2014-10-20 16:09 - 01553305 _____ C:\Windows\WindowsUpdate.log
2015-08-21 11:42 - 2014-10-29 01:42 - 03882650 _____ C:\Windows\system32\Drivers\fvstore.dat
2015-08-21 10:41 - 2009-07-14 00:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-21 10:41 - 2009-07-14 00:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-21 10:34 - 2015-06-06 00:27 - 00002832 _____ C:\Windows\System32\Tasks\SlimDrivers Startup
2015-08-21 10:34 - 2015-06-06 00:27 - 00000408 _____ C:\Windows\Tasks\SlimDrivers Startup.job
2015-08-21 10:33 - 2015-05-12 11:37 - 00003460 _____ C:\Windows\System32\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c
2015-08-21 10:31 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-21 10:31 - 2009-07-14 00:51 - 00081417 _____ C:\Windows\setupact.log
2015-08-21 01:45 - 2014-10-28 11:09 - 00000000 ____D C:\Users\Eddy\AppData\Roaming\Skype
2015-08-21 01:35 - 2014-10-28 11:09 - 00000000 ____D C:\ProgramData\Skype
2015-08-20 20:54 - 2014-10-20 16:58 - 00134960 _____ C:\Windows\DPINST.LOG
2015-08-20 19:04 - 2014-10-20 16:36 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-20 19:01 - 2014-10-20 16:39 - 00000000 ___HD C:\Program Files (x86)\Temp
2015-08-20 18:12 - 2014-10-20 16:39 - 02825944 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2015-08-20 17:51 - 2014-10-28 15:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2015-08-20 10:10 - 2010-11-20 23:47 - 00047288 _____ C:\Windows\PFRO.log
2015-08-19 22:57 - 2009-07-13 20:35 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\wiafbdrv.dll
2015-08-19 22:17 - 2009-07-14 01:13 - 00891680 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-19 19:14 - 2015-01-03 21:57 - 00000000 ____D C:\Users\Eddy\Desktop\Scouts 2015
2015-08-19 02:51 - 2015-03-01 15:26 - 00000000 ____D C:\Users\Eddy\Desktop\iso's
2015-08-19 01:28 - 2014-10-20 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2015-08-18 15:20 - 2015-07-04 15:11 - 00000000 ____D C:\Users\Eddy\Desktop\br ideas
2015-08-18 12:59 - 2014-10-28 11:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-18 11:28 - 2014-10-28 15:19 - 00001985 _____ C:\Users\Public\Desktop\COMODO Internet Security.lnk
2015-08-18 11:28 - 2014-10-28 15:19 - 00001985 _____ C:\ProgramData\Desktop\COMODO Internet Security.lnk
2015-08-17 17:31 - 2015-05-31 16:10 - 00003674 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-2949447929-3806749029-1979589009-1000
2015-08-17 17:31 - 2014-11-30 14:17 - 00003578 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-2949447929-3806749029-1979589009-1000
2015-08-17 17:31 - 2014-11-30 14:17 - 00000556 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2949447929-3806749029-1979589009-1000.job
2015-08-17 01:22 - 2015-05-10 12:12 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-08-04 20:31 - 2013-01-16 19:51 - 00806032 _____ (COMODO) C:\Windows\system32\Drivers\cmdguard.sys
2015-08-04 20:31 - 2013-01-16 19:51 - 00105096 _____ (COMODO) C:\Windows\system32\Drivers\inspect.sys
2015-08-04 20:31 - 2013-01-16 19:51 - 00045856 _____ (COMODO) C:\Windows\system32\Drivers\cmdhlp.sys
2015-08-04 20:31 - 2013-01-16 19:51 - 00021184 _____ (COMODO) C:\Windows\system32\Drivers\cmderd.sys
2015-08-04 20:29 - 2013-01-24 22:43 - 00579408 _____ (COMODO) C:\Windows\system32\guard64.dll
2015-08-04 20:29 - 2013-01-24 22:43 - 00445472 _____ (COMODO) C:\Windows\SysWOW64\guard32.dll
2015-08-04 20:29 - 2013-01-24 22:43 - 00041224 _____ (COMODO) C:\Windows\system32\cmdcsr.dll
2015-08-04 20:28 - 2013-01-24 22:42 - 00358080 _____ (COMODO) C:\Windows\system32\cmdvrt64.dll
2015-08-04 20:28 - 2013-01-24 22:42 - 00045760 _____ (COMODO) C:\Windows\system32\cmdkbd64.dll
2015-08-04 20:27 - 2013-01-24 22:42 - 00288448 _____ (COMODO) C:\Windows\SysWOW64\cmdvrt32.dll
2015-08-04 20:26 - 2013-01-24 22:42 - 00040640 _____ (COMODO) C:\Windows\SysWOW64\cmdkbd32.dll
2015-07-30 00:19 - 2014-11-30 14:45 - 00000000 ____D C:\Users\Eddy\Desktop\Satsang Calls
2015-07-30 00:04 - 2009-07-13 23:20 - 00000000 __RHD C:\Users\Public\Libraries
2015-07-28 13:39 - 2015-01-27 16:26 - 00000000 ____D C:\Users\Eddy\Desktop\hmmm
2015-07-25 13:45 - 2014-10-20 23:03 - 00000000 ____D C:\Users\Eddy\AppData\Roaming\Adobe
2015-07-25 13:44 - 2014-10-28 21:34 - 00000000 ____D C:\Users\Eddy\AppData\Local\Adobe
2015-07-25 13:25 - 2015-01-03 13:10 - 00000000 ____D C:\Users\Eddy\Desktop\Acer 4810T Stuff
2015-07-25 13:23 - 2009-10-21 10:06 - 00148480 _____ () C:\Windows\system32\lxeecuir.dll
2015-07-25 13:21 - 2010-04-13 19:41 - 00836608 _____ ( ) C:\Windows\system32\lxeecoin.dll
2015-07-25 13:21 - 2009-11-09 08:06 - 00065536 _____ C:\Windows\system32\lxeegcfg.dll
2015-07-25 13:21 - 2009-10-21 10:06 - 00399360 _____ () C:\Windows\system32\lxeecui.dll
2015-07-25 13:21 - 2008-04-30 06:32 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lxk_g.dll
2015-07-25 13:21 - 2008-04-30 06:32 - 00983121 _____ (Microsoft Corporation) C:\Windows\system32\lxk_gf.dll
2015-07-25 13:21 - 2008-03-05 02:55 - 00109056 _____ () C:\Windows\system32\lxeevs.dll
2015-07-24 17:51 - 2015-02-18 20:45 - 00001238 _____ C:\Users\Eddy\Desktop\DriverMax.lnk
2015-07-24 17:51 - 2015-02-18 20:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverMax
2015-07-22 16:49 - 2014-12-25 11:07 - 00000000 ____D C:\Users\Eddy\AppData\Roaming\vlc
2015-07-22 15:48 - 2015-06-26 12:54 - 00000000 ____D C:\Users\Eddy\AppData\Roaming\dvdcss
2015-07-22 15:36 - 2009-07-14 00:45 - 00419648 _____ C:\Windows\system32\FNTCACHE.DAT

==================== Files in the root of some directories =======

2015-08-21 01:48 - 2015-08-21 01:48 - 0181948 _____ () C:\Users\Eddy\AppData\Local\ars.cache
2015-08-21 01:48 - 2015-08-21 01:48 - 0468668 _____ () C:\Users\Eddy\AppData\Local\census.cache
2015-08-21 01:11 - 2015-08-21 01:11 - 0000036 _____ () C:\Users\Eddy\AppData\Local\housecall.guid.cache
2015-06-04 22:36 - 2015-06-04 22:36 - 0005324 _____ () C:\Users\Eddy\AppData\Local\HWVendorDetection.log
2015-08-21 01:37 - 2015-08-21 01:37 - 0000010 _____ () C:\Users\Eddy\AppData\Local\sponge.last.runtime.cache
2014-11-28 19:49 - 2014-11-28 19:49 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-06-06 10:25 - 2015-06-06 10:25 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-07-25 13:27 - 2015-08-20 10:24 - 0068260 _____ () C:\ProgramData\lxeeJSW.log
2015-08-19 20:44 - 2015-08-19 20:44 - 1043237 _____ () C:\ProgramData\SPL1E4.tmp
2015-08-19 20:58 - 2015-08-19 20:58 - 1564121 _____ () C:\ProgramData\SPL5714.tmp
2015-05-12 13:16 - 2015-05-12 13:16 - 0000252 _____ () C:\ProgramData\FastPics.log
2015-05-12 12:23 - 2015-05-12 12:23 - 0000166 _____ () C:\ProgramData\lxee.log
2015-05-12 13:11 - 2015-05-12 13:14 - 0000514 _____ () C:\ProgramData\lxeescan.log
2015-05-12 12:22 - 2015-05-12 12:22 - 0000000 _____ () C:\ProgramData\UpdaterLog.txt

Some files in TEMP:
====================
C:\Users\Eddy\AppData\Local\Temp\pc-support-bar-setup.exe
C:\Users\Eddy\AppData\Local\Temp\DriverDetective.exe
C:\Users\Eddy\AppData\Local\Temp\install_flashplayer15x32_mssd_aaa_aih.exe
C:\Users\Eddy\AppData\Local\Temp\install_flashplayer15x32_mssd_aaa_aih_1.exe
C:\Users\Eddy\AppData\Local\Temp\install_reader11_en_mssd_aaa_aih.exe
C:\Users\Eddy\AppData\Local\Temp\ose00000.exe
C:\Users\Eddy\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-08-17 20:12

==================== End of log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:21-08-2015
Ran by Eddy (2015-08-21 11:57:58)
Running from C:\Users\Eddy\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2949447929-3806749029-1979589009-500 - Administrator - Disabled)
Eddy (S-1-5-21-2949447929-3806749029-1979589009-1000 - Administrator - Enabled) => C:\Users\Eddy
Guest (S-1-5-21-2949447929-3806749029-1979589009-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2949447929-3806749029-1979589009-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Acer Crystal Eye Webcam (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.2.7.1 - Suyin Optronics Corp)
Acer PowerSmart Manager (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.07.3008 - Acer Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.2.202.235 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.22 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{0A107E17-B5C5-DFE3-6EAA-E6A68A4B82FD}) (Version: 3.0.741.0 - ATI Technologies, Inc.)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
ccc-core-static (x32 Version: 2009.0904.1410.23535 - ATI) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5143 - CDBurnerXP)
Citrix Online Launcher (HKLM-x32\...\{8A16C63D-027A-4645-B394-C033665D0195}) (Version: 1.0.325 - Citrix)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 43.3.3.185 - Comodo)
Comodo IceDragon (HKLM-x32\...\Comodo IceDragon) (Version: 38.0.5.2 - COMODO)
COMODO Internet Security (HKLM\...\{BCC0552D-76C0-4130-BFBD-49BE49ACC594}) (Version: 6.0.2566.2708 - COMODO Security Solutions Inc.)
Driver Detective (HKLM-x32\...\DriversHQ.DriverDetective.Client) (Version: 10.0.3.13 - PC Drivers HeadQuarters LP)
DriverMax 7 (HKLM-x32\...\DMX5_is1) (Version: 7.63.0.1160 - Innovative Solutions)
EaseUS Partition Master 10.1 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
EasyBCD 2.0 (HKLM-x32\...\EasyBCD) (Version: 2.0 - NeoSmart Technologies)
GeekBuddy (HKLM-x32\...\{AA722B93-B5B3-48DE-912A-81C0926D22AE}) (Version: 4.21.144 - Comodo Security Solutions Inc)
GoToMeeting 7.2.4.3215 (HKU\S-1-5-21-2949447929-3806749029-1979589009-1000\...\GoToMeeting) (Version: 7.2.4.3215 - CitrixOnline)
HP Deskjet 1050 J410 series Basic Device Software (HKLM\...\{F294770E-F869-400F-81C3-614B5F13CA54}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 1050 J410 series Help (HKLM-x32\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard)
HP Deskjet 1050 J410 series Product Improvement Study (HKLM\...\{5848A26C-E4BC-4A13-AA8D-810BA344475A}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8600 Basic Device Software (HKLM\...\{791A06E2-340F-43B0-8FAB-62D151339362}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Help (HKLM-x32\...\{46235FF7-2CBE-4A84-BEDA-87348D1F7850}) (Version: 28.0.0 - Hewlett Packard)
HP Officejet Pro 8600 Product Improvement Study (HKLM\...\{2BF5E9CC-C55D-4B0F-ACAF-FFE77F333CD8}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3341 - HP Photo Creations Powered by RocketLife)
HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
IIS 7.5 Express (HKLM-x32\...\{3A30B5F5-F12C-490F-8CD4-D200C75DF7E8}) (Version: 7.5.1190 - Microsoft Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.02 - Acer Inc.)
Lexmark Pro700 Series (HKLM\...\Lexmark Pro700 Series) (Version:  - Lexmark International, Inc.)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Sync Framework 2.1 Core Components (x86) ENU  (HKLM-x32\...\{7AC8EF88-D996-4D47-B40C-4DD93E307481}) (Version: 2.1.1648.0 - Microsoft Corporation)
Microsoft Sync Framework 2.1 Database Providers (x86) ENU  (HKLM-x32\...\{296E293F-C481-4DDE-9ED2-3F79FCF38731}) (Version: 3.1.1648.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Mozilla Firefox 40.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 40.0.2 (x86 en-US)) (Version: 40.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.2.5702 - Mozilla)
OA LodgeMaster Lodge Client 3.3.5 (HKLM-x32\...\{48ce1c6c-5d07-40bd-94ce-45746fedb6ec}) (Version: 3.3.5 - Order Of The Arrow, Boy Scouts Of America)
OA LodgeMaster Lodge Client 3.3.5 (x32 Version: 3.3.5 - Order Of The Arrow, Boy Scouts Of America) Hidden
Optical Drive Power Management (HKLM-x32\...\{AE09C972-EEB2-4DA5-8090-0FCF54576854}) (Version: 1.01.3002 - Acer Incorporated)
Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.0.107 - Panda Security)
Panda USB Vaccine 1.0.1.16 (HKLM-x32\...\{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1) (Version:  - Panda Security)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30093 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.93 (HKLM-x32\...\Revo Uninstaller) (Version: 1.93 - VS Revo Group)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
SlimDrivers (HKLM-x32\...\{5AD12E7A-D739-4451-9BD1-3610EC56D8F5}) (Version: 2.2.45206 - SlimWare Utilities, Inc.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1186 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.2.0 - Synaptics Incorporated)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Viber (HKU\S-1-5-21-2949447929-3806749029-1979589009-1000\...\Viber) (Version: 5.1.1.15 - Viber Media Inc)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Wondershare MobileGo for Android ( Version 5.3.2 ) (HKLM-x32\...\{1E04C795-7359-4E05-8A0E-5644F777AA08}_is1) (Version: 5.3.2 - Wondershare)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2949447929-3806749029-1979589009-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Eddy\AppData\Local\Citrix\GoToMeeting\2759\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)

==================== Restore Points =========================

Could not list restore points
Check "winmgmt" service or repair WMI.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00815410-70D1-4E64-85C7-CDF5F7AFA8D5} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe [2010-06-01] ()
Task: {0C76578A-D416-4BE3-A8DA-404CE4C76A6D} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-18] (COMODO)
Task: {14A93FEC-8509-400B-ACB4-CAEB3A2769B9} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-08-18] (COMODO)
Task: {16B94025-12D5-4AE6-B9F1-4F2E3E9C4115} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-18] (COMODO)
Task: {2375650A-9111-4FDB-8568-F40EB6F6C4C0} - System32\Tasks\{D6185235-F860-42A7-BBB8-E0D5DE27EB86} => pcalua.exe -a C:\Users\Eddy\AppData\Local\Temp\Temp2_Camera_Suyin_5.2.7.1_W7x64W7x86_A.zip\Webcam_Suyin(Rose3G_LavenderG)_v5.2.7.1_Win7x86x64\Setup.exe
Task: {2BB6AB29-A60A-4C4D-B96A-803B24B65A6E} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-18] (COMODO)
Task: {66FA665E-C9A9-426E-9E4B-BD20E07B19A8} - System32\Tasks\G2MUpdateTask-S-1-5-21-2949447929-3806749029-1979589009-1000 => C:\Users\Eddy\AppData\Local\Citrix\GoToMeeting\3215\g2mupdate.exe [2015-08-17] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {69C32493-DB53-4DD5-8B21-3A1F4AB95390} - System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2015-01-30] (Hewlett-Packard Co.)
Task: {6AE675BD-B3B2-41E0-B47C-B8EFB97A04C5} - System32\Tasks\{7ADA8680-CF5F-416A-85B8-DAEC3FBFB40D} => pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller"
Task: {77087366-DC8E-4201-A270-1D39088167E9} - System32\Tasks\SlimDrivers Startup => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [2015-02-27] (SlimWare Utilities, Inc.)
Task: {87C12831-3298-4195-8008-653EFD97F685} - System32\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c => C:\Program Files (x86)\Innovative Solutions\DriverMax\innostp.exe [2015-07-24] (Innovative Solutions)
Task: {9C4B180E-2DEF-4EBE-AE9A-22C61B33DF89} - System32\Tasks\{CC8D996B-6E0A-4E87-B2A8-98559672C237} => pcalua.exe -a C:\Users\Eddy\AppData\Local\Temp\Temp2_Lan_Atheros_1.0.0.10_W7x86W7x64_A.zip\LAN_Atheros(AR8131)_v1.0.0.10_Win7x82x64\setup.exe
Task: {A5B2323B-ECC1-46B4-AA71-FEA4A2925100} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-18] (COMODO)
Task: {CF534F79-D7D5-44D0-A15C-2E6DF442A4FF} - System32\Tasks\{7A2B89EB-70B4-4697-AA4D-3164F03F56B8} => Firefox.exe http://ui.skype.com/...e=tsProgressBar
Task: {E20344C0-2159-48A7-9B17-FA574C9D3F3F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-14] (Adobe Systems Incorporated)
Task: {EAAA3696-D4FF-4017-ABE9-B8BD33E16FC6} - System32\Tasks\G2MUploadTask-S-1-5-21-2949447929-3806749029-1979589009-1000 => C:\Users\Eddy\AppData\Local\Citrix\GoToMeeting\3215\g2mupload.exe [2015-08-17] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {FAA02B21-1141-48BE-AC53-D14456167842} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2949447929-3806749029-1979589009-1000.job => C:\Users\Eddy\AppData\Local\Citrix\GoToMeeting\3215\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2949447929-3806749029-1979589009-1000.job => C:\Users\Eddy\AppData\Local\Citrix\GoToMeeting\3215\g2mupload.exe
Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
Task: C:\Windows\Tasks\Driver Detective-RTMRules.job => C:\Program Files (x86)\Driver Detective\DriversHQ.DriverDetective.Client.exe
Task: C:\Windows\Tasks\Driver Detective-RTMScan.job => C:\Program Files (x86)\Driver Detective\DriversHQ.DriverDetective.Client.exe
Task: C:\Windows\Tasks\Driver Detective-RTMScanRunOnce.job => C:\Program Files (x86)\Driver Detective\DriversHQ.DriverDetective.Client.exe
Task: C:\Windows\Tasks\Driver Detective-RTMUpdater.job => C:\Program Files (x86)\Driver Detective\DriversHQ.DriverDetective.Client.exe

==================== Loaded Modules (Whitelisted) ==============

2015-07-25 13:26 - 2015-08-19 23:10 - 00189440 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxeedrpp.dll
2015-06-04 22:39 - 2008-07-29 19:29 - 00200704 _____ () C:\Windows\PLFSetI.exe
2015-06-22 06:12 - 2015-06-22 06:12 - 01971384 _____ () C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe
2015-02-18 20:49 - 2015-02-18 20:49 - 00030080 _____ () C:\Windows\snuvcdsm.exe
2015-05-12 12:24 - 2013-01-30 15:25 - 00772712 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\lxeemon.exe
2015-05-12 12:24 - 2013-01-30 15:25 - 00150264 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\ezprint.exe
2014-10-20 16:31 - 2014-02-13 15:37 - 00254024 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe
2012-12-14 20:46 - 2015-01-08 18:02 - 00067808 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2015-05-12 12:24 - 2010-04-01 12:23 - 00389120 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\lxeescw.dll
2015-05-12 12:24 - 2009-05-27 07:16 - 00192512 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\lxeedatr.dll
2015-05-12 12:24 - 2010-04-01 12:24 - 01159168 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\lxeeDRS.dll
2015-05-12 12:24 - 2009-03-10 00:43 - 00155648 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\lxeecaps.dll
2015-05-12 12:22 - 2009-02-20 03:48 - 00381440 _____ () C:\Windows\system32\lxeesm.dll
2015-05-12 12:22 - 2009-02-20 03:48 - 00023552 _____ () C:\Windows\system32\lxeesmr.dll
2015-05-12 12:24 - 2010-04-05 05:56 - 00716954 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\Epwizard.DLL
2015-05-12 12:24 - 2010-04-05 05:55 - 00159890 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\customui.dll
2015-05-12 12:24 - 2010-04-05 05:54 - 00123033 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\Eputil.DLL
2015-05-12 12:24 - 2010-04-05 05:54 - 00143502 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\Imagutil.DLL
2015-05-12 12:24 - 2010-04-05 05:55 - 00061604 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\Epfunct.DLL
2015-05-12 12:24 - 2010-04-05 05:56 - 02203803 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\EPWizRes.dll
2015-05-12 12:24 - 2010-04-05 05:56 - 00045221 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\epstring.dll
2015-05-12 12:24 - 2010-04-05 05:56 - 00094359 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\EPOEMDll.dll
2015-05-12 12:24 - 2009-04-07 14:25 - 00409600 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\iptk.dll
2015-05-12 12:24 - 2009-03-02 09:25 - 00151552 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\lxeeptp.dll
2014-10-20 16:31 - 2014-02-13 15:27 - 00222792 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\traynet.dll
2014-10-20 16:31 - 2014-02-13 15:27 - 00275528 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\libcurl.dll
2014-10-20 16:31 - 2014-02-13 15:27 - 00113166 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\zlib1.dll
2014-10-20 16:31 - 2014-02-13 15:27 - 00249928 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\uexper.dll
2015-08-13 14:37 - 2015-08-13 14:37 - 00976064 _____ () C:\Program Files (x86)\Comodo\GeekBuddy\QtNetwork4.dll
2015-08-13 14:37 - 2015-08-13 14:37 - 02254528 _____ () C:\Program Files (x86)\Comodo\GeekBuddy\QtCore4.dll
2015-08-13 14:37 - 2015-08-13 14:37 - 08024768 _____ () C:\Program Files (x86)\Comodo\GeekBuddy\QtGui4.dll
2015-08-13 14:38 - 2015-08-13 14:38 - 00032960 _____ () C:\Program Files (x86)\Comodo\GeekBuddy\imageformats\qgif4.dll
2015-08-13 14:37 - 2015-08-13 14:37 - 01299648 _____ () C:\Program Files (x86)\Comodo\GeekBuddy\QtScript4.dll
2015-02-08 18:53 - 2014-10-31 17:37 - 01498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2015-02-08 18:53 - 2014-05-19 18:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2014-10-28 11:29 - 2012-05-25 04:25 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
2015-02-18 20:45 - 2015-07-24 17:51 - 00008760 _____ () C:\Program Files (x86)\Innovative Solutions\DriverMax\sync.dll
2015-08-17 01:25 - 2015-08-17 01:25 - 17482952 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows\Acer Crystal Eye webcam.EXE:$CmdTcID
AlternateDataStreams: C:\Windows\Image.dll:$CmdTcID
AlternateDataStreams: C:\Windows\PLFSetL.exe:$CmdTcID
AlternateDataStreams: C:\Windows\RtlExUpd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\snuvcdsm.exe:$CmdTcID
AlternateDataStreams: C:\Windows\USB_VIDEO_REG.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\acmigration.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\adtschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\advapi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aelupsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aepdu.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aitstatic.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\apisetschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\apphelp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidcertstorecheck.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidpolicyconverter.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appinfo.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\audiodg.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\auditpol.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\authui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\blackbox.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\certcli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cewmdm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ci.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\clfs.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\clfsw32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\comctl32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\CompatTelRunner.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\conhost.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\consent.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\credssp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\crypt32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptbase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptnet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\csrsrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\devinv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\diagtrack.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\diskperf.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\drmmgrtn.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\drmv2clt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dwmapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dwmcore.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\DWrite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxmasf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxtmsft.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxtrans.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\FntCache.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\fontsub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\gdi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\generaltel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\HdmiCoin.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\hpinkcoi8911.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\hpinkins8911.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\hpinksts8911LM.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\HPScanTRDrv_DJ1050_J410.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\HPWia2_DJ1050_J410.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ie4uinit.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieapfltr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iedkcs32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwcollector.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwcollectorres.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwproxystub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieframe.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iernonce.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iertutil.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iesetup.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieUnatt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\inetcpl.cpl:$CmdTcID
AlternateDataStreams: C:\Windows\system32\InkEd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\JavaScriptCollectionAgent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jnwmon.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jscript9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jscript9diag.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jsproxy.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\kerberos.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\kernel32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\KernelBase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\logman.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lsasrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lsass.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeecoin.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeecui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeecuir.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeegcfg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeevs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxk_g.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxk_gf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mferror.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfpmp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MpSigStub.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MRT.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msaudite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msctf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msdxm.ocx:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msfeeds.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtml.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MshtmlDac.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtmled.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtmlmedia.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msiexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msihnd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msimsg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msmmsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msnetobj.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msobjs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msrating.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msscp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MsSpellCheckingFacility.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mstscax.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msv1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml3r.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ncrypt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\NETwNc64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\NETwNr64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nlasvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ntdll.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ntoskrnl.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ntvdm64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ole32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\oleaut32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcadm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcaevts.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcalua.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcasvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcawrk.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\perftrack.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\poqexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\powertracker.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\quartz.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdpcorets.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RdpGroupPolicyExtension.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdpudd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdvidcrl.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\relog.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rpcrt4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rrinstaller.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rstrui.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\scesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\schannel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sdbinst.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sechost.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\secur32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\services.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\setbcdlocale.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\shell32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\shimeng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\smss.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\spwmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\srclient.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\srcore.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sspicli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sspisrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tdh.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tracerpt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tsgqec.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\TSpkg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\TSWbPrxy.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\typeperf.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ubpm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\urlmon.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\UtcResources.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\v3DDKAdapterUmode.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\vbscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WdfCoInstaller01005.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WdfCoInstaller01009.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WdfCoInstaller01011.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wdi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wdigest.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wiafbdrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\win32k.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WindowsCodecs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wininet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winload.efi:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winload.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winresume.efi:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winresume.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WinSetupUI.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winsrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wintrust.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WinUSBCoInstaller2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmdrmsdk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WMPhoto.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmploc.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wow64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wow64cpu.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wow64win.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wpdshext.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wu.upgrade.ps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuapp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuauclt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuaueng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wucltux.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wudriver.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wups.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wups2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuwebv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\adtschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\advapi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\apisetschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\apphelp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\appidapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\AudioEng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\AUDIOKSE.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\AudioSes.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\auditpol.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\authui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\blackbox.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\certcli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cewmdm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\clfsw32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\comctl32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\credssp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\crypt32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptbase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptnet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dciman32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\diskperf.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\drmmgrtn.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\drmv2clt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dwmapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dwmcore.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\DWrite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dxmasf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dxtmsft.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dxtrans.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\fontsub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\gdi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieapfltr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iedkcs32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieetwproxystub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieframe.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iernonce.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iertutil.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iesetup.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieUnatt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\inetcpl.cpl:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\InkEd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\instnm.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jscript9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jscript9diag.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jsproxy.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\kerberos.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\kernel32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\KernelBase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\logman.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\lpk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mferror.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mfpmp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mfps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msaudite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msctf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msdxm.ocx:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msfeeds.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mshtml.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\MshtmlDac.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mshtmled.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mshtmlmedia.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msiexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msihnd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msimsg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msnetobj.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msobjs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msrating.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msscp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mstscax.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msv1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msxml3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msxml3r.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ncrypt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ncsi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nlaapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntdll.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntkrnlpa.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntoskrnl.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntvdm64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ole32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\oleaut32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\poqexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\quartz.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\rdvidcrl.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\relog.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\rpcrt4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\rrinstaller.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\scesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\schannel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\sdbinst.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\sechost.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\secur32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\setup16.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\shell32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\shimeng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\spwmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\srclient.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\sspicli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\tdh.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\tracerpt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\tsgqec.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\TSpkg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\typeperf.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ubpm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\urlmon.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\user.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\v3DDKAdapterUmodeWow64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\vbscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wdi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wdigest.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\WindowsCodecs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wininet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wintrust.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmdrmsdk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\WMPhoto.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmploc.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wow32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wpdshext.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wuapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wuapp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wudriver.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wups.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wuwebv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\amdkmafd.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\appid.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\cng.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\http.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\IntcHdmi.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ksecdd.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ksecpkg.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\L1C62x64.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mf.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mountmgr.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\MpFilter.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxdav.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb10.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb20.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\MxEFUF64.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\NETwNs64.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\NisDrvWFP.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\PEAuth.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\PSKMAD.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\rndismpx.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\Smb_driver_Intel.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\sncduvc.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\snp2uvc.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ssadcm.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ssadwh.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ssudbus.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ssudmdm.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\stream.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\tmcomm.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\usb8023x.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\usbscan.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\v3DDKAdapterKmode.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\WdfCoInstaller01005.dll:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Desktop\20150612_pc_auto_id_card.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Desktop\20150612_pc_auto_id_card.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Desktop\57bb0165-0e97-4ba1-8d18-8cf63d8d50d8_1420219525720.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Desktop\57bb0165-0e97-4ba1-8d18-8cf63d8d50d8_1420219525720.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Desktop\BankingAndCurrencyAndTheMoneyTrust-ByCharlesA.Lindbergh.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Desktop\BankingAndCurrencyAndTheMoneyTrust-ByCharlesA.Lindbergh.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Desktop\compplanbooklet2014 ENGLISH.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Desktop\compplanbooklet2014 ENGLISH.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Desktop\divemaster_brochure.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Desktop\divemaster_brochure.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Desktop\FRST64.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Desktop\FRST64.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Desktop\tacos de chimpa.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Desktop\TMO_SM-G386T_Galaxy_AVANT_English_Health_Safety_KK_F1.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\CoDependenceIntoCoEmpowermentSession1.mp3.part:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\Conscious_Language_Code_MSLUC.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\Conscious_Language_Code_MSLUC.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\DJ1050_J410_1313-1.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\DJ1050_J410_1313-1.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\driver-updater-setup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\driver-updater-setup.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\drivermax_7_61_cnet.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\drivermax_7_61_cnet.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\drivermax_7_63_cnet.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\drivermax_7_63_cnet.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\Family Reunion 2015 brochure.docx:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\Family Reunion 2015 brochure.docx:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\HousecallLauncher64.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\HousecallLauncher64.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\HPSupportSolutionsFramework-en-11.51.0048.msi:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\HPSupportSolutionsFramework-en-11.51.0048.msi:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\HWVendorDetection.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\HWVendorDetection.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\InstallScreencastOMatic-v2-1.8.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\InstallScreencastOMatic-v2-1.8.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\Intel Driver Update Utility Installer.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\Intel Driver Update Utility Installer.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\kinakwii.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\kinakwii.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\LEXMARK_Pro700_wcr_64_en.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\LEXMARK_Pro700_wcr_64_en.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\Lightweight_Scouting_Dissertation.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\new bsa med.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\new bsa med.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\OalmLodgeClientInstaller-3.3.5.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\OalmLodgeClientInstaller-3.3.5.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\PandaCloudCleaner.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\PandaCloudCleaner.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\papa-francesco-motu-proprio_20130711_organi-giudiziari(1).pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\papa-francesco-motu-proprio_20130711_organi-giudiziari(1).pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\papa-francesco-motu-proprio_20130711_organi-giudiziari.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\papa-francesco-motu-proprio_20130711_organi-giudiziari.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\PathToFreedom.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\PathToFreedom.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\Shockwave_Installer_Slim.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\Shockwave_Installer_Slim.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\SKMBT_C45215012611230.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\SKMBT_C45215012611230.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\SlimDrivers-setup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\SlimDrivers-setup.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\The_4_Forces_of_Health_Module_1.mp3.part:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\usb140201.zip:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\usb140201.zip:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\ViberSetup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\ViberSetup.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\vlc-2.1.5-win64.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\vlc-2.1.5-win64.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\wgm-masterclass-2015jun-workbook.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\wgm-masterclass-2015jun-workbook.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\WindowsPasswordResetStandardDemoSetup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\WindowsPasswordResetStandardDemoSetup.exe:$CmdZnID

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2949447929-3806749029-1979589009-1000\...\driversupport.com -> hxxp://apps.driversupport.com
IE trusted site: HKU\S-1-5-21-2949447929-3806749029-1979589009-1000\...\driversupport.com -> hxxps://apps.driversupport.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2949447929-3806749029-1979589009-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Eddy\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
mpsdrv Firewall Service is not running.
MpsSvc Firewall Service is not running.
bfe Firewall Service is not running.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{9D434B39-5E99-403B-87F5-B94D166F7AFE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{99FCFA16-67B2-4A66-A360-97A63C330772}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{7D5FEF62-F0F4-4201-9854-B678F13E3AAB}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{0F14F19A-4567-457E-920A-912AB51E4A83}] => (Allow) C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
FirewallRules: [{CD78ED65-C708-4542-BF25-26C986FCA8AA}] => (Allow) C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
FirewallRules: [{7D0B3DE5-C4D0-409E-8A56-86E1B44FAFEA}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe
FirewallRules: [{3E7CBA40-67D3-48D1-96B4-A2F641E5205E}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe
FirewallRules: [{349DDBAA-0253-4A64-A116-2D47B4ABACFC}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe
FirewallRules: [{DF407E5D-CB97-49D5-83BA-4158C9D629D3}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe
FirewallRules: [{BC379587-78D8-4CB6-A371-DA08C356F0D0}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
FirewallRules: [{280833EF-9D61-440F-AAB2-390ABEEE28D3}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{F805B827-9D9F-400E-BE4C-4545FB543EBA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A3EB603E-F689-4D30-B0DB-B6EE6CE10C09}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F41D131B-14D0-4B32-B92B-5B01E1018CCF}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [{E351A4E8-8BF4-49C7-855F-24029051AB3C}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [{C1DA5DDC-2F12-41F7-BF6A-7F911C7C0859}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [{A87EBC0D-EFB2-42AD-9967-329771EB7D2F}] => (Allow) C:\Users\Eddy\AppData\Local\Temp\nsz9F1.tmp\CnetInstaller-75444075.exe
FirewallRules: [{D183A71E-B8CC-4D56-86B9-5123C376C825}] => (Allow) C:\Users\Eddy\AppData\Local\Temp\nsz9F1.tmp\CnetInstaller-75444075.exe
FirewallRules: [{6E1BE09F-80A4-4FAA-9A64-AA65811D15AB}] => (Allow) C:\Windows\system32\lxeecoms.exe
FirewallRules: [{21910579-C288-4570-AC82-EF7159AF0663}] => (Allow) C:\Windows\system32\LXEEcoms.exe
FirewallRules: [{4BC98A51-0CB7-40E4-82A6-70BD998BCC87}] => (Allow) C:\Windows\system32\LXEEcoms.exe
FirewallRules: [{6E8D1215-4AD4-4523-B552-7BCE8E3FBDEA}] => (Allow) C:\Windows\system32\LXEEcoms.exe

==================== Faulty Device Manager Devices =============

Could not list Devices. Check "winmgmt" service or repair WMI.


==================== Event log errors: =========================

Could not start eventlog service, could not read events.

System error 123 has occurred.

The filename, directory name, or volume label syntax is incorrect.


==================== Memory info ===========================

Processor: Intel® Core™2 Solo CPU U3500 @ 1.40GHz
Percentage of memory in use: 55%
Total physical RAM: 4025.8 MB
Available physical RAM: 1779.31 MB
Total Virtual: 8049.8 MB
Available Virtual: 4975.42 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:297.99 GB) (Free:221.12 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 0A56CDF8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)

==================== End of log ============================

 


  • 0

Advertisements


#2
xppc

xppc

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 147 posts

I had anoither firefox web page open today claiming its was from my isp using a norton antivirus check they have. according to it, they showed a trojan.dealply and a spyware.bot infection.


  • 0

#3
Nevan

Nevan

    Trusted Helper

  • Malware Removal
  • 1,765 posts
Hello, xppc. My nickname is Nevan and I will be helping you getting your system back on its electronic feet.

Before we get started, please keep these things in mind:
  • Always read every part of my post carefully. If you don't, you may do something wrong and there could be more problems to solve.
  • If your security programs give you any warnings when using tools I asked you to, don't be afraid. Every tool I provide to you is 100% safe.
  • Only run tools that I ask you to. Some of them can be dangerous to your system as they have much power.
  • You should save or print my instructions. It is possible that we will be using Safe mode, which will cut you off from your internet connection and without access to them, you might be stuck.
  • Malware removal is a complicated process that takes multiple steps to be completed. Don't give up, be patient.
  • The tools we are going to use and your software may cause unwanted interactions. Because of that, I recommend you to make backups of any important files from your machine before proceeding as they might be lost.
  • I recommend you to stay with me until I tell you that we are done. It is important because when your system does not show any bad symptoms anymore it does not mean that it is 100% clean.
  • Your time to reply is limited. If you don't reply within 3 days, your topic will be closed and you will have to request it to be reopened by contacting one of Moderator group members with the link to this topic.
  • Every program I ask you to download should be saved to and run from desktop. If you don't know how to choose the direction of where a download is saved, check this site. You can also just copy these programs to your desktop manually and then run them from there.
  • Remember that the fixes I give you are only for your machine. Using it on other systems may (and probably will) cause problems.
  • Finally, if you have any questions or are unsure about something, just ask. I will not blame you for it. It is better to ask rather than regret it later.
Also, please note that I'm currently in training, so my answers to you will have to be checked first by an experienced helper before I can post them. This can lengthen the time between my answers to you, but in return you will have an extra person reviewing your log.

 
I'm sorry for the amount of time you've had to wait for an answer.

As it's been more than a week I'll need new FRST logs as the ones here are pretty outdated. I'll also need to check something else.

Please follow the instructions below.

Step #1
4rr98tz.pngFRST Scan
  • Download Farbar Recovery Scan Tool and save it to your Desktop.
  • Right click FRST64.exe and click Run as administrator. When the tool opens click Yes to disclaimer.
  • Make sure that Addition.txt is checked and press the Scan button.
  • It will produce two logs - one called FRST.txt and another one called Addition.txt in the same directory the tool is run from.
  • Select all (CTRL+A) the content of the logs, copy them (CTRL+C) and paste (CTRL+V) them into your next reply.
 
Step #2
cnUOkXS.png Farbar Service Scanner
  • Download FSS.exe to your desktop.
  • Right click FSS.exe on your desktop and click Run as administrator.
  • Make sure that all options are checked and press Scan.
  • It will create a log (FSS.txt) on the Desktop.
  • Double click FSS.txt. Select all (CTRL+A) the content of the log, copy it (CTRL+C) and paste (CTRL+V) it into your next reply
 
EOEdyWG.png Things that should appear in your next post:
  • FRST.txt log content
  • Addition.txt log content
  • FSS.txt log content

  • 0

#4
xppc

xppc

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 147 posts

Hi Nevan. Thanks in advance for your help. I did use another pc with symantec endpoint and ran a complete scan on the laptop that i am having issues with and it found nothing  as did trendmicro housecall this evening. below are the logs that you requested.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015
Ran by Eddy (administrator) on EDDY-PC (03-09-2015 23:06:42)
Running from C:\Users\Eddy\Desktop
Loaded Profiles: Eddy (Available Profiles: Eddy)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
(Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
() C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe
( ) C:\Windows\System32\lxeecoms.exe
(Acer Incorporated) C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
() C:\Windows\PLFSetI.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Acer Incorporated) C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
() C:\Windows\snuvcdsm.exe
() C:\Program Files (x86)\Lexmark Pro700 Series\lxeemon.exe
() C:\Program Files (x86)\Lexmark Pro700 Series\ezprint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\EpmNews.exe
() C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe
(Innovative Solutions) C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Innovative Solutions) C:\Program Files (x86)\Innovative Solutions\DriverMax\innostp.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2008-07-29] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-18] (Synaptics Incorporated)
HKLM\...\Run: [ODDPwr] => C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe [221728 2009-09-04] (Acer Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [496160 2009-10-02] (Acer Incorporated)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1427648 2015-08-18] (COMODO)
HKLM\...\Run: [PLFSetL] => C:\Windows\PLFSetL.exe [99712 2015-02-18] (Sonix Technology Co., Ltd.)
HKLM\...\Run: [SNUVCDSM] => C:\Windows\snuvcdsm.exe [30080 2015-02-18] ()
HKLM\...\Run: [lxeemon.exe] => C:\Program Files (x86)\Lexmark Pro700 Series\lxeemon.exe [772712 2015-08-19] ()
HKLM\...\Run: [EzPrint] => C:\Program Files (x86)\Lexmark Pro700 Series\ezprint.exe [150264 2015-08-19] ()
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\EpmNews.exe [2086568 2014-03-06] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [EaseUS EPM Tray Agent] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe [254024 2014-02-13] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-09-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1157640 2009-08-18] (Dritek System Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2015-02-08] (Wondershare)
HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2015-08-20] (Comodo Security Solutions, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2949447929-3806749029-1979589009-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-2949447929-3806749029-1979589009-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7930136 2015-08-12] (SUPERAntiSpyware)
HKU\S-1-5-21-2949447929-3806749029-1979589009-1000\...\Run: [DriverMax] => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [8982544 2015-08-21] (Innovative Solutions)
HKU\S-1-5-21-2949447929-3806749029-1979589009-1000\...\Run: [DriverMax_RESTART] => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [8982544 2015-08-21] (Innovative Solutions)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk [2015-08-20]
ShortcutTarget: Start GeekBuddy.lnk -> C:\Program Files (x86)\Comodo\GeekBuddy\launcher.exe (Comodo Security Solutions, Inc.)
BootExecute: 0Õ

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{60F4962F-BD99-4C60-ABC1-B5558A7B3F69}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Eddy\AppData\Roaming\Mozilla\Firefox\Profiles\dhxtksxt.default-1435073473531
FF DefaultSearchEngine.US: DuckDuckGo
FF Homepage: hxxps://my.yahoo.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-17] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-17] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-05-07] (Adobe Systems, Inc.)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2949447929-3806749029-1979589009-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Eddy\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-11-30] (Citrix Online)

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2015-05-10] (SUPERAntiSpyware.com)
R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70848 2015-08-20] (Comodo Security Solutions, Inc.)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5542472 2015-08-18] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265792 2015-08-18] (COMODO)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [1994936 2015-06-26] (Comodo)
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [786976 2009-10-02] (Acer Incorporated)
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2015-08-20] (Comodo Security Solutions, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-05-22] (Hewlett-Packard Company)
R2 IceDragonUpdater; C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe [1971384 2015-06-22] ()
S2 lxeeCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxeeserv.exe [45736 2015-08-19] (Lexmark International, Inc.)
R2 lxee_device; C:\Windows\system32\lxeecoms.exe [1052328 2015-07-25] ( )
R2 lxee_device; C:\Windows\SysWOW64\lxeecoms.exe [598696 2015-08-19] ( )
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-09-03] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 ODDPwrSvc; C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [158240 2009-09-04] (Acer Incorporated)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-30] (DEVGURU Co., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\DRIVERS\amdkmafd.sys [21600 2015-04-13] (Advanced Micro Devices, Inc.)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [21184 2015-08-04] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [806032 2015-08-04] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [45856 2015-08-04] (COMODO)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [File not signed]
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [105096 2015-08-04] (COMODO)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2015-03-19] (Qualcomm Atheros Co., Ltd.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-09-03] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-09-03] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-05-14] (Microsoft Corporation)
R0 MxEFUF; C:\Windows\System32\DRIVERS\MxEFUF64.sys [157696 2015-03-23] (Matrox Graphics Inc.)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-05-14] (Microsoft Corporation)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2015-08-19] (Panda Security, S.L.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [42696 2015-08-20] (Synaptics Incorporated)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806592 2015-02-18] ()
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16056 2015-09-03] (SlimWare Utilities, Inc.)
R1 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [307352 2015-09-03] (Trend Micro Inc.)
R3 v3DDKAdapterKmode; C:\Windows\System32\DRIVERS\v3DDKAdapterKmode.sys [130424 2015-06-01] (datronicsoft)
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S3 RSUSBSTOR; System32\Drivers\RtsUStor.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-03 23:06 - 2015-09-03 23:07 - 00016608 _____ C:\Users\Eddy\Desktop\FRST.txt
2015-09-03 23:06 - 2015-09-03 23:06 - 00000000 ____D C:\Users\Eddy\Desktop\FRST-OlderVersion
2015-09-03 23:06 - 2015-09-03 23:06 - 00000000 ____D C:\FRST
2015-09-03 21:45 - 2015-09-03 21:47 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-03 21:44 - 2015-09-03 21:44 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-09-03 21:44 - 2015-09-03 21:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-09-03 21:43 - 2015-09-03 21:43 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-09-03 21:43 - 2015-09-03 21:43 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-09-03 21:43 - 2015-09-03 21:43 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-09-03 21:41 - 2015-09-03 21:41 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Eddy\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-03 17:19 - 2015-09-03 17:19 - 06924096 _____ (Trend Micro Inc.) C:\Users\Eddy\Downloads\TrendMicro_MAX_10.0_US-en_Downloader.exe
2015-09-02 01:36 - 2015-09-02 01:37 - 02780160 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2015-09-02 01:36 - 2015-09-02 01:37 - 00384904 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2015-09-02 01:36 - 2015-09-02 01:37 - 00384832 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2015-09-02 01:36 - 2015-09-02 01:37 - 00287232 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2015-09-02 01:36 - 2015-09-02 01:37 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
2015-09-02 01:36 - 2015-09-02 01:37 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
2015-09-02 01:36 - 2015-09-02 01:37 - 00246784 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2015-09-02 01:36 - 2015-09-02 01:37 - 00219136 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2015-09-02 01:36 - 2015-09-02 01:37 - 00104792 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2015-09-02 01:36 - 2015-09-02 01:37 - 00104720 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2015-09-02 01:36 - 2015-09-02 01:37 - 00024576 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2015-09-02 01:36 - 2015-09-02 01:37 - 00004096 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2015-09-02 01:35 - 2015-09-02 01:37 - 02191872 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2015-09-02 01:35 - 2015-09-02 01:37 - 00094208 _____ C:\Windows\system32\IccLibDll_x64.dll
2015-09-02 01:35 - 2012-11-27 00:31 - 04379680 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2015-09-02 01:34 - 2015-09-02 01:37 - 00146432 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2015-09-02 01:34 - 2012-11-27 00:00 - 00211303 _____ C:\Windows\system32\Gfxres.th-TH.resources
2015-09-02 01:34 - 2012-11-27 00:00 - 00182706 _____ C:\Windows\system32\Gfxres.ru-RU.resources
2015-09-02 01:34 - 2012-11-27 00:00 - 00153167 _____ C:\Windows\system32\Gfxres.ja-JP.resources
2015-09-02 01:34 - 2012-11-27 00:00 - 00138727 _____ C:\Windows\system32\Gfxres.ko-KR.resources
2015-09-02 01:34 - 2012-11-27 00:00 - 00136603 _____ C:\Windows\system32\Gfxres.ro-RO.resources
2015-09-02 01:34 - 2012-11-27 00:00 - 00135370 _____ C:\Windows\system32\Gfxres.tr-TR.resources
2015-09-02 01:34 - 2012-11-27 00:00 - 00134836 _____ C:\Windows\system32\Gfxres.pt-BR.resources
2015-09-02 01:34 - 2012-11-27 00:00 - 00134412 _____ C:\Windows\system32\Gfxres.nl-NL.resources
2015-09-02 01:34 - 2012-11-27 00:00 - 00133846 _____ C:\Windows\system32\Gfxres.sv-SE.resources
2015-09-02 01:34 - 2012-11-27 00:00 - 00133709 _____ C:\Windows\system32\Gfxres.pt-PT.resources
2015-09-02 01:34 - 2012-11-27 00:00 - 00133178 _____ C:\Windows\system32\Gfxres.pl-PL.resources
2015-09-02 01:34 - 2012-11-27 00:00 - 00132788 _____ C:\Windows\system32\Gfxres.sk-SK.resources
2015-09-02 01:34 - 2012-11-27 00:00 - 00128996 _____ C:\Windows\system32\Gfxres.sl-SI.resources
2015-09-02 01:34 - 2012-11-27 00:00 - 00128831 _____ C:\Windows\system32\Gfxres.nb-NO.resources
2015-09-02 01:34 - 2012-11-27 00:00 - 00117636 _____ C:\Windows\system32\Gfxres.zh-TW.resources
2015-09-02 01:34 - 2012-11-27 00:00 - 00116348 _____ C:\Windows\system32\Gfxres.zh-CN.resources
2015-09-02 01:33 - 2012-11-27 00:00 - 00198139 _____ C:\Windows\system32\Gfxres.el-GR.resources
2015-09-02 01:33 - 2012-11-27 00:00 - 00156233 _____ C:\Windows\system32\Gfxres.ar-SA.resources
2015-09-02 01:33 - 2012-11-27 00:00 - 00149009 _____ C:\Windows\system32\Gfxres.he-IL.resources
2015-09-02 01:33 - 2012-11-27 00:00 - 00140216 _____ C:\Windows\system32\Gfxres.it-IT.resources
2015-09-02 01:33 - 2012-11-27 00:00 - 00137846 _____ C:\Windows\system32\Gfxres.de-DE.resources
2015-09-02 01:33 - 2012-11-27 00:00 - 00137668 _____ C:\Windows\system32\Gfxres.es-ES.resources
2015-09-02 01:33 - 2012-11-27 00:00 - 00135628 _____ C:\Windows\system32\Gfxres.fr-FR.resources
2015-09-02 01:33 - 2012-11-27 00:00 - 00134384 _____ C:\Windows\system32\Gfxres.hu-HU.resources
2015-09-02 01:33 - 2012-11-27 00:00 - 00133404 _____ C:\Windows\system32\Gfxres.cs-CZ.resources
2015-09-02 01:33 - 2012-11-27 00:00 - 00132889 _____ C:\Windows\system32\Gfxres.fi-FI.resources
2015-09-02 01:33 - 2012-11-27 00:00 - 00131839 _____ C:\Windows\system32\Gfxres.hr-HR.resources
2015-09-02 01:33 - 2012-11-27 00:00 - 00128535 _____ C:\Windows\system32\Gfxres.da-DK.resources
2015-09-02 01:33 - 2012-11-27 00:00 - 00124052 _____ C:\Windows\system32\Gfxres.en-US.resources
2015-09-02 01:13 - 2015-09-02 01:15 - 00090112 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v2858.dll
2015-09-02 00:49 - 2015-09-02 00:52 - 226558984 _____ (COMODO) C:\Users\Eddy\Downloads\cispremium_installer.exe
2015-08-31 02:14 - 2015-08-31 02:15 - 00761968 _____ C:\Windows\Minidump\083115-49280-01.dmp
2015-08-31 02:14 - 2015-08-31 02:14 - 1079012004 _____ C:\Windows\MEMORY.DMP
2015-08-30 21:15 - 2015-08-30 21:15 - 00002697 _____ C:\Users\Public\Desktop\Skype.lnk
2015-08-30 21:15 - 2015-08-30 21:15 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-30 21:15 - 2015-08-30 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-30 18:36 - 2015-08-30 18:36 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-30 18:36 - 2015-08-30 18:36 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-30 18:36 - 2015-08-30 18:36 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-30 18:36 - 2015-08-30 18:36 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-30 18:36 - 2015-08-30 18:36 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-30 18:36 - 2015-08-30 18:36 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-30 18:36 - 2015-08-30 18:36 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-30 18:36 - 2015-08-30 18:36 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-30 18:36 - 2015-08-30 18:36 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-08-30 18:36 - 2015-08-30 18:36 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-08-30 18:34 - 2015-08-30 18:34 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-30 18:34 - 2015-08-30 18:34 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-30 18:34 - 2015-08-30 18:34 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-30 18:34 - 2015-08-30 18:34 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-30 18:34 - 2015-08-30 18:34 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-30 18:34 - 2015-08-30 18:34 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-30 18:34 - 2015-08-30 18:34 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-30 18:34 - 2015-08-30 18:34 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-30 18:34 - 2015-08-30 18:34 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-30 18:34 - 2015-08-30 18:34 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-30 18:34 - 2015-08-30 18:34 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-30 18:34 - 2015-08-30 18:34 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-30 18:34 - 2015-08-30 18:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-30 18:34 - 2015-08-30 18:34 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-30 18:34 - 2015-08-30 18:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-30 18:34 - 2015-08-30 18:34 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-30 14:33 - 2015-08-30 14:33 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-30 14:33 - 2015-08-30 14:33 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-30 13:44 - 2015-08-30 13:45 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-30 13:44 - 2015-08-30 13:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-30 13:44 - 2015-08-30 13:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-30 13:44 - 2015-08-30 13:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-30 13:44 - 2015-08-30 13:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-30 13:44 - 2015-08-30 13:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-30 13:44 - 2015-08-30 13:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-30 13:44 - 2015-08-30 13:44 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-30 13:44 - 2015-08-30 13:44 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-30 13:44 - 2015-08-30 13:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-30 13:44 - 2015-08-30 13:44 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-30 13:44 - 2015-08-30 13:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-30 13:44 - 2015-07-15 14:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-30 13:44 - 2015-07-15 14:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-30 13:44 - 2015-07-15 14:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-30 13:44 - 2015-07-15 14:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-30 13:44 - 2015-07-15 14:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-30 13:44 - 2015-07-15 14:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-30 13:44 - 2015-07-15 14:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-30 13:44 - 2015-07-15 14:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-30 13:44 - 2015-07-15 14:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-30 13:44 - 2015-07-15 14:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-30 13:44 - 2015-07-15 14:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-30 13:44 - 2015-07-15 14:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-30 13:44 - 2015-07-15 14:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-30 13:44 - 2015-07-15 14:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-30 13:44 - 2015-07-15 14:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-30 13:44 - 2015-07-15 14:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-30 13:44 - 2015-07-15 14:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-30 13:44 - 2015-07-15 14:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-30 13:44 - 2015-07-15 14:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-30 13:44 - 2015-07-15 14:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-30 13:44 - 2015-07-15 14:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-30 13:44 - 2015-07-15 14:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-30 13:44 - 2015-07-15 14:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-30 13:44 - 2015-07-15 14:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-30 13:44 - 2015-07-15 14:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-30 13:44 - 2015-07-15 14:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-30 13:44 - 2015-07-15 14:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-30 13:44 - 2015-07-15 14:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-30 13:44 - 2015-07-15 14:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-30 13:44 - 2015-07-15 14:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-30 13:44 - 2015-07-15 14:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-30 13:44 - 2015-07-15 14:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-30 13:44 - 2015-07-15 14:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-30 13:44 - 2015-07-15 13:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-30 13:44 - 2015-07-15 13:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-30 13:44 - 2015-07-15 13:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-30 13:44 - 2015-07-15 13:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-30 13:44 - 2015-07-15 13:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-30 13:44 - 2015-07-15 13:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-30 13:44 - 2015-07-15 13:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-30 13:44 - 2015-07-15 13:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-30 13:44 - 2015-07-15 13:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-30 13:44 - 2015-07-15 13:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-30 13:44 - 2015-07-15 13:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-30 13:44 - 2015-07-15 13:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-30 13:44 - 2015-07-15 13:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-30 13:43 - 2015-08-30 13:44 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:43 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-30 13:43 - 2015-08-30 13:43 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-30 13:43 - 2015-08-30 13:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-30 13:43 - 2015-08-30 13:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-30 13:43 - 2015-08-30 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-30 13:43 - 2015-08-30 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-30 13:43 - 2015-08-30 13:43 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-30 13:43 - 2015-08-30 13:43 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-30 13:43 - 2015-08-30 13:43 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-30 13:43 - 2015-08-30 13:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-30 13:36 - 2015-07-16 15:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-30 13:36 - 2015-07-16 15:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-30 13:36 - 2015-07-16 15:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-30 13:36 - 2015-07-16 15:11 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-30 13:36 - 2015-07-16 15:11 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-30 13:36 - 2015-07-16 15:11 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-30 13:36 - 2015-07-14 23:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-30 13:36 - 2015-07-14 23:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-30 13:36 - 2015-07-14 23:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-30 13:36 - 2015-07-14 23:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-30 13:36 - 2015-07-14 22:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-30 13:36 - 2015-07-14 22:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-30 13:36 - 2015-07-14 22:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-30 13:36 - 2015-07-14 22:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-30 13:36 - 2015-07-11 09:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-08-30 13:35 - 2015-07-20 20:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-30 13:35 - 2015-07-20 20:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-30 13:35 - 2015-07-16 16:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-30 13:35 - 2015-07-16 16:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-30 13:35 - 2015-07-16 16:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-30 13:35 - 2015-07-16 16:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-30 13:35 - 2015-07-16 16:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-30 13:35 - 2015-07-16 16:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-30 13:35 - 2015-07-16 16:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-30 13:35 - 2015-07-16 16:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-30 13:35 - 2015-07-16 16:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-30 13:35 - 2015-07-16 16:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-30 13:35 - 2015-07-16 16:20 - 19870208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-30 13:35 - 2015-07-16 16:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-30 13:35 - 2015-07-16 16:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-30 13:35 - 2015-07-16 16:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-30 13:35 - 2015-07-16 15:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-30 13:35 - 2015-07-16 15:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-30 13:35 - 2015-07-16 15:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-30 13:35 - 2015-07-16 15:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-30 13:35 - 2015-07-16 15:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-30 13:35 - 2015-07-16 15:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-30 13:35 - 2015-07-16 15:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-30 13:35 - 2015-07-16 15:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-30 13:35 - 2015-07-16 15:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-30 13:35 - 2015-07-16 15:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-30 13:35 - 2015-07-16 15:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-30 13:35 - 2015-07-16 15:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-30 13:35 - 2015-07-16 15:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-30 13:35 - 2015-07-16 15:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-30 13:35 - 2015-07-16 15:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-30 13:35 - 2015-07-16 15:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-30 13:35 - 2015-07-16 15:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-30 13:35 - 2015-07-16 15:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-30 13:35 - 2015-07-16 15:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-30 13:35 - 2015-07-16 15:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-30 13:35 - 2015-07-16 15:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-30 13:35 - 2015-07-16 15:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-30 13:35 - 2015-07-16 15:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-30 13:35 - 2015-07-16 15:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-30 13:35 - 2015-07-16 15:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-30 13:35 - 2015-07-16 15:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-30 13:35 - 2015-07-16 15:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-30 13:35 - 2015-07-16 14:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-30 13:35 - 2015-07-16 14:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-30 13:35 - 2015-07-16 14:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-30 13:35 - 2015-07-16 14:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-30 13:34 - 2015-07-16 17:14 - 25192448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-30 13:34 - 2015-07-16 16:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-30 13:34 - 2015-07-16 16:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-30 13:34 - 2015-07-16 16:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-30 13:34 - 2015-07-16 16:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-30 13:34 - 2015-07-16 16:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-30 13:34 - 2015-07-16 16:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-30 13:34 - 2015-07-16 16:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-30 13:34 - 2015-07-16 15:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-30 13:34 - 2015-07-16 15:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-30 13:34 - 2015-07-16 15:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-30 13:34 - 2015-07-16 15:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-30 13:34 - 2015-07-16 15:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-30 13:33 - 2015-07-14 23:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-30 13:15 - 2015-08-30 13:15 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-30 13:15 - 2015-08-30 13:15 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-30 13:15 - 2015-08-30 13:15 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-30 13:15 - 2015-07-01 16:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-30 13:14 - 2015-08-30 13:14 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-30 13:14 - 2015-08-30 13:14 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-30 13:14 - 2015-08-30 13:14 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-30 13:14 - 2015-08-30 13:14 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-30 13:14 - 2015-08-30 13:14 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-30 13:14 - 2015-08-30 13:14 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-30 13:14 - 2015-08-30 13:14 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-30 13:14 - 2015-08-30 13:14 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-30 13:14 - 2015-08-30 13:14 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-30 13:14 - 2015-08-30 13:14 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-30 13:14 - 2015-08-30 13:14 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-30 13:14 - 2015-08-30 13:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-30 13:14 - 2015-08-30 13:14 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-30 13:14 - 2015-08-30 13:14 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-30 13:14 - 2015-08-30 13:14 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-30 13:14 - 2015-08-30 13:14 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-30 12:58 - 2015-08-30 12:58 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-30 12:58 - 2015-08-30 12:58 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-30 12:58 - 2015-07-09 13:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-30 12:56 - 2015-08-30 12:56 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-30 12:56 - 2015-08-30 12:56 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-30 11:56 - 2015-08-30 11:59 - 00002141 _____ C:\Users\Eddy\Desktop\Skype 2.lnk
2015-08-27 20:09 - 2015-08-28 10:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-25 12:59 - 2015-08-25 12:59 - 00000000 _____ C:\ProgramData\LxWbGwLog.log
2015-08-25 12:59 - 2015-08-25 12:59 - 00000000 _____ C:\ProgramData\cmn_upld.log
2015-08-24 18:42 - 2015-09-03 21:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-23 20:08 - 2015-08-23 20:08 - 00000000 ____D C:\ea001c44d0d5114b66da29
2015-08-23 19:40 - 2015-08-23 19:41 - 25624576 _____ C:\Users\Eddy\Downloads\SkypeSetup_6.14.0.104.msi
2015-08-23 18:56 - 2015-08-23 18:56 - 00000000 ____D C:\Users\Public\OEM
2015-08-23 18:44 - 2015-08-23 18:44 - 00000000 ____D C:\a79d26109b2e7df52fa370e2fe74709e
2015-08-23 18:32 - 2015-08-23 18:35 - 00000000 ____D C:\Program Files (x86)\Acer
2015-08-21 14:56 - 2015-08-21 14:56 - 05864200 _____ (Innovative Solutions ) C:\Users\Eddy\Downloads\drivermax_7_67_cnet.exe
2015-08-21 11:24 - 2015-09-03 23:06 - 02188800 _____ (Farbar) C:\Users\Eddy\Desktop\FRST64.exe
2015-08-21 01:48 - 2015-09-03 21:37 - 02938949 _____ C:\Users\Eddy\AppData\Local\census.cache
2015-08-21 01:48 - 2015-09-03 21:32 - 00181948 _____ C:\Users\Eddy\AppData\Local\ars.cache
2015-08-21 01:37 - 2015-09-03 13:27 - 00000010 _____ C:\Users\Eddy\AppData\Local\sponge.last.runtime.cache
2015-08-21 01:11 - 2015-09-03 13:09 - 00307352 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2015-08-21 01:11 - 2015-08-21 01:11 - 00000036 _____ C:\Users\Eddy\AppData\Local\housecall.guid.cache
2015-08-21 01:10 - 2015-08-21 01:10 - 02494944 _____ (Trend Micro Inc.) C:\Users\Eddy\Downloads\HousecallLauncher64.exe
2015-08-20 20:50 - 2015-08-20 20:51 - 01806216 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2015-08-20 20:50 - 2015-08-20 20:51 - 00042696 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2015-08-20 19:18 - 2015-08-20 19:18 - 00000000 ____D C:\Program Files\Realtek
2015-08-20 17:51 - 2015-08-20 17:51 - 00002043 _____ C:\Users\Public\Desktop\GeekBuddy.lnk
2015-08-20 17:51 - 2015-08-20 17:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo Security Solutions Inc
2015-08-19 22:50 - 2015-08-19 22:39 - 00295592 _____ (Lexmark International, Inc.) C:\Windows\system32\LXEEwupd.exe
2015-08-19 22:50 - 2010-02-22 05:09 - 00510464 _____ (Lexmark International, Inc.) C:\Windows\system32\LXEEwupd.dll
2015-08-19 22:07 - 2015-08-19 22:07 - 00000252 _____ C:\ProgramData\FastPics.log
2015-08-19 22:07 - 2015-08-19 22:07 - 00000000 ____D C:\ProgramData\Ezprint
2015-08-19 22:06 - 2015-09-03 12:55 - 00005428 _____ C:\ProgramData\lxeescan.log
2015-08-19 21:59 - 2015-08-19 22:44 - 00002005 _____ C:\Users\Public\Desktop\Launch Lexmark Printer Home.LNK
2015-08-19 21:58 - 2015-08-19 21:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark
2015-08-19 21:58 - 2015-08-19 21:58 - 00000000 ____D C:\Program Files (x86)\Lexmark Toolbar
2015-08-19 21:57 - 2015-08-19 22:55 - 00000000 ____D C:\Program Files\Lexmark
2015-08-19 21:57 - 2015-08-19 21:57 - 00000000 ____D C:\Program Files (x86)\Lexmark
2015-08-19 21:57 - 2010-03-09 03:58 - 00344064 _____ () C:\Windows\SysWOW64\lxeecomx.dll
2015-08-19 21:57 - 2009-12-09 14:47 - 00643072 _____ ( ) C:\Windows\SysWOW64\lxeepmui.dll
2015-08-19 21:57 - 2009-12-09 14:35 - 00364544 _____ ( ) C:\Windows\SysWOW64\lxeeinpa.dll
2015-08-19 21:57 - 2009-12-09 14:35 - 00344064 _____ ( ) C:\Windows\SysWOW64\lxeeiesc.dll
2015-08-19 21:57 - 2009-12-09 14:34 - 00331776 _____ C:\Windows\SysWOW64\LXEEinst.dll
2015-08-19 21:57 - 2009-11-09 03:06 - 00106496 _____ () C:\Windows\SysWOW64\lxeeinsr.dll
2015-08-19 21:57 - 2009-11-09 03:06 - 00057344 _____ () C:\Windows\SysWOW64\lxeejswr.dll
2015-08-19 21:57 - 2009-11-09 03:06 - 00036864 _____ () C:\Windows\SysWOW64\lxeecur.dll
2015-08-19 21:57 - 2009-03-20 06:20 - 00007680 _____ (eaio) C:\Windows\SysWOW64\NativeCall.dll
2015-08-19 21:57 - 2006-12-06 22:28 - 00126976 _____ (Lexmark International Inc.) C:\Windows\SysWOW64\lxeelnks.dll
2015-08-19 21:56 - 2015-08-20 10:10 - 00000000 ____D C:\Program Files (x86)\Lexmark Pro700 Series
2015-08-19 21:56 - 2015-08-19 21:57 - 00598696 _____ ( ) C:\Windows\SysWOW64\lxeecoms.exe
2015-08-19 21:56 - 2015-08-19 21:57 - 00324264 _____ ( ) C:\Windows\SysWOW64\lxeeih.exe
2015-08-19 21:56 - 2015-08-19 21:56 - 00373416 _____ ( ) C:\Windows\SysWOW64\lxeecfg.exe
2015-08-19 21:56 - 2010-04-14 13:36 - 00002052 _____ C:\Windows\SysWOW64\lxee.loc
2015-08-19 21:56 - 2009-12-09 15:24 - 00579584 _____ ( ) C:\Windows\system32\lxeecomm.dll
2015-08-19 21:56 - 2009-12-09 15:23 - 00495616 _____ C:\Windows\system32\LXEEinst.dll
2015-08-19 21:56 - 2009-12-09 14:43 - 01048576 _____ ( ) C:\Windows\SysWOW64\lxeeserv.dll
2015-08-19 21:56 - 2009-12-09 14:41 - 00688128 _____ ( ) C:\Windows\SysWOW64\lxeehbn3.dll
2015-08-19 21:56 - 2009-12-09 14:40 - 00847872 _____ ( ) C:\Windows\SysWOW64\lxeeusb1.dll
2015-08-19 21:56 - 2009-12-09 14:36 - 00577536 _____ ( ) C:\Windows\SysWOW64\lxeelmpm.dll
2015-08-19 21:56 - 2009-12-09 14:36 - 00372736 _____ ( ) C:\Windows\SysWOW64\lxeecomm.dll
2015-08-19 21:56 - 2009-12-09 14:35 - 00802816 _____ ( ) C:\Windows\SysWOW64\lxeecomc.dll
2015-08-19 21:56 - 2009-11-26 03:53 - 00086183 _____ (Lexmark International) C:\Windows\SysWOW64\LXEEcfg.dll
2015-08-19 21:56 - 2009-11-09 03:06 - 00262144 _____ () C:\Windows\SysWOW64\lxeeinsb.dll
2015-08-19 21:56 - 2009-11-09 03:06 - 00253952 _____ () C:\Windows\SysWOW64\lxeecu.dll
2015-08-19 21:56 - 2009-11-09 03:06 - 00090112 _____ () C:\Windows\SysWOW64\lxeecub.dll
2015-08-19 21:56 - 2009-11-09 03:05 - 00323584 _____ () C:\Windows\SysWOW64\lxeeins.dll
2015-08-19 21:47 - 2015-08-19 21:47 - 00000000 ____D C:\Lexmark
2015-08-19 20:58 - 2015-08-19 20:58 - 01564121 _____ C:\ProgramData\SPL5714.tmp
2015-08-19 20:44 - 2015-08-19 20:44 - 01043237 _____ C:\ProgramData\SPL1E4.tmp
2015-08-19 02:52 - 2015-08-19 01:27 - 00047632 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2015-08-19 01:28 - 2015-08-19 01:28 - 00001286 _____ C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
2015-08-19 01:27 - 2015-08-19 01:27 - 00000000 ____D C:\Program Files (x86)\Panda Security
2015-08-19 01:22 - 2015-08-19 01:25 - 32518056 _____ (Panda Security ) C:\Users\Eddy\Downloads\PandaCloudCleaner.exe
2015-08-18 22:50 - 2015-08-18 22:50 - 17334297 _____ C:\Users\Eddy\Downloads\usb140201.zip
2015-08-18 15:34 - 2015-08-18 15:34 - 00000000 ____D C:\Users\Eddy\Documents\New Ebooks & Audio
2015-08-18 15:18 - 2015-08-18 15:18 - 00000000 ____D C:\Users\Eddy\Desktop\MCWE books
2015-08-18 14:52 - 2015-08-18 15:29 - 00000000 ____D C:\Users\Eddy\Documents\resumes
2015-08-17 18:03 - 2015-08-17 18:03 - 29558024 _____ (Anmosoft, Inc. ) C:\Users\Eddy\Downloads\WindowsPasswordResetStandardDemoSetup.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-03 23:04 - 2014-10-28 15:19 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat
2015-09-03 23:02 - 2014-10-20 16:09 - 01086698 _____ C:\Windows\WindowsUpdate.log
2015-09-03 22:12 - 2014-11-30 14:17 - 00000556 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2949447929-3806749029-1979589009-1000.job
2015-09-03 20:54 - 2015-05-12 11:37 - 00003460 _____ C:\Windows\System32\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c
2015-09-03 17:13 - 2014-11-13 00:08 - 00000000 __SHD C:\Users\Eddy\AppData\Local\EmieBrowserModeList
2015-09-03 17:13 - 2014-10-28 11:03 - 00000000 __SHD C:\Users\Eddy\AppData\Local\EmieUserList
2015-09-03 17:13 - 2014-10-28 11:03 - 00000000 __SHD C:\Users\Eddy\AppData\Local\EmieSiteList
2015-09-03 13:04 - 2009-07-14 00:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-03 13:04 - 2009-07-14 00:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-03 12:58 - 2015-06-06 00:27 - 00002832 _____ C:\Windows\System32\Tasks\SlimDrivers Startup
2015-09-03 12:57 - 2015-06-06 00:27 - 00000408 _____ C:\Windows\Tasks\SlimDrivers Startup.job
2015-09-03 12:55 - 2015-06-06 00:26 - 00016056 _____ (SlimWare Utilities, Inc.) C:\Windows\system32\Drivers\SWDUMon.sys
2015-09-03 12:54 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-03 12:54 - 2009-07-14 00:51 - 00082929 _____ C:\Windows\setupact.log
2015-09-02 12:49 - 2014-10-28 11:09 - 00000000 ____D C:\Users\Eddy\AppData\Roaming\Skype
2015-09-02 10:54 - 2015-05-10 12:12 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-09-02 01:44 - 2014-10-20 16:58 - 00155382 _____ C:\Windows\DPINST.LOG
2015-09-02 01:43 - 2014-10-20 17:00 - 08095232 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2015-09-02 01:43 - 2014-10-20 17:00 - 07370176 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2015-09-02 01:43 - 2014-10-20 17:00 - 06042112 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
2015-09-02 01:43 - 2014-10-20 17:00 - 05694976 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2015-09-02 01:43 - 2014-10-20 17:00 - 05616640 _____ (Intel Corporation) C:\Windows\system32\igdumd64.dll
2015-09-02 01:43 - 2014-10-20 17:00 - 04233728 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumd32.dll
2015-09-02 01:43 - 2014-10-20 17:00 - 03799040 _____ (Intel Corporation) C:\Windows\system32\igd10umd64.dll
2015-09-02 01:43 - 2014-10-20 17:00 - 03646976 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll
2015-09-02 01:43 - 2014-10-20 17:00 - 00549888 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdx32.dll
2015-09-02 01:43 - 2014-10-20 17:00 - 00371712 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2015-09-02 01:43 - 2014-10-20 17:00 - 00312832 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00306688 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00305664 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00305664 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00301568 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00296960 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00293376 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00291328 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00290304 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00289792 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00284672 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00284672 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00284672 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00283136 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00282624 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00282112 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00281088 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00279552 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00278016 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00264704 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00259584 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2015-09-02 01:43 - 2014-10-20 17:00 - 00254464 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00251904 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00246272 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2015-09-02 01:43 - 2014-10-20 17:00 - 00217088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2015-09-02 01:43 - 2014-10-20 17:00 - 00208896 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00207360 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00181760 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00180224 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2015-09-02 01:43 - 2014-10-20 17:00 - 00125952 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2015-09-02 01:43 - 2014-10-20 17:00 - 00108544 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2015-09-02 01:43 - 2014-10-20 17:00 - 00055808 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2015-09-02 01:43 - 2014-10-20 17:00 - 00027648 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2015-09-01 10:07 - 2010-11-20 23:47 - 00049054 _____ C:\Windows\PFRO.log
2015-08-31 16:10 - 2015-05-31 16:10 - 00003674 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-2949447929-3806749029-1979589009-1000
2015-08-31 16:10 - 2015-05-31 16:10 - 00000652 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2949447929-3806749029-1979589009-1000.job
2015-08-31 16:10 - 2014-11-30 14:17 - 00003578 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-2949447929-3806749029-1979589009-1000
2015-08-31 14:53 - 2009-07-14 01:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-08-31 03:10 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2015-08-31 02:14 - 2015-02-22 19:01 - 00000000 ____D C:\Windows\Minidump
2015-08-30 21:16 - 2014-10-28 11:09 - 00000000 ____D C:\ProgramData\Skype
2015-08-30 18:41 - 2014-12-14 01:10 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-30 18:41 - 2014-10-21 10:35 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-30 18:07 - 2014-10-29 00:37 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-30 18:07 - 2014-10-29 00:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-30 18:07 - 2009-07-14 00:45 - 00419648 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-30 14:35 - 2014-10-28 10:55 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-30 14:33 - 2014-10-29 00:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-30 14:08 - 2014-10-20 18:09 - 00000000 ____D C:\Windows\system32\MRT
2015-08-30 13:54 - 2014-10-20 18:09 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-30 11:35 - 2014-10-28 11:09 - 00000000 ____D C:\Users\Eddy\AppData\Local\Skype
2015-08-28 11:47 - 2014-10-29 01:42 - 03932616 _____ C:\Windows\system32\Drivers\fvstore.dat
2015-08-28 10:45 - 2014-10-28 11:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-27 19:32 - 2015-01-03 21:57 - 00000000 ____D C:\Users\Eddy\Desktop\Scouts 2015
2015-08-26 23:38 - 2014-10-28 15:19 - 00000000 ____D C:\Windows\System32\Tasks\COMODO
2015-08-26 23:38 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\registration
2015-08-26 19:40 - 2014-10-20 16:24 - 00000000 ____D C:\Users\Eddy
2015-08-25 12:56 - 2015-07-25 13:27 - 00072700 _____ C:\ProgramData\lxeeJSW.log
2015-08-23 18:55 - 2009-07-14 01:13 - 00891680 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-21 14:59 - 2015-02-18 20:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverMax
2015-08-20 19:04 - 2014-10-20 16:36 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-20 19:01 - 2014-10-20 16:39 - 00000000 ___HD C:\Program Files (x86)\Temp
2015-08-20 18:12 - 2014-10-20 16:39 - 02825944 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2015-08-20 17:51 - 2014-10-28 15:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2015-08-20 10:23 - 2015-07-25 13:27 - 00000000 ____D C:\ProgramData\lx_Cats
2015-08-19 23:28 - 2015-07-25 13:27 - 00205011 _____ C:\Windows\system32\LexFiles.ulf
2015-08-19 22:57 - 2009-07-13 20:35 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\wiafbdrv.dll
2015-08-19 22:50 - 2015-07-25 13:26 - 00000000 ____D C:\Program Files\Lexmark Pro700 Series
2015-08-19 22:42 - 2010-04-14 19:01 - 00612008 _____ ( ) C:\Windows\system32\lxeecfg.exe
2015-08-19 22:42 - 2010-04-14 19:01 - 00520872 _____ ( ) C:\Windows\system32\lxeeih.exe
2015-08-19 02:51 - 2015-03-01 15:26 - 00000000 ____D C:\Users\Eddy\Desktop\iso's
2015-08-19 01:28 - 2014-10-20 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2015-08-18 15:20 - 2015-07-04 15:11 - 00000000 ____D C:\Users\Eddy\Desktop\br ideas
2015-08-18 11:28 - 2014-10-28 15:19 - 00001985 _____ C:\Users\Public\Desktop\COMODO Internet Security.lnk
2015-08-17 01:25 - 2014-10-28 11:29 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-17 01:25 - 2014-10-28 11:29 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-04 20:31 - 2013-01-16 19:51 - 00806032 _____ (COMODO) C:\Windows\system32\Drivers\cmdguard.sys
2015-08-04 20:31 - 2013-01-16 19:51 - 00105096 _____ (COMODO) C:\Windows\system32\Drivers\inspect.sys
2015-08-04 20:31 - 2013-01-16 19:51 - 00045856 _____ (COMODO) C:\Windows\system32\Drivers\cmdhlp.sys
2015-08-04 20:31 - 2013-01-16 19:51 - 00021184 _____ (COMODO) C:\Windows\system32\Drivers\cmderd.sys
2015-08-04 20:29 - 2013-01-24 22:43 - 00579408 _____ (COMODO) C:\Windows\system32\guard64.dll
2015-08-04 20:29 - 2013-01-24 22:43 - 00445472 _____ (COMODO) C:\Windows\SysWOW64\guard32.dll
2015-08-04 20:29 - 2013-01-24 22:43 - 00041224 _____ (COMODO) C:\Windows\system32\cmdcsr.dll
2015-08-04 20:28 - 2013-01-24 22:42 - 00358080 _____ (COMODO) C:\Windows\system32\cmdvrt64.dll
2015-08-04 20:28 - 2013-01-24 22:42 - 00045760 _____ (COMODO) C:\Windows\system32\cmdkbd64.dll
2015-08-04 20:27 - 2013-01-24 22:42 - 00288448 _____ (COMODO) C:\Windows\SysWOW64\cmdvrt32.dll
2015-08-04 20:26 - 2013-01-24 22:42 - 00040640 _____ (COMODO) C:\Windows\SysWOW64\cmdkbd32.dll

==================== Files in the root of some directories =======

2015-08-21 01:48 - 2015-09-03 21:32 - 0181948 _____ () C:\Users\Eddy\AppData\Local\ars.cache
2015-08-21 01:48 - 2015-09-03 21:37 - 2938949 _____ () C:\Users\Eddy\AppData\Local\census.cache
2015-08-21 01:11 - 2015-08-21 01:11 - 0000036 _____ () C:\Users\Eddy\AppData\Local\housecall.guid.cache
2015-06-04 22:36 - 2015-06-04 22:36 - 0005324 _____ () C:\Users\Eddy\AppData\Local\HWVendorDetection.log
2015-08-21 01:37 - 2015-09-03 13:27 - 0000010 _____ () C:\Users\Eddy\AppData\Local\sponge.last.runtime.cache
2014-11-28 19:49 - 2014-11-28 19:49 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-08-25 12:59 - 2015-08-25 12:59 - 0000000 _____ () C:\ProgramData\cmn_upld.log
2015-06-06 10:25 - 2015-06-06 10:25 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-08-19 22:07 - 2015-08-19 22:07 - 0000252 _____ () C:\ProgramData\FastPics.log
2015-07-25 13:27 - 2015-08-25 12:56 - 0072700 _____ () C:\ProgramData\lxeeJSW.log
2015-08-19 22:06 - 2015-09-03 12:55 - 0005428 _____ () C:\ProgramData\lxeescan.log
2015-08-25 12:59 - 2015-08-25 12:59 - 0000000 _____ () C:\ProgramData\LxWbGwLog.log
2015-08-19 20:44 - 2015-08-19 20:44 - 1043237 _____ () C:\ProgramData\SPL1E4.tmp
2015-08-19 20:58 - 2015-08-19 20:58 - 1564121 _____ () C:\ProgramData\SPL5714.tmp
2015-08-19 21:55 - 2015-08-19 21:55 - 0000000 _____ () C:\ProgramData\UpdaterLog.txt

Some files in TEMP:
====================
C:\Users\Eddy\AppData\Local\Temp\install_flashplayer15x32_mssd_aaa_aih.exe
C:\Users\Eddy\AppData\Local\Temp\install_flashplayer15x32_mssd_aaa_aih_1.exe
C:\Users\Eddy\AppData\Local\Temp\install_reader11_en_mssd_aaa_aih.exe
C:\Users\Eddy\AppData\Local\Temp\ose00000.exe
C:\Users\Eddy\AppData\Local\Temp\pc-support-bar-setup.exe
C:\Users\Eddy\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-09-01 00:53

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version:31-08-2015
Ran by Eddy (2015-09-03 23:09:05)
Running from C:\Users\Eddy\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2949447929-3806749029-1979589009-500 - Administrator - Disabled)
Eddy (S-1-5-21-2949447929-3806749029-1979589009-1000 - Administrator - Enabled) => C:\Users\Eddy
Guest (S-1-5-21-2949447929-3806749029-1979589009-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2949447929-3806749029-1979589009-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AV: COMODO Antivirus (Enabled - Up to date) {F25D0092-CDBE-B303-ADB7-88DE8CDECCF5}
AS: Comodo Defense+ (Enabled - Up to date) {493CE176-EB84-BC8D-9707-B3ACF7598648}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {CA6681B7-87D1-B25B-86E8-21EB720D8B8E}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Acer Crystal Eye Webcam (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.2.7.1 - Suyin Optronics Corp)
Acer PowerSmart Manager (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.07.3008 - Acer Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.2.202.235 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.22 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{0A107E17-B5C5-DFE3-6EAA-E6A68A4B82FD}) (Version: 3.0.741.0 - ATI Technologies, Inc.)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
ccc-core-static (x32 Version: 2009.0904.1410.23535 - ATI) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5143 - CDBurnerXP)
Citrix Online Launcher (HKLM-x32\...\{8A16C63D-027A-4645-B394-C033665D0195}) (Version: 1.0.325 - Citrix)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 43.3.3.185 - Comodo)
Comodo IceDragon (HKLM-x32\...\Comodo IceDragon) (Version: 38.0.5.2 - COMODO)
COMODO Internet Security (HKLM\...\{BCC0552D-76C0-4130-BFBD-49BE49ACC594}) (Version: 6.0.2566.2708 - COMODO Security Solutions Inc.)
DriverMax 7 (HKLM-x32\...\DMX5_is1) (Version: 7.67.0.1189 - Innovative Solutions)
EaseUS Partition Master 10.1 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
EasyBCD 2.0 (HKLM-x32\...\EasyBCD) (Version: 2.0 - NeoSmart Technologies)
GeekBuddy (HKLM-x32\...\{AA722B93-B5B3-48DE-912A-81C0926D22AE}) (Version: 4.21.144 - Comodo Security Solutions Inc)
GoToMeeting 7.2.4.3277 (HKU\S-1-5-21-2949447929-3806749029-1979589009-1000\...\GoToMeeting) (Version: 7.2.4.3277 - CitrixOnline)
HP Deskjet 1050 J410 series Basic Device Software (HKLM\...\{F294770E-F869-400F-81C3-614B5F13CA54}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 1050 J410 series Help (HKLM-x32\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard)
HP Deskjet 1050 J410 series Product Improvement Study (HKLM\...\{5848A26C-E4BC-4A13-AA8D-810BA344475A}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8600 Basic Device Software (HKLM\...\{791A06E2-340F-43B0-8FAB-62D151339362}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Help (HKLM-x32\...\{46235FF7-2CBE-4A84-BEDA-87348D1F7850}) (Version: 28.0.0 - Hewlett Packard)
HP Officejet Pro 8600 Product Improvement Study (HKLM\...\{2BF5E9CC-C55D-4B0F-ACAF-FFE77F333CD8}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3341 - HP Photo Creations Powered by RocketLife)
HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
IIS 7.5 Express (HKLM-x32\...\{3A30B5F5-F12C-490F-8CD4-D200C75DF7E8}) (Version: 7.5.1190 - Microsoft Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.02 - Acer Inc.)
Lexmark Pro700 Series (HKLM\...\Lexmark Pro700 Series) (Version:  - Lexmark International, Inc.)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Sync Framework 2.1 Core Components (x86) ENU  (HKLM-x32\...\{7AC8EF88-D996-4D47-B40C-4DD93E307481}) (Version: 2.1.1648.0 - Microsoft Corporation)
Microsoft Sync Framework 2.1 Database Providers (x86) ENU  (HKLM-x32\...\{296E293F-C481-4DDE-9ED2-3F79FCF38731}) (Version: 3.1.1648.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Mozilla Firefox 40.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 en-US)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
OA LodgeMaster Lodge Client 3.3.5 (HKLM-x32\...\{48ce1c6c-5d07-40bd-94ce-45746fedb6ec}) (Version: 3.3.5 - Order Of The Arrow, Boy Scouts Of America)
OA LodgeMaster Lodge Client 3.3.5 (x32 Version: 3.3.5 - Order Of The Arrow, Boy Scouts Of America) Hidden
Optical Drive Power Management (HKLM-x32\...\{AE09C972-EEB2-4DA5-8090-0FCF54576854}) (Version: 1.01.3002 - Acer Incorporated)
Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.0.107 - Panda Security)
Panda USB Vaccine 1.0.1.16 (HKLM-x32\...\{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1) (Version:  - Panda Security)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30093 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.93 (HKLM-x32\...\Revo Uninstaller) (Version: 1.93 - VS Revo Group)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
SlimDrivers (HKLM-x32\...\{5AD12E7A-D739-4451-9BD1-3610EC56D8F5}) (Version: 2.2.45206 - SlimWare Utilities, Inc.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1186 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.2.0 - Synaptics Incorporated)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2949447929-3806749029-1979589009-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Eddy\AppData\Local\Citrix\GoToMeeting\2759\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)

==================== Restore Points =========================

30-08-2015 10:49:50 Revo Uninstaller's restore point - Skype™ 6.3
30-08-2015 10:57:01 Removed Skype™ 6.3
30-08-2015 11:26:55 Installed Skype™ 6.14
30-08-2015 13:48:18 Windows Update
30-08-2015 18:37:14 Windows Update
02-09-2015 01:10:53 DMX_DriverMax Driver Installation
02-09-2015 01:16:03 Device Driver Package Install: Intel Corporation Display adapters
02-09-2015 01:32:18 DMX_DriverMax Driver Installation
02-09-2015 01:38:09 Device Driver Package Install: Intel Corporation Display adapters
03-09-2015 13:13:19 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00815410-70D1-4E64-85C7-CDF5F7AFA8D5} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe [2010-06-01] ()
Task: {0C76578A-D416-4BE3-A8DA-404CE4C76A6D} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-18] (COMODO)
Task: {14A93FEC-8509-400B-ACB4-CAEB3A2769B9} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-08-18] (COMODO)
Task: {16B94025-12D5-4AE6-B9F1-4F2E3E9C4115} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-18] (COMODO)
Task: {2375650A-9111-4FDB-8568-F40EB6F6C4C0} - System32\Tasks\{D6185235-F860-42A7-BBB8-E0D5DE27EB86} => pcalua.exe -a C:\Users\Eddy\AppData\Local\Temp\Temp2_Camera_Suyin_5.2.7.1_W7x64W7x86_A.zip\Webcam_Suyin(Rose3G_LavenderG)_v5.2.7.1_Win7x86x64\Setup.exe
Task: {2BB6AB29-A60A-4C4D-B96A-803B24B65A6E} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-18] (COMODO)
Task: {66FA665E-C9A9-426E-9E4B-BD20E07B19A8} - System32\Tasks\G2MUpdateTask-S-1-5-21-2949447929-3806749029-1979589009-1000 => C:\Users\Eddy\AppData\Local\Citrix\GoToMeeting\3277\g2mupdate.exe [2015-08-31] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {69C32493-DB53-4DD5-8B21-3A1F4AB95390} - System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2015-01-30] (Hewlett-Packard Co.)
Task: {6AE675BD-B3B2-41E0-B47C-B8EFB97A04C5} - System32\Tasks\{7ADA8680-CF5F-416A-85B8-DAEC3FBFB40D} => pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller"
Task: {77087366-DC8E-4201-A270-1D39088167E9} - System32\Tasks\SlimDrivers Startup => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [2015-06-06] (SlimWare Utilities, Inc.)
Task: {87C12831-3298-4195-8008-653EFD97F685} - System32\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c => C:\Program Files (x86)\Innovative Solutions\DriverMax\innostp.exe [2015-08-21] (Innovative Solutions)
Task: {9C4B180E-2DEF-4EBE-AE9A-22C61B33DF89} - System32\Tasks\{CC8D996B-6E0A-4E87-B2A8-98559672C237} => pcalua.exe -a C:\Users\Eddy\AppData\Local\Temp\Temp2_Lan_Atheros_1.0.0.10_W7x86W7x64_A.zip\LAN_Atheros(AR8131)_v1.0.0.10_Win7x82x64\setup.exe
Task: {A5B2323B-ECC1-46B4-AA71-FEA4A2925100} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-18] (COMODO)
Task: {AA3D45BA-E398-448A-878E-AC1A6E9AD9AD} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {CF534F79-D7D5-44D0-A15C-2E6DF442A4FF} - System32\Tasks\{7A2B89EB-70B4-4697-AA4D-3164F03F56B8} => Firefox.exe http://ui.skype.com/...e=tsProgressBar
Task: {E20344C0-2159-48A7-9B17-FA574C9D3F3F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-14] (Adobe Systems Incorporated)
Task: {EAAA3696-D4FF-4017-ABE9-B8BD33E16FC6} - System32\Tasks\G2MUploadTask-S-1-5-21-2949447929-3806749029-1979589009-1000 => C:\Users\Eddy\AppData\Local\Citrix\GoToMeeting\3277\g2mupload.exe [2015-08-31] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {FAA02B21-1141-48BE-AC53-D14456167842} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2949447929-3806749029-1979589009-1000.job => C:\Users\Eddy\AppData\Local\Citrix\GoToMeeting\3277\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2949447929-3806749029-1979589009-1000.job => C:\Users\Eddy\AppData\Local\Citrix\GoToMeeting\3277\g2mupload.exe
Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe

==================== Loaded Modules (Whitelisted) ==============

2015-07-25 13:26 - 2015-08-19 23:10 - 00189440 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxeedrpp.dll
2015-06-22 06:12 - 2015-06-22 06:12 - 01971384 _____ () C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe
2015-06-04 22:39 - 2008-07-29 19:29 - 00200704 _____ () C:\Windows\PLFSetI.exe
2015-02-18 20:49 - 2015-02-18 20:49 - 00030080 _____ () C:\Windows\snuvcdsm.exe
2015-08-19 21:59 - 2015-08-19 22:43 - 00772712 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\lxeemon.exe
2015-08-19 21:58 - 2015-08-19 22:43 - 00150264 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\ezprint.exe
2014-10-20 16:31 - 2014-02-13 15:37 - 00254024 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe
2012-12-14 20:46 - 2015-01-08 18:02 - 00067808 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2015-08-19 21:59 - 2010-04-01 12:23 - 00389120 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\lxeescw.dll
2015-08-19 21:58 - 2009-05-27 07:16 - 00192512 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\lxeedatr.dll
2015-08-19 21:59 - 2010-04-01 12:24 - 01159168 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\lxeeDRS.dll
2015-08-19 21:59 - 2009-03-10 00:43 - 00155648 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\lxeecaps.dll
2009-02-20 08:48 - 2015-07-25 13:21 - 00381440 _____ () C:\Windows\system32\lxeesm.dll
2009-02-20 08:48 - 2015-07-25 13:23 - 00023552 _____ () C:\Windows\system32\lxeesmr.dll
2015-08-19 21:58 - 2010-04-05 05:56 - 00716954 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\Epwizard.DLL
2015-08-19 21:58 - 2010-04-05 05:55 - 00159890 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\customui.dll
2015-08-19 21:58 - 2010-04-05 05:54 - 00123033 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\Eputil.DLL
2015-08-19 21:58 - 2010-04-05 05:54 - 00143502 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\Imagutil.DLL
2015-08-19 21:58 - 2010-04-05 05:55 - 00061604 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\Epfunct.DLL
2015-08-19 21:58 - 2010-04-05 05:56 - 02203803 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\EPWizRes.dll
2015-08-19 21:58 - 2010-04-05 05:56 - 00045221 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\epstring.dll
2015-08-19 21:58 - 2010-04-05 05:56 - 00094359 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\EPOEMDll.dll
2015-08-19 21:58 - 2009-04-07 14:25 - 00409600 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\iptk.dll
2015-08-19 21:59 - 2009-03-02 09:25 - 00151552 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\lxeeptp.dll
2014-10-20 16:31 - 2014-02-13 15:27 - 00222792 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\traynet.dll
2014-10-20 16:31 - 2014-02-13 15:27 - 00275528 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\libcurl.dll
2014-10-20 16:31 - 2014-02-13 15:27 - 00113166 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\zlib1.dll
2014-10-20 16:31 - 2014-02-13 15:27 - 00249928 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\uexper.dll
2015-08-13 14:37 - 2015-08-13 14:37 - 00976064 _____ () C:\Program Files (x86)\Comodo\GeekBuddy\QtNetwork4.dll
2015-08-13 14:37 - 2015-08-13 14:37 - 02254528 _____ () C:\Program Files (x86)\Comodo\GeekBuddy\QtCore4.dll
2015-08-13 14:37 - 2015-08-13 14:37 - 08024768 _____ () C:\Program Files (x86)\Comodo\GeekBuddy\QtGui4.dll
2015-08-13 14:38 - 2015-08-13 14:38 - 00032960 _____ () C:\Program Files (x86)\Comodo\GeekBuddy\imageformats\qgif4.dll
2015-08-13 14:37 - 2015-08-13 14:37 - 01299648 _____ () C:\Program Files (x86)\Comodo\GeekBuddy\QtScript4.dll
2015-02-18 20:45 - 2015-08-21 14:58 - 00009752 _____ () C:\Program Files (x86)\Innovative Solutions\DriverMax\sync.dll
2015-02-08 19:15 - 2015-02-08 19:15 - 01498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2015-02-08 19:15 - 2015-02-08 19:15 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2015-08-17 01:25 - 2015-08-17 01:25 - 17482952 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
2014-10-28 11:29 - 2012-05-25 04:25 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows\Acer Crystal Eye webcam.EXE:$CmdTcID
AlternateDataStreams: C:\Windows\Image.dll:$CmdTcID
AlternateDataStreams: C:\Windows\notepad.exe:$CmdTcID
AlternateDataStreams: C:\Windows\PLFSetL.exe:$CmdTcID
AlternateDataStreams: C:\Windows\RtlExUpd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\snuvcdsm.exe:$CmdTcID
AlternateDataStreams: C:\Windows\USB_VIDEO_REG.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\acmigration.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\adtschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\advapi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aelupsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aepdu.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aitstatic.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\apisetschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\apphelp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidcertstorecheck.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidpolicyconverter.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appinfo.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appraiser.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atmfd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atmlib.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\audiodg.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\authui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\blackbox.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\certcli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cewmdm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ci.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\clfs.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\clfsw32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\comctl32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\CompatTelRunner.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\consent.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\crypt32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptnet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3d10warp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\davclnt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dciman32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\devinv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\diagtrack.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\difx64.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\diskperf.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\drmmgrtn.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\drmv2clt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dwmapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dwmcore.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\DWrite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxmasf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\FntCache.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\fontsub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\gdi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\generaltel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\gfxSrvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\GfxUI.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\hccutils.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\HdmiCoin.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\hkcmd.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\hpinkcoi8911.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\hpinkins8911.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\hpinksts8911LM.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\HPScanTRDrv_DJ1050_J410.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\HPWia2_DJ1050_J410.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\IccLibDll_x64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ig4icd64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igd10umd64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igdumd64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxcmjit64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxcmrt64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxCoIn_v2858.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxcpl.cpl:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxdev.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\IGFXDEVLib.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxdo.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxexps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxext.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxpers.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxpph.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrara.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrchs.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrcht.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrcsy.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrdan.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrdeu.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrell.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrenu.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxresn.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxress.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrfin.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrfra.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrheb.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrhrv.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrhun.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrita.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrjpn.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrkor.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrnld.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrnor.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrplk.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrptb.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrptg.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrrom.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrrus.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrsky.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrslv.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrsve.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrtha.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrtrk.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxsrvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxsrvc.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxTMM.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxtray.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iglhcp64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iglhsip64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\InkEd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\invagent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jnwmon.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\logman.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lpk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeecfg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeecfg.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeecoin.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeecomc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeecoms.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeecu.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeecub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeecui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeecuir.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeecur.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeegcfg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeegrd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeehbn3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeehcp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeeiesc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeeih.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeeinpa.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeeins.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeeinsb.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeeinsr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeejswr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeelmpm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeepmui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeeserv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeesm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeesmr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeeusb1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeevs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\LXEEwupd.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxk_g.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxk_gf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mferror.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfpmp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MpSigStub.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MRT.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msaudite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msctf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msdxm.ocx:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msiexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msihnd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msimsg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msnetobj.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msobjs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msscp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\NETwNc64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\NETwNr64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nlasvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ole32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\oleaut32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcadm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcaevts.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcalua.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcasvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcawrk.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\perftrack.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\poqexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\powertracker.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\quartz.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdpcorets.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RdpGroupPolicyExtension.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdpudd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\relog.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rrinstaller.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\scesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sdbinst.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sechost.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\services.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\setbcdlocale.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\shell32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\shimeng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\spwmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tdh.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tracerpt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\TSWbPrxy.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\typeperf.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tzres.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ubpm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\UtcResources.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\v3DDKAdapterUmode.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WdfCoInstaller01005.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WdfCoInstaller01009.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WdfCoInstaller01011.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wdi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wiafbdrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\win32k.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WindowsCodecs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winload.efi:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winload.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winresume.efi:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winresume.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WinSetupUI.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wintrust.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WinUSBCoInstaller2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmdrmsdk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WMPhoto.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmploc.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wow64cpu.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wow64win.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wpdshext.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wu.upgrade.ps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuapp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuauclt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuaueng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wucltux.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wudriver.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wups.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wups2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuwebv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\adtschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\advapi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\apisetschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\apphelp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\appidapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atmfd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atmlib.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\AudioEng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\AUDIOKSE.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\AudioSes.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\authui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\blackbox.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\certcli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cewmdm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\clfsw32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\comctl32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\credssp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\crypt32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptbase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptnet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3d10warp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\davclnt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dciman32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\diskperf.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\drmmgrtn.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\drmv2clt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dwmapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dwmcore.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\DWrite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dxmasf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\fontsub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\gdi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ig4icd32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\igd10umd32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\igdumd32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\igdumdx32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\igfxcmjit32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\igfxcmrt32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\igfxdv32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\igfxexps32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iglhcp32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iglhsip32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\InkEd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\instnm.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\logman.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\lpk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\lxeecfg.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\lxeecoms.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\lxeeih.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\lxeesm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\lxeesmr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mferror.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mfpmp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mfps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msaudite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msctf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msdxm.ocx:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msiexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msihnd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msimsg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msnetobj.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msobjs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msscp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ncsi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nlaapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\notepad.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntvdm64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ole32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\oleaut32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\poqexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\quartz.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\relog.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\rpcrt4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\rrinstaller.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\scesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\sdbinst.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\sechost.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\secur32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\shell32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\shimeng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\spwmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\srclient.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\sspicli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\tdh.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\tracerpt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\typeperf.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\tzres.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ubpm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\user.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\v3DDKAdapterUmodeWow64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wdi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\WebClnt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\WindowsCodecs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wintrust.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmdrmsdk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\WMPhoto.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmploc.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wow32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wpdshext.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wuapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wuapp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wudriver.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wups.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wuwebv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\amdkmafd.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\appid.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\cng.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\http.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\igdkmd64.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\IntcHdmi.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\L1C62x64.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mbam.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mbamchameleon.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mf.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\MpFilter.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxdav.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb10.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb20.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mwac.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\MxEFUF64.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\NETwNs64.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\NisDrvWFP.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\PEAuth.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\PSKMAD.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\rndismpx.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\Smb_driver_Intel.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\sncduvc.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\snp2uvc.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ssadcm.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ssadwh.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ssudbus.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ssudmdm.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\stream.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\tmcomm.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\usb8023x.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\usbscan.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\v3DDKAdapterKmode.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\WdfCoInstaller01005.dll:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Desktop\20150612_pc_auto_id_card.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Desktop\20150612_pc_auto_id_card.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Desktop\57bb0165-0e97-4ba1-8d18-8cf63d8d50d8_1420219525720.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Desktop\57bb0165-0e97-4ba1-8d18-8cf63d8d50d8_1420219525720.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Desktop\BankingAndCurrencyAndTheMoneyTrust-ByCharlesA.Lindbergh.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Desktop\BankingAndCurrencyAndTheMoneyTrust-ByCharlesA.Lindbergh.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Desktop\compplanbooklet2014 ENGLISH.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Desktop\compplanbooklet2014 ENGLISH.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Desktop\divemaster_brochure.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Desktop\divemaster_brochure.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Desktop\tacos de chimpa.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Desktop\TMO_SM-G386T_Galaxy_AVANT_English_Health_Safety_KK_F1.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\cispremium_installer.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\cispremium_installer.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\CoDependenceIntoCoEmpowermentSession1.mp3.part:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\Conscious_Language_Code_MSLUC.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\Conscious_Language_Code_MSLUC.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\DJ1050_J410_1313-1.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\DJ1050_J410_1313-1.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\driver-updater-setup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\driver-updater-setup.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\drivermax_7_67_cnet.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\Family Reunion 2015 brochure.docx:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\Family Reunion 2015 brochure.docx:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\HousecallLauncher64.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\HousecallLauncher64.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\HPSupportSolutionsFramework-en-11.51.0048.msi:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\HPSupportSolutionsFramework-en-11.51.0048.msi:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\HWVendorDetection.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\HWVendorDetection.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\InstallScreencastOMatic-v2-1.8.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\InstallScreencastOMatic-v2-1.8.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\Intel Driver Update Utility Installer.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\Intel Driver Update Utility Installer.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\kinakwii.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\kinakwii.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\LEXMARK_Pro700_wcr_64_en.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\LEXMARK_Pro700_wcr_64_en.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\Lightweight_Scouting_Dissertation.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\mbam-setup-2.1.8.1057.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\mbam-setup-2.1.8.1057.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\new bsa med.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\new bsa med.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\OalmLodgeClientInstaller-3.3.5.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\OalmLodgeClientInstaller-3.3.5.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\PandaCloudCleaner.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\PandaCloudCleaner.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\papa-francesco-motu-proprio_20130711_organi-giudiziari(1).pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\papa-francesco-motu-proprio_20130711_organi-giudiziari(1).pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\papa-francesco-motu-proprio_20130711_organi-giudiziari.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\papa-francesco-motu-proprio_20130711_organi-giudiziari.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\PathToFreedom.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\PathToFreedom.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\Shockwave_Installer_Slim.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\Shockwave_Installer_Slim.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\SKMBT_C45215012611230.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\SKMBT_C45215012611230.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\SkypeSetup_6.14.0.104.msi:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\SlimDrivers-setup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\SlimDrivers-setup.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\The_4_Forces_of_Health_Module_1.mp3.part:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\TrendMicro_MAX_10.0_US-en_Downloader.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\usb140201.zip:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\usb140201.zip:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\ViberSetup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\ViberSetup.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\vlc-2.1.5-win64.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\vlc-2.1.5-win64.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\wgm-masterclass-2015jun-workbook.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\wgm-masterclass-2015jun-workbook.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\WindowsPasswordResetStandardDemoSetup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\WindowsPasswordResetStandardDemoSetup.exe:$CmdZnID

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2949447929-3806749029-1979589009-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Eddy\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{99FCFA16-67B2-4A66-A360-97A63C330772}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{7D5FEF62-F0F4-4201-9854-B678F13E3AAB}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{0F14F19A-4567-457E-920A-912AB51E4A83}] => (Allow) C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
FirewallRules: [{CD78ED65-C708-4542-BF25-26C986FCA8AA}] => (Allow) C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
FirewallRules: [{7D0B3DE5-C4D0-409E-8A56-86E1B44FAFEA}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe
FirewallRules: [{3E7CBA40-67D3-48D1-96B4-A2F641E5205E}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe
FirewallRules: [{349DDBAA-0253-4A64-A116-2D47B4ABACFC}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe
FirewallRules: [{DF407E5D-CB97-49D5-83BA-4158C9D629D3}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe
FirewallRules: [{BC379587-78D8-4CB6-A371-DA08C356F0D0}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
FirewallRules: [{280833EF-9D61-440F-AAB2-390ABEEE28D3}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{F805B827-9D9F-400E-BE4C-4545FB543EBA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A3EB603E-F689-4D30-B0DB-B6EE6CE10C09}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F41D131B-14D0-4B32-B92B-5B01E1018CCF}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [{E351A4E8-8BF4-49C7-855F-24029051AB3C}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [{C1DA5DDC-2F12-41F7-BF6A-7F911C7C0859}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [{A87EBC0D-EFB2-42AD-9967-329771EB7D2F}] => (Allow) C:\Users\Eddy\AppData\Local\Temp\nsz9F1.tmp\CnetInstaller-75444075.exe
FirewallRules: [{D183A71E-B8CC-4D56-86B9-5123C376C825}] => (Allow) C:\Users\Eddy\AppData\Local\Temp\nsz9F1.tmp\CnetInstaller-75444075.exe
FirewallRules: [{6E1BE09F-80A4-4FAA-9A64-AA65811D15AB}] => (Allow) C:\Windows\system32\lxeecoms.exe
FirewallRules: [{21910579-C288-4570-AC82-EF7159AF0663}] => (Allow) C:\Windows\system32\LXEEcoms.exe
FirewallRules: [{4BC98A51-0CB7-40E4-82A6-70BD998BCC87}] => (Allow) C:\Windows\system32\LXEEcoms.exe
FirewallRules: [{6E8D1215-4AD4-4523-B552-7BCE8E3FBDEA}] => (Allow) C:\Windows\system32\LXEEcoms.exe
FirewallRules: [{2BAD0805-A79B-4BFE-B670-FB1CBD2024EC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

==================== Faulty Device Manager Devices =============

Name: Artista Virtual Display (WDDM)
Description: Artista Virtual Display (WDDM)
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Distec GmbH (Data Display Group)
Service: v3DDKAdapterKmode
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.

Name: Artista Virtual Display (WDDM)
Description: Artista Virtual Display (WDDM)
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Distec GmbH (Data Display Group)
Service: v3DDKAdapterKmode
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.

Name: Artista Virtual Display (WDDM)
Description: Artista Virtual Display (WDDM)
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Distec GmbH (Data Display Group)
Service: v3DDKAdapterKmode
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.

Name: Artista Virtual Display (WDDM)
Description: Artista Virtual Display (WDDM)
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Distec GmbH (Data Display Group)
Service: v3DDKAdapterKmode
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/03/2015 01:03:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 40.0.3.5716, time stamp: 0x55ddb213
Faulting module name: mozglue.dll, version: 40.0.3.5716, time stamp: 0x55dda062
Exception code: 0x80000003
Fault offset: 0x0000e250
Faulting process id: 0x17a4
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (09/03/2015 12:55:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/02/2015 10:55:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SlimDrivers.exe, version: 2.2.45206.63218, time stamp: 0x54f08646
Faulting module name: ntdll.dll, version: 6.1.7601.18933, time stamp: 0x55a69e20
Exception code: 0xc0000005
Fault offset: 0x0002e423
Faulting process id: 0x9bc
Faulting application start time: 0xSlimDrivers.exe0
Faulting application path: SlimDrivers.exe1
Faulting module path: SlimDrivers.exe2
Report Id: SlimDrivers.exe3

Error: (09/02/2015 10:53:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/02/2015 01:56:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/02/2015 01:28:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/02/2015 12:35:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/02/2015 12:32:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/02/2015 12:20:02 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/02/2015 12:17:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (09/03/2015 05:10:30 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.

Error: (09/03/2015 05:10:30 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.

Error: (09/03/2015 05:10:30 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.

Error: (09/03/2015 12:56:14 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005

Error: (09/03/2015 12:55:16 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
amdkmafd

Error: (09/03/2015 12:54:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The lxeeCATSCustConnectService service failed to start due to the following error:
%%1053

Error: (09/03/2015 12:54:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the lxeeCATSCustConnectService service to connect.

Error: (09/02/2015 10:54:17 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
amdkmafd

Error: (09/02/2015 10:53:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The lxeeCATSCustConnectService service failed to start due to the following error:
%%1053

Error: (09/02/2015 10:53:18 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the lxeeCATSCustConnectService service to connect.


Microsoft Office:
=========================

CodeIntegrity:
===================================
  Date: 2015-09-03 12:54:09.209
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\IntcHdmi.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-09-03 12:54:09.162
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\IntcHdmi.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-09-02 10:52:47.271
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\IntcHdmi.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-09-02 10:52:47.209
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\IntcHdmi.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-09-02 01:55:13.271
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\IntcHdmi.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-09-02 01:55:13.209
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\IntcHdmi.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-09-02 01:27:30.148
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\IntcHdmi.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-09-02 01:27:30.086
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\IntcHdmi.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-09-02 00:33:51.318
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\IntcHdmi.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-09-02 00:33:51.256
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\IntcHdmi.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel® Core™2 Solo CPU U3500 @ 1.40GHz
Percentage of memory in use: 63%
Total physical RAM: 4025.8 MB
Available physical RAM: 1485.35 MB
Total Virtual: 8049.8 MB
Available Virtual: 5062.34 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:297.99 GB) (Free:216.1 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 0A56CDF8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

 

Farbar Service Scanner Version: 26-07-2015
Ran by Eddy (administrator) on 03-09-2015 at 23:25:09
Running from "C:\Users\Eddy\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============
Dnscache Service is not running. Checking service configuration:
The start type of Dnscache service is OK.
The ImagePath of Dnscache service is OK.
The ServiceDll of Dnscache service is OK.

Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.

Nsi Service is not running. Checking service configuration:
The start type of Nsi service is OK.
The ImagePath of Nsi service is OK.
The ServiceDll of Nsi service is OK.

nsiproxy Service is not running. Checking service configuration:
The start type of nsiproxy service is OK.
The ImagePath of nsiproxy service is OK.

tdx Service is not running. Checking service configuration:
The start type of tdx service is OK.
The ImagePath of tdx service is OK.

afd Service is not running. Checking service configuration:
The start type of afd service is OK.
The ImagePath of afd service is OK.

Tcpip Service is not running. Checking service configuration:
The start type of Tcpip service is OK.
The ImagePath of Tcpip service is OK.


Connection Status:
==============
Attempt to access Local Host IP returned error: Localhost is blocked: Destination is unreachable
LAN connected.
Attempt to access Google IP returned error. Google IP is unreachable
Attempt to access Google.com returned error: Google.com is unreachable
Attempt to access Yahoo.com returned error: Yahoo.com is unreachable


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
The ServiceDll of bfe service is OK.


Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Policy:
========================


Action Center:
============

wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.

winmgmt Service is not running. Checking service configuration:
The start type of winmgmt service is OK.
The ImagePath of winmgmt: "%systemroot%\system32\svchost.exe -k netsvcs".
The ServiceDll of winmgmt service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem service is OK.
The ServiceDll of EventSystem service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1

PlugPlay Service is not running. Checking service configuration:
The start type of PlugPlay service is OK.
The ImagePath of PlugPlay service is OK.


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****


  • 0

#5
Nevan

Nevan

    Trusted Helper

  • Malware Removal
  • 1,765 posts
Hello again, xppc.

Warning!

I noticed that you have more than one antivirus program installed and active. It is very important not to have more than one antivirus program active at one time. They work in background, continuously scanning and protecting your system. That function is called Real-Time Protection. Having two or more of them at one time not only multiplies the amount of system resources that are used all the time, but more importantly, the programs are always fighting with each other for control of the system. That causes system slowness, false positives, system crashes, as well as lower detection rates. You will very likely end up with little or no protection.

Comodo Internet Security has terrible reputation because of it's high false-positive ratio and poor malware detection. Because of that I recommend you to uninstall Comodo Internet Security and keep Microsoft Security Essentials.

After uninstalling it, restart your system and follow the instructions below.

 
Step #1
4rr98tz.pngFRST Scan
  • Right click FRST64.exe on your Desktop and click Run as administrator. When the tool opens click Yes to disclaimer.
  • Make sure that Addition.txt is checked and press the Scan button.
  • It will produce two logs - one called FRST.txt and another one called Addition.txt in the same directory the tool is run from.
  • Select all (CTRL+A) the content of the logs, copy them (CTRL+C) and paste (CTRL+V) them into your next reply.
 
Step #2
cnUOkXS.png Farbar Service Scanner
  • Right click FSS.exe on your desktop and click Run as administrator.
  • Make sure that all options are checked and press Scan.
  • It will create a log (FSS.txt) on the Desktop.
  • Double click FSS.txt. Select all (CTRL+A) the content of the log, copy it (CTRL+C) and paste (CTRL+V) it into your next reply
 
EOEdyWG.png Things that should appear in your next post:
  • Tell me if you have successfully uninstalled Comodo
  • Is your computer running better now?
  • FRST.txt log content
  • Addition.txt log content
  • FSS.txt log content

  • 0

#6
xppc

xppc

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 147 posts

I did uninstall Comodo Internet Security. The Super Anti Spyware, Panda cloud Cleaner and MAMB are not active and find issues after they happen. I just reinstalled MABM, Panda Cloud cleaner and ran Trend Micro Housecall to see if Comodo had missed anything.

 

I cant tell a difference when webpages load but there is still a Skype issue when I try the video or voice. It claims to be connecting on my side but the call initially picks up then shows dropped and that I am offline on the other side.

 

A post on skype claimed MAMB causes problems with skype so I uninstalled that months ago.  Also skype website claims the Acer software VC.exe and VCM.exe  are no longer supported by skype but that they are also unnecessary.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015
Ran by Eddy (administrator) on EDDY-PC (04-09-2015 18:09:08)
Running from C:\Users\Eddy\Desktop
Loaded Profiles: Eddy (Available Profiles: Eddy)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
() C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe
( ) C:\Windows\System32\lxeecoms.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Innovative Solutions) C:\Program Files (x86)\Innovative Solutions\DriverMax\innostp.exe
() C:\Windows\PLFSetI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Windows\snuvcdsm.exe
() C:\Program Files (x86)\Lexmark Pro700 Series\lxeemon.exe
() C:\Program Files (x86)\Lexmark Pro700 Series\ezprint.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Innovative Solutions) C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\EpmNews.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe
() C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Innovative Solutions) C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2008-07-29] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-18] (Synaptics Incorporated)
HKLM\...\Run: [ODDPwr] => C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe [221728 2009-09-04] (Acer Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [496160 2009-10-02] (Acer Incorporated)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [PLFSetL] => C:\Windows\PLFSetL.exe [99712 2015-02-18] (Sonix Technology Co., Ltd.)
HKLM\...\Run: [SNUVCDSM] => C:\Windows\snuvcdsm.exe [30080 2015-02-18] ()
HKLM\...\Run: [lxeemon.exe] => C:\Program Files (x86)\Lexmark Pro700 Series\lxeemon.exe [772712 2015-08-19] ()
HKLM\...\Run: [EzPrint] => C:\Program Files (x86)\Lexmark Pro700 Series\ezprint.exe [150264 2015-08-19] ()
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\EpmNews.exe [2086568 2014-03-06] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [EaseUS EPM Tray Agent] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe [254024 2014-02-13] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-09-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1157640 2009-08-18] (Dritek System Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2015-02-08] (Wondershare)
HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2015-08-20] (Comodo Security Solutions, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2949447929-3806749029-1979589009-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-2949447929-3806749029-1979589009-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7930136 2015-08-12] (SUPERAntiSpyware)
HKU\S-1-5-21-2949447929-3806749029-1979589009-1000\...\Run: [DriverMax] => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [8982544 2015-08-21] (Innovative Solutions)
HKU\S-1-5-21-2949447929-3806749029-1979589009-1000\...\Run: [DriverMax_RESTART] => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [8982544 2015-08-21] (Innovative Solutions)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk [2015-08-20]
ShortcutTarget: Start GeekBuddy.lnk -> C:\Program Files (x86)\Comodo\GeekBuddy\launcher.exe (Comodo Security Solutions, Inc.)
BootExecute: 0Õ

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{60F4962F-BD99-4C60-ABC1-B5558A7B3F69}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Eddy\AppData\Roaming\Mozilla\Firefox\Profiles\dhxtksxt.default-1435073473531
FF DefaultSearchEngine.US: DuckDuckGo
FF Homepage: hxxps://my.yahoo.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-17] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-17] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-05-07] (Adobe Systems, Inc.)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2949447929-3806749029-1979589009-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Eddy\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-11-30] (Citrix Online)

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2015-05-10] (SUPERAntiSpyware.com)
R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70848 2015-08-20] (Comodo Security Solutions, Inc.)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [1994936 2015-06-26] (Comodo)
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [786976 2009-10-02] (Acer Incorporated)
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2015-08-20] (Comodo Security Solutions, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-05-22] (Hewlett-Packard Company)
R2 IceDragonUpdater; C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe [1971384 2015-06-22] ()
S2 lxeeCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxeeserv.exe [45736 2015-08-19] (Lexmark International, Inc.)
R2 lxee_device; C:\Windows\system32\lxeecoms.exe [1052328 2015-07-25] ( )
R2 lxee_device; C:\Windows\SysWOW64\lxeecoms.exe [598696 2015-08-19] ( )
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-09-03] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 ODDPwrSvc; C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [158240 2009-09-04] (Acer Incorporated)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-30] (DEVGURU Co., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\DRIVERS\amdkmafd.sys [21600 2015-04-13] (Advanced Micro Devices, Inc.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [File not signed]
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2015-03-19] (Qualcomm Atheros Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-09-03] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-09-03] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-05-14] (Microsoft Corporation)
R0 MxEFUF; C:\Windows\System32\DRIVERS\MxEFUF64.sys [157696 2015-03-23] (Matrox Graphics Inc.)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-05-14] (Microsoft Corporation)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2015-08-19] (Panda Security, S.L.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [42696 2015-08-20] (Synaptics Incorporated)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806592 2015-02-18] ()
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16056 2015-09-04] (SlimWare Utilities, Inc.)
R3 v3DDKAdapterKmode; C:\Windows\System32\DRIVERS\v3DDKAdapterKmode.sys [130424 2015-06-01] (datronicsoft)
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S3 RSUSBSTOR; System32\Drivers\RtsUStor.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-04 18:09 - 2015-09-04 18:10 - 00015350 _____ C:\Users\Eddy\Desktop\FRST.txt
2015-09-03 23:23 - 2015-09-03 23:23 - 00899072 _____ (Farbar) C:\Users\Eddy\Desktop\FSS.exe
2015-09-03 23:06 - 2015-09-04 18:09 - 00000000 ____D C:\FRST
2015-09-03 23:06 - 2015-09-03 23:06 - 00000000 ____D C:\Users\Eddy\Desktop\FRST-OlderVersion
2015-09-03 21:45 - 2015-09-03 21:47 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-03 21:44 - 2015-09-03 21:44 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-09-03 21:44 - 2015-09-03 21:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-09-03 21:43 - 2015-09-03 21:43 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-09-03 21:43 - 2015-09-03 21:43 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-09-03 21:43 - 2015-09-03 21:43 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-09-03 21:41 - 2015-09-03 21:41 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Eddy\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-03 17:19 - 2015-09-03 17:19 - 06924096 _____ (Trend Micro Inc.) C:\Users\Eddy\Downloads\TrendMicro_MAX_10.0_US-en_Downloader.exe
2015-09-02 01:36 - 2015-09-02 01:37 - 02780160 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2015-09-02 01:36 - 2015-09-02 01:37 - 00384904 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2015-09-02 01:36 - 2015-09-02 01:37 - 00384832 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2015-09-02 01:36 - 2015-09-02 01:37 - 00287232 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2015-09-02 01:36 - 2015-09-02 01:37 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
2015-09-02 01:36 - 2015-09-02 01:37 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
2015-09-02 01:36 - 2015-09-02 01:37 - 00246784 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2015-09-02 01:36 - 2015-09-02 01:37 - 00219136 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2015-09-02 01:36 - 2015-09-02 01:37 - 00104792 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2015-09-02 01:36 - 2015-09-02 01:37 - 00104720 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2015-09-02 01:36 - 2015-09-02 01:37 - 00024576 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2015-09-02 01:36 - 2015-09-02 01:37 - 00004096 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2015-09-02 01:35 - 2015-09-02 01:37 - 02191872 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2015-09-02 01:35 - 2015-09-02 01:37 - 00094208 _____ C:\Windows\system32\IccLibDll_x64.dll
2015-09-02 01:35 - 2012-11-27 00:31 - 04379680 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2015-09-02 01:34 - 2015-09-02 01:37 - 00146432 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2015-09-02 01:34 - 2012-11-27 00:00 - 00211303 _____ C:\Windows\system32\Gfxres.th-TH.resources
2015-09-02 01:34 - 2012-11-27 00:00 - 00182706 _____ C:\Windows\system32\Gfxres.ru-RU.resources
2015-09-02 01:34 - 2012-11-27 00:00 - 00153167 _____ C:\Windows\system32\Gfxres.ja-JP.resources
2015-09-02 01:34 - 2012-11-27 00:00 - 00138727 _____ C:\Windows\system32\Gfxres.ko-KR.resources
2015-09-02 01:34 - 2012-11-27 00:00 - 00136603 _____ C:\Windows\system32\Gfxres.ro-RO.resources
2015-09-02 01:34 - 2012-11-27 00:00 - 00135370 _____ C:\Windows\system32\Gfxres.tr-TR.resources
2015-09-02 01:34 - 2012-11-27 00:00 - 00134836 _____ C:\Windows\system32\Gfxres.pt-BR.resources
2015-09-02 01:34 - 2012-11-27 00:00 - 00134412 _____ C:\Windows\system32\Gfxres.nl-NL.resources
2015-09-02 01:34 - 2012-11-27 00:00 - 00133846 _____ C:\Windows\system32\Gfxres.sv-SE.resources
2015-09-02 01:34 - 2012-11-27 00:00 - 00133709 _____ C:\Windows\system32\Gfxres.pt-PT.resources
2015-09-02 01:34 - 2012-11-27 00:00 - 00133178 _____ C:\Windows\system32\Gfxres.pl-PL.resources
2015-09-02 01:34 - 2012-11-27 00:00 - 00132788 _____ C:\Windows\system32\Gfxres.sk-SK.resources
2015-09-02 01:34 - 2012-11-27 00:00 - 00128996 _____ C:\Windows\system32\Gfxres.sl-SI.resources
2015-09-02 01:34 - 2012-11-27 00:00 - 00128831 _____ C:\Windows\system32\Gfxres.nb-NO.resources
2015-09-02 01:34 - 2012-11-27 00:00 - 00117636 _____ C:\Windows\system32\Gfxres.zh-TW.resources
2015-09-02 01:34 - 2012-11-27 00:00 - 00116348 _____ C:\Windows\system32\Gfxres.zh-CN.resources
2015-09-02 01:33 - 2012-11-27 00:00 - 00198139 _____ C:\Windows\system32\Gfxres.el-GR.resources
2015-09-02 01:33 - 2012-11-27 00:00 - 00156233 _____ C:\Windows\system32\Gfxres.ar-SA.resources
2015-09-02 01:33 - 2012-11-27 00:00 - 00149009 _____ C:\Windows\system32\Gfxres.he-IL.resources
2015-09-02 01:33 - 2012-11-27 00:00 - 00140216 _____ C:\Windows\system32\Gfxres.it-IT.resources
2015-09-02 01:33 - 2012-11-27 00:00 - 00137846 _____ C:\Windows\system32\Gfxres.de-DE.resources
2015-09-02 01:33 - 2012-11-27 00:00 - 00137668 _____ C:\Windows\system32\Gfxres.es-ES.resources
2015-09-02 01:33 - 2012-11-27 00:00 - 00135628 _____ C:\Windows\system32\Gfxres.fr-FR.resources
2015-09-02 01:33 - 2012-11-27 00:00 - 00134384 _____ C:\Windows\system32\Gfxres.hu-HU.resources
2015-09-02 01:33 - 2012-11-27 00:00 - 00133404 _____ C:\Windows\system32\Gfxres.cs-CZ.resources
2015-09-02 01:33 - 2012-11-27 00:00 - 00132889 _____ C:\Windows\system32\Gfxres.fi-FI.resources
2015-09-02 01:33 - 2012-11-27 00:00 - 00131839 _____ C:\Windows\system32\Gfxres.hr-HR.resources
2015-09-02 01:33 - 2012-11-27 00:00 - 00128535 _____ C:\Windows\system32\Gfxres.da-DK.resources
2015-09-02 01:33 - 2012-11-27 00:00 - 00124052 _____ C:\Windows\system32\Gfxres.en-US.resources
2015-09-02 01:13 - 2015-09-02 01:15 - 00090112 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v2858.dll
2015-09-02 00:49 - 2015-09-02 00:52 - 226558984 _____ (COMODO) C:\Users\Eddy\Downloads\cispremium_installer.exe
2015-08-31 02:14 - 2015-08-31 02:15 - 00761968 _____ C:\Windows\Minidump\083115-49280-01.dmp
2015-08-31 02:14 - 2015-08-31 02:14 - 1079012004 _____ C:\Windows\MEMORY.DMP
2015-08-30 21:15 - 2015-08-30 21:15 - 00002697 _____ C:\Users\Public\Desktop\Skype.lnk
2015-08-30 21:15 - 2015-08-30 21:15 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-30 21:15 - 2015-08-30 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-30 18:36 - 2015-08-30 18:36 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-30 18:36 - 2015-08-30 18:36 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-30 18:36 - 2015-08-30 18:36 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-30 18:36 - 2015-08-30 18:36 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-30 18:36 - 2015-08-30 18:36 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-30 18:36 - 2015-08-30 18:36 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-30 18:36 - 2015-08-30 18:36 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-30 18:36 - 2015-08-30 18:36 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-30 18:36 - 2015-08-30 18:36 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-08-30 18:36 - 2015-08-30 18:36 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-08-30 18:34 - 2015-08-30 18:34 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-30 18:34 - 2015-08-30 18:34 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-30 18:34 - 2015-08-30 18:34 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-30 18:34 - 2015-08-30 18:34 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-30 18:34 - 2015-08-30 18:34 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-30 18:34 - 2015-08-30 18:34 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-30 18:34 - 2015-08-30 18:34 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-30 18:34 - 2015-08-30 18:34 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-30 18:34 - 2015-08-30 18:34 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-30 18:34 - 2015-08-30 18:34 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-30 18:34 - 2015-08-30 18:34 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-30 18:34 - 2015-08-30 18:34 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-30 18:34 - 2015-08-30 18:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-30 18:34 - 2015-08-30 18:34 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-30 18:34 - 2015-08-30 18:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-30 18:34 - 2015-08-30 18:34 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-30 14:33 - 2015-08-30 14:33 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-30 14:33 - 2015-08-30 14:33 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-30 13:44 - 2015-08-30 13:45 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-30 13:44 - 2015-08-30 13:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-30 13:44 - 2015-08-30 13:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-30 13:44 - 2015-08-30 13:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-30 13:44 - 2015-08-30 13:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-30 13:44 - 2015-08-30 13:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-30 13:44 - 2015-08-30 13:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-30 13:44 - 2015-08-30 13:44 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-30 13:44 - 2015-08-30 13:44 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-30 13:44 - 2015-08-30 13:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-30 13:44 - 2015-08-30 13:44 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-30 13:44 - 2015-08-30 13:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-30 13:44 - 2015-07-15 14:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-30 13:44 - 2015-07-15 14:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-30 13:44 - 2015-07-15 14:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-30 13:44 - 2015-07-15 14:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-30 13:44 - 2015-07-15 14:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-30 13:44 - 2015-07-15 14:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-30 13:44 - 2015-07-15 14:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-30 13:44 - 2015-07-15 14:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-30 13:44 - 2015-07-15 14:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-30 13:44 - 2015-07-15 14:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-30 13:44 - 2015-07-15 14:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-30 13:44 - 2015-07-15 14:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-30 13:44 - 2015-07-15 14:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-30 13:44 - 2015-07-15 14:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-30 13:44 - 2015-07-15 14:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-30 13:44 - 2015-07-15 14:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-30 13:44 - 2015-07-15 14:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-30 13:44 - 2015-07-15 14:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-30 13:44 - 2015-07-15 14:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-30 13:44 - 2015-07-15 14:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-30 13:44 - 2015-07-15 14:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-30 13:44 - 2015-07-15 14:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-30 13:44 - 2015-07-15 14:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-30 13:44 - 2015-07-15 14:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-30 13:44 - 2015-07-15 14:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-30 13:44 - 2015-07-15 14:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-30 13:44 - 2015-07-15 14:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-30 13:44 - 2015-07-15 14:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-30 13:44 - 2015-07-15 14:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-30 13:44 - 2015-07-15 14:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-30 13:44 - 2015-07-15 14:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-30 13:44 - 2015-07-15 14:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-30 13:44 - 2015-07-15 14:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-30 13:44 - 2015-07-15 13:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-30 13:44 - 2015-07-15 13:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-30 13:44 - 2015-07-15 13:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-30 13:44 - 2015-07-15 13:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-30 13:44 - 2015-07-15 13:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-30 13:44 - 2015-07-15 13:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-30 13:44 - 2015-07-15 13:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-30 13:44 - 2015-07-15 13:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-30 13:44 - 2015-07-15 13:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-30 13:44 - 2015-07-15 13:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-30 13:44 - 2015-07-15 13:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-30 13:44 - 2015-07-15 13:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-30 13:44 - 2015-07-15 13:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-30 13:43 - 2015-08-30 13:44 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:43 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-30 13:43 - 2015-08-30 13:43 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-30 13:43 - 2015-08-30 13:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-30 13:43 - 2015-08-30 13:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-30 13:43 - 2015-08-30 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-30 13:43 - 2015-08-30 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-30 13:43 - 2015-08-30 13:43 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-30 13:43 - 2015-08-30 13:43 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-30 13:43 - 2015-08-30 13:43 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-30 13:43 - 2015-08-30 13:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-30 13:43 - 2015-08-30 13:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-30 13:36 - 2015-07-16 15:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-30 13:36 - 2015-07-16 15:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-30 13:36 - 2015-07-16 15:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-30 13:36 - 2015-07-16 15:11 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-30 13:36 - 2015-07-16 15:11 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-30 13:36 - 2015-07-16 15:11 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-30 13:36 - 2015-07-14 23:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-30 13:36 - 2015-07-14 23:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-30 13:36 - 2015-07-14 23:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-30 13:36 - 2015-07-14 23:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-30 13:36 - 2015-07-14 22:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-30 13:36 - 2015-07-14 22:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-30 13:36 - 2015-07-14 22:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-30 13:36 - 2015-07-14 22:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-30 13:36 - 2015-07-11 09:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-08-30 13:35 - 2015-07-20 20:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-30 13:35 - 2015-07-20 20:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-30 13:35 - 2015-07-16 16:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-30 13:35 - 2015-07-16 16:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-30 13:35 - 2015-07-16 16:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-30 13:35 - 2015-07-16 16:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-30 13:35 - 2015-07-16 16:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-30 13:35 - 2015-07-16 16:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-30 13:35 - 2015-07-16 16:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-30 13:35 - 2015-07-16 16:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-30 13:35 - 2015-07-16 16:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-30 13:35 - 2015-07-16 16:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-30 13:35 - 2015-07-16 16:20 - 19870208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-30 13:35 - 2015-07-16 16:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-30 13:35 - 2015-07-16 16:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-30 13:35 - 2015-07-16 16:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-30 13:35 - 2015-07-16 15:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-30 13:35 - 2015-07-16 15:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-30 13:35 - 2015-07-16 15:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-30 13:35 - 2015-07-16 15:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-30 13:35 - 2015-07-16 15:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-30 13:35 - 2015-07-16 15:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-30 13:35 - 2015-07-16 15:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-30 13:35 - 2015-07-16 15:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-30 13:35 - 2015-07-16 15:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-30 13:35 - 2015-07-16 15:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-30 13:35 - 2015-07-16 15:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-30 13:35 - 2015-07-16 15:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-30 13:35 - 2015-07-16 15:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-30 13:35 - 2015-07-16 15:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-30 13:35 - 2015-07-16 15:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-30 13:35 - 2015-07-16 15:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-30 13:35 - 2015-07-16 15:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-30 13:35 - 2015-07-16 15:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-30 13:35 - 2015-07-16 15:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-30 13:35 - 2015-07-16 15:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-30 13:35 - 2015-07-16 15:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-30 13:35 - 2015-07-16 15:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-30 13:35 - 2015-07-16 15:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-30 13:35 - 2015-07-16 15:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-30 13:35 - 2015-07-16 15:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-30 13:35 - 2015-07-16 15:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-30 13:35 - 2015-07-16 15:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-30 13:35 - 2015-07-16 14:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-30 13:35 - 2015-07-16 14:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-30 13:35 - 2015-07-16 14:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-30 13:35 - 2015-07-16 14:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-30 13:34 - 2015-07-16 17:14 - 25192448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-30 13:34 - 2015-07-16 16:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-30 13:34 - 2015-07-16 16:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-30 13:34 - 2015-07-16 16:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-30 13:34 - 2015-07-16 16:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-30 13:34 - 2015-07-16 16:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-30 13:34 - 2015-07-16 16:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-30 13:34 - 2015-07-16 16:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-30 13:34 - 2015-07-16 15:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-30 13:34 - 2015-07-16 15:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-30 13:34 - 2015-07-16 15:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-30 13:34 - 2015-07-16 15:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-30 13:34 - 2015-07-16 15:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-30 13:33 - 2015-07-14 23:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-30 13:15 - 2015-08-30 13:15 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-30 13:15 - 2015-08-30 13:15 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-30 13:15 - 2015-08-30 13:15 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-30 13:15 - 2015-07-01 16:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-30 13:14 - 2015-08-30 13:14 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-30 13:14 - 2015-08-30 13:14 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-30 13:14 - 2015-08-30 13:14 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-30 13:14 - 2015-08-30 13:14 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-30 13:14 - 2015-08-30 13:14 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-30 13:14 - 2015-08-30 13:14 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-30 13:14 - 2015-08-30 13:14 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-30 13:14 - 2015-08-30 13:14 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-30 13:14 - 2015-08-30 13:14 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-30 13:14 - 2015-08-30 13:14 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-30 13:14 - 2015-08-30 13:14 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-30 13:14 - 2015-08-30 13:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-30 13:14 - 2015-08-30 13:14 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-30 13:14 - 2015-08-30 13:14 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-30 13:14 - 2015-08-30 13:14 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-30 13:14 - 2015-08-30 13:14 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-30 12:58 - 2015-08-30 12:58 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-30 12:58 - 2015-08-30 12:58 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-30 12:58 - 2015-07-09 13:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-30 12:56 - 2015-08-30 12:56 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-30 12:56 - 2015-08-30 12:56 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-30 11:56 - 2015-08-30 11:59 - 00002141 _____ C:\Users\Eddy\Desktop\Skype 2.lnk
2015-08-27 20:09 - 2015-08-28 10:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-25 12:59 - 2015-08-25 12:59 - 00000000 _____ C:\ProgramData\LxWbGwLog.log
2015-08-25 12:59 - 2015-08-25 12:59 - 00000000 _____ C:\ProgramData\cmn_upld.log
2015-08-24 18:42 - 2015-09-03 21:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-23 20:08 - 2015-08-23 20:08 - 00000000 ____D C:\ea001c44d0d5114b66da29
2015-08-23 19:40 - 2015-08-23 19:41 - 25624576 _____ C:\Users\Eddy\Downloads\SkypeSetup_6.14.0.104.msi
2015-08-23 18:56 - 2015-08-23 18:56 - 00000000 ____D C:\Users\Public\OEM
2015-08-23 18:44 - 2015-08-23 18:44 - 00000000 ____D C:\a79d26109b2e7df52fa370e2fe74709e
2015-08-23 18:32 - 2015-08-23 18:35 - 00000000 ____D C:\Program Files (x86)\Acer
2015-08-21 14:56 - 2015-08-21 14:56 - 05864200 _____ (Innovative Solutions ) C:\Users\Eddy\Downloads\drivermax_7_67_cnet.exe
2015-08-21 11:24 - 2015-09-03 23:06 - 02188800 _____ (Farbar) C:\Users\Eddy\Desktop\FRST64.exe
2015-08-21 01:48 - 2015-09-03 21:37 - 02938949 _____ C:\Users\Eddy\AppData\Local\census.cache
2015-08-21 01:48 - 2015-09-03 21:32 - 00181948 _____ C:\Users\Eddy\AppData\Local\ars.cache
2015-08-21 01:37 - 2015-09-03 13:27 - 00000010 _____ C:\Users\Eddy\AppData\Local\sponge.last.runtime.cache
2015-08-21 01:11 - 2015-09-03 13:09 - 00307352 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2015-08-21 01:11 - 2015-08-21 01:11 - 00000036 _____ C:\Users\Eddy\AppData\Local\housecall.guid.cache
2015-08-21 01:10 - 2015-08-21 01:10 - 02494944 _____ (Trend Micro Inc.) C:\Users\Eddy\Downloads\HousecallLauncher64.exe
2015-08-20 20:50 - 2015-08-20 20:51 - 01806216 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2015-08-20 20:50 - 2015-08-20 20:51 - 00042696 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2015-08-20 19:18 - 2015-08-20 19:18 - 00000000 ____D C:\Program Files\Realtek
2015-08-20 17:51 - 2015-08-20 17:51 - 00002043 _____ C:\Users\Public\Desktop\GeekBuddy.lnk
2015-08-20 17:51 - 2015-08-20 17:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo Security Solutions Inc
2015-08-19 22:50 - 2015-08-19 22:39 - 00295592 _____ (Lexmark International, Inc.) C:\Windows\system32\LXEEwupd.exe
2015-08-19 22:50 - 2010-02-22 05:09 - 00510464 _____ (Lexmark International, Inc.) C:\Windows\system32\LXEEwupd.dll
2015-08-19 22:07 - 2015-08-19 22:07 - 00000252 _____ C:\ProgramData\FastPics.log
2015-08-19 22:07 - 2015-08-19 22:07 - 00000000 ____D C:\ProgramData\Ezprint
2015-08-19 22:06 - 2015-09-04 18:06 - 00006088 _____ C:\ProgramData\lxeescan.log
2015-08-19 21:59 - 2015-08-19 22:44 - 00002005 _____ C:\Users\Public\Desktop\Launch Lexmark Printer Home.LNK
2015-08-19 21:58 - 2015-08-19 21:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark
2015-08-19 21:58 - 2015-08-19 21:58 - 00000000 ____D C:\Program Files (x86)\Lexmark Toolbar
2015-08-19 21:57 - 2015-08-19 22:55 - 00000000 ____D C:\Program Files\Lexmark
2015-08-19 21:57 - 2015-08-19 21:57 - 00000000 ____D C:\Program Files (x86)\Lexmark
2015-08-19 21:57 - 2010-03-09 03:58 - 00344064 _____ () C:\Windows\SysWOW64\lxeecomx.dll
2015-08-19 21:57 - 2009-12-09 14:47 - 00643072 _____ ( ) C:\Windows\SysWOW64\lxeepmui.dll
2015-08-19 21:57 - 2009-12-09 14:35 - 00364544 _____ ( ) C:\Windows\SysWOW64\lxeeinpa.dll
2015-08-19 21:57 - 2009-12-09 14:35 - 00344064 _____ ( ) C:\Windows\SysWOW64\lxeeiesc.dll
2015-08-19 21:57 - 2009-12-09 14:34 - 00331776 _____ C:\Windows\SysWOW64\LXEEinst.dll
2015-08-19 21:57 - 2009-11-09 03:06 - 00106496 _____ () C:\Windows\SysWOW64\lxeeinsr.dll
2015-08-19 21:57 - 2009-11-09 03:06 - 00057344 _____ () C:\Windows\SysWOW64\lxeejswr.dll
2015-08-19 21:57 - 2009-11-09 03:06 - 00036864 _____ () C:\Windows\SysWOW64\lxeecur.dll
2015-08-19 21:57 - 2009-03-20 06:20 - 00007680 _____ (eaio) C:\Windows\SysWOW64\NativeCall.dll
2015-08-19 21:57 - 2006-12-06 22:28 - 00126976 _____ (Lexmark International Inc.) C:\Windows\SysWOW64\lxeelnks.dll
2015-08-19 21:56 - 2015-08-20 10:10 - 00000000 ____D C:\Program Files (x86)\Lexmark Pro700 Series
2015-08-19 21:56 - 2015-08-19 21:57 - 00598696 _____ ( ) C:\Windows\SysWOW64\lxeecoms.exe
2015-08-19 21:56 - 2015-08-19 21:57 - 00324264 _____ ( ) C:\Windows\SysWOW64\lxeeih.exe
2015-08-19 21:56 - 2015-08-19 21:56 - 00373416 _____ ( ) C:\Windows\SysWOW64\lxeecfg.exe
2015-08-19 21:56 - 2010-04-14 13:36 - 00002052 _____ C:\Windows\SysWOW64\lxee.loc
2015-08-19 21:56 - 2009-12-09 15:24 - 00579584 _____ ( ) C:\Windows\system32\lxeecomm.dll
2015-08-19 21:56 - 2009-12-09 15:23 - 00495616 _____ C:\Windows\system32\LXEEinst.dll
2015-08-19 21:56 - 2009-12-09 14:43 - 01048576 _____ ( ) C:\Windows\SysWOW64\lxeeserv.dll
2015-08-19 21:56 - 2009-12-09 14:41 - 00688128 _____ ( ) C:\Windows\SysWOW64\lxeehbn3.dll
2015-08-19 21:56 - 2009-12-09 14:40 - 00847872 _____ ( ) C:\Windows\SysWOW64\lxeeusb1.dll
2015-08-19 21:56 - 2009-12-09 14:36 - 00577536 _____ ( ) C:\Windows\SysWOW64\lxeelmpm.dll
2015-08-19 21:56 - 2009-12-09 14:36 - 00372736 _____ ( ) C:\Windows\SysWOW64\lxeecomm.dll
2015-08-19 21:56 - 2009-12-09 14:35 - 00802816 _____ ( ) C:\Windows\SysWOW64\lxeecomc.dll
2015-08-19 21:56 - 2009-11-26 03:53 - 00086183 _____ (Lexmark International) C:\Windows\SysWOW64\LXEEcfg.dll
2015-08-19 21:56 - 2009-11-09 03:06 - 00262144 _____ () C:\Windows\SysWOW64\lxeeinsb.dll
2015-08-19 21:56 - 2009-11-09 03:06 - 00253952 _____ () C:\Windows\SysWOW64\lxeecu.dll
2015-08-19 21:56 - 2009-11-09 03:06 - 00090112 _____ () C:\Windows\SysWOW64\lxeecub.dll
2015-08-19 21:56 - 2009-11-09 03:05 - 00323584 _____ () C:\Windows\SysWOW64\lxeeins.dll
2015-08-19 21:47 - 2015-08-19 21:47 - 00000000 ____D C:\Lexmark
2015-08-19 20:58 - 2015-08-19 20:58 - 01564121 _____ C:\ProgramData\SPL5714.tmp
2015-08-19 20:44 - 2015-08-19 20:44 - 01043237 _____ C:\ProgramData\SPL1E4.tmp
2015-08-19 02:52 - 2015-08-19 01:27 - 00047632 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2015-08-19 01:28 - 2015-08-19 01:28 - 00001286 _____ C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
2015-08-19 01:27 - 2015-08-19 01:27 - 00000000 ____D C:\Program Files (x86)\Panda Security
2015-08-19 01:22 - 2015-08-19 01:25 - 32518056 _____ (Panda Security ) C:\Users\Eddy\Downloads\PandaCloudCleaner.exe
2015-08-18 22:50 - 2015-08-18 22:50 - 17334297 _____ C:\Users\Eddy\Downloads\usb140201.zip
2015-08-18 15:34 - 2015-08-18 15:34 - 00000000 ____D C:\Users\Eddy\Documents\New Ebooks & Audio
2015-08-18 15:18 - 2015-08-18 15:18 - 00000000 ____D C:\Users\Eddy\Desktop\MCWE books
2015-08-18 14:52 - 2015-08-18 15:29 - 00000000 ____D C:\Users\Eddy\Documents\resumes
2015-08-17 18:03 - 2015-08-17 18:03 - 29558024 _____ (Anmosoft, Inc. ) C:\Users\Eddy\Downloads\WindowsPasswordResetStandardDemoSetup.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-04 18:10 - 2014-10-20 16:09 - 01169488 _____ C:\Windows\WindowsUpdate.log
2015-09-04 18:07 - 2015-06-06 00:27 - 00002832 _____ C:\Windows\System32\Tasks\SlimDrivers Startup
2015-09-04 18:07 - 2015-06-06 00:27 - 00000408 _____ C:\Windows\Tasks\SlimDrivers Startup.job
2015-09-04 18:07 - 2015-06-06 00:26 - 00016056 _____ (SlimWare Utilities, Inc.) C:\Windows\system32\Drivers\SWDUMon.sys
2015-09-04 18:07 - 2015-05-12 11:37 - 00003460 _____ C:\Windows\System32\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c
2015-09-04 18:06 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-04 18:06 - 2009-07-14 00:51 - 00083265 _____ C:\Windows\setupact.log
2015-09-04 17:57 - 2014-10-28 11:09 - 00000000 ____D C:\Users\Eddy\AppData\Roaming\Skype
2015-09-04 17:38 - 2009-07-14 00:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-04 17:38 - 2009-07-14 00:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-04 17:27 - 2010-11-20 23:47 - 00049722 _____ C:\Windows\PFRO.log
2015-09-04 17:12 - 2014-11-30 14:17 - 00000556 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2949447929-3806749029-1979589009-1000.job
2015-09-04 16:43 - 2014-10-28 15:16 - 00000000 ____D C:\ProgramData\COMODO
2015-09-04 16:40 - 2014-10-28 15:19 - 00000000 ____D C:\Windows\System32\Tasks\COMODO
2015-09-04 16:39 - 2014-10-28 15:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2015-09-03 17:13 - 2014-11-13 00:08 - 00000000 __SHD C:\Users\Eddy\AppData\Local\EmieBrowserModeList
2015-09-03 17:13 - 2014-10-28 11:03 - 00000000 __SHD C:\Users\Eddy\AppData\Local\EmieUserList
2015-09-03 17:13 - 2014-10-28 11:03 - 00000000 __SHD C:\Users\Eddy\AppData\Local\EmieSiteList
2015-09-02 10:54 - 2015-05-10 12:12 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-09-02 01:44 - 2014-10-20 16:58 - 00155382 _____ C:\Windows\DPINST.LOG
2015-09-02 01:43 - 2014-10-20 17:00 - 08095232 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2015-09-02 01:43 - 2014-10-20 17:00 - 07370176 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2015-09-02 01:43 - 2014-10-20 17:00 - 06042112 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
2015-09-02 01:43 - 2014-10-20 17:00 - 05694976 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2015-09-02 01:43 - 2014-10-20 17:00 - 05616640 _____ (Intel Corporation) C:\Windows\system32\igdumd64.dll
2015-09-02 01:43 - 2014-10-20 17:00 - 04233728 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumd32.dll
2015-09-02 01:43 - 2014-10-20 17:00 - 03799040 _____ (Intel Corporation) C:\Windows\system32\igd10umd64.dll
2015-09-02 01:43 - 2014-10-20 17:00 - 03646976 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll
2015-09-02 01:43 - 2014-10-20 17:00 - 00549888 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdx32.dll
2015-09-02 01:43 - 2014-10-20 17:00 - 00371712 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2015-09-02 01:43 - 2014-10-20 17:00 - 00312832 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00306688 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00305664 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00305664 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00301568 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00296960 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00293376 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00291328 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00290304 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00289792 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00284672 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00284672 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00284672 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00283136 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00282624 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00282112 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00281088 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00279552 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00278016 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00264704 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00259584 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2015-09-02 01:43 - 2014-10-20 17:00 - 00254464 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00251904 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00246272 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2015-09-02 01:43 - 2014-10-20 17:00 - 00217088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2015-09-02 01:43 - 2014-10-20 17:00 - 00208896 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00207360 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00181760 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00180224 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2015-09-02 01:43 - 2014-10-20 17:00 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2015-09-02 01:43 - 2014-10-20 17:00 - 00125952 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2015-09-02 01:43 - 2014-10-20 17:00 - 00108544 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2015-09-02 01:43 - 2014-10-20 17:00 - 00055808 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2015-09-02 01:43 - 2014-10-20 17:00 - 00027648 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2015-08-31 16:10 - 2015-05-31 16:10 - 00003674 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-2949447929-3806749029-1979589009-1000
2015-08-31 16:10 - 2015-05-31 16:10 - 00000652 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2949447929-3806749029-1979589009-1000.job
2015-08-31 16:10 - 2014-11-30 14:17 - 00003578 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-2949447929-3806749029-1979589009-1000
2015-08-31 14:53 - 2009-07-14 01:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-08-31 03:10 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2015-08-31 02:14 - 2015-02-22 19:01 - 00000000 ____D C:\Windows\Minidump
2015-08-30 21:16 - 2014-10-28 11:09 - 00000000 ____D C:\ProgramData\Skype
2015-08-30 18:41 - 2014-12-14 01:10 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-30 18:41 - 2014-10-21 10:35 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-30 18:07 - 2014-10-29 00:37 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-30 18:07 - 2014-10-29 00:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-30 18:07 - 2009-07-14 00:45 - 00419648 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-30 14:35 - 2014-10-28 10:55 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-30 14:33 - 2014-10-29 00:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-30 14:08 - 2014-10-20 18:09 - 00000000 ____D C:\Windows\system32\MRT
2015-08-30 13:54 - 2014-10-20 18:09 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-30 11:35 - 2014-10-28 11:09 - 00000000 ____D C:\Users\Eddy\AppData\Local\Skype
2015-08-28 10:45 - 2014-10-28 11:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-27 19:32 - 2015-01-03 21:57 - 00000000 ____D C:\Users\Eddy\Desktop\Scouts 2015
2015-08-26 23:38 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\registration
2015-08-26 19:40 - 2014-10-20 16:24 - 00000000 ____D C:\Users\Eddy
2015-08-25 12:56 - 2015-07-25 13:27 - 00072700 _____ C:\ProgramData\lxeeJSW.log
2015-08-23 18:55 - 2009-07-14 01:13 - 00891680 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-21 14:59 - 2015-02-18 20:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverMax
2015-08-20 19:04 - 2014-10-20 16:36 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-20 19:01 - 2014-10-20 16:39 - 00000000 ___HD C:\Program Files (x86)\Temp
2015-08-20 18:12 - 2014-10-20 16:39 - 02825944 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2015-08-20 10:23 - 2015-07-25 13:27 - 00000000 ____D C:\ProgramData\lx_Cats
2015-08-19 23:28 - 2015-07-25 13:27 - 00205011 _____ C:\Windows\system32\LexFiles.ulf
2015-08-19 22:57 - 2009-07-13 20:35 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\wiafbdrv.dll
2015-08-19 22:50 - 2015-07-25 13:26 - 00000000 ____D C:\Program Files\Lexmark Pro700 Series
2015-08-19 22:42 - 2010-04-14 19:01 - 00612008 _____ ( ) C:\Windows\system32\lxeecfg.exe
2015-08-19 22:42 - 2010-04-14 19:01 - 00520872 _____ ( ) C:\Windows\system32\lxeeih.exe
2015-08-19 02:51 - 2015-03-01 15:26 - 00000000 ____D C:\Users\Eddy\Desktop\iso's
2015-08-19 01:28 - 2014-10-20 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2015-08-18 15:20 - 2015-07-04 15:11 - 00000000 ____D C:\Users\Eddy\Desktop\br ideas
2015-08-17 01:25 - 2014-10-28 11:29 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-17 01:25 - 2014-10-28 11:29 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2015-08-21 01:48 - 2015-09-03 21:32 - 0181948 _____ () C:\Users\Eddy\AppData\Local\ars.cache
2015-08-21 01:48 - 2015-09-03 21:37 - 2938949 _____ () C:\Users\Eddy\AppData\Local\census.cache
2015-08-21 01:11 - 2015-08-21 01:11 - 0000036 _____ () C:\Users\Eddy\AppData\Local\housecall.guid.cache
2015-06-04 22:36 - 2015-06-04 22:36 - 0005324 _____ () C:\Users\Eddy\AppData\Local\HWVendorDetection.log
2015-08-21 01:37 - 2015-09-03 13:27 - 0000010 _____ () C:\Users\Eddy\AppData\Local\sponge.last.runtime.cache
2014-11-28 19:49 - 2014-11-28 19:49 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-08-25 12:59 - 2015-08-25 12:59 - 0000000 _____ () C:\ProgramData\cmn_upld.log
2015-06-06 10:25 - 2015-06-06 10:25 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-08-19 22:07 - 2015-08-19 22:07 - 0000252 _____ () C:\ProgramData\FastPics.log
2015-07-25 13:27 - 2015-08-25 12:56 - 0072700 _____ () C:\ProgramData\lxeeJSW.log
2015-08-19 22:06 - 2015-09-04 18:06 - 0006088 _____ () C:\ProgramData\lxeescan.log
2015-08-25 12:59 - 2015-08-25 12:59 - 0000000 _____ () C:\ProgramData\LxWbGwLog.log
2015-08-19 20:44 - 2015-08-19 20:44 - 1043237 _____ () C:\ProgramData\SPL1E4.tmp
2015-08-19 20:58 - 2015-08-19 20:58 - 1564121 _____ () C:\ProgramData\SPL5714.tmp
2015-08-19 21:55 - 2015-08-19 21:55 - 0000000 _____ () C:\ProgramData\UpdaterLog.txt

Some files in TEMP:
====================
C:\Users\Eddy\AppData\Local\Temp\install_flashplayer15x32_mssd_aaa_aih.exe
C:\Users\Eddy\AppData\Local\Temp\install_flashplayer15x32_mssd_aaa_aih_1.exe
C:\Users\Eddy\AppData\Local\Temp\install_reader11_en_mssd_aaa_aih.exe
C:\Users\Eddy\AppData\Local\Temp\ose00000.exe
C:\Users\Eddy\AppData\Local\Temp\pc-support-bar-setup.exe
C:\Users\Eddy\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-09-01 00:53

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:31-08-2015
Ran by Eddy (2015-09-04 18:12:20)
Running from C:\Users\Eddy\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2949447929-3806749029-1979589009-500 - Administrator - Disabled)
Eddy (S-1-5-21-2949447929-3806749029-1979589009-1000 - Administrator - Enabled) => C:\Users\Eddy
Guest (S-1-5-21-2949447929-3806749029-1979589009-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2949447929-3806749029-1979589009-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Acer Crystal Eye Webcam (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.2.7.1 - Suyin Optronics Corp)
Acer PowerSmart Manager (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.07.3008 - Acer Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.2.202.235 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.22 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{0A107E17-B5C5-DFE3-6EAA-E6A68A4B82FD}) (Version: 3.0.741.0 - ATI Technologies, Inc.)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
ccc-core-static (x32 Version: 2009.0904.1410.23535 - ATI) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5143 - CDBurnerXP)
Citrix Online Launcher (HKLM-x32\...\{8A16C63D-027A-4645-B394-C033665D0195}) (Version: 1.0.325 - Citrix)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 43.3.3.185 - Comodo)
Comodo IceDragon (HKLM-x32\...\Comodo IceDragon) (Version: 38.0.5.2 - COMODO)
DriverMax 7 (HKLM-x32\...\DMX5_is1) (Version: 7.67.0.1189 - Innovative Solutions)
EaseUS Partition Master 10.1 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
EasyBCD 2.0 (HKLM-x32\...\EasyBCD) (Version: 2.0 - NeoSmart Technologies)
GeekBuddy (HKLM-x32\...\{AA722B93-B5B3-48DE-912A-81C0926D22AE}) (Version: 4.21.144 - Comodo Security Solutions Inc)
GoToMeeting 7.2.4.3277 (HKU\S-1-5-21-2949447929-3806749029-1979589009-1000\...\GoToMeeting) (Version: 7.2.4.3277 - CitrixOnline)
HP Deskjet 1050 J410 series Basic Device Software (HKLM\...\{F294770E-F869-400F-81C3-614B5F13CA54}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 1050 J410 series Help (HKLM-x32\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard)
HP Deskjet 1050 J410 series Product Improvement Study (HKLM\...\{5848A26C-E4BC-4A13-AA8D-810BA344475A}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8600 Basic Device Software (HKLM\...\{791A06E2-340F-43B0-8FAB-62D151339362}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Help (HKLM-x32\...\{46235FF7-2CBE-4A84-BEDA-87348D1F7850}) (Version: 28.0.0 - Hewlett Packard)
HP Officejet Pro 8600 Product Improvement Study (HKLM\...\{2BF5E9CC-C55D-4B0F-ACAF-FFE77F333CD8}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3341 - HP Photo Creations Powered by RocketLife)
HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
IIS 7.5 Express (HKLM-x32\...\{3A30B5F5-F12C-490F-8CD4-D200C75DF7E8}) (Version: 7.5.1190 - Microsoft Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.02 - Acer Inc.)
Lexmark Pro700 Series (HKLM\...\Lexmark Pro700 Series) (Version:  - Lexmark International, Inc.)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Sync Framework 2.1 Core Components (x86) ENU  (HKLM-x32\...\{7AC8EF88-D996-4D47-B40C-4DD93E307481}) (Version: 2.1.1648.0 - Microsoft Corporation)
Microsoft Sync Framework 2.1 Database Providers (x86) ENU  (HKLM-x32\...\{296E293F-C481-4DDE-9ED2-3F79FCF38731}) (Version: 3.1.1648.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Mozilla Firefox 40.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 en-US)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
OA LodgeMaster Lodge Client 3.3.5 (HKLM-x32\...\{48ce1c6c-5d07-40bd-94ce-45746fedb6ec}) (Version: 3.3.5 - Order Of The Arrow, Boy Scouts Of America)
OA LodgeMaster Lodge Client 3.3.5 (x32 Version: 3.3.5 - Order Of The Arrow, Boy Scouts Of America) Hidden
Optical Drive Power Management (HKLM-x32\...\{AE09C972-EEB2-4DA5-8090-0FCF54576854}) (Version: 1.01.3002 - Acer Incorporated)
Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.0.107 - Panda Security)
Panda USB Vaccine 1.0.1.16 (HKLM-x32\...\{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1) (Version:  - Panda Security)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30093 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.93 (HKLM-x32\...\Revo Uninstaller) (Version: 1.93 - VS Revo Group)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
SlimDrivers (HKLM-x32\...\{5AD12E7A-D739-4451-9BD1-3610EC56D8F5}) (Version: 2.2.45206 - SlimWare Utilities, Inc.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1186 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.2.0 - Synaptics Incorporated)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2949447929-3806749029-1979589009-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Eddy\AppData\Local\Citrix\GoToMeeting\2759\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)

==================== Restore Points =========================

30-08-2015 10:49:50 Revo Uninstaller's restore point - Skype™ 6.3
30-08-2015 10:57:01 Removed Skype™ 6.3
30-08-2015 11:26:55 Installed Skype™ 6.14
30-08-2015 13:48:18 Windows Update
30-08-2015 18:37:14 Windows Update
02-09-2015 01:10:53 DMX_DriverMax Driver Installation
02-09-2015 01:16:03 Device Driver Package Install: Intel Corporation Display adapters
02-09-2015 01:32:18 DMX_DriverMax Driver Installation
02-09-2015 01:38:09 Device Driver Package Install: Intel Corporation Display adapters
03-09-2015 13:13:19 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00815410-70D1-4E64-85C7-CDF5F7AFA8D5} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe [2010-06-01] ()
Task: {2375650A-9111-4FDB-8568-F40EB6F6C4C0} - System32\Tasks\{D6185235-F860-42A7-BBB8-E0D5DE27EB86} => pcalua.exe -a C:\Users\Eddy\AppData\Local\Temp\Temp2_Camera_Suyin_5.2.7.1_W7x64W7x86_A.zip\Webcam_Suyin(Rose3G_LavenderG)_v5.2.7.1_Win7x86x64\Setup.exe
Task: {66FA665E-C9A9-426E-9E4B-BD20E07B19A8} - System32\Tasks\G2MUpdateTask-S-1-5-21-2949447929-3806749029-1979589009-1000 => C:\Users\Eddy\AppData\Local\Citrix\GoToMeeting\3277\g2mupdate.exe [2015-08-31] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {69C32493-DB53-4DD5-8B21-3A1F4AB95390} - System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2015-01-30] (Hewlett-Packard Co.)
Task: {6AE675BD-B3B2-41E0-B47C-B8EFB97A04C5} - System32\Tasks\{7ADA8680-CF5F-416A-85B8-DAEC3FBFB40D} => pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller"
Task: {77087366-DC8E-4201-A270-1D39088167E9} - System32\Tasks\SlimDrivers Startup => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [2015-06-06] (SlimWare Utilities, Inc.)
Task: {87C12831-3298-4195-8008-653EFD97F685} - System32\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c => C:\Program Files (x86)\Innovative Solutions\DriverMax\innostp.exe [2015-08-21] (Innovative Solutions)
Task: {9C4B180E-2DEF-4EBE-AE9A-22C61B33DF89} - System32\Tasks\{CC8D996B-6E0A-4E87-B2A8-98559672C237} => pcalua.exe -a C:\Users\Eddy\AppData\Local\Temp\Temp2_Lan_Atheros_1.0.0.10_W7x86W7x64_A.zip\LAN_Atheros(AR8131)_v1.0.0.10_Win7x82x64\setup.exe
Task: {AA3D45BA-E398-448A-878E-AC1A6E9AD9AD} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {CF534F79-D7D5-44D0-A15C-2E6DF442A4FF} - System32\Tasks\{7A2B89EB-70B4-4697-AA4D-3164F03F56B8} => Firefox.exe http://ui.skype.com/...e=tsProgressBar
Task: {E20344C0-2159-48A7-9B17-FA574C9D3F3F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-14] (Adobe Systems Incorporated)
Task: {EAAA3696-D4FF-4017-ABE9-B8BD33E16FC6} - System32\Tasks\G2MUploadTask-S-1-5-21-2949447929-3806749029-1979589009-1000 => C:\Users\Eddy\AppData\Local\Citrix\GoToMeeting\3277\g2mupload.exe [2015-08-31] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {FAA02B21-1141-48BE-AC53-D14456167842} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2949447929-3806749029-1979589009-1000.job => C:\Users\Eddy\AppData\Local\Citrix\GoToMeeting\3277\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2949447929-3806749029-1979589009-1000.job => C:\Users\Eddy\AppData\Local\Citrix\GoToMeeting\3277\g2mupload.exe
Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe

==================== Loaded Modules (Whitelisted) ==============

2015-07-25 13:26 - 2015-08-19 23:10 - 00189440 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxeedrpp.dll
2015-06-22 06:12 - 2015-06-22 06:12 - 01971384 _____ () C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe
2015-06-04 22:39 - 2008-07-29 19:29 - 00200704 _____ () C:\Windows\PLFSetI.exe
2015-02-18 20:49 - 2015-02-18 20:49 - 00030080 _____ () C:\Windows\snuvcdsm.exe
2015-08-19 21:59 - 2015-08-19 22:43 - 00772712 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\lxeemon.exe
2015-08-19 21:58 - 2015-08-19 22:43 - 00150264 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\ezprint.exe
2014-10-20 16:31 - 2014-02-13 15:37 - 00254024 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe
2015-08-19 21:59 - 2010-04-01 12:23 - 00389120 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\lxeescw.dll
2015-08-19 21:58 - 2009-05-27 07:16 - 00192512 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\lxeedatr.dll
2015-08-19 21:59 - 2010-04-01 12:24 - 01159168 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\lxeeDRS.dll
2015-08-19 21:59 - 2009-03-10 00:43 - 00155648 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\lxeecaps.dll
2009-02-20 08:48 - 2015-07-25 13:21 - 00381440 _____ () C:\Windows\system32\lxeesm.dll
2009-02-20 08:48 - 2015-07-25 13:23 - 00023552 _____ () C:\Windows\system32\lxeesmr.dll
2015-08-19 21:58 - 2010-04-05 05:56 - 00716954 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\Epwizard.DLL
2015-08-19 21:58 - 2010-04-05 05:55 - 00159890 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\customui.dll
2015-08-19 21:58 - 2010-04-05 05:54 - 00123033 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\Eputil.DLL
2015-08-19 21:58 - 2010-04-05 05:54 - 00143502 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\Imagutil.DLL
2015-08-19 21:58 - 2010-04-05 05:55 - 00061604 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\Epfunct.DLL
2015-08-19 21:58 - 2010-04-05 05:56 - 02203803 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\EPWizRes.dll
2015-08-19 21:58 - 2010-04-05 05:56 - 00045221 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\epstring.dll
2015-08-19 21:58 - 2010-04-05 05:56 - 00094359 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\EPOEMDll.dll
2015-08-19 21:58 - 2009-04-07 14:25 - 00409600 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\iptk.dll
2015-08-19 21:59 - 2009-03-02 09:25 - 00151552 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\lxeeptp.dll
2015-02-18 20:45 - 2015-08-21 14:58 - 00009752 _____ () C:\Program Files (x86)\Innovative Solutions\DriverMax\sync.dll
2015-08-13 14:37 - 2015-08-13 14:37 - 00976064 _____ () C:\Program Files (x86)\Comodo\GeekBuddy\QtNetwork4.dll
2015-08-13 14:37 - 2015-08-13 14:37 - 02254528 _____ () C:\Program Files (x86)\Comodo\GeekBuddy\QtCore4.dll
2015-08-13 14:37 - 2015-08-13 14:37 - 08024768 _____ () C:\Program Files (x86)\Comodo\GeekBuddy\QtGui4.dll
2015-08-13 14:38 - 2015-08-13 14:38 - 00032960 _____ () C:\Program Files (x86)\Comodo\GeekBuddy\imageformats\qgif4.dll
2015-08-13 14:37 - 2015-08-13 14:37 - 01299648 _____ () C:\Program Files (x86)\Comodo\GeekBuddy\QtScript4.dll
2014-10-20 16:31 - 2014-02-13 15:27 - 00222792 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\traynet.dll
2014-10-20 16:31 - 2014-02-13 15:27 - 00275528 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\libcurl.dll
2014-10-20 16:31 - 2014-02-13 15:27 - 00113166 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\zlib1.dll
2014-10-20 16:31 - 2014-02-13 15:27 - 00249928 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\uexper.dll
2014-10-28 11:29 - 2012-05-25 04:25 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
2015-02-08 19:15 - 2015-02-08 19:15 - 01498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2015-02-08 19:15 - 2015-02-08 19:15 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows\Acer Crystal Eye webcam.EXE:$CmdTcID
AlternateDataStreams: C:\Windows\Image.dll:$CmdTcID
AlternateDataStreams: C:\Windows\notepad.exe:$CmdTcID
AlternateDataStreams: C:\Windows\PLFSetL.exe:$CmdTcID
AlternateDataStreams: C:\Windows\RtlExUpd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\snuvcdsm.exe:$CmdTcID
AlternateDataStreams: C:\Windows\USB_VIDEO_REG.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\acmigration.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\adtschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\advapi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aelupsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aepdu.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aitstatic.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\apisetschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\apphelp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidcertstorecheck.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidpolicyconverter.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appinfo.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appraiser.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atmfd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atmlib.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\audiodg.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\authui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\blackbox.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\certcli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cewmdm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ci.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\clfs.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\clfsw32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\comctl32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\CompatTelRunner.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\consent.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\crypt32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptnet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3d10warp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\davclnt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dciman32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\devinv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\diagtrack.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\difx64.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\diskperf.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\drmmgrtn.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\drmv2clt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dwmapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dwmcore.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\DWrite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxmasf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\FntCache.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\fontsub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\gdi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\generaltel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\gfxSrvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\GfxUI.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\hccutils.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\HdmiCoin.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\hkcmd.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\hpinkcoi8911.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\hpinkins8911.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\hpinksts8911LM.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\HPScanTRDrv_DJ1050_J410.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\HPWia2_DJ1050_J410.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\IccLibDll_x64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ig4icd64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igd10umd64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igdumd64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxcmjit64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxcmrt64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxCoIn_v2858.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxcpl.cpl:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxdev.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\IGFXDEVLib.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxdo.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxexps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxext.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxpers.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxpph.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrara.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrchs.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrcht.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrcsy.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrdan.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrdeu.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrell.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrenu.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxresn.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxress.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrfin.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrfra.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrheb.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrhrv.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrhun.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrita.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrjpn.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrkor.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrnld.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrnor.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrplk.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrptb.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrptg.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrrom.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrrus.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrsky.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrslv.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrsve.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrtha.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxrtrk.lrc:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxsrvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxsrvc.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxTMM.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxtray.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iglhcp64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iglhsip64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\InkEd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\invagent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jnwmon.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\logman.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lpk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeecfg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeecfg.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeecoin.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeecomc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeecoms.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeecu.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeecub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeecui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeecuir.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeecur.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeegcfg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeegrd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeehbn3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeehcp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeeiesc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeeih.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeeinpa.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeeins.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeeinsb.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeeinsr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeejswr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeelmpm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeepmui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeeserv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeesm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeesmr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeeusb1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeevs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\LXEEwupd.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxk_g.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxk_gf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mferror.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfpmp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MpSigStub.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MRT.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msaudite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msctf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msdxm.ocx:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msiexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msihnd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msimsg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msnetobj.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msobjs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msscp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\NETwNc64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\NETwNr64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nlasvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ole32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\oleaut32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcadm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcaevts.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcalua.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcasvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcawrk.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\perftrack.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\poqexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\powertracker.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\quartz.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdpcorets.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RdpGroupPolicyExtension.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdpudd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\relog.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rrinstaller.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\scesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sdbinst.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sechost.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\services.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\setbcdlocale.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\shell32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\shimeng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\spwmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tdh.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tracerpt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\TSWbPrxy.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\typeperf.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tzres.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ubpm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\UtcResources.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\v3DDKAdapterUmode.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WdfCoInstaller01005.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WdfCoInstaller01009.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WdfCoInstaller01011.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wdi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wiafbdrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\win32k.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WindowsCodecs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winload.efi:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winload.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winresume.efi:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winresume.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WinSetupUI.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wintrust.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WinUSBCoInstaller2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmdrmsdk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WMPhoto.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmploc.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wow64cpu.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wow64win.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wpdshext.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wu.upgrade.ps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuapp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuauclt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuaueng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wucltux.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wudriver.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wups.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wups2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuwebv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\adtschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\advapi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\apisetschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\apphelp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\appidapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atmfd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atmlib.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\AudioEng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\AUDIOKSE.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\AudioSes.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\authui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\blackbox.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\certcli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cewmdm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\clfsw32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\comctl32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\credssp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\crypt32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptbase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptnet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3d10warp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\davclnt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dciman32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\diskperf.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\drmmgrtn.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\drmv2clt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dwmapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dwmcore.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\DWrite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dxmasf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\fontsub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\gdi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ig4icd32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\igd10umd32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\igdumd32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\igdumdx32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\igfxcmjit32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\igfxcmrt32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\igfxdv32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\igfxexps32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iglhcp32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iglhsip32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\InkEd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\instnm.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\logman.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\lpk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\lxeecfg.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\lxeecoms.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\lxeeih.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\lxeesm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\lxeesmr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mferror.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mfpmp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mfps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msaudite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msctf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msdxm.ocx:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msiexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msihnd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msimsg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msnetobj.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msobjs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msscp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ncsi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nlaapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\notepad.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntvdm64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ole32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\oleaut32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\poqexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\quartz.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\relog.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\rpcrt4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\rrinstaller.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\scesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\sdbinst.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\sechost.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\secur32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\shell32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\shimeng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\spwmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\srclient.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\sspicli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\tdh.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\tracerpt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\typeperf.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\tzres.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ubpm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\user.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\v3DDKAdapterUmodeWow64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wdi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\WebClnt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\WindowsCodecs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wintrust.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmdrmsdk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\WMPhoto.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmploc.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wow32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wpdshext.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wuapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wuapp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wudriver.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wups.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wuwebv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\amdkmafd.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\appid.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\cng.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\http.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\igdkmd64.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\IntcHdmi.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\L1C62x64.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mbam.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mbamchameleon.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mf.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\MpFilter.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxdav.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb10.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb20.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mwac.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\MxEFUF64.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\NETwNs64.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\NisDrvWFP.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\PEAuth.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\PSKMAD.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\rndismpx.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\Smb_driver_Intel.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\sncduvc.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\snp2uvc.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ssadcm.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ssadwh.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ssudbus.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ssudmdm.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\stream.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\tmcomm.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\usb8023x.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\usbscan.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\v3DDKAdapterKmode.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\WdfCoInstaller01005.dll:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Desktop\20150612_pc_auto_id_card.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Desktop\20150612_pc_auto_id_card.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Desktop\57bb0165-0e97-4ba1-8d18-8cf63d8d50d8_1420219525720.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Desktop\57bb0165-0e97-4ba1-8d18-8cf63d8d50d8_1420219525720.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Desktop\BankingAndCurrencyAndTheMoneyTrust-ByCharlesA.Lindbergh.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Desktop\BankingAndCurrencyAndTheMoneyTrust-ByCharlesA.Lindbergh.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Desktop\compplanbooklet2014 ENGLISH.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Desktop\compplanbooklet2014 ENGLISH.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Desktop\divemaster_brochure.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Desktop\divemaster_brochure.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Desktop\FSS.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Desktop\FSS.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Desktop\tacos de chimpa.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Desktop\TMO_SM-G386T_Galaxy_AVANT_English_Health_Safety_KK_F1.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\cispremium_installer.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\cispremium_installer.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\CoDependenceIntoCoEmpowermentSession1.mp3.part:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\Conscious_Language_Code_MSLUC.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\Conscious_Language_Code_MSLUC.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\DJ1050_J410_1313-1.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\DJ1050_J410_1313-1.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\driver-updater-setup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\driver-updater-setup.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\drivermax_7_67_cnet.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\Family Reunion 2015 brochure.docx:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\Family Reunion 2015 brochure.docx:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\HousecallLauncher64.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\HousecallLauncher64.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\HPSupportSolutionsFramework-en-11.51.0048.msi:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\HPSupportSolutionsFramework-en-11.51.0048.msi:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\HWVendorDetection.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\HWVendorDetection.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\InstallScreencastOMatic-v2-1.8.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\InstallScreencastOMatic-v2-1.8.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\Intel Driver Update Utility Installer.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\Intel Driver Update Utility Installer.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\kinakwii.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\kinakwii.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\LEXMARK_Pro700_wcr_64_en.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\LEXMARK_Pro700_wcr_64_en.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\Lightweight_Scouting_Dissertation.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\mbam-setup-2.1.8.1057.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\mbam-setup-2.1.8.1057.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\new bsa med.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\new bsa med.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\OalmLodgeClientInstaller-3.3.5.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\OalmLodgeClientInstaller-3.3.5.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\PandaCloudCleaner.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\PandaCloudCleaner.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\papa-francesco-motu-proprio_20130711_organi-giudiziari(1).pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\papa-francesco-motu-proprio_20130711_organi-giudiziari(1).pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\papa-francesco-motu-proprio_20130711_organi-giudiziari.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\papa-francesco-motu-proprio_20130711_organi-giudiziari.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\PathToFreedom.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\PathToFreedom.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\Shockwave_Installer_Slim.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\Shockwave_Installer_Slim.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\SKMBT_C45215012611230.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\SKMBT_C45215012611230.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\SkypeSetup_6.14.0.104.msi:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\SlimDrivers-setup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\SlimDrivers-setup.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\The_4_Forces_of_Health_Module_1.mp3.part:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\TrendMicro_MAX_10.0_US-en_Downloader.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\usb140201.zip:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\usb140201.zip:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\ViberSetup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\ViberSetup.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\vlc-2.1.5-win64.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\vlc-2.1.5-win64.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\wgm-masterclass-2015jun-workbook.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\wgm-masterclass-2015jun-workbook.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\WindowsPasswordResetStandardDemoSetup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\WindowsPasswordResetStandardDemoSetup.exe:$CmdZnID

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2949447929-3806749029-1979589009-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Eddy\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{99FCFA16-67B2-4A66-A360-97A63C330772}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{7D5FEF62-F0F4-4201-9854-B678F13E3AAB}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{0F14F19A-4567-457E-920A-912AB51E4A83}] => (Allow) C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
FirewallRules: [{CD78ED65-C708-4542-BF25-26C986FCA8AA}] => (Allow) C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
FirewallRules: [{7D0B3DE5-C4D0-409E-8A56-86E1B44FAFEA}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe
FirewallRules: [{3E7CBA40-67D3-48D1-96B4-A2F641E5205E}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe
FirewallRules: [{349DDBAA-0253-4A64-A116-2D47B4ABACFC}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe
FirewallRules: [{DF407E5D-CB97-49D5-83BA-4158C9D629D3}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe
FirewallRules: [{BC379587-78D8-4CB6-A371-DA08C356F0D0}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
FirewallRules: [{280833EF-9D61-440F-AAB2-390ABEEE28D3}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{F805B827-9D9F-400E-BE4C-4545FB543EBA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A3EB603E-F689-4D30-B0DB-B6EE6CE10C09}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F41D131B-14D0-4B32-B92B-5B01E1018CCF}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [{E351A4E8-8BF4-49C7-855F-24029051AB3C}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [{C1DA5DDC-2F12-41F7-BF6A-7F911C7C0859}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [{A87EBC0D-EFB2-42AD-9967-329771EB7D2F}] => (Allow) C:\Users\Eddy\AppData\Local\Temp\nsz9F1.tmp\CnetInstaller-75444075.exe
FirewallRules: [{D183A71E-B8CC-4D56-86B9-5123C376C825}] => (Allow) C:\Users\Eddy\AppData\Local\Temp\nsz9F1.tmp\CnetInstaller-75444075.exe
FirewallRules: [{6E1BE09F-80A4-4FAA-9A64-AA65811D15AB}] => (Allow) C:\Windows\system32\lxeecoms.exe
FirewallRules: [{21910579-C288-4570-AC82-EF7159AF0663}] => (Allow) C:\Windows\system32\LXEEcoms.exe
FirewallRules: [{4BC98A51-0CB7-40E4-82A6-70BD998BCC87}] => (Allow) C:\Windows\system32\LXEEcoms.exe
FirewallRules: [{6E8D1215-4AD4-4523-B552-7BCE8E3FBDEA}] => (Allow) C:\Windows\system32\LXEEcoms.exe
FirewallRules: [{2BAD0805-A79B-4BFE-B670-FB1CBD2024EC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

==================== Faulty Device Manager Devices =============

Name: Artista Virtual Display (WDDM)
Description: Artista Virtual Display (WDDM)
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Distec GmbH (Data Display Group)
Service: v3DDKAdapterKmode
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.

Name: Artista Virtual Display (WDDM)
Description: Artista Virtual Display (WDDM)
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Distec GmbH (Data Display Group)
Service: v3DDKAdapterKmode
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.

Name: Artista Virtual Display (WDDM)
Description: Artista Virtual Display (WDDM)
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Distec GmbH (Data Display Group)
Service: v3DDKAdapterKmode
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.

Name: Artista Virtual Display (WDDM)
Description: Artista Virtual Display (WDDM)
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Distec GmbH (Data Display Group)
Service: v3DDKAdapterKmode
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/04/2015 06:06:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/04/2015 06:03:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/04/2015 05:52:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/04/2015 05:31:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/04/2015 04:44:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/04/2015 04:03:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/04/2015 10:19:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/03/2015 01:03:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 40.0.3.5716, time stamp: 0x55ddb213
Faulting module name: mozglue.dll, version: 40.0.3.5716, time stamp: 0x55dda062
Exception code: 0x80000003
Fault offset: 0x0000e250
Faulting process id: 0x17a4
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (09/03/2015 12:55:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/02/2015 10:55:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SlimDrivers.exe, version: 2.2.45206.63218, time stamp: 0x54f08646
Faulting module name: ntdll.dll, version: 6.1.7601.18933, time stamp: 0x55a69e20
Exception code: 0xc0000005
Fault offset: 0x0002e423
Faulting process id: 0x9bc
Faulting application start time: 0xSlimDrivers.exe0
Faulting application path: SlimDrivers.exe1
Faulting module path: SlimDrivers.exe2
Report Id: SlimDrivers.exe3


System errors:
=============
Error: (09/04/2015 06:07:02 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
amdkmafd

Error: (09/04/2015 06:06:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The lxeeCATSCustConnectService service failed to start due to the following error:
%%1053

Error: (09/04/2015 06:06:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the lxeeCATSCustConnectService service to connect.

Error: (09/04/2015 06:02:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (09/04/2015 06:02:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (09/04/2015 06:02:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (09/04/2015 06:02:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (09/04/2015 06:02:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (09/04/2015 06:02:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (09/04/2015 06:02:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068


Microsoft Office:
=========================

CodeIntegrity:
===================================
  Date: 2015-09-04 18:05:50.242
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\IntcHdmi.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-09-04 18:05:50.179
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\IntcHdmi.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-09-04 17:50:52.195
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\IntcHdmi.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-09-04 17:50:52.132
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\IntcHdmi.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-09-04 17:29:44.443
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\IntcHdmi.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-09-04 17:29:44.380
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\IntcHdmi.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-09-04 16:42:49.443
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\IntcHdmi.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-09-04 16:42:49.380
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\IntcHdmi.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-09-04 16:01:56.786
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\IntcHdmi.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-09-04 16:01:56.724
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\IntcHdmi.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel® Core™2 Solo CPU U3500 @ 1.40GHz
Percentage of memory in use: 51%
Total physical RAM: 4025.8 MB
Available physical RAM: 1947.1 MB
Total Virtual: 8049.8 MB
Available Virtual: 5847.86 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:297.99 GB) (Free:223.37 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 0A56CDF8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

 

Farbar Service Scanner Version: 26-07-2015
Ran by Eddy (administrator) on 04-09-2015 at 18:21:15
Running from "C:\Users\Eddy\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****


  • 0

#7
Nevan

Nevan

    Trusted Helper

  • Malware Removal
  • 1,765 posts
Hello again, xppc.

About the Skype problem, I don't think that is caused by infection. You might want to try asking for support on the Skype forum.

As your problem about slowness of your system most likely doesn't have anything to do with infections, I'd like to try removing some unnecessary programs from startup so they don't slow down your system.

Please tell me if you'd like to keep anything from the list below. We will not uninstall them, they just won't start up with the system.
  • PLFSetI (TV Tuner for Acer)
  • SynTPEnh (Synaptics touchpad tray icon)
  • SNUVCDSM (Display Setting Monitor from Sonix)
  • EaseUS EPM (EaseUS Partition Master)
  • Wondershare Helper Compact
  • Comodo GeekBuddy
  • Yahoo Messenger
  • DriverMax

  • 0

#8
xppc

xppc

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 147 posts

Hi Nevan. I can uninstall uninstall Geekbuddy, Wondershare and Ease EPM. What Anitvirus with a firewall do you recommend?

All the other programs you listed we can just not have them startup when the system boots. I will try the skype forum again and see if they have any new suggestions and there was not a workable solution before i did my last system restore.

 

Thanks

 

 


  • 0

#9
Nevan

Nevan

    Trusted Helper

  • Malware Removal
  • 1,765 posts
Hello again, xppc.

When it comes to firewall, the Windows one does it's job pretty well and personally I think that it's enough. However, if you really think that you need one, Comodo Firewall is a good option. ZoneAlarm is also a good alternative.

About Antivirus I always recommend either Avast or Microsoft Security Essentials.

You have MSE now and are using Windows' firewall which I think is fine.

Please perform the instructions below.

 
Step #1
4rr98tz.png FRST Fix
  • Download attached fixlist.txt file to your desktop.
    Attached File  fixlist.txt   38.25KB   118 downloads
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Right click FRST64.exe on your desktop and click Run as administrator.
  • Press the Fix button just once and wait.
    NOTE: It's important that both FRST64.exe and fixlist.txt are in the same location or the fix will not work.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished, FRST will generate a log on the desktop (Fixlog.txt). Select all (CTRL+A) the content of the log, copy it (CTRL+C) and paste (CTRL+V) it into your next reply.
 
Step #2
JHlUMFt.png Malwarebytes Anti-Malware

I can see that you currently have Malwarebytes Anti-Malware installed on your computer. We'll use it.
  • Launch Malwarebytes Anti-Malware
  • In Database version section, click Update Now
  • Once the update is done, click Settings>Detection and Protection
  • Make sure that all three boxes under Detection Options are checked
    vG7pLOy.png
  • Go back to Dashboard and click the big, green Scan Now button.
  • Wait for Malwarebytes Anti-Malware to finish the scan
  • If the program will detect anything, click Remove Selected. The program might want to reboot the system. Allow it it wants to.
  • Once the deletion is done (or after reboot), go to History, select Application Logs and click the latest Scan Log.
  • Click Export, then click Copy to Clipboard.
  • Paste (CTRL+V) the log into your next reply.
 
Step #3
jyv2Te8.png ESET Online Scanner
  • Note: This step can only be done using Internet Explorer, Google Chrome or Mozilla Firefox
  • Disable your Antivirus program (click here if you don't know how to do this).
  • Visit ESET site
  • Click RYa1k8g.png
  • When using:
    • Internet Explorer:
      • Accept the Terms of Use and click Start
      • Allow the running of add-on
    • Other browsers:
      • Download esetsmartinstaller_enu.exe that you'll be given link to
      • Double click esetsmartinstaller_enu.exe
      • Allow the Terms of Use and click Start
  • Make sure that the options are set as the example below:
    temh2Om.png
  • Click Start
  • The program will begin to download it's virus database. The speed may vary depending on your Internet connection.
  • When completed, the program will begin to scan. This may take several hours. Please, be patient.
  • Do not do anything on your machine as it may interrupt the scan
  • When the scan is done, click Finish
  • A log.txt file will be created at C:\Program Files (x86)\ESET\ESET Online Scanner. Open it using Notepad.
  • Select all (CTRL+A) the content of the log, copy it (CTRL+C) and paste (CTRL+V) it into your next reply.
Remember to enable your Antivirus program once you're done!

 
EOEdyWG.png Things that should appear in your next post:
  • Fixlog.txt log content
  • Malwarebytes Anti-Malware log content
  • ESET Online Scanner log content
  • Is your system running any better now?

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP