Dear Geeks,
Please help me give this 32bit Hp Pavilion a6001.uk running vista a new lease of life. I will try and make this post as brief yet detailed as possible!
History: PC was given to me by my sister who was not computer literate. The machine was used primarily for storing photos on (which I have backed up and removed)
They stopped using it as it was so slow.
Problems: Boot up time is not too bad, however the computer is almost unusable in its current condition. Opening a webpage takes a long time, and then once open, clicking on the address bar takes another 60 seconds or so before I can enter any text. Clicking anywhere on a document (or web document like this form) takes 30 seconds until I can type again.
Switching between open programs on the task bar can take in excess of 60 seconds. closing a program can take in excess of 60 seconds.
My attempts: I deleted everything and restored the computer to factory settings. I used ms dos to check the status of the hard drive: it returned all ok. I have installed Panda free antivirus and have scanned everything, no virus found. I installed iobit advanced system care and ran a scan. (this is now showing that my CPU is fluctuating between 35 and 75% with no programs open on the desktop). I am about to install malware bytes and do a scan.
I have run a FRST scan but it is all greek to me! Here are the results. If you can read and understand this I salute you!
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:30-08-2015
Ran by Paddy (administrator) on PADDY-HP (31-08-2015 17:24:32)
Running from C:\Users\Paddy\Desktop
Loaded Profiles: Paddy (Available Profiles: Paddy)
Platform: Microsoft® Windows Vista™ Home Basic (X86) Language: English (United States)
Internet Explorer Version 7 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IObit) C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe
(Microsoft Corporation) C:\WINDOWS\System32\SLsvc.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
(Symantec Corporation) C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe
(IObit) C:\Program Files\IObit\Smart Defrag 4\SmartDefrag.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Hewlett-Packard Company) C:\hp\support\hpsysdrv.exe
(OsdMaestro) C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
(Intel Corporation) C:\WINDOWS\System32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\System32\igfxpers.exe
(Realtek Semiconductor) C:\WINDOWS\RtHDVCpl.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\ccApp.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\hp\KBD\kbd.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1006264 2015-08-28] (Microsoft Corporation)
HKLM\...\Run: [hpsysdrv] => c:\hp\support\hpsysdrv.exe [65536 2006-09-28] (Hewlett-Packard Company)
HKLM\...\Run: [KBD] => C:\HP\KBD\KbdStub.EXE [65536 2006-12-08] ()
HKLM\...\Run: [OsdMaestro] => C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [155648 2006-11-20] (OsdMaestro)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4349952 2007-01-18] (Realtek Semiconductor)
HKLM\...\Run: [DPService] => C:\Program Files\HP\DVDPlay\DPService.exe [81920 2006-12-06] (CyberLink Corp.)
HKLM\...\Run: [HP Software Update] => c:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2005-02-17] (Hewlett-Packard Co.)
HKLM\...\Run: [ccApp] => c:\Program Files\Common Files\Symantec Shared\ccApp.exe [107112 2006-10-24] (Symantec Corporation)
HKLM\...\Run: [IS CfgWiz] => c:\Program Files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe [46728 2006-10-24] (Symantec Corporation)
HKLM\...\Run: [osCheck] => c:\Program Files\Norton Internet Security\osCheck.exe [22696 2006-10-27] (Symantec Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [PSUAMain] => C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe [54520 2015-07-28] (Panda Security, S.L.)
HKLM\...\RunOnce: [Launcher] => C:\Windows\SMINST\launcher.exe [44168 2007-03-07] (soft thinks)
HKU\S-1-5-21-170528629-2023444766-65360108-1000\...\Run: [GoogleChromeAutoLaunch_3C506A97676A871F60321234A2B923FD] => C:\Program Files\Google\Chrome\Application\chrome.exe [813896 2015-08-18] (Google Inc.)
HKU\S-1-5-21-170528629-2023444766-65360108-1000\...\Run: [Advanced SystemCare 8] => C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe [2429728 2015-04-08] (IObit)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk [2007-04-04]
ShortcutTarget: Adobe Reader Synchronizer.lnk -> C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{476E673E-8348-45C9-AD73-8BEED7A115CE}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=71&bd=Pavilion&pf=desktop
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=71&bd=Pavilion&pf=desktop
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-170528629-2023444766-65360108-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=71&bd=Pavilion&pf=desktop
SearchScopes: HKLM -> DefaultScope {70B585A8-867D-4E7B-B316-D8308C12FAE4} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06
SearchScopes: HKLM -> {70B585A8-867D-4E7B-B316-D8308C12FAE4} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-170528629-2023444766-65360108-1000 -> DefaultScope {70B585A8-867D-4E7B-B316-D8308C12FAE4} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06
SearchScopes: HKU\S-1-5-21-170528629-2023444766-65360108-1000 -> {70B585A8-867D-4E7B-B316-D8308C12FAE4} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23] (Adobe Systems Incorporated)
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2015-08-30] (IObit)
BHO: No Name -> {1E8A6170-7264-4D0F-BEAE-D42A53123C75} -> c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll [2006-10-23] (Symantec Corporation)
BHO: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-04-01] (IObit)
Toolbar: HKLM - Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll [2006-10-23] (Symantec Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2001-06-20] (Microsoft Corporation)
FireFox:
========
FF Plugin: @real.com/nppl3260;version=6.0.11.2571 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2007-04-04] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.2.2629 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll [2007-04-04] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1739 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll [2007-04-04] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\Paddy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Paddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-28]
CHR Extension: (Google Docs) - C:\Users\Paddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-28]
CHR Extension: (Google Drive) - C:\Users\Paddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-28]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Paddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-08-28]
CHR Extension: (Keep Awake) - C:\Users\Paddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bijihlabcfdnabacffofojgmehjdielb [2015-08-28]
CHR Extension: (YouTube) - C:\Users\Paddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-28]
CHR Extension: (Facebook) - C:\Users\Paddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2015-08-28]
CHR Extension: (TagPro Capture the Flag) - C:\Users\Paddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bommelfnddjcbmbcfhmhjikpfphlebjh [2015-08-28]
CHR Extension: (Google Search) - C:\Users\Paddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-28]
CHR Extension: (Netflix) - C:\Users\Paddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh [2015-08-28]
CHR Extension: (Google Play Music) - C:\Users\Paddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2015-08-28]
CHR Extension: (Google Sheets) - C:\Users\Paddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-28]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Paddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2015-08-28]
CHR Extension: (Office Editing for Docs, Sheets & Slides) - C:\Users\Paddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj [2015-08-28]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Paddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-08-28]
CHR Extension: (TweetDeck by Twitter) - C:\Users\Paddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2015-08-28]
CHR Extension: (Pixlr Express) - C:\Users\Paddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hojmjpdlmjopaeginhldhiokeidchjid [2015-08-28]
CHR Extension: (Google Play Music) - C:\Users\Paddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2015-08-28]
CHR Extension: (Dropbox) - C:\Users\Paddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2015-08-28]
CHR Extension: (StumbleUpon) - C:\Users\Paddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcahibnffhnnjcedflmchmokndkjnhpg [2015-08-28]
CHR Extension: (Soccer Manager Worlds) - C:\Users\Paddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpemkngoajegcbamebdmnkjoalpofpbj [2015-08-28]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Paddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-28]
CHR Extension: (3D Solar System Web) - C:\Users\Paddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdaaepplopehigjgkolniddiadbbkphd [2015-08-28]
CHR Extension: (Google Classroom) - C:\Users\Paddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhehppjhmmnlfbbopchdfldgimhfhfk [2015-08-28]
CHR Extension: (WeatherBug) - C:\Users\Paddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkkjobcechefaoknodniidfjapgfoco [2015-08-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Paddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-28]
CHR Extension: (Picasa) - C:\Users\Paddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2015-08-28]
CHR Extension: (Outlook.com) - C:\Users\Paddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2015-08-28]
CHR Extension: (Gmail) - C:\Users\Paddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-28]
CHR Extension: (Space Planet) - C:\Users\Paddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppcocpoeoiajndepaaimnnglicichmbb [2015-08-28]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdvancedSystemCareService8; C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe [821024 2015-08-05] (IObit)
R2 Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [194240 2006-10-31] (Symantec Corporation)
R2 ccEvtMgr; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [107624 2006-10-24] (Symantec Corporation)
R2 ccSetMgr; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [107624 2006-10-24] (Symantec Corporation)
R2 CLTNetCnService; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [107624 2006-10-24] (Symantec Corporation)
S3 comHost; c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [49296 2006-10-13] (Symantec Corporation)
S3 IDriverT; c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S3 ISPwdSvc; c:\Program Files\Norton Internet Security\isPwdSvc.exe [80552 2006-10-27] (Symantec Corporation)
R2 LightScribeService; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2007-01-17] (Hewlett-Packard Company) [File not signed]
S3 LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE [2541248 2006-10-31] (Symantec Corporation)
R2 NanoServiceMain; C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe [142072 2015-07-29] (Panda Security, S.L.)
R2 PandaAgent; C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe [73464 2015-07-23] (Panda Security, S.L.)
R2 PSUAService; C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-07-28] (Panda Security, S.L.)
S3 RoxMediaDB9; c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [880640 2007-02-12] (Sonic Solutions) [File not signed]
R3 Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [1174152 2007-04-04] (Symantec Corporation)
R2 SymAppCore; c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe [46736 2006-09-20] (Symantec Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [265912 2015-08-28] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [387432 2006-11-06] (Symantec Corporation)
S3 IDSvix86; C:\ProgramData\Symantec\Definitions\SymcData\idsdefs\20061025.029\IDSvix86.sys [202872 2006-10-20] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Symantec\Definitions\VirusDefs\20061106.064\NAVENG.SYS [79240 2006-11-06] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Symantec\Definitions\VirusDefs\20061106.064\NAVEX15.SYS [831880 2006-11-06] (Symantec Corporation)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [87032 2015-07-09] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [202104 2015-07-09] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [109688 2015-07-09] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [121720 2015-07-09] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [50992 2015-05-20] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [102264 2015-07-09] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [64760 2015-07-09] ()
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [120568 2015-07-09] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [281720 2015-07-09] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [209016 2015-07-09] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [108408 2015-07-09] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [240376 2015-07-09] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [94968 2015-07-09] (Panda Security, S.L.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [140024 2015-07-19] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [105208 2015-07-19] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [168696 2015-07-19] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [113912 2015-07-19] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [124664 2015-07-19] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [100600 2015-07-19] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [50832 2015-05-22] (Panda Security, S.L.)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [18624 2014-06-04] (IObit)
S3 SPBBCDrv; C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [406672 2006-10-06] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [245880 2006-11-03] (Symantec Corporation)
S3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [275576 2006-11-03] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [24184 2006-11-03] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [109744 2007-04-04] (Symantec Corporation)
R3 SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [26384 2006-10-24] (Symantec Corporation)
R1 SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [185744 2006-10-24] (Symantec Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-31 17:20 - 2015-08-31 17:24 - 00019861 _____ C:\Users\Paddy\Desktop\Addition.txt
2015-08-31 17:09 - 2015-08-31 17:24 - 00019655 _____ C:\Users\Paddy\Desktop\FRST.txt
2015-08-31 17:09 - 2015-08-31 17:24 - 00000000 ____D C:\FRST
2015-08-31 17:06 - 2015-08-31 17:06 - 01690624 _____ (Farbar) C:\Users\Paddy\Desktop\FRST.exe
2015-08-31 01:22 - 2015-08-31 01:22 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2015-08-31 01:21 - 2015-08-31 01:21 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\es.dll
2015-08-31 01:12 - 2015-08-31 01:21 - 00000000 ____D C:\Windows\system32\MRT
2015-08-31 01:11 - 2015-08-31 01:11 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-08-31 01:11 - 2015-08-31 01:11 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\httpapi.dll
2015-08-31 01:11 - 2015-08-31 01:11 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\nshhttp.dll
2015-08-31 01:11 - 2015-08-31 01:11 - 00000000 ____D C:\Program Files\Microsoft CAPICOM 2.1.0.2
2015-08-31 00:31 - 2015-08-31 00:31 - 00002448 _____ C:\Windows\PFRO.log
2015-08-31 00:16 - 2015-08-31 00:16 - 00000000 ____D C:\Users\Paddy\AppData\Local\WindowsUpdate
2015-08-31 00:06 - 2015-08-31 00:06 - 00000000 ____D C:\Users\Paddy\AppData\Roaming\ProductData
2015-08-30 19:15 - 2015-08-30 19:20 - 03190040 _____ (Crystal Dew World ) C:\Users\Paddy\Downloads\CrystalDiskInfo6_5_2-en.exe
2015-08-30 19:10 - 2015-05-22 09:45 - 00050832 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2015-08-30 19:08 - 2015-08-30 19:08 - 00000000 ____D C:\Users\Paddy\AppData\Roaming\Panda Security
2015-08-30 19:05 - 2015-08-30 19:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus
2015-08-30 19:03 - 2015-08-30 19:08 - 00000000 ____D C:\Program Files\Panda Security
2015-08-30 18:36 - 2015-08-30 19:08 - 00000000 ____D C:\ProgramData\Panda Security
2015-08-30 18:29 - 2015-08-30 18:32 - 02113152 _____ C:\Users\Paddy\Downloads\PANDAFREEAV.exe
2015-08-30 18:23 - 2015-08-30 18:23 - 00000965 _____ C:\Users\Public\Desktop\Smart Defrag 4.lnk
2015-08-30 18:23 - 2015-08-30 18:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 4
2015-08-30 18:23 - 2015-01-10 15:32 - 00109856 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2015-08-30 18:23 - 2014-06-04 15:17 - 00031520 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe
2015-08-30 18:23 - 2014-06-04 15:17 - 00018624 _____ (IObit) C:\Windows\system32\Drivers\SmartDefragDriver.sys
2015-08-30 18:06 - 2015-08-30 18:06 - 00001023 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2015-08-30 18:06 - 2015-08-30 18:06 - 00000000 ____D C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2015-08-30 18:05 - 2015-08-30 18:05 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled
2015-08-30 18:04 - 2015-08-30 18:05 - 00000000 ____D C:\ProgramData\ProductData
2015-08-30 18:04 - 2015-08-30 18:04 - 00000000 ____D C:\Users\Paddy\AppData\Roaming\Apple Computer
2015-08-30 18:04 - 2015-08-30 18:04 - 00000000 ____D C:\Program Files\Common Files\IObit
2015-08-30 18:03 - 2015-08-30 18:20 - 00001964 _____ C:\Users\Public\Desktop\Advanced SystemCare 8.lnk
2015-08-30 18:03 - 2015-08-30 18:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2015-08-30 18:01 - 2015-08-30 18:23 - 00000000 ____D C:\Users\Paddy\AppData\Roaming\IObit
2015-08-30 17:59 - 2015-08-30 18:23 - 00000000 ____D C:\Program Files\IObit
2015-08-30 17:59 - 2015-08-30 18:06 - 00000000 ____D C:\ProgramData\IObit
2015-08-30 17:48 - 2015-08-30 17:49 - 00001778 __RSH C:\Windows\system32\Drivers\103C_HP_CPC_GB401AA-ABU a6001.uk_YC_0Pavi_QCNH717_E72GBv3Prb5_49_ILivermore_SECS_V1.0_B5.11_T070409_WUH0_L409_M503_J160_7Intel_8Celeron D_93.47_#070707_N10EC8136_Z_G80862772_OHL-DT-ST DVDRRW GSA-H30L ATA Device.MRK
2015-08-28 18:33 - 2015-08-28 18:33 - 00289792 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-28 18:33 - 2015-08-28 18:33 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2015-08-28 18:33 - 2015-08-28 18:33 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-28 18:33 - 2015-08-28 18:33 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-28 18:33 - 2015-08-28 18:33 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-28 18:33 - 2015-08-28 18:33 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-28 18:32 - 2015-08-28 18:32 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2015-08-28 18:32 - 2015-08-28 18:32 - 00272896 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2015-08-28 18:32 - 2015-08-28 18:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2015-08-28 18:32 - 2015-08-28 18:32 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2015-08-28 18:30 - 2015-08-28 18:30 - 00619008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-08-28 18:30 - 2015-08-28 18:30 - 00564736 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-08-28 18:30 - 2015-08-28 18:30 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\riched20.dll
2015-08-28 18:30 - 2015-08-28 18:30 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2015-08-28 18:30 - 2015-08-28 18:30 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll
2015-08-28 18:30 - 2015-08-28 18:30 - 00134656 _____ (Microsoft Corporation) C:\Windows\system32\dps.dll
2015-08-28 18:30 - 2015-08-28 18:30 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2015-08-28 18:30 - 2015-08-28 18:30 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2015-08-28 18:30 - 2015-08-28 18:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2015-08-28 18:30 - 2015-08-28 18:30 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2015-08-28 18:30 - 2015-08-28 18:30 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp
2015-08-28 18:30 - 2015-08-28 18:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2015-08-28 18:30 - 2015-08-28 18:30 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2015-08-28 18:30 - 2015-08-28 18:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-08-28 18:30 - 2015-08-28 18:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\traffic.dll
2015-08-28 18:30 - 2015-08-28 18:30 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2015-08-28 18:30 - 2015-08-28 18:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2015-08-28 18:30 - 2015-08-28 18:30 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2015-08-28 18:30 - 2015-08-28 18:30 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\pacerprf.dll
2015-08-28 18:30 - 2015-08-28 18:30 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wshqos.dll
2015-08-28 18:30 - 2015-08-28 18:30 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\icsunattend.exe
2015-08-28 18:30 - 2015-08-28 18:30 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\riched32.dll
2015-08-28 18:30 - 2015-08-28 18:30 - 00001820 _____ C:\Windows\system32\rasctrnm.h
2015-08-28 18:29 - 2015-08-28 18:29 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-08-28 18:29 - 2015-08-28 18:29 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-08-28 18:28 - 2015-08-28 18:28 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll
2015-08-28 18:28 - 2015-08-28 18:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceTypes.dll
2015-08-28 18:28 - 2015-08-28 18:28 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceClassExtension.dll
2015-08-28 18:26 - 2015-08-28 18:26 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\msoeacct.dll
2015-08-28 18:26 - 2015-08-28 18:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\msoert2.dll
2015-08-28 18:26 - 2015-08-28 18:26 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\ACCTRES.dll
2015-08-28 18:24 - 2015-08-28 18:24 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\netiohlp.dll
2015-08-28 18:24 - 2015-08-28 18:24 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\NETSTAT.EXE
2015-08-28 18:24 - 2015-08-28 18:24 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\ARP.EXE
2015-08-28 18:24 - 2015-08-28 18:24 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\ROUTE.EXE
2015-08-28 18:24 - 2015-08-28 18:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2015-08-28 18:24 - 2015-08-28 18:24 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\MRINFO.EXE
2015-08-28 18:24 - 2015-08-28 18:24 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\finger.exe
2015-08-28 18:24 - 2015-08-28 18:24 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\TCPSVCS.EXE
2015-08-28 18:24 - 2015-08-28 18:24 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\HOSTNAME.EXE
2015-08-28 18:22 - 2015-08-28 18:22 - 00704000 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2015-08-28 18:22 - 2015-08-28 18:22 - 00542720 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-28 18:22 - 2015-08-28 18:22 - 00258232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2015-08-28 18:22 - 2015-08-28 18:22 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\wtsapi32.dll
2015-08-28 18:21 - 2015-08-28 18:21 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-28 18:21 - 2015-08-28 18:21 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-08-28 18:20 - 2015-08-28 18:20 - 01657350 _____ C:\Windows\system32\wlan.tmf
2015-08-28 18:20 - 2015-08-28 18:20 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2015-08-28 18:20 - 2015-08-28 18:20 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2015-08-28 18:20 - 2015-08-28 18:20 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2015-08-28 18:20 - 2015-08-28 18:20 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\L2SecHC.dll
2015-08-28 18:20 - 2015-08-28 18:20 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2015-08-28 18:20 - 2015-08-28 18:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2015-08-28 18:18 - 2015-08-28 18:18 - 01406464 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-28 18:18 - 2015-08-28 18:18 - 01260032 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-28 18:18 - 2015-08-28 18:18 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-28 18:18 - 2015-08-28 18:18 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-28 18:17 - 2015-08-28 18:17 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-28 18:16 - 2015-08-28 18:16 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-28 18:16 - 2015-08-28 18:16 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-28 18:16 - 2015-08-28 18:16 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-28 18:15 - 2015-08-28 18:15 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-28 18:15 - 2015-08-28 18:15 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-28 18:14 - 2015-08-28 18:14 - 02855424 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-08-28 18:14 - 2015-08-28 18:14 - 02433536 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2015-08-28 18:14 - 2015-08-28 18:14 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-08-28 18:14 - 2015-08-28 18:14 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-08-28 18:14 - 2015-08-28 18:14 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-08-28 18:14 - 2015-08-28 18:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-08-28 18:12 - 2015-08-28 18:12 - 03502480 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-08-28 18:12 - 2015-08-28 18:12 - 03468168 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-28 18:07 - 2015-08-28 18:07 - 00434176 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-28 18:06 - 2015-08-28 18:06 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\atl.dll
2015-08-28 18:05 - 2015-08-28 18:05 - 00297472 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-08-28 18:05 - 2015-08-28 18:05 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2015-08-28 18:03 - 2015-08-28 18:03 - 01060920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-08-28 18:00 - 2015-08-28 18:01 - 00374456 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-28 18:00 - 2015-08-28 18:00 - 00500736 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
2015-08-28 18:00 - 2015-08-28 18:00 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\xolehlp.dll
2015-08-28 17:59 - 2015-08-28 17:59 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2015-08-28 17:58 - 2015-08-28 17:58 - 01871872 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-28 17:58 - 2015-08-28 17:58 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-28 17:58 - 2015-08-28 17:58 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-28 17:57 - 2015-08-28 17:57 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll
2015-08-28 17:56 - 2015-08-28 17:56 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-08-28 17:55 - 2015-08-28 17:55 - 00713728 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2015-08-28 17:54 - 2015-08-28 17:54 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\MediaMetadataHandler.dll
2015-08-28 17:53 - 2015-08-28 17:53 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2015-08-28 17:53 - 2015-08-28 17:53 - 00392192 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2015-08-28 17:53 - 2015-08-28 17:53 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2015-08-28 17:53 - 2015-08-28 17:53 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2015-08-28 17:53 - 2015-08-28 17:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\cmifw.dll
2015-08-28 17:53 - 2015-08-28 17:53 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2015-08-28 17:52 - 2015-08-28 17:52 - 00425472 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2015-08-28 17:49 - 2015-08-28 17:49 - 11315712 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-28 17:48 - 2015-08-28 17:48 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-08-28 17:46 - 2015-08-28 17:46 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-08-28 17:46 - 2015-08-28 17:46 - 00211000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2015-08-28 17:46 - 2015-08-28 17:46 - 00154624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2015-08-28 17:46 - 2015-08-28 17:46 - 00109624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2015-08-28 17:46 - 2015-08-28 17:46 - 00045112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys
2015-08-28 17:46 - 2015-08-28 17:46 - 00021560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys
2015-08-28 17:46 - 2015-08-28 17:46 - 00017464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelide.sys
2015-08-28 17:45 - 2015-08-28 17:45 - 02923520 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-08-28 17:41 - 2015-06-23 13:27 - 00246952 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-08-28 17:40 - 2015-08-28 17:40 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-08-28 17:40 - 2015-08-28 17:40 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-08-28 17:40 - 2015-08-28 17:40 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-08-28 17:40 - 2015-08-28 17:40 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2015-08-28 17:40 - 2015-08-28 17:40 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\hcrstco.dll
2015-08-28 17:40 - 2015-08-28 17:40 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\hccoin.dll
2015-08-28 17:40 - 2015-08-28 17:40 - 00005888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-08-28 17:39 - 2015-08-28 17:39 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-08-28 17:38 - 2015-08-28 17:38 - 01233920 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-28 17:38 - 2015-08-28 17:38 - 00494592 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-28 17:38 - 2015-08-28 17:38 - 00408136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-28 17:38 - 2015-08-28 17:38 - 00272384 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-28 17:38 - 2015-08-28 17:38 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-28 17:38 - 2015-08-28 17:38 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-28 17:38 - 2015-08-28 17:38 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\netcfg.exe
2015-08-28 17:38 - 2015-08-28 17:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-28 17:36 - 2015-08-28 17:36 - 12240896 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0007.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 11722752 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0001.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 09892864 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons000a.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 07964672 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0024.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 07042560 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons081a.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 06781440 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0019.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 06585856 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons001b.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 06346240 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons001d.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 06237696 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons000c.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 06224896 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0027.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 06014976 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons001a.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 05791232 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0026.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 05654528 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons000f.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 05499904 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0022.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 05090816 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0416.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 05071872 _____ (Microsoft Corporation) C:\Windows\system32\NlsModels0011.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 05031936 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0816.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 04981248 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0013.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 04874240 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0009.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 04616192 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0414.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 04495360 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0019.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 04493312 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0010.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0010.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 04164096 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0002.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 04093440 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons004c.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 04045824 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons003e.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 03464704 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0013.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons004a.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 03331072 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0018.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 03102720 _____ (Microsoft Corporation) C:\Windows\system32\NlsData004e.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 03102720 _____ (Microsoft Corporation) C:\Windows\system32\NlsData004c.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 03102720 _____ (Microsoft Corporation) C:\Windows\system32\NlsData004b.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 03102720 _____ (Microsoft Corporation) C:\Windows\system32\NlsData004a.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 03102720 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0049.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 03102720 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0047.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 03102720 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0046.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 03102720 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0045.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 03102720 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0039.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 03102720 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0020.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0011.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 02644480 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0009.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 02597888 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0001.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 02466816 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0011.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0007.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 02136064 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0021.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 01972736 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons004e.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 01965056 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0027.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 01963520 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0026.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 01963520 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0024.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 01963520 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0018.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 01963520 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0003.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 01963520 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0002.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 01808896 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0046.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 01799168 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0022.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 01799168 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0021.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 01793536 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0045.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 01782272 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0039.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 01722368 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons000d.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 01702912 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons004b.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 01558016 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0049.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 01523200 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0000.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 01452544 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0003.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 01411072 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0047.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 01236992 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0020.dll
2015-08-28 17:36 - 2015-08-28 17:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons002a.dll
2015-08-28 17:35 - 2015-08-28 17:36 - 01799168 _____ (Microsoft Corporation) C:\Windows\system32\NlsData003e.dll
2015-08-28 17:35 - 2015-08-28 17:35 - 09845248 _____ (Microsoft Corporation) C:\Windows\system32\NlsData000a.dll
2015-08-28 17:35 - 2015-08-28 17:35 - 06917120 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0c1a.dll
2015-08-28 17:35 - 2015-08-28 17:35 - 04493312 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0816.dll
2015-08-28 17:35 - 2015-08-28 17:35 - 04493312 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0416.dll
2015-08-28 17:35 - 2015-08-28 17:35 - 04493312 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0414.dll
2015-08-28 17:35 - 2015-08-28 17:35 - 04493312 _____ (Microsoft Corporation) C:\Windows\system32\NlsData001d.dll
2015-08-28 17:35 - 2015-08-28 17:35 - 02641408 _____ (Microsoft Corporation) C:\Windows\system32\NlsData000c.dll
2015-08-28 17:35 - 2015-08-28 17:35 - 02340864 _____ (Microsoft Corporation) C:\Windows\system32\NlsData000d.dll
2015-08-28 17:35 - 2015-08-28 17:35 - 01963520 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0c1a.dll
2015-08-28 17:35 - 2015-08-28 17:35 - 01963520 _____ (Microsoft Corporation) C:\Windows\system32\NlsData081a.dll
2015-08-28 17:35 - 2015-08-28 17:35 - 01963520 _____ (Microsoft Corporation) C:\Windows\system32\NlsData001b.dll
2015-08-28 17:35 - 2015-08-28 17:35 - 01963520 _____ (Microsoft Corporation) C:\Windows\system32\NlsData001a.dll
2015-08-28 17:35 - 2015-08-28 17:35 - 01963520 _____ (Microsoft Corporation) C:\Windows\system32\NlsData000f.dll
2015-08-28 17:35 - 2015-08-28 17:35 - 01799168 _____ (Microsoft Corporation) C:\Windows\system32\NlsData002a.dll
2015-08-28 17:35 - 2015-08-28 17:35 - 00797696 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2015-08-28 17:30 - 2015-08-28 17:30 - 01585664 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2015-08-28 17:29 - 2015-08-28 17:29 - 00944184 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-08-28 17:29 - 2015-08-28 17:29 - 00905400 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-08-28 17:29 - 2015-08-28 17:29 - 00620088 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-08-28 17:29 - 2015-08-28 17:29 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2015-08-28 17:29 - 2015-08-28 17:29 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-08-28 17:29 - 2015-08-28 17:29 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-08-28 17:29 - 2015-08-28 17:29 - 00495160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2015-08-28 17:29 - 2015-08-28 17:29 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-28 17:29 - 2015-08-28 17:29 - 00313856 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-28 17:29 - 2015-08-28 17:29 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\dpx.dll
2015-08-28 17:29 - 2015-08-28 17:29 - 00224824 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-08-28 17:29 - 2015-08-28 17:29 - 00221696 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2015-08-28 17:29 - 2015-08-28 17:29 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\loadperf.dll
2015-08-28 17:29 - 2015-08-28 17:29 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2015-08-28 17:29 - 2015-08-28 17:29 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys
2015-08-28 17:29 - 2015-08-28 17:29 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-28 17:29 - 2015-08-28 17:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\lodctr.exe
2015-08-28 17:29 - 2015-08-28 17:29 - 00035384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2015-08-28 17:29 - 2015-08-28 17:29 - 00035384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys
2015-08-28 17:29 - 2015-08-28 17:29 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\dispci.dll
2015-08-28 17:29 - 2015-08-28 17:29 - 00034360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys
2015-08-28 17:29 - 2015-08-28 17:29 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\unlodctr.exe
2015-08-28 17:29 - 2015-08-28 17:29 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys
2015-08-28 17:29 - 2015-08-28 17:29 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\cfgmgr32.dll
2015-08-28 17:29 - 2015-08-28 17:29 - 00019000 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2015-08-28 17:29 - 2015-08-28 17:29 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\prflbmsg.dll
2015-08-28 17:29 - 2015-08-28 17:29 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\srdelayed.exe
2015-08-28 17:29 - 2015-08-28 17:29 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\batt.dll
2015-08-28 17:29 - 2015-08-28 17:29 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\f3ahvoas.dll
2015-08-28 17:29 - 2015-08-28 17:29 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\kbd106n.dll
2015-08-28 17:27 - 2015-08-28 17:27 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2015-08-28 17:27 - 2015-08-28 17:27 - 00549888 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2015-08-28 17:27 - 2015-08-28 17:27 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\sdohlp.dll
2015-08-28 17:27 - 2015-08-28 17:27 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
2015-08-28 17:27 - 2015-08-28 17:27 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\iasads.dll
2015-08-28 17:27 - 2015-08-28 17:27 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\iasdatastore.dll
2015-08-28 17:27 - 2015-08-28 17:27 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2015-08-28 17:26 - 2015-08-28 17:26 - 00220672 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\system32\l3codecp.acm
2015-08-28 17:26 - 2015-08-28 17:26 - 00062464 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\system32\l3codeca.acm
2015-08-28 17:25 - 2015-08-28 17:25 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-28 17:24 - 2015-08-28 17:24 - 00815104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-08-28 17:24 - 2015-08-28 17:24 - 00213592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-08-28 17:24 - 2015-08-28 17:24 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2015-08-28 17:24 - 2015-08-28 17:24 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\tcpipcfg.dll
2015-08-28 17:24 - 2015-08-28 17:24 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2015-08-28 17:24 - 2015-08-28 17:24 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\netiougc.exe
2015-08-28 17:24 - 2015-08-28 17:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TUNMP.SYS
2015-08-28 17:23 - 2015-08-28 17:23 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\WMASF.DLL
2015-08-28 17:23 - 2015-08-28 17:23 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\LAPRXY.DLL
2015-08-28 17:23 - 2015-08-28 17:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\asferror.dll
2015-08-28 17:22 - 2015-08-28 17:22 - 00875520 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-28 17:22 - 2015-08-28 17:22 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\amxread.dll
2015-08-28 17:22 - 2015-08-28 17:22 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\apilogen.dll
2015-08-28 17:21 - 2015-08-28 17:21 - 02605568 _____ (Microsoft Corporation) C:\Windows\system32\SLsvc.exe
2015-08-28 17:21 - 2015-08-28 17:21 - 00712192 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-08-28 17:21 - 2015-08-28 17:21 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\SLCommDlg.dll
2015-08-28 17:21 - 2015-08-28 17:21 - 00425472 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-08-28 17:21 - 2015-08-28 17:21 - 00351232 _____ (Microsoft Corporation) C:\Windows\system32\SLUI.exe
2015-08-28 17:21 - 2015-08-28 17:21 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2015-08-28 17:21 - 2015-08-28 17:21 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
2015-08-28 17:21 - 2015-08-28 17:21 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\SLC.dll
2015-08-28 17:21 - 2015-08-28 17:21 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\SLLUA.exe
2015-08-28 17:21 - 2015-08-28 17:21 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\SLUINotify.dll
2015-08-28 17:21 - 2015-08-28 17:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\slcinst.dll
2015-08-28 17:21 - 2015-08-28 17:21 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\slwmi.dll
2015-08-28 17:20 - 2015-08-28 17:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll
2015-08-28 17:18 - 2015-08-28 17:18 - 08138240 _____ (Microsoft Corporation) C:\Windows\system32\ssBranded.scr
2015-08-28 17:18 - 2015-08-28 17:18 - 01984512 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-08-28 17:18 - 2015-08-28 17:18 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2015-08-28 17:18 - 2015-08-28 17:18 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2015-08-28 17:18 - 2015-08-28 17:18 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2015-08-28 17:18 - 2015-08-28 17:18 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\sendmail.dll
2015-08-28 17:18 - 2015-08-28 17:18 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2015-08-28 17:18 - 2015-08-28 17:18 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcmonitor.dll
2015-08-28 17:17 - 2015-08-28 17:17 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-08-28 17:17 - 2015-08-28 17:17 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\printcom.dll
2015-08-28 17:16 - 2015-08-28 17:16 - 02031104 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-28 17:15 - 2015-08-28 17:15 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-08-28 17:15 - 2015-08-28 17:15 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-08-28 17:14 - 2015-08-28 17:14 - 00313344 _____ (Microsoft Corporation) C:\Windows\system32\wmpdxm.dll
2015-08-28 17:14 - 2015-08-28 17:14 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.tlb
2015-08-28 17:14 - 2015-08-28 17:14 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\amcompat.tlb
2015-08-28 17:13 - 2015-08-28 17:13 - 00435712 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2015-08-28 17:13 - 2015-08-28 17:13 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-08-28 17:13 - 2015-08-28 17:13 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2015-08-28 17:12 - 2015-08-28 17:12 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2015-08-28 17:12 - 2015-08-28 17:12 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2015-08-28 17:12 - 2015-08-28 17:12 - 00473088 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2015-08-28 17:12 - 2015-08-28 17:12 - 00472576 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2015-08-28 17:12 - 2015-08-28 17:12 - 00431104 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2015-08-28 17:12 - 2015-08-28 17:12 - 00154624 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2015-08-28 17:11 - 2015-08-28 17:11 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\sbunattend.exe
2015-08-28 17:10 - 2015-08-28 17:10 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-08-28 17:10 - 2015-08-28 17:10 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-08-28 17:10 - 2015-08-28 17:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2015-08-28 17:10 - 2015-08-28 17:10 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2015-08-28 17:08 - 2015-08-28 17:08 - 04247552 _____ (Microsoft) C:\Windows\system32\GameUXLegacyGDFs.dll
2015-08-28 17:08 - 2015-08-28 17:08 - 01686528 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2015-08-28 17:08 - 2015-08-28 17:08 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\Apphlpdm.dll
2015-08-28 17:06 - 2015-08-28 17:06 - 00996352 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll
2015-08-28 17:06 - 2015-08-28 17:06 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\logagent.exe
2015-08-28 17:05 - 2015-08-28 17:05 - 00737792 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-08-28 17:05 - 2015-08-28 17:05 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2015-08-28 17:04 - 2015-08-28 17:04 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\msasn1.dll
2015-08-28 17:01 - 2015-08-28 17:01 - 01645568 _____ (Microsoft Corporation) C:\Windows\system32\connect.dll
2015-08-28 16:58 - 2015-08-28 16:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-08-28 16:58 - 2015-08-28 16:58 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2015-08-28 16:58 - 2015-08-28 16:58 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2015-08-28 16:57 - 2015-08-28 17:07 - 48909600 _____ (IObit) C:\Users\Paddy\Downloads\advanced-systemcare-setup.exe
2015-08-28 16:55 - 2015-08-28 16:55 - 00788992 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-28 16:54 - 2015-08-28 16:54 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2015-08-28 16:53 - 2015-08-28 16:53 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll
2015-08-28 16:53 - 2015-08-28 16:53 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-08-28 16:52 - 2015-08-28 16:52 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2015-08-28 16:52 - 2015-08-28 16:52 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-08-28 16:51 - 2015-08-28 16:51 - 00000000 ____D C:\Program Files\MSXML 4.0
2015-08-28 16:48 - 2015-08-28 16:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-08-28 16:44 - 2015-08-28 16:44 - 01327616 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-08-28 16:44 - 2015-08-28 16:44 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\avicap32.dll
2015-08-28 16:44 - 2015-08-28 16:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\iyuv_32.dll
2015-08-28 16:44 - 2015-08-28 16:44 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\msyuv.dll
2015-08-28 16:44 - 2015-08-28 16:44 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\tsbyuv.dll
2015-08-28 16:43 - 2015-08-28 16:43 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\msvfw32.dll
2015-08-28 16:43 - 2015-08-28 16:43 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\avifil32.dll
2015-08-28 16:43 - 2015-08-28 16:43 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\mciavi32.dll
2015-08-28 16:43 - 2015-08-28 16:43 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\msvidc32.dll
2015-08-28 16:43 - 2015-08-28 16:43 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msrle32.dll
2015-08-28 16:42 - 2015-08-28 16:42 - 00750080 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2015-08-28 16:39 - 2015-08-28 16:39 - 00604672 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2015-08-28 16:36 - 2015-08-28 16:36 - 10622464 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-08-28 16:36 - 2015-08-28 16:36 - 08147968 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-08-28 16:36 - 2015-08-28 16:36 - 00311296 _____ (Microsoft Corporation) C:\Windows\system32\unregmp2.exe
2015-08-28 16:36 - 2015-08-28 16:36 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-08-28 16:36 - 2015-08-28 16:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-08-28 16:36 - 2015-08-28 16:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-08-28 16:24 - 2015-08-28 16:24 - 00001973 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-28 16:24 - 2015-08-28 16:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-28 16:18 - 2015-08-31 17:23 - 00000884 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-28 16:18 - 2015-08-31 16:23 - 00000880 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-28 16:17 - 2015-08-28 16:17 - 00000000 ____D C:\Users\Paddy\AppData\Local\Apps\2.0
2015-08-28 16:16 - 2015-08-28 16:17 - 00000000 ____D C:\Users\Paddy\AppData\Local\Deployment
2015-08-28 16:01 - 2015-08-28 16:26 - 00000000 ____D C:\Users\Paddy\AppData\Local\Google
2015-08-28 15:47 - 2015-08-30 19:08 - 00083984 _____ C:\Users\Paddy\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-28 15:47 - 2015-08-28 15:47 - 00000000 ____D C:\Users\Paddy\AppData\Roaming\Adobe
2015-08-28 15:46 - 2015-08-28 15:46 - 00000951 _____ C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-28 15:46 - 2015-08-28 15:46 - 00000946 _____ C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-08-28 15:45 - 2015-08-30 17:49 - 00000917 _____ C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2015-08-28 15:45 - 2015-08-28 15:45 - 00001374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Snapfish Photos - First 30 Prints Free.lnk
2015-08-28 15:45 - 2015-08-28 15:45 - 00000000 ____D C:\Users\Paddy\AppData\Local\VirtualStore
2015-08-28 15:44 - 2007-04-04 17:37 - 00002021 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visit eBay.co.uk.lnk
2015-08-28 15:43 - 2015-08-28 15:43 - 00000044 _____ C:\Windows\system\hpsysdrv.dat
2015-08-28 15:43 - 2015-08-28 15:43 - 00000000 ____D C:\Users\Paddy\AppData\Roaming\Macromedia
2015-08-28 15:38 - 2015-08-28 15:38 - 00000000 ____D C:\Users\Paddy\AppData\Roaming\Hewlett-Packard
2015-08-28 15:35 - 2015-08-28 15:46 - 00000000 ____D C:\Users\Paddy
2015-08-28 15:35 - 2015-08-28 15:35 - 00000020 ___SH C:\Users\Paddy\ntuser.ini
2015-08-28 15:35 - 2006-11-02 13:51 - 00000000 ___RD C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-28 15:35 - 2006-11-02 13:47 - 00000000 ___RD C:\Users\Paddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-31 17:05 - 2007-04-09 03:02 - 01772014 _____ C:\Windows\WindowsUpdate.log
2015-08-31 16:35 - 2006-11-02 13:45 - 00003456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-31 16:35 - 2006-11-02 13:45 - 00003456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-31 09:45 - 2006-11-02 11:33 - 00716948 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-31 09:37 - 2007-04-04 17:48 - 00000000 ____D C:\Windows\SMINST
2015-08-31 09:36 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\rescache
2015-08-31 09:33 - 2006-11-02 13:58 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-31 01:22 - 2006-11-02 13:58 - 00003912 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-08-31 01:10 - 2007-04-04 17:32 - 00001881 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2003.lnk
2015-08-31 01:10 - 2007-04-04 17:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
2015-08-31 01:10 - 2007-04-04 17:32 - 00000000 ____D C:\Program Files\Microsoft Works
2015-08-31 01:08 - 2006-11-02 12:18 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-08-31 00:31 - 2006-11-02 13:44 - 00359280 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-30 19:27 - 2006-11-02 12:18 - 00000000 __RHD C:\Users\Default
2015-08-30 18:20 - 2007-04-04 17:51 - 00000000 ____D C:\Windows\Panther
2015-08-30 17:43 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\Microsoft.NET
2015-08-30 17:37 - 2006-11-02 13:53 - 00001770 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Calendar.lnk
2015-08-30 17:37 - 2006-11-02 13:52 - 00001768 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker.lnk
2015-08-30 17:37 - 2006-11-02 13:52 - 00001757 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Defender.lnk
2015-08-30 17:37 - 2006-11-02 13:52 - 00001743 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2015-08-30 17:37 - 2006-11-02 13:48 - 00000749 ___RH C:\Windows\WindowsShell.Manifest
2015-08-30 17:37 - 2006-11-02 13:35 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-08-30 17:37 - 2006-11-02 12:18 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-30 17:37 - 2006-11-02 12:18 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-30 17:37 - 2006-11-02 12:18 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-30 17:37 - 2006-11-02 12:18 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-30 17:37 - 2006-11-02 12:18 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Extras and Upgrades
2015-08-30 17:37 - 2006-11-02 12:18 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-30 17:30 - 2006-11-02 13:35 - 00000000 ____D C:\Program Files\Windows Sidebar
2015-08-30 17:30 - 2006-11-02 13:35 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-30 17:30 - 2006-11-02 13:35 - 00000000 ____D C:\Program Files\Windows Calendar
2015-08-30 17:30 - 2006-11-02 13:35 - 00000000 ____D C:\Program Files\Movie Maker
2015-08-30 17:30 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\SLUI
2015-08-30 17:30 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\ras
2015-08-30 17:30 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\icsxml
2015-08-30 17:30 - 2006-11-02 12:18 - 00000000 ____D C:\Program Files\Common Files\System
2015-08-30 17:27 - 2007-04-04 17:39 - 00000000 ____D C:\Program Files\Google
2015-08-28 16:12 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\NDF
2015-08-28 16:09 - 2007-04-04 17:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Help & Tools
2015-08-28 16:01 - 2007-04-04 17:39 - 00000000 ____D C:\ProgramData\Google
2015-08-28 15:59 - 2006-11-02 13:35 - 00000000 ____D C:\Windows\system32\restore
2015-08-28 15:45 - 2007-04-04 17:52 - 00000000 ___HD C:\hp
2015-08-28 15:44 - 2007-04-04 17:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services
2015-08-28 15:43 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system
Some files in TEMP:
====================
C:\Users\Paddy\AppData\Local\Temp\ASCSetup_1068747.exe
C:\Users\Paddy\AppData\Local\Temp\symlcsv1.exe
C:\Users\Paddy\AppData\Local\Temp\{A14A6BC8-D9B1-469F-982B-EA9651D6F7AF}.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-08-31 09:48
==================== End of FRST.txt ============================
Addition LOG:
Additional scan result of Farbar Recovery Scan Tool (x86) Version:30-08-2015
Ran by Paddy (2015-08-31 17:27:14)
Running from C:\Users\Paddy\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-170528629-2023444766-65360108-500 - Administrator - Disabled)
Guest (S-1-5-21-170528629-2023444766-65360108-501 - Limited - Disabled)
Paddy (S-1-5-21-170528629-2023444766-65360108-1000 - Administrator - Enabled) => C:\Users\Paddy
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 9 ActiveX (HKLM\...\ShockwaveFlash) (Version: 9 - Adobe Systems Incorporated)
Adobe Reader 8 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A80000000002}) (Version: 8.0.0 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM\...\Advanced SystemCare 8_is1) (Version: 8.4.0 - IObit)
AppCore (Version: 1 - Symantec Corporation) Hidden
AV (Version: 1 - Symantec Corporation) Hidden
ccCommon (Version: 106.1.1.4 - Symantec) Hidden
DVD Play (HKLM\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version: - )
Enhanced Multimedia Keyboard Solution (HKLM\...\KBD) (Version: - Hewlett-Packard)
Google Chrome (HKLM\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Google Update Helper (Version: 1.3.28.13 - Google Inc.) Hidden
HP Customer Experience Enhancements (HKLM\...\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}) (Version: 1.00.0000 - Hewlett-Packard)
HP Easy Setup - Core (HKLM\...\{F94234DB-FD06-42C3-B88D-6FC4DC9F988C}) (Version: 1.00.0000 - Hewlett-Packard)
HP Easy Setup - Frontend (HKLM\...\{40F7AED3-0C7D-4582-99F6-484A515C73F2}) (Version: 5.00.0000 - Hewlett-Packard)
HP On-Screen Caps/Num/Scroll Lock Indicator (HKLM\...\OsdMaestro) (Version: - Hewlett-Packard)
HP Update (HKLM\...\{8C6027FD-53DC-446D-BB75-CACD7028A134}) (Version: 4.000.005.005 - Hewlett-Packard)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - )
IObit Uninstaller (HKLM\...\IObitUninstall) (Version: 4.3.0.5 - IObit)
LiveUpdate 3.2 (Symantec Corporation) (HKLM\...\LiveUpdate) (Version: 3.2.0.26 - Symantec Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Works (HKLM\...\{6D52C408-B09A-4520-9B18-475B81D393F1}) (Version: 08.05.0818 - Microsoft Corporation)
MSRedist (Version: 1.0.0.0 - Symantec Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Norton AntiVirus (Version: 14.1.0.27 - Symantec Corporation) Hidden
Norton Confidential Browser Component (Version: 1.1.0.6 - Symantec Corporation) Hidden
Norton Confidential Web Protection Component (Version: 1.1.0.6 - Symantec Corporation) Hidden
Norton Internet Security (Symantec Corporation) (HKLM\...\SymSetup.{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}) (Version: 10.1.0.26 - Symantec Corporation)
Norton Internet Security (Version: 10.1.0 - Symantec Corp.) Hidden
Norton Internet Security (Version: 10.1.0.26 - Symantec Corporation) Hidden
Norton Protection Center (Version: 2007.1.2.11 - Symantec Corporation) Hidden
Panda Devices Agent (Version: 1.03.05 - Panda Security) Hidden
Panda Devices Agent (Version: 1.06.00 - Panda Security) Hidden
Panda Free Antivirus (HKLM\...\Panda Universal Agent Endpoint) (Version: 16.00.01.0000 - Panda Security)
Panda Free Antivirus (Version: 8.03.00.0000 - Panda Security) Hidden
Python 2.4.3 (HKLM\...\{75E71ADD-042C-4F30-BFAC-A9EC42351313}) (Version: 2.4.3150 - Martin v. Löwis)
RealPlayer (HKLM\...\RealPlayer 6.0) (Version: - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5361 - Realtek Semiconductor Corp.)
Roxio Creator Audio (HKLM\...\{83FFCFC7-88C6-41c6-8752-958A45325C82}) (Version: 3.4.0 - Roxio)
Roxio Creator Basic v9 (HKLM\...\{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}) (Version: 3.4.0 - Roxio)
Roxio Creator Copy (HKLM\...\{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}) (Version: 3.4.0 - Roxio)
Roxio Creator Data (HKLM\...\{0D397393-9B50-4c52-84D5-77E344289F87}) (Version: 3.4.0 - Roxio)
Roxio Creator EasyArchive (HKLM\...\{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}) (Version: 3.4.0 - Roxio)
Roxio Creator Tools (HKLM\...\{0394CDC8-FABD-4ed8-B104-03393876DFDF}) (Version: 3.4.0 - Roxio)
Roxio Express Labeler 3 (HKLM\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 3.2.1 - Roxio)
Roxio MyDVD Basic v9 (HKLM\...\{938B1CD7-7C60-491E-AA90-1F1888168240}) (Version: 9.0.556 - Roxio)
Smart Defrag 4 (HKLM\...\Smart Defrag 4_is1) (Version: 4.2 - IObit)
SPBBC 32bit (Version: 3.1.1.4 - Symantec Corporation) Hidden
Surfing Protection (HKLM\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
Symantec Real Time Storage Protection Component (Version: 10.1.1.5 - Symantec Corporation) Hidden
SymNet (Version: 7.1.0.27 - Symantec Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
28-08-2015 15:59:30 Removed Google Toolbar for Internet Explorer
28-08-2015 16:30:33 Windows Update
30-08-2015 19:21:42 Device Driver Package Install: Panda Security, S.L. Network Service
31-08-2015 01:06:16 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {34C10785-A278-4A7F-B90F-09A5316372B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {713E2EA8-29A5-4F61-AE6D-4551980F2B3E} - System32\Tasks\ASC8_SkipUac_Paddy => C:\Program Files\IObit\Advanced SystemCare 8\ASC.exe [2015-08-17] (IObit)
Task: {ACDCDC4C-8A42-472F-8937-108925FC4930} - System32\Tasks\IntenetServiceOffers => C:\Program Files\Hewlett-Packard\SDP\RemEngine.exe [2006-12-23] ()
Task: {AF2C7A9F-C8EE-4E28-ABBF-A0BAE06058E3} - System32\Tasks\SmartDefrag4_Startup => C:\Program Files\IObit\Smart Defrag 4\SmartDefrag.exe [2015-07-20] (IObit)
Task: {C94F8FB4-82C0-4F43-A5E9-ACFD33B40CFA} - System32\Tasks\SmartDefrag4_Update => C:\Program Files\IObit\Smart Defrag 4\AutoUpdate.exe [2015-03-03] (IObit)
Task: {DDACDF06-D2DC-4936-9898-1996E60A5C50} - System32\Tasks\Uninstaller_SkipUac_Paddy => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-05-20] (IObit)
Task: {DEF087F7-72A2-400B-BCA3-8BAD82DF1811} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe [2015-08-12] (IObit)
Task: {F34B6B01-1207-4A09-9181-56CB299A57FA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2013-04-12 18:23 - 2013-04-12 18:23 - 00612664 _____ () C:\Program Files\Panda Security\Panda Security Protection\SQLite3.dll
2006-11-07 18:48 - 2006-11-07 18:48 - 00009376 _____ () c:\Program Files\Norton Internet Security\Norton AntiVirus\NAVShExt.loc
2007-04-04 17:52 - 2006-11-28 21:17 - 00061440 _____ () C:\Windows\system32\igfxTMM.dll
2015-08-30 18:23 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files\IObit\Smart Defrag 4\webres.dll
2007-04-04 17:52 - 2006-11-28 21:12 - 00077824 _____ () C:\WINDOWS\System32\hccutils.DLL
2015-08-30 18:03 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files\IObit\Advanced SystemCare 8\webres.dll
2015-08-28 17:47 - 2014-02-10 13:44 - 04592128 _____ () C:\Users\Paddy\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2015-08-28 17:47 - 2014-02-10 13:44 - 00112128 _____ () C:\Users\Paddy\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
2015-08-28 16:24 - 2015-08-18 06:23 - 16393032 _____ () C:\Program Files\Google\Chrome\Application\44.0.2403.157\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-170528629-2023444766-65360108-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [{52D053A3-E22E-4C1C-AA23-6C0EA8498DFC}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/31/2015 01:21:03 AM) (Source: usbperf) (EventID: 2004) (User: )
Description: Usbperf data collection failed. Collect function called with usupported Query Type.
Error: (08/31/2015 01:20:40 AM) (Source: Perflib) (EventID: 1017) (User: )
Description: PolicyAgent
Error: (08/31/2015 01:20:40 AM) (Source: Perflib) (EventID: 1005) (User: )
Description: OpenIPSecPerformanceDataC:\Windows\System32\ipsecsvc.dllPolicyAgent4
Error: (08/31/2015 01:20:40 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4
Error: (08/31/2015 01:20:39 AM) (Source: Perflib) (EventID: 1010) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4
Error: (08/31/2015 01:20:39 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: DFSRC:\Windows\System32\DfsrPerf.dll4
Error: (08/31/2015 12:29:49 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: The handle is invalid
Error: (08/31/2015 12:29:45 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: The handle is invalid
System errors:
=============
Error: (08/31/2015 12:02:30 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000Netman
Error: (08/31/2015 10:01:25 AM) (Source: Microsoft-Windows-Servicing) (EventID: 4375) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB937287 (Update) into Staging(Staging) state
Error: (08/31/2015 10:01:25 AM) (Source: Microsoft-Windows-Servicing) (EventID: 4375) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB937287 (Update) into Staging(Staging) state
Error: (08/31/2015 10:01:25 AM) (Source: Microsoft-Windows-Servicing) (EventID: 4375) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB937287 (Update) into Staging(Staging) state
Error: (08/31/2015 10:01:25 AM) (Source: Microsoft-Windows-Servicing) (EventID: 4375) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB937287 (Update) into Staging(Staging) state
Error: (08/31/2015 10:01:25 AM) (Source: Microsoft-Windows-Servicing) (EventID: 4385) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of changing update 937287-1_neutral_GDR from package KB937287(Update) into Staging(Staging) state
Error: (08/31/2015 10:01:25 AM) (Source: Microsoft-Windows-Servicing) (EventID: 4385) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of changing update 937287-2_neutral_PACKAGE from package KB937287(Update) into Staging(Staging) state
Error: (08/31/2015 10:01:25 AM) (Source: Microsoft-Windows-Servicing) (EventID: 4385) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of changing update 937287-3_neutral_PACKAGE from package KB937287(Update) into Staging(Staging) state
Error: (08/31/2015 10:01:25 AM) (Source: Microsoft-Windows-Servicing) (EventID: 4385) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of changing update 937287-4_neutral_PACKAGE from package KB937287(Update) into Staging(Staging) state
Error: (08/31/2015 09:46:26 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Windows Update
Microsoft Office:
=========================
Error: (08/31/2015 01:21:03 AM) (Source: usbperf) (EventID: 2004) (User: )
Description:
Error: (08/31/2015 01:20:40 AM) (Source: Perflib) (EventID: 1017) (User: )
Description: PolicyAgent
Error: (08/31/2015 01:20:40 AM) (Source: Perflib) (EventID: 1005) (User: )
Description: OpenIPSecPerformanceDataC:\Windows\System32\ipsecsvc.dllPolicyAgent4
Error: (08/31/2015 01:20:40 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4
Error: (08/31/2015 01:20:39 AM) (Source: Perflib) (EventID: 1010) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4
Error: (08/31/2015 01:20:39 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: DFSRC:\Windows\System32\DfsrPerf.dll4
Error: (08/31/2015 12:29:49 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: The handle is invalid
Error: (08/31/2015 12:29:45 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: The handle is invalid
CodeIntegrity:
===================================
Date: 2015-08-31 17:26:51.411
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\PSKMAD.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-08-31 17:26:51.348
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\PSKMAD.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-08-31 17:26:51.237
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\PSKMAD.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-08-31 17:26:51.165
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\PSKMAD.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-08-31 17:25:39.096
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\PSKMAD.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-08-31 17:25:39.028
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\PSKMAD.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-08-31 17:25:38.975
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\PSKMAD.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-08-31 17:25:38.928
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\PSKMAD.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-08-31 17:25:38.803
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\PSINReg.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-08-31 17:25:38.741
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\PSINReg.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Celeron® D CPU 3.46GHz
Percentage of memory in use: 82%
Total physical RAM: 502.75 MB
Available physical RAM: 86.64 MB
Total Virtual: 1569.23 MB
Available Virtual: 156.45 MB
==================== Drives ================================
Drive c: (HP) (Fixed) (Total:143.1 GB) (Free:124.52 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Recovery) (Fixed) (Total:5.95 GB) (Free:0.86 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive e: (SEGAROME) (CDROM) (Total:3.96 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=143.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=6 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Thank you in advance
Paddy