I have an acer timeline 4810t runninb windows 7 home premium sp 1 64 bit . intel core 2 solo cpu u3500 1.4ghz, 4gb memory.
i have comodo antivirus.
i have been having issues with slow boot up and sometime shutdown times. When i open firefox, it sometimes hangs and often i get a script error message. I have used the refresh as suggests by mozilla but still the cpu usage goes to 100% and the computer locks up.
I also am still having problems with skype voice and video when trying to do conference call. there is no problem when using yahoo im. another friend with an acer has no issues using voice or video on skype.
I am considering doing a factory restore and starting over again but thought i would visit my friends on geekstogo again.
thanks in advance for your help
below ar the frst log files
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-08-2015
Ran by Eddy (administrator) on EDDY-PC (21-08-2015 11:53:32)
Running from C:\Users\Eddy\Desktop
Loaded Profiles: Eddy (Available Profiles: Eddy)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
() C:\Windows\PLFSetI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
() C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe
(Innovative Solutions) C:\Program Files (x86)\Innovative Solutions\DriverMax\innostp.exe
( ) C:\Windows\System32\lxeecoms.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Acer Incorporated) C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
() C:\Windows\snuvcdsm.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
() C:\Program Files (x86)\Lexmark Pro700 Series\lxeemon.exe
() C:\Program Files (x86)\Lexmark Pro700 Series\ezprint.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\EpmNews.exe
() C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Innovative Solutions) C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Comodo Inc.) C:\Program Files (x86)\Comodo\IceDragon\icedragon.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdupd.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Microsoft Corporation) C:\Windows\System32\CompatTel\wicainventory.exe
(Mozilla Corporation) C:\Program Files (x86)\Comodo\IceDragon\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [lxeemon.exe] => C:\Program Files (x86)\Lexmark Pro700 Series\lxeemon.exe [772712 2013-01-30] ()
HKLM\...\Run: [EzPrint] => C:\Program Files (x86)\Lexmark Pro700 Series\ezprint.exe [150264 2013-01-30] ()
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2008-07-29] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-18] (Synaptics Incorporated)
HKLM\...\Run: [ODDPwr] => C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe [221728 2009-09-04] (Acer Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [496160 2009-10-02] (Acer Incorporated)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1427648 2015-08-18] (COMODO)
HKLM\...\Run: [PLFSetL] => C:\Windows\PLFSetL.exe [99712 2015-02-18] (Sonix Technology Co., Ltd.)
HKLM\...\Run: [SNUVCDSM] => C:\Windows\snuvcdsm.exe [30080 2015-02-18] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [FileTransferForMobileGo] => C:\Program Files (x86)\Wondershare\MobileGo for Android\FileTransfer.exe [336272 2014-11-05] (Wondershare)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\EpmNews.exe [2086568 2014-03-06] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [EaseUS EPM Tray Agent] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe [254024 2014-02-13] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-09-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1157640 2009-08-18] (Dritek System Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2015-08-20] (Comodo Security Solutions, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2949447929-3806749029-1979589009-1000\...\Run: [Viber] => C:\Users\Eddy\AppData\Local\Viber\Viber.exe [80036560 2015-05-25] ()
HKU\S-1-5-21-2949447929-3806749029-1979589009-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-2949447929-3806749029-1979589009-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7930136 2015-08-12] (SUPERAntiSpyware)
HKU\S-1-5-21-2949447929-3806749029-1979589009-1000\...\Run: [DriverMax] => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [8921128 2015-07-24] (Innovative Solutions)
HKU\S-1-5-21-2949447929-3806749029-1979589009-1000\...\Run: [DriverMax_RESTART] => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [8921128 2015-07-24] (Innovative Solutions)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk [2015-08-20]
ShortcutTarget: Start GeekBuddy.lnk -> C:\Program Files (x86)\Comodo\GeekBuddy\launcher.exe (Comodo Security Solutions, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MobileGo Service.lnk [2015-02-08]
ShortcutTarget: MobileGo Service.lnk -> C:\Program Files (x86)\Wondershare\MobileGo for Android\MobileGoService.exe (Wondershare)
BootExecute: 0Õ
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{60F4962F-BD99-4C60-ABC1-B5558A7B3F69}: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Eddy\AppData\Roaming\Mozilla\Firefox\Profiles\dhxtksxt.default-1435073473531
FF Homepage: hxxps://my.yahoo.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-06-28] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-28] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-05-07] (Adobe Systems, Inc.)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2949447929-3806749029-1979589009-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Eddy\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-11-30] (Citrix Online)
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
BFE" service could not be unlocked. <===== ATTENTION
U2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2015-05-10] (SUPERAntiSpyware.com)
S2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70848 2015-08-20] (Comodo Security Solutions, Inc.)
U2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5542472 2015-08-18] (COMODO)
U3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265792 2015-08-18] (COMODO)
U2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [1994936 2015-06-26] (Comodo)
U2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [786976 2009-10-02] (Acer Incorporated)
U2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2015-08-20] (Comodo Security Solutions, Inc.)
U2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-05-22] (Hewlett-Packard Company)
U2 IceDragonUpdater; C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe [1971384 2015-06-22] ()
U2 lxeeCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxeeserv.exe [45736 2015-08-19] (Lexmark International, Inc.)
S2 lxee_device; C:\Windows\system32\lxeecoms.exe [1052328 2010-04-14] ( )
S2 lxee_device; C:\Windows\SysWOW64\lxeecoms.exe [598696 2010-04-14] ( )
U2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
U3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
U2 ODDPwrSvc; C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [158240 2009-09-04] (Acer Incorporated)
U2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-30] (DEVGURU Co., LTD.)
U3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
U5 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1903552 2014-04-04] (Microsoft Corporation)
U5 ACPI; C:\Windows\System32\drivers\ACPI.sys [334208 2010-11-20] (Microsoft Corporation)
U5 amdkmafd; C:\Windows\System32\DRIVERS\amdkmafd.sys [21600 2015-04-13] (Advanced Micro Devices, Inc.)
U5 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2011-03-11] (Advanced Micro Devices)
U5 atapi; C:\Windows\System32\drivers\atapi.sys [24128 2009-07-13] (Microsoft Corporation)
U5 CLFS; C:\Windows\System32\CLFS.sys [367552 2015-04-15] (Microsoft Corporation)
U1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [21184 2015-08-04] (COMODO)
U1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [806032 2015-08-04] (COMODO)
U1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [45856 2015-08-04] (COMODO)
U5 CNG; C:\Windows\System32\Drivers\cng.sys [459336 2015-03-12] (Microsoft Corporation)
U5 Compbatt; C:\Windows\System32\DRIVERS\compbatt.sys [21584 2009-07-13] (Microsoft Corporation)
U5 Disk; C:\Windows\System32\drivers\disk.sys [73280 2009-07-13] (Microsoft Corporation)
U3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] () [File not signed]
U3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] () [File not signed]
U3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] () [File not signed]
U3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [File not signed]
U5 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-13] (Microsoft Corporation)
U5 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-20] (Microsoft Corporation)
U5 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23408 2012-03-01] (Microsoft Corporation)
U5 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223752 2013-01-24] (Microsoft Corporation)
U5 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-20] (Microsoft Corporation)
U5 iaStor; C:\Windows\System32\DRIVERS\iaStor.sys [408600 2009-06-04] (Intel Corporation)
U1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [105096 2015-08-04] (COMODO)
U5 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95680 2015-07-14] (Microsoft Corporation)
U5 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [155584 2015-07-14] (Microsoft Corporation)
U3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2015-03-19] (Qualcomm Atheros Co., Ltd.)
U5 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94656 2015-03-12] (Microsoft Corporation)
U5 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-05-14] (Microsoft Corporation)
U5 msahci; C:\Windows\System32\drivers\msahci.sys [31104 2010-11-20] (Microsoft Corporation)
U5 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-13] (Microsoft Corporation)
U5 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-13] (Microsoft Corporation)
U5 MxEFUF; C:\Windows\System32\DRIVERS\MxEFUF64.sys [157696 2015-03-23] (Matrox Graphics Inc.)
U5 NDIS; C:\Windows\System32\drivers\ndis.sys [950128 2012-08-22] (Microsoft Corporation)
U2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-05-14] (Microsoft Corporation)
U5 partmgr; C:\Windows\System32\drivers\partmgr.sys [75120 2012-03-17] (Microsoft Corporation)
U5 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-20] (Microsoft Corporation)
U5 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-13] (Microsoft Corporation)
U3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2015-08-19] (Panda Security, S.L.)
U5 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-20] (Microsoft Corporation)
U1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
U1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
U3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [42696 2015-08-20] (Synaptics Incorporated)
U3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806592 2015-02-18] ()
U5 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-13] (Microsoft Corporation)
U3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16056 2015-06-05] (SlimWare Utilities, Inc.)
U3 v3DDKAdapterKmode; C:\Windows\System32\DRIVERS\v3DDKAdapterKmode.sys [130424 2015-06-01] (datronicsoft)
U5 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-13] (Microsoft Corporation)
U5 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-20] (Microsoft Corporation)
U5 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-20] (Microsoft Corporation)
U5 volsnap; C:\Windows\System32\drivers\volsnap.sys [295808 2010-11-20] (Microsoft Corporation)
U5 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785624 2013-06-25] (Microsoft Corporation)
U5 BFE; <===== ATTENTION: Locked Service
U3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
U3 RSUSBSTOR; System32\Drivers\RtsUStor.sys [X]
U3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
U3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-21 11:53 - 2015-08-21 11:55 - 00019834 _____ C:\Users\Eddy\Desktop\FRST.txt
2015-08-21 11:27 - 2015-08-21 11:54 - 00000000 ____D C:\FRST
2015-08-21 11:24 - 2015-08-21 11:25 - 02173952 _____ (Farbar) C:\Users\Eddy\Desktop\FRST64.exe
2015-08-21 01:48 - 2015-08-21 01:48 - 00468668 _____ C:\Users\Eddy\AppData\Local\census.cache
2015-08-21 01:48 - 2015-08-21 01:48 - 00181948 _____ C:\Users\Eddy\AppData\Local\ars.cache
2015-08-21 01:37 - 2015-08-21 01:37 - 00000010 _____ C:\Users\Eddy\AppData\Local\sponge.last.runtime.cache
2015-08-21 01:34 - 2015-08-21 01:34 - 00002697 _____ C:\Users\Public\Desktop\Skype.lnk
2015-08-21 01:34 - 2015-08-21 01:34 - 00002697 _____ C:\ProgramData\Desktop\Skype.lnk
2015-08-21 01:34 - 2015-08-21 01:34 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-21 01:34 - 2015-08-21 01:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-21 01:11 - 2015-08-21 01:13 - 00307352 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2015-08-21 01:11 - 2015-08-21 01:11 - 00000036 _____ C:\Users\Eddy\AppData\Local\housecall.guid.cache
2015-08-21 01:10 - 2015-08-21 01:10 - 02494944 _____ (Trend Micro Inc.) C:\Users\Eddy\Downloads\HousecallLauncher64.exe
2015-08-20 20:50 - 2015-08-20 20:51 - 01806216 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2015-08-20 20:50 - 2015-08-20 20:51 - 00042696 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2015-08-20 19:18 - 2015-08-20 19:18 - 00000000 ____D C:\Program Files\Realtek
2015-08-20 17:51 - 2015-08-20 17:51 - 00002043 _____ C:\Users\Public\Desktop\GeekBuddy.lnk
2015-08-20 17:51 - 2015-08-20 17:51 - 00002043 _____ C:\ProgramData\Desktop\GeekBuddy.lnk
2015-08-20 17:51 - 2015-08-20 17:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo Security Solutions Inc
2015-08-19 20:58 - 2015-08-19 20:58 - 01564121 _____ C:\ProgramData\SPL5714.tmp
2015-08-19 20:44 - 2015-08-19 20:44 - 01043237 _____ C:\ProgramData\SPL1E4.tmp
2015-08-19 02:52 - 2015-08-19 01:27 - 00047632 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2015-08-19 01:28 - 2015-08-19 01:28 - 00001286 _____ C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
2015-08-19 01:28 - 2015-08-19 01:28 - 00001286 _____ C:\ProgramData\Desktop\Panda Cloud Cleaner.lnk
2015-08-19 01:27 - 2015-08-19 01:27 - 00000000 ____D C:\Program Files (x86)\Panda Security
2015-08-19 01:22 - 2015-08-19 01:25 - 32518056 _____ (Panda Security ) C:\Users\Eddy\Downloads\PandaCloudCleaner.exe
2015-08-18 22:50 - 2015-08-18 22:50 - 17334297 _____ C:\Users\Eddy\Downloads\usb140201.zip
2015-08-18 15:34 - 2015-08-18 15:34 - 00000000 ____D C:\Users\Eddy\Documents\New Ebooks & Audio
2015-08-18 15:18 - 2015-08-18 15:18 - 00000000 ____D C:\Users\Eddy\Desktop\MCWE books
2015-08-18 14:52 - 2015-08-18 15:29 - 00000000 ____D C:\Users\Eddy\Documents\resumes
2015-08-17 22:44 - 2015-08-18 12:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-17 18:03 - 2015-08-17 18:03 - 29558024 _____ (Anmosoft, Inc. ) C:\Users\Eddy\Downloads\WindowsPasswordResetStandardDemoSetup.exe
2015-07-28 11:11 - 2015-07-28 11:12 - 00000000 ____D C:\Users\Eddy\Desktop\Mindvalley Academy
2015-07-25 13:44 - 2015-07-25 13:44 - 00000000 ____D C:\Users\Eddy\AppData\Local\CEF
2015-07-25 13:27 - 2015-08-20 10:24 - 00068260 _____ C:\ProgramData\lxeeJSW.log
2015-07-25 11:38 - 2015-07-25 11:42 - 00000000 ____D C:\Users\Eddy\Desktop\Manifestation Miracle
2015-07-24 17:48 - 2015-07-24 17:48 - 05896376 _____ (Innovative Solutions ) C:\Users\Eddy\Downloads\drivermax_7_63_cnet.exe
2015-07-22 15:24 - 2015-07-22 15:25 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-22 15:24 - 2015-07-22 15:24 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-22 15:24 - 2015-07-22 15:24 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-22 15:24 - 2015-07-22 15:24 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-22 15:24 - 2015-07-14 23:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-22 15:24 - 2015-07-14 23:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-22 15:24 - 2015-07-14 23:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-22 15:24 - 2015-07-14 22:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-22 15:24 - 2015-07-14 21:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-22 15:24 - 2015-07-14 21:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-21 11:51 - 2015-05-31 16:10 - 00000652 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2949447929-3806749029-1979589009-1000.job
2015-08-21 11:51 - 2014-10-28 15:19 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat
2015-08-21 11:47 - 2014-10-20 16:09 - 01553305 _____ C:\Windows\WindowsUpdate.log
2015-08-21 11:42 - 2014-10-29 01:42 - 03882650 _____ C:\Windows\system32\Drivers\fvstore.dat
2015-08-21 10:41 - 2009-07-14 00:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-21 10:41 - 2009-07-14 00:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-21 10:34 - 2015-06-06 00:27 - 00002832 _____ C:\Windows\System32\Tasks\SlimDrivers Startup
2015-08-21 10:34 - 2015-06-06 00:27 - 00000408 _____ C:\Windows\Tasks\SlimDrivers Startup.job
2015-08-21 10:33 - 2015-05-12 11:37 - 00003460 _____ C:\Windows\System32\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c
2015-08-21 10:31 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-21 10:31 - 2009-07-14 00:51 - 00081417 _____ C:\Windows\setupact.log
2015-08-21 01:45 - 2014-10-28 11:09 - 00000000 ____D C:\Users\Eddy\AppData\Roaming\Skype
2015-08-21 01:35 - 2014-10-28 11:09 - 00000000 ____D C:\ProgramData\Skype
2015-08-20 20:54 - 2014-10-20 16:58 - 00134960 _____ C:\Windows\DPINST.LOG
2015-08-20 19:04 - 2014-10-20 16:36 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-20 19:01 - 2014-10-20 16:39 - 00000000 ___HD C:\Program Files (x86)\Temp
2015-08-20 18:12 - 2014-10-20 16:39 - 02825944 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2015-08-20 17:51 - 2014-10-28 15:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2015-08-20 10:10 - 2010-11-20 23:47 - 00047288 _____ C:\Windows\PFRO.log
2015-08-19 22:57 - 2009-07-13 20:35 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\wiafbdrv.dll
2015-08-19 22:17 - 2009-07-14 01:13 - 00891680 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-19 19:14 - 2015-01-03 21:57 - 00000000 ____D C:\Users\Eddy\Desktop\Scouts 2015
2015-08-19 02:51 - 2015-03-01 15:26 - 00000000 ____D C:\Users\Eddy\Desktop\iso's
2015-08-19 01:28 - 2014-10-20 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2015-08-18 15:20 - 2015-07-04 15:11 - 00000000 ____D C:\Users\Eddy\Desktop\br ideas
2015-08-18 12:59 - 2014-10-28 11:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-18 11:28 - 2014-10-28 15:19 - 00001985 _____ C:\Users\Public\Desktop\COMODO Internet Security.lnk
2015-08-18 11:28 - 2014-10-28 15:19 - 00001985 _____ C:\ProgramData\Desktop\COMODO Internet Security.lnk
2015-08-17 17:31 - 2015-05-31 16:10 - 00003674 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-2949447929-3806749029-1979589009-1000
2015-08-17 17:31 - 2014-11-30 14:17 - 00003578 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-2949447929-3806749029-1979589009-1000
2015-08-17 17:31 - 2014-11-30 14:17 - 00000556 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2949447929-3806749029-1979589009-1000.job
2015-08-17 01:22 - 2015-05-10 12:12 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-08-04 20:31 - 2013-01-16 19:51 - 00806032 _____ (COMODO) C:\Windows\system32\Drivers\cmdguard.sys
2015-08-04 20:31 - 2013-01-16 19:51 - 00105096 _____ (COMODO) C:\Windows\system32\Drivers\inspect.sys
2015-08-04 20:31 - 2013-01-16 19:51 - 00045856 _____ (COMODO) C:\Windows\system32\Drivers\cmdhlp.sys
2015-08-04 20:31 - 2013-01-16 19:51 - 00021184 _____ (COMODO) C:\Windows\system32\Drivers\cmderd.sys
2015-08-04 20:29 - 2013-01-24 22:43 - 00579408 _____ (COMODO) C:\Windows\system32\guard64.dll
2015-08-04 20:29 - 2013-01-24 22:43 - 00445472 _____ (COMODO) C:\Windows\SysWOW64\guard32.dll
2015-08-04 20:29 - 2013-01-24 22:43 - 00041224 _____ (COMODO) C:\Windows\system32\cmdcsr.dll
2015-08-04 20:28 - 2013-01-24 22:42 - 00358080 _____ (COMODO) C:\Windows\system32\cmdvrt64.dll
2015-08-04 20:28 - 2013-01-24 22:42 - 00045760 _____ (COMODO) C:\Windows\system32\cmdkbd64.dll
2015-08-04 20:27 - 2013-01-24 22:42 - 00288448 _____ (COMODO) C:\Windows\SysWOW64\cmdvrt32.dll
2015-08-04 20:26 - 2013-01-24 22:42 - 00040640 _____ (COMODO) C:\Windows\SysWOW64\cmdkbd32.dll
2015-07-30 00:19 - 2014-11-30 14:45 - 00000000 ____D C:\Users\Eddy\Desktop\Satsang Calls
2015-07-30 00:04 - 2009-07-13 23:20 - 00000000 __RHD C:\Users\Public\Libraries
2015-07-28 13:39 - 2015-01-27 16:26 - 00000000 ____D C:\Users\Eddy\Desktop\hmmm
2015-07-25 13:45 - 2014-10-20 23:03 - 00000000 ____D C:\Users\Eddy\AppData\Roaming\Adobe
2015-07-25 13:44 - 2014-10-28 21:34 - 00000000 ____D C:\Users\Eddy\AppData\Local\Adobe
2015-07-25 13:25 - 2015-01-03 13:10 - 00000000 ____D C:\Users\Eddy\Desktop\Acer 4810T Stuff
2015-07-25 13:23 - 2009-10-21 10:06 - 00148480 _____ () C:\Windows\system32\lxeecuir.dll
2015-07-25 13:21 - 2010-04-13 19:41 - 00836608 _____ ( ) C:\Windows\system32\lxeecoin.dll
2015-07-25 13:21 - 2009-11-09 08:06 - 00065536 _____ C:\Windows\system32\lxeegcfg.dll
2015-07-25 13:21 - 2009-10-21 10:06 - 00399360 _____ () C:\Windows\system32\lxeecui.dll
2015-07-25 13:21 - 2008-04-30 06:32 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lxk_g.dll
2015-07-25 13:21 - 2008-04-30 06:32 - 00983121 _____ (Microsoft Corporation) C:\Windows\system32\lxk_gf.dll
2015-07-25 13:21 - 2008-03-05 02:55 - 00109056 _____ () C:\Windows\system32\lxeevs.dll
2015-07-24 17:51 - 2015-02-18 20:45 - 00001238 _____ C:\Users\Eddy\Desktop\DriverMax.lnk
2015-07-24 17:51 - 2015-02-18 20:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverMax
2015-07-22 16:49 - 2014-12-25 11:07 - 00000000 ____D C:\Users\Eddy\AppData\Roaming\vlc
2015-07-22 15:48 - 2015-06-26 12:54 - 00000000 ____D C:\Users\Eddy\AppData\Roaming\dvdcss
2015-07-22 15:36 - 2009-07-14 00:45 - 00419648 _____ C:\Windows\system32\FNTCACHE.DAT
==================== Files in the root of some directories =======
2015-08-21 01:48 - 2015-08-21 01:48 - 0181948 _____ () C:\Users\Eddy\AppData\Local\ars.cache
2015-08-21 01:48 - 2015-08-21 01:48 - 0468668 _____ () C:\Users\Eddy\AppData\Local\census.cache
2015-08-21 01:11 - 2015-08-21 01:11 - 0000036 _____ () C:\Users\Eddy\AppData\Local\housecall.guid.cache
2015-06-04 22:36 - 2015-06-04 22:36 - 0005324 _____ () C:\Users\Eddy\AppData\Local\HWVendorDetection.log
2015-08-21 01:37 - 2015-08-21 01:37 - 0000010 _____ () C:\Users\Eddy\AppData\Local\sponge.last.runtime.cache
2014-11-28 19:49 - 2014-11-28 19:49 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-06-06 10:25 - 2015-06-06 10:25 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-07-25 13:27 - 2015-08-20 10:24 - 0068260 _____ () C:\ProgramData\lxeeJSW.log
2015-08-19 20:44 - 2015-08-19 20:44 - 1043237 _____ () C:\ProgramData\SPL1E4.tmp
2015-08-19 20:58 - 2015-08-19 20:58 - 1564121 _____ () C:\ProgramData\SPL5714.tmp
2015-05-12 13:16 - 2015-05-12 13:16 - 0000252 _____ () C:\ProgramData\FastPics.log
2015-05-12 12:23 - 2015-05-12 12:23 - 0000166 _____ () C:\ProgramData\lxee.log
2015-05-12 13:11 - 2015-05-12 13:14 - 0000514 _____ () C:\ProgramData\lxeescan.log
2015-05-12 12:22 - 2015-05-12 12:22 - 0000000 _____ () C:\ProgramData\UpdaterLog.txt
Some files in TEMP:
====================
C:\Users\Eddy\AppData\Local\Temp\pc-support-bar-setup.exe
C:\Users\Eddy\AppData\Local\Temp\DriverDetective.exe
C:\Users\Eddy\AppData\Local\Temp\install_flashplayer15x32_mssd_aaa_aih.exe
C:\Users\Eddy\AppData\Local\Temp\install_flashplayer15x32_mssd_aaa_aih_1.exe
C:\Users\Eddy\AppData\Local\Temp\install_reader11_en_mssd_aaa_aih.exe
C:\Users\Eddy\AppData\Local\Temp\ose00000.exe
C:\Users\Eddy\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-08-17 20:12
==================== End of log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:21-08-2015
Ran by Eddy (2015-08-21 11:57:58)
Running from C:\Users\Eddy\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2949447929-3806749029-1979589009-500 - Administrator - Disabled)
Eddy (S-1-5-21-2949447929-3806749029-1979589009-1000 - Administrator - Enabled) => C:\Users\Eddy
Guest (S-1-5-21-2949447929-3806749029-1979589009-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2949447929-3806749029-1979589009-1002 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Acer Crystal Eye Webcam (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.2.7.1 - Suyin Optronics Corp)
Acer PowerSmart Manager (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.07.3008 - Acer Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.2.202.235 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.22 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{0A107E17-B5C5-DFE3-6EAA-E6A68A4B82FD}) (Version: 3.0.741.0 - ATI Technologies, Inc.)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
ccc-core-static (x32 Version: 2009.0904.1410.23535 - ATI) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5143 - CDBurnerXP)
Citrix Online Launcher (HKLM-x32\...\{8A16C63D-027A-4645-B394-C033665D0195}) (Version: 1.0.325 - Citrix)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 43.3.3.185 - Comodo)
Comodo IceDragon (HKLM-x32\...\Comodo IceDragon) (Version: 38.0.5.2 - COMODO)
COMODO Internet Security (HKLM\...\{BCC0552D-76C0-4130-BFBD-49BE49ACC594}) (Version: 6.0.2566.2708 - COMODO Security Solutions Inc.)
Driver Detective (HKLM-x32\...\DriversHQ.DriverDetective.Client) (Version: 10.0.3.13 - PC Drivers HeadQuarters LP)
DriverMax 7 (HKLM-x32\...\DMX5_is1) (Version: 7.63.0.1160 - Innovative Solutions)
EaseUS Partition Master 10.1 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
EasyBCD 2.0 (HKLM-x32\...\EasyBCD) (Version: 2.0 - NeoSmart Technologies)
GeekBuddy (HKLM-x32\...\{AA722B93-B5B3-48DE-912A-81C0926D22AE}) (Version: 4.21.144 - Comodo Security Solutions Inc)
GoToMeeting 7.2.4.3215 (HKU\S-1-5-21-2949447929-3806749029-1979589009-1000\...\GoToMeeting) (Version: 7.2.4.3215 - CitrixOnline)
HP Deskjet 1050 J410 series Basic Device Software (HKLM\...\{F294770E-F869-400F-81C3-614B5F13CA54}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 1050 J410 series Help (HKLM-x32\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard)
HP Deskjet 1050 J410 series Product Improvement Study (HKLM\...\{5848A26C-E4BC-4A13-AA8D-810BA344475A}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8600 Basic Device Software (HKLM\...\{791A06E2-340F-43B0-8FAB-62D151339362}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Help (HKLM-x32\...\{46235FF7-2CBE-4A84-BEDA-87348D1F7850}) (Version: 28.0.0 - Hewlett Packard)
HP Officejet Pro 8600 Product Improvement Study (HKLM\...\{2BF5E9CC-C55D-4B0F-ACAF-FFE77F333CD8}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3341 - HP Photo Creations Powered by RocketLife)
HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
IIS 7.5 Express (HKLM-x32\...\{3A30B5F5-F12C-490F-8CD4-D200C75DF7E8}) (Version: 7.5.1190 - Microsoft Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.02 - Acer Inc.)
Lexmark Pro700 Series (HKLM\...\Lexmark Pro700 Series) (Version: - Lexmark International, Inc.)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Sync Framework 2.1 Core Components (x86) ENU (HKLM-x32\...\{7AC8EF88-D996-4D47-B40C-4DD93E307481}) (Version: 2.1.1648.0 - Microsoft Corporation)
Microsoft Sync Framework 2.1 Database Providers (x86) ENU (HKLM-x32\...\{296E293F-C481-4DDE-9ED2-3F79FCF38731}) (Version: 3.1.1648.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Mozilla Firefox 40.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 40.0.2 (x86 en-US)) (Version: 40.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.2.5702 - Mozilla)
OA LodgeMaster Lodge Client 3.3.5 (HKLM-x32\...\{48ce1c6c-5d07-40bd-94ce-45746fedb6ec}) (Version: 3.3.5 - Order Of The Arrow, Boy Scouts Of America)
OA LodgeMaster Lodge Client 3.3.5 (x32 Version: 3.3.5 - Order Of The Arrow, Boy Scouts Of America) Hidden
Optical Drive Power Management (HKLM-x32\...\{AE09C972-EEB2-4DA5-8090-0FCF54576854}) (Version: 1.01.3002 - Acer Incorporated)
Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.0.107 - Panda Security)
Panda USB Vaccine 1.0.1.16 (HKLM-x32\...\{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1) (Version: - Panda Security)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30093 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.93 (HKLM-x32\...\Revo Uninstaller) (Version: 1.93 - VS Revo Group)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
SlimDrivers (HKLM-x32\...\{5AD12E7A-D739-4451-9BD1-3610EC56D8F5}) (Version: 2.2.45206 - SlimWare Utilities, Inc.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1186 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.2.0 - Synaptics Incorporated)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Viber (HKU\S-1-5-21-2949447929-3806749029-1979589009-1000\...\Viber) (Version: 5.1.1.15 - Viber Media Inc)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Wondershare MobileGo for Android ( Version 5.3.2 ) (HKLM-x32\...\{1E04C795-7359-4E05-8A0E-5644F777AA08}_is1) (Version: 5.3.2 - Wondershare)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2949447929-3806749029-1979589009-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Eddy\AppData\Local\Citrix\GoToMeeting\2759\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
==================== Restore Points =========================
Could not list restore points
Check "winmgmt" service or repair WMI.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00815410-70D1-4E64-85C7-CDF5F7AFA8D5} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe [2010-06-01] ()
Task: {0C76578A-D416-4BE3-A8DA-404CE4C76A6D} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-18] (COMODO)
Task: {14A93FEC-8509-400B-ACB4-CAEB3A2769B9} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-08-18] (COMODO)
Task: {16B94025-12D5-4AE6-B9F1-4F2E3E9C4115} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-18] (COMODO)
Task: {2375650A-9111-4FDB-8568-F40EB6F6C4C0} - System32\Tasks\{D6185235-F860-42A7-BBB8-E0D5DE27EB86} => pcalua.exe -a C:\Users\Eddy\AppData\Local\Temp\Temp2_Camera_Suyin_5.2.7.1_W7x64W7x86_A.zip\Webcam_Suyin(Rose3G_LavenderG)_v5.2.7.1_Win7x86x64\Setup.exe
Task: {2BB6AB29-A60A-4C4D-B96A-803B24B65A6E} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-18] (COMODO)
Task: {66FA665E-C9A9-426E-9E4B-BD20E07B19A8} - System32\Tasks\G2MUpdateTask-S-1-5-21-2949447929-3806749029-1979589009-1000 => C:\Users\Eddy\AppData\Local\Citrix\GoToMeeting\3215\g2mupdate.exe [2015-08-17] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {69C32493-DB53-4DD5-8B21-3A1F4AB95390} - System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2015-01-30] (Hewlett-Packard Co.)
Task: {6AE675BD-B3B2-41E0-B47C-B8EFB97A04C5} - System32\Tasks\{7ADA8680-CF5F-416A-85B8-DAEC3FBFB40D} => pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller"
Task: {77087366-DC8E-4201-A270-1D39088167E9} - System32\Tasks\SlimDrivers Startup => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [2015-02-27] (SlimWare Utilities, Inc.)
Task: {87C12831-3298-4195-8008-653EFD97F685} - System32\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c => C:\Program Files (x86)\Innovative Solutions\DriverMax\innostp.exe [2015-07-24] (Innovative Solutions)
Task: {9C4B180E-2DEF-4EBE-AE9A-22C61B33DF89} - System32\Tasks\{CC8D996B-6E0A-4E87-B2A8-98559672C237} => pcalua.exe -a C:\Users\Eddy\AppData\Local\Temp\Temp2_Lan_Atheros_1.0.0.10_W7x86W7x64_A.zip\LAN_Atheros(AR8131)_v1.0.0.10_Win7x82x64\setup.exe
Task: {A5B2323B-ECC1-46B4-AA71-FEA4A2925100} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-18] (COMODO)
Task: {CF534F79-D7D5-44D0-A15C-2E6DF442A4FF} - System32\Tasks\{7A2B89EB-70B4-4697-AA4D-3164F03F56B8} => Firefox.exe http://ui.skype.com/...e=tsProgressBar
Task: {E20344C0-2159-48A7-9B17-FA574C9D3F3F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-14] (Adobe Systems Incorporated)
Task: {EAAA3696-D4FF-4017-ABE9-B8BD33E16FC6} - System32\Tasks\G2MUploadTask-S-1-5-21-2949447929-3806749029-1979589009-1000 => C:\Users\Eddy\AppData\Local\Citrix\GoToMeeting\3215\g2mupload.exe [2015-08-17] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {FAA02B21-1141-48BE-AC53-D14456167842} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2949447929-3806749029-1979589009-1000.job => C:\Users\Eddy\AppData\Local\Citrix\GoToMeeting\3215\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2949447929-3806749029-1979589009-1000.job => C:\Users\Eddy\AppData\Local\Citrix\GoToMeeting\3215\g2mupload.exe
Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
Task: C:\Windows\Tasks\Driver Detective-RTMRules.job => C:\Program Files (x86)\Driver Detective\DriversHQ.DriverDetective.Client.exe
Task: C:\Windows\Tasks\Driver Detective-RTMScan.job => C:\Program Files (x86)\Driver Detective\DriversHQ.DriverDetective.Client.exe
Task: C:\Windows\Tasks\Driver Detective-RTMScanRunOnce.job => C:\Program Files (x86)\Driver Detective\DriversHQ.DriverDetective.Client.exe
Task: C:\Windows\Tasks\Driver Detective-RTMUpdater.job => C:\Program Files (x86)\Driver Detective\DriversHQ.DriverDetective.Client.exe
==================== Loaded Modules (Whitelisted) ==============
2015-07-25 13:26 - 2015-08-19 23:10 - 00189440 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxeedrpp.dll
2015-06-04 22:39 - 2008-07-29 19:29 - 00200704 _____ () C:\Windows\PLFSetI.exe
2015-06-22 06:12 - 2015-06-22 06:12 - 01971384 _____ () C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe
2015-02-18 20:49 - 2015-02-18 20:49 - 00030080 _____ () C:\Windows\snuvcdsm.exe
2015-05-12 12:24 - 2013-01-30 15:25 - 00772712 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\lxeemon.exe
2015-05-12 12:24 - 2013-01-30 15:25 - 00150264 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\ezprint.exe
2014-10-20 16:31 - 2014-02-13 15:37 - 00254024 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe
2012-12-14 20:46 - 2015-01-08 18:02 - 00067808 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2015-05-12 12:24 - 2010-04-01 12:23 - 00389120 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\lxeescw.dll
2015-05-12 12:24 - 2009-05-27 07:16 - 00192512 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\lxeedatr.dll
2015-05-12 12:24 - 2010-04-01 12:24 - 01159168 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\lxeeDRS.dll
2015-05-12 12:24 - 2009-03-10 00:43 - 00155648 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\lxeecaps.dll
2015-05-12 12:22 - 2009-02-20 03:48 - 00381440 _____ () C:\Windows\system32\lxeesm.dll
2015-05-12 12:22 - 2009-02-20 03:48 - 00023552 _____ () C:\Windows\system32\lxeesmr.dll
2015-05-12 12:24 - 2010-04-05 05:56 - 00716954 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\Epwizard.DLL
2015-05-12 12:24 - 2010-04-05 05:55 - 00159890 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\customui.dll
2015-05-12 12:24 - 2010-04-05 05:54 - 00123033 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\Eputil.DLL
2015-05-12 12:24 - 2010-04-05 05:54 - 00143502 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\Imagutil.DLL
2015-05-12 12:24 - 2010-04-05 05:55 - 00061604 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\Epfunct.DLL
2015-05-12 12:24 - 2010-04-05 05:56 - 02203803 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\EPWizRes.dll
2015-05-12 12:24 - 2010-04-05 05:56 - 00045221 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\epstring.dll
2015-05-12 12:24 - 2010-04-05 05:56 - 00094359 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\EPOEMDll.dll
2015-05-12 12:24 - 2009-04-07 14:25 - 00409600 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\iptk.dll
2015-05-12 12:24 - 2009-03-02 09:25 - 00151552 _____ () C:\Program Files (x86)\Lexmark Pro700 Series\lxeeptp.dll
2014-10-20 16:31 - 2014-02-13 15:27 - 00222792 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\traynet.dll
2014-10-20 16:31 - 2014-02-13 15:27 - 00275528 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\libcurl.dll
2014-10-20 16:31 - 2014-02-13 15:27 - 00113166 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\zlib1.dll
2014-10-20 16:31 - 2014-02-13 15:27 - 00249928 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\uexper.dll
2015-08-13 14:37 - 2015-08-13 14:37 - 00976064 _____ () C:\Program Files (x86)\Comodo\GeekBuddy\QtNetwork4.dll
2015-08-13 14:37 - 2015-08-13 14:37 - 02254528 _____ () C:\Program Files (x86)\Comodo\GeekBuddy\QtCore4.dll
2015-08-13 14:37 - 2015-08-13 14:37 - 08024768 _____ () C:\Program Files (x86)\Comodo\GeekBuddy\QtGui4.dll
2015-08-13 14:38 - 2015-08-13 14:38 - 00032960 _____ () C:\Program Files (x86)\Comodo\GeekBuddy\imageformats\qgif4.dll
2015-08-13 14:37 - 2015-08-13 14:37 - 01299648 _____ () C:\Program Files (x86)\Comodo\GeekBuddy\QtScript4.dll
2015-02-08 18:53 - 2014-10-31 17:37 - 01498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2015-02-08 18:53 - 2014-05-19 18:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2014-10-28 11:29 - 2012-05-25 04:25 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
2015-02-18 20:45 - 2015-07-24 17:51 - 00008760 _____ () C:\Program Files (x86)\Innovative Solutions\DriverMax\sync.dll
2015-08-17 01:25 - 2015-08-17 01:25 - 17482952 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows\Acer Crystal Eye webcam.EXE:$CmdTcID
AlternateDataStreams: C:\Windows\Image.dll:$CmdTcID
AlternateDataStreams: C:\Windows\PLFSetL.exe:$CmdTcID
AlternateDataStreams: C:\Windows\RtlExUpd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\snuvcdsm.exe:$CmdTcID
AlternateDataStreams: C:\Windows\USB_VIDEO_REG.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\acmigration.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\adtschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\advapi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aelupsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aepdu.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aitstatic.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\apisetschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\apphelp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidcertstorecheck.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidpolicyconverter.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appinfo.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\audiodg.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\auditpol.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\authui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\blackbox.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\certcli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cewmdm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ci.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\clfs.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\clfsw32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\comctl32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\CompatTelRunner.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\conhost.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\consent.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\credssp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\crypt32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptbase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptnet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\csrsrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\devinv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\diagtrack.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\diskperf.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\drmmgrtn.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\drmv2clt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dwmapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dwmcore.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\DWrite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxmasf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxtmsft.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxtrans.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\FntCache.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\fontsub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\gdi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\generaltel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\HdmiCoin.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\hpinkcoi8911.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\hpinkins8911.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\hpinksts8911LM.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\HPScanTRDrv_DJ1050_J410.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\HPWia2_DJ1050_J410.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ie4uinit.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieapfltr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iedkcs32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwcollector.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwcollectorres.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwproxystub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieframe.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iernonce.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iertutil.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iesetup.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieUnatt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\inetcpl.cpl:$CmdTcID
AlternateDataStreams: C:\Windows\system32\InkEd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\JavaScriptCollectionAgent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jnwmon.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jscript9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jscript9diag.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jsproxy.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\kerberos.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\kernel32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\KernelBase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\logman.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lsasrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lsass.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeecoin.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeecui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeecuir.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeegcfg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxeevs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxk_g.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lxk_gf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mferror.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfpmp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MpSigStub.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MRT.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msaudite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msctf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msdxm.ocx:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msfeeds.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtml.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MshtmlDac.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtmled.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtmlmedia.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msiexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msihnd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msimsg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msmmsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msnetobj.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msobjs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msrating.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msscp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MsSpellCheckingFacility.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mstscax.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msv1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml3r.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ncrypt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\NETwNc64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\NETwNr64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nlasvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ntdll.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ntoskrnl.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ntvdm64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ole32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\oleaut32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcadm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcaevts.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcalua.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcasvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcawrk.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\perftrack.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\poqexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\powertracker.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\quartz.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdpcorets.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RdpGroupPolicyExtension.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdpudd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdvidcrl.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\relog.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rpcrt4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rrinstaller.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rstrui.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\scesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\schannel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sdbinst.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sechost.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\secur32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\services.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\setbcdlocale.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\shell32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\shimeng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\smss.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\spwmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\srclient.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\srcore.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sspicli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sspisrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tdh.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tracerpt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tsgqec.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\TSpkg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\TSWbPrxy.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\typeperf.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ubpm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\urlmon.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\UtcResources.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\v3DDKAdapterUmode.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\vbscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WdfCoInstaller01005.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WdfCoInstaller01009.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WdfCoInstaller01011.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wdi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wdigest.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wiafbdrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\win32k.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WindowsCodecs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wininet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winload.efi:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winload.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winresume.efi:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winresume.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WinSetupUI.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winsrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wintrust.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WinUSBCoInstaller2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmdrmsdk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WMPhoto.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmploc.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wow64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wow64cpu.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wow64win.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wpdshext.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wu.upgrade.ps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuapp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuauclt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuaueng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wucltux.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wudriver.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wups.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wups2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuwebv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\adtschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\advapi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\apisetschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\apphelp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\appidapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\AudioEng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\AUDIOKSE.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\AudioSes.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\auditpol.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\authui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\blackbox.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\certcli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cewmdm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\clfsw32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\comctl32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\credssp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\crypt32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptbase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptnet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dciman32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\diskperf.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\drmmgrtn.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\drmv2clt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dwmapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dwmcore.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\DWrite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dxmasf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dxtmsft.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dxtrans.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\fontsub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\gdi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieapfltr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iedkcs32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieetwproxystub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieframe.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iernonce.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iertutil.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iesetup.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieUnatt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\inetcpl.cpl:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\InkEd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\instnm.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jscript9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jscript9diag.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jsproxy.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\kerberos.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\kernel32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\KernelBase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\logman.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\lpk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mferror.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mfpmp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mfps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msaudite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msctf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msdxm.ocx:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msfeeds.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mshtml.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\MshtmlDac.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mshtmled.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mshtmlmedia.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msiexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msihnd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msimsg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msnetobj.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msobjs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msrating.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msscp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mstscax.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msv1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msxml3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msxml3r.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ncrypt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ncsi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nlaapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntdll.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntkrnlpa.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntoskrnl.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntvdm64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ole32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\oleaut32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\poqexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\quartz.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\rdvidcrl.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\relog.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\rpcrt4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\rrinstaller.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\scesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\schannel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\sdbinst.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\sechost.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\secur32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\setup16.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\shell32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\shimeng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\spwmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\srclient.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\sspicli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\tdh.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\tracerpt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\tsgqec.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\TSpkg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\typeperf.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ubpm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\urlmon.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\user.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\v3DDKAdapterUmodeWow64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\vbscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wdi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wdigest.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\WindowsCodecs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wininet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wintrust.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmdrmsdk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\WMPhoto.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmploc.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wow32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wpdshext.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wuapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wuapp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wudriver.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wups.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wuwebv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\amdkmafd.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\appid.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\cng.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\http.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\IntcHdmi.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ksecdd.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ksecpkg.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\L1C62x64.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mf.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mountmgr.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\MpFilter.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxdav.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb10.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb20.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\MxEFUF64.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\NETwNs64.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\NisDrvWFP.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\PEAuth.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\PSKMAD.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\rndismpx.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\Smb_driver_Intel.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\sncduvc.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\snp2uvc.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ssadcm.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ssadwh.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ssudbus.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ssudmdm.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\stream.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\tmcomm.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\usb8023x.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\usbscan.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\v3DDKAdapterKmode.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\WdfCoInstaller01005.dll:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Desktop\20150612_pc_auto_id_card.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Desktop\20150612_pc_auto_id_card.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Desktop\57bb0165-0e97-4ba1-8d18-8cf63d8d50d8_1420219525720.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Desktop\57bb0165-0e97-4ba1-8d18-8cf63d8d50d8_1420219525720.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Desktop\BankingAndCurrencyAndTheMoneyTrust-ByCharlesA.Lindbergh.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Desktop\BankingAndCurrencyAndTheMoneyTrust-ByCharlesA.Lindbergh.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Desktop\compplanbooklet2014 ENGLISH.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Desktop\compplanbooklet2014 ENGLISH.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Desktop\divemaster_brochure.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Desktop\divemaster_brochure.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Desktop\FRST64.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Desktop\FRST64.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Desktop\tacos de chimpa.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Desktop\TMO_SM-G386T_Galaxy_AVANT_English_Health_Safety_KK_F1.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\CoDependenceIntoCoEmpowermentSession1.mp3.part:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\Conscious_Language_Code_MSLUC.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\Conscious_Language_Code_MSLUC.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\DJ1050_J410_1313-1.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\DJ1050_J410_1313-1.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\driver-updater-setup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\driver-updater-setup.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\drivermax_7_61_cnet.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\drivermax_7_61_cnet.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\drivermax_7_63_cnet.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\drivermax_7_63_cnet.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\Family Reunion 2015 brochure.docx:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\Family Reunion 2015 brochure.docx:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\HousecallLauncher64.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\HousecallLauncher64.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\HPSupportSolutionsFramework-en-11.51.0048.msi:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\HPSupportSolutionsFramework-en-11.51.0048.msi:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\HWVendorDetection.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\HWVendorDetection.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\InstallScreencastOMatic-v2-1.8.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\InstallScreencastOMatic-v2-1.8.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\Intel Driver Update Utility Installer.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\Intel Driver Update Utility Installer.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\kinakwii.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\kinakwii.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\LEXMARK_Pro700_wcr_64_en.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\LEXMARK_Pro700_wcr_64_en.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\Lightweight_Scouting_Dissertation.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\new bsa med.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\new bsa med.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\OalmLodgeClientInstaller-3.3.5.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\OalmLodgeClientInstaller-3.3.5.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\PandaCloudCleaner.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\PandaCloudCleaner.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\papa-francesco-motu-proprio_20130711_organi-giudiziari(1).pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\papa-francesco-motu-proprio_20130711_organi-giudiziari(1).pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\papa-francesco-motu-proprio_20130711_organi-giudiziari.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\papa-francesco-motu-proprio_20130711_organi-giudiziari.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\PathToFreedom.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\PathToFreedom.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\Shockwave_Installer_Slim.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\Shockwave_Installer_Slim.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\SKMBT_C45215012611230.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\SKMBT_C45215012611230.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\SlimDrivers-setup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\SlimDrivers-setup.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\The_4_Forces_of_Health_Module_1.mp3.part:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\usb140201.zip:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\usb140201.zip:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\ViberSetup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\ViberSetup.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\vlc-2.1.5-win64.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\vlc-2.1.5-win64.exe:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\wgm-masterclass-2015jun-workbook.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\wgm-masterclass-2015jun-workbook.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Eddy\Downloads\WindowsPasswordResetStandardDemoSetup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Eddy\Downloads\WindowsPasswordResetStandardDemoSetup.exe:$CmdZnID
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2949447929-3806749029-1979589009-1000\...\driversupport.com -> hxxp://apps.driversupport.com
IE trusted site: HKU\S-1-5-21-2949447929-3806749029-1979589009-1000\...\driversupport.com -> hxxps://apps.driversupport.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2949447929-3806749029-1979589009-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Eddy\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
mpsdrv Firewall Service is not running.
MpsSvc Firewall Service is not running.
bfe Firewall Service is not running.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{9D434B39-5E99-403B-87F5-B94D166F7AFE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{99FCFA16-67B2-4A66-A360-97A63C330772}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{7D5FEF62-F0F4-4201-9854-B678F13E3AAB}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{0F14F19A-4567-457E-920A-912AB51E4A83}] => (Allow) C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
FirewallRules: [{CD78ED65-C708-4542-BF25-26C986FCA8AA}] => (Allow) C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
FirewallRules: [{7D0B3DE5-C4D0-409E-8A56-86E1B44FAFEA}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe
FirewallRules: [{3E7CBA40-67D3-48D1-96B4-A2F641E5205E}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe
FirewallRules: [{349DDBAA-0253-4A64-A116-2D47B4ABACFC}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe
FirewallRules: [{DF407E5D-CB97-49D5-83BA-4158C9D629D3}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe
FirewallRules: [{BC379587-78D8-4CB6-A371-DA08C356F0D0}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
FirewallRules: [{280833EF-9D61-440F-AAB2-390ABEEE28D3}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{F805B827-9D9F-400E-BE4C-4545FB543EBA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A3EB603E-F689-4D30-B0DB-B6EE6CE10C09}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F41D131B-14D0-4B32-B92B-5B01E1018CCF}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [{E351A4E8-8BF4-49C7-855F-24029051AB3C}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [{C1DA5DDC-2F12-41F7-BF6A-7F911C7C0859}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [{A87EBC0D-EFB2-42AD-9967-329771EB7D2F}] => (Allow) C:\Users\Eddy\AppData\Local\Temp\nsz9F1.tmp\CnetInstaller-75444075.exe
FirewallRules: [{D183A71E-B8CC-4D56-86B9-5123C376C825}] => (Allow) C:\Users\Eddy\AppData\Local\Temp\nsz9F1.tmp\CnetInstaller-75444075.exe
FirewallRules: [{6E1BE09F-80A4-4FAA-9A64-AA65811D15AB}] => (Allow) C:\Windows\system32\lxeecoms.exe
FirewallRules: [{21910579-C288-4570-AC82-EF7159AF0663}] => (Allow) C:\Windows\system32\LXEEcoms.exe
FirewallRules: [{4BC98A51-0CB7-40E4-82A6-70BD998BCC87}] => (Allow) C:\Windows\system32\LXEEcoms.exe
FirewallRules: [{6E8D1215-4AD4-4523-B552-7BCE8E3FBDEA}] => (Allow) C:\Windows\system32\LXEEcoms.exe
==================== Faulty Device Manager Devices =============
Could not list Devices. Check "winmgmt" service or repair WMI.
==================== Event log errors: =========================
Could not start eventlog service, could not read events.
System error 123 has occurred.
The filename, directory name, or volume label syntax is incorrect.
==================== Memory info ===========================
Processor: Intel® Core2 Solo CPU U3500 @ 1.40GHz
Percentage of memory in use: 55%
Total physical RAM: 4025.8 MB
Available physical RAM: 1779.31 MB
Total Virtual: 8049.8 MB
Available Virtual: 4975.42 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:297.99 GB) (Free:221.12 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 0A56CDF8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)
==================== End of log ============================