Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

firewall keeps shutting.....could it be malware?


  • This topic is locked This topic is locked

#1
rigs

rigs

    Member

  • Member
  • PipPipPip
  • 331 posts

my McCafee AV software started to  notify me that my mccqfee firewall was off.  So, I turned back on but it keeps shutting off.  So, I tried all that I could think of to solve this problem but nothing worked.  I then realized  that this may be a malware problem.  If it is, I don’t the have the slightest idea of how I got it.  I did get a lot of pop up windows while surfing the net in the last few days.  I hope one of you tech geniuses can take a look at the logs and see if I do have malware in my system and help me get rid of it……

 

My dell runs Win10 x64

Thank You
 

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016
Ran by rigoj_000 (administrator) on MYPC (08-02-2016 16:50:58)
Running from C:\Users\rigoj_000\Desktop
Loaded Profiles: rigoj_000 (Available Profiles: rigoj_000 & fbwuser0C88 & fbwuserE4A0 & fbwuserD5E5)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: "C:\Users\rigoj_000\Downloads\CyberfoxPortable\App\Cyberfox\Cyberfox.exe" -osint -url "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Common Files\Appkeys\yytool64.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe
() C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe
(DELL Inc.) C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtWLan.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(xwidget.com) C:\Program Files (x86)\XWidget\xwidget.exe
(My Portable Software) C:\Users\rigoj_000\Downloads\my_daily_wallpaper\My_Daily_Wallpaper.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Fabio Martin) C:\Program Files (x86)\7 Sticky Notes\7StickyNotes.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.8.203.0\McCSPServiceHost.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRSync.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.201.11370.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\Calculator.exe
() C:\Program Files (x86)\Free Virtual Keyboard\Virtual Keyboard.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
(Goversoft LLC) C:\Program Files (x86)\PrivaZer\PrivaZer.exe
() C:\Program Files\WindowsApps\A278AB0D.TrivialPursuit_1.1.1.0_x86__h6adky7gbf63m\TrivialPursuit.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.25.24.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
(8pecxstudios) C:\Users\rigoj_000\Downloads\CyberfoxPortable\App\Cyberfox\Cyberfox.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [609200 2015-03-01] (Waves Audio Ltd.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161728 2015-11-12] (IvoSoft)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8781568 2016-01-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407744 2016-01-31] (Realtek Semiconductor)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-12-22] (Oracle Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [837640 2015-12-08] (DivX, LLC)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-4151019796-3771742870-4154944045-1001\...\Run: [xwidget] => C:\Program Files (x86)\XWidget\xwidget.exe [1858048 2014-09-03] (xwidget.com)
HKU\S-1-5-21-4151019796-3771742870-4154944045-1001\...\Run: [My Daily Wallpaper] => C:\Users\rigoj_000\Downloads\my_daily_wallpaper\My_Daily_Wallpaper.exe [536576 2015-03-19] (My Portable Software)
HKU\S-1-5-21-4151019796-3771742870-4154944045-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd)
HKU\S-1-5-21-4151019796-3771742870-4154944045-1001\...\RunOnce: [Uninstall C:\Users\rigoj_000\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_3\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\rigoj_000\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_3\amd64"
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} =>  No File
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} =>  No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-09-25]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2016-02-02]
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2016-02-02]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Users\rigoj_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\7 Sticky Notes.lnk [2014-07-10]
ShortcutTarget: 7 Sticky Notes.lnk -> C:\Program Files (x86)\7 Sticky Notes\7StickyNotes.exe (Fabio Martin)
Startup: C:\Users\rigoj_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-04-06]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{c16b0760-439f-4bdb-9897-96c45b6954d6}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{dc7844d4-f018-4c08-b688-75cfed7d5d44}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4151019796-3771742870-4154944045-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {C9D7BC04-183E-4AC3-957E-5CAFB73BC071} URL =
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2016-02-02] (LastPass)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2015-11-12] (IvoSoft)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2015-12-15] (Microsoft Corporation)
BHO-x32: Idea2 SidebarBrowserMonitor Class -> {45AD732C-2CE2-4666-B366-B2214AD57A49} -> C:\Program Files (x86)\Desktop Sidebar\sbhelp.dll [2006-07-09] (Idea2)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\ssv.dll [2016-01-29] (Oracle Corporation)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2016-02-02] (LastPass)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2016-01-20] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\jp2ssv.dll [2016-01-29] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2015-11-12] (IvoSoft)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2016-02-02] (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2016-02-02] (LastPass)
Toolbar: HKU\S-1-5-21-4151019796-3771742870-4154944045-1001 -> No Name - {72C9A221-FCFD-4E21-8C9F-E954A4F5C92F} -  No File
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1453778955805
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-26] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2015-12-03] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-12-03] (McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\rigoj_000\AppData\Roaming\Mozilla\Firefox\Profiles\8ey0etg7.default
FF Homepage: hxxp://www.cnn.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-19] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2016-02-02] (LastPass)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-12-03] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-02-26] (Microsoft Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-10-25] (Unity Technologies ApS)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-19] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1223183.dll [2015-12-21] (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-10-28] (DivX, LLC)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-09] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-09] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.72.2 -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\dtplugin\npDeployJava1.dll [2016-01-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.72.2 -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\plugin2\npjp2.dll [2016-01-29] (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2016-02-02] (LastPass)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-12-03] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2015-02-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin HKU\.DEFAULT: @hola.org/FlashPlayer -> C:\Users\rigoj_000\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [No File]
FF Plugin HKU\.DEFAULT: @hola.org/vlc -> C:\Users\rigoj_000\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [No File]
FF Plugin HKU\S-1-5-21-4151019796-3771742870-4154944045-1001: @citrixonline.com/appdetectorplugin -> C:\Users\rigoj_000\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-06-03] (Citrix Online)
FF Plugin HKU\S-1-5-21-4151019796-3771742870-4154944045-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\rigoj_000\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-4151019796-3771742870-4154944045-1001: anvisoft.com/AdblockPlugin -> C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll [2014-04-29] (Anvisoft)
FF Extension: LastPass - C:\Users\rigoj_000\AppData\Roaming\Mozilla\Firefox\Profiles\8ey0etg7.default\extensions\[email protected] [2016-02-02]
FF Extension: FastestFox - C:\Users\rigoj_000\AppData\Roaming\Mozilla\Firefox\Profiles\8ey0etg7.default\extensions\[email protected] [2015-12-22]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 ASD2Svc; C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASD2Srv.exe [1187840 2014-11-23] (Anvisoft) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2787512 2015-12-22] (Microsoft Corporation)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [137968 2015-09-22] (Dell Inc.)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2571352 2016-01-05] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201816 2016-01-05] (Dell Inc.)
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [139328 2014-02-19] (Aviata, Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-08-27] (Dell Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-24] (Digital Wave Ltd.)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [File not signed]
S2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [354920 2016-02-02] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-09] (Intel Corporation)
R2 Leawo_service; C:\Program Files (x86)\Common Files\Appkeys\yytool64.exe [1232880 2014-05-04] ()
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-10-09] (IObit)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [863448 2015-12-03] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.8.203.0\McCSPServiceHost.exe [1694152 2015-12-02] (McAfee, Inc.)
S2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
S2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [679120 2015-10-20] (McAfee, Inc.)
S2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
S2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [233680 2015-09-21] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [378848 2015-10-21] (McAfee, Inc.)
R3 mfevtp; C:\WINDOWS\system32\mfevtps.exe [256840 2015-09-21] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5214384 2014-01-13] (INCA Internet Co., Ltd.)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RealtekCU; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe [36864 2012-05-10] (Realtek Semiconductor Corp.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [307456 2016-01-31] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [2065808 2016-01-04] (SoftThinks SAS)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31928 2016-01-12] (Dell Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 WysePocketCloud; C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe [16176 2013-08-22] ()
R2 WyseRemoteAccess; C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe [1785344 2013-08-19] (DELL Inc.) [File not signed]
S2 DTLSvc6; no ImagePath
S2 OkayFreedom VPN Starter Service; no ImagePath

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 asd2fsm; C:\Windows\System32\DRIVERS\asd2fsm.sys [51608 2014-11-23] (Anvisoft)
S1 Asdids; C:\Windows\system32\DRIVERS\asdids.sys [50584 2014-11-23] (Anvisoft)
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4316784 2016-01-07] (Qualcomm Atheros Communications, Inc.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [74368 2014-09-14] (Qualcomm Atheros)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [80760 2015-09-23] (McAfee, Inc.)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-02-26] (Dell Computer Corporation)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [24240 2016-01-05] (Dell Computer Corporation)
R1 DtlDrvProtect; C:\Windows\System32\drivers\DtlDrvProtect64.sys [174832 2015-12-06] (深圳市驱动人生软件技术有限公司)
R1 DVDHelp; C:\Windows\System32\drivers\DVDHelp.sys [28696 2015-04-26] ()
S3 GSVDRIVE; C:\Windows\system32\DRIVERS\GSVDRIVE.sys [28568 2015-04-26] (GiliSoft International LLC.) [File not signed]
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-22] (REALiX™)
S3 ksapi64; C:\Windows\system32\drivers\ksapi64.sys [56680 2014-10-02] (Kingsoft Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [185088 2015-12-07] (Intel Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [415976 2015-09-23] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [351120 2015-09-23] (McAfee, Inc.)
R0 mfedisk; C:\Windows\System32\DRIVERS\mfedisk.sys [101872 2015-02-17] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [82072 2015-09-23] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [497888 2015-09-23] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [841944 2015-09-23] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [537192 2015-10-06] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109480 2015-10-06] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [244544 2015-09-23] (McAfee, Inc.)
R1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [32912 2014-08-12] (EldoS Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [935168 2016-01-18] (Realtek                                            )
R2 RtNdPt630; C:\Windows\system32\DRIVERS\RtNdPt630.sys [37632 2015-07-29] (Realtek Semiconductor Corp.)
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [407768 2015-12-07] (Realsil Semiconductor Corporation)
S3 RTTEAMPT; C:\Windows\system32\DRIVERS\RtTeam620.sys [59608 2014-09-02] (Realtek Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2015-12-07] (Synaptics Incorporated)
R0 sptd2; C:\Windows\System32\Drivers\sptd2.sys [162360 2015-12-19] (Duplex Secure Ltd)
S3 tap0903; C:\Windows\system32\DRIVERS\tap0903.sys [39424 2014-10-01] (The OpenVPN Project)
S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2014-05-16] (Anchorfree Inc.)
S3 tapse01; C:\Windows\system32\DRIVERS\tapse01.sys [39608 2014-05-14] (The OpenVPN Project)
S3 tapSF0901; C:\Windows\system32\DRIVERS\tapSF0901.sys [39104 2014-05-06] (Spotflux, Inc.)
R1 tmcomm; C:\Windows\system32\DRIVERS\tmcomm.sys [307352 2016-02-08] (Trend Micro Inc.)
R1 VBoxUSBMon; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 WINUSB; C:\Windows\System32\drivers\WinUSB.SYS [87552 2006-06-20] (Microsoft Corporation) [File not signed]
R1 XQHDrv; C:\Windows\system32\DRIVERS\XQHDrv.sys [253384 2015-09-15] (BigNox Corporation)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [102192 2015-02-04] (Zemana Ltd.)
S3 RtlWlanu; \SystemRoot\System32\drivers\rtwlanu.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-08 16:50 - 2016-02-08 16:51 - 00029230 _____ C:\Users\rigoj_000\Desktop\FRST.txt
2016-02-08 16:43 - 2016-02-08 16:50 - 00000000 ____D C:\FRST
2016-02-08 12:06 - 2016-02-08 12:06 - 02370560 _____ (Farbar) C:\Users\rigoj_000\Desktop\FRST64.exe
2016-02-08 10:43 - 2016-02-08 10:43 - 00307352 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmcomm.sys
2016-02-08 10:43 - 2016-02-08 10:43 - 00000000 ____D C:\Users\rigoj_000\Downloads\TrendMicro AntiThreat Toolkit
2016-02-08 07:43 - 2016-02-08 13:32 - 00004208 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse
2016-02-08 07:32 - 2016-02-08 07:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2016-02-07 20:08 - 2016-02-07 20:08 - 00332008 _____ C:\Users\rigoj_000\Documents\k-40h15.pdf
2016-02-07 20:08 - 2016-02-07 20:08 - 00045916 _____ C:\Users\rigoj_000\Documents\dis15.pdf
2016-02-07 20:03 - 2016-02-07 20:03 - 00000000 ____D C:\Users\rigoj_000\AppData\Local\Foxit Reader
2016-02-07 16:32 - 2016-02-08 08:19 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2016-02-07 16:32 - 2016-02-07 16:33 - 00183501 _____ C:\WINDOWS\Tweaking.com - Windows Repair Setup Log.txt
2016-02-07 16:03 - 2016-02-07 16:04 - 21771104 _____ (Tweaking.com) C:\Users\rigoj_000\Downloads\tweaking.com_windows_repair_aio_setup.exe
2016-02-07 13:19 - 2016-02-07 13:22 - 493846190 _____ C:\Users\rigoj_000\Downloads\windows10.0-kb3124262-x64_1924b90567a0891c81a003cb9db4cbc1f1363a62.msu
2016-02-06 19:20 - 2016-02-06 19:20 - 00002014 _____ C:\Users\rigoj_000\Desktop\McAfee SecurityCenter.lnk
2016-02-06 19:16 - 2016-02-06 19:16 - 00003696 _____ C:\WINDOWS\System32\Tasks\DivXUpdate
2016-02-06 19:14 - 2016-02-06 19:14 - 00000000 ____D C:\Users\rigoj_000\AppData\Local\Tempdivxda87
2016-02-05 21:11 - 2016-02-05 21:11 - 00035630 _____ C:\Users\rigoj_000\Documents\cc_20160205_211142.reg
2016-02-05 18:59 - 2016-02-05 18:59 - 10405887 _____ C:\Users\rigoj_000\Documents\adrianascontactsreceipt.pdf
2016-02-05 12:45 - 2016-02-05 12:45 - 44090448 _____ C:\Users\rigoj_000\Downloads\torbrowser-install-5.5.1_en-US.exe
2016-02-04 09:02 - 2016-02-04 09:04 - 302409904 _____ ( ) C:\Users\rigoj_000\Downloads\KOPLAYERSetup-1.2.1030.exe
2016-02-04 07:53 - 2016-02-04 07:54 - 00411672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-02-03 10:13 - 2016-02-03 10:13 - 00000000 ____D C:\Program Files (x86)\PrivaZer
2016-02-02 21:57 - 2016-02-02 21:57 - 04765504 _____ (hxxp://www.maxuninstaller.com/ ) C:\Users\rigoj_000\Downloads\MaxUninstaller_Setup.exe
2016-02-02 21:32 - 2016-02-02 21:32 - 32130848 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 29084160 _____ (Intel Corporation) C:\WINDOWS\system32\common_clang64.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 27097256 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd11dxva32.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 19844096 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\common_clang32.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 15187896 _____ (Intel Corporation) C:\WINDOWS\system32\igc64.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 13195352 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igc32.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 11574272 _____ (Intel Corporation) C:\WINDOWS\system32\ig75icd64.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 11235256 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 08621568 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig75icd32.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 05668352 _____ (Intel Corporation) C:\WINDOWS\system32\igdmcl64.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 05245440 _____ (Intel Corporation) C:\WINDOWS\system32\GfxResources.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 04632576 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 04387824 _____ (Intel Corporation) C:\WINDOWS\system32\igd12umd64.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 04232800 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd12umd32.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 04161024 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 03952640 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmcl32.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 02105832 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 01767992 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 01765408 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 01631520 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 01559552 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 01150464 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 01008232 _____ C:\WINDOWS\system32\igfxSDK.exe
2016-02-02 21:32 - 2016-02-02 21:32 - 00944232 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2016-02-02 21:32 - 2016-02-02 21:32 - 00940648 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2016-02-02 21:32 - 2016-02-02 21:32 - 00826341 _____ C:\WINDOWS\system32\DisplayAudiox64.cab
2016-02-02 21:32 - 2016-02-02 21:32 - 00609280 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 00604264 _____ (Intel Corporation) C:\WINDOWS\system32\IntelCpHDCPSvc.exe
2016-02-02 21:32 - 2016-02-02 21:32 - 00517736 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2016-02-02 21:32 - 2016-02-02 21:32 - 00448104 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2016-02-02 21:32 - 2016-02-02 21:32 - 00421888 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 00409976 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 00408928 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 00398848 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 00372736 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 00371200 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 00357904 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 00355832 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 00332800 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCComp64.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 00301056 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 00289936 _____ (Intel Corporation) C:\WINDOWS\system32\igd10idpp64.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 00282728 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2016-02-02 21:32 - 2016-02-02 21:32 - 00274504 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10idpp32.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 00256000 _____ C:\WINDOWS\system32\igfxCPL.cpl
2016-02-02 21:32 - 2016-02-02 21:32 - 00248832 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 00238080 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 00220432 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 00218216 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2016-02-02 21:32 - 2016-02-02 21:32 - 00213608 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2016-02-02 21:32 - 2016-02-02 21:32 - 00213096 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2016-02-02 21:32 - 2016-02-02 21:32 - 00207872 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 00201368 _____ (Intel Corporation) C:\WINDOWS\system32\igdde64.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 00188928 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4352.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 00184352 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 00175616 _____ (Intel Corporation) C:\WINDOWS\system32\igdail64.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 00160680 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdde32.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 00156264 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2016-02-02 21:32 - 2016-02-02 21:32 - 00155648 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdail32.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 00094208 _____ ( ) C:\WINDOWS\system32\igfxSDKLibv2_0.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 00086016 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 00083456 _____ ( ) C:\WINDOWS\system32\igfxSDKLib.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 00077824 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 00066048 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 00036616 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 00035328 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 00011776 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 00011776 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2016-02-02 21:32 - 2016-02-02 21:32 - 00004758 _____ C:\WINDOWS\system32\iglhxs64.vp
2016-02-02 20:50 - 2016-01-06 17:04 - 00000107 ____H C:\DBAR_Ver.txt
2016-02-02 20:48 - 2016-02-02 20:48 - 00001152 _____ C:\Users\Public\Desktop\My LastPass Vault.lnk
2016-02-02 20:37 - 2016-02-02 20:37 - 00001211 _____ C:\Users\rigoj_000\Desktop\geek.exe - Shortcut.lnk
2016-02-02 20:36 - 2016-02-02 20:36 - 00000000 ____D C:\Users\rigoj_000\Downloads\geek (2)
2016-02-02 20:33 - 2016-02-04 17:39 - 00000000 ____D C:\AdwCleaner
2016-02-02 20:33 - 2016-02-02 20:33 - 01508352 _____ C:\Users\rigoj_000\Downloads\adwcleaner_5.032.exe
2016-02-01 09:03 - 2016-02-01 09:03 - 00002856 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-02-01 09:03 - 2016-02-01 09:03 - 00000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-02-01 09:03 - 2016-02-01 09:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-02-01 09:03 - 2016-02-01 09:03 - 00000000 ____D C:\Program Files\CCleaner
2016-02-01 09:01 - 2016-02-01 09:01 - 06828320 _____ (Piriform Ltd) C:\Users\rigoj_000\Downloads\ccsetup514.exe
2016-01-31 21:16 - 2016-01-31 21:16 - 00532384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2016-01-31 21:16 - 2016-01-31 21:16 - 00221968 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2016-01-31 21:16 - 2016-01-31 21:16 - 00209544 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2016-01-31 21:16 - 2016-01-31 21:16 - 00166208 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 72203792 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCORES64.dat
2016-01-31 21:15 - 2016-01-31 21:15 - 13120760 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO3064.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 12014448 _____ (Waves Audio Ltd.) C:\WINDOWS\SysWOW64\MaxxVoiceAPO30.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 07172920 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 07096192 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 04307112 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2016-01-31 21:15 - 2016-01-31 21:15 - 03700360 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioMeters64.exe
2016-01-31 21:15 - 2016-01-31 21:15 - 03282032 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 03195648 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 02893568 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2016-01-31 21:15 - 2016-01-31 21:15 - 02050184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 02030208 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 01965816 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 01780624 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 01743080 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\MBAPO232.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 01591064 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 01508936 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 01421104 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO6064.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 01356512 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 01211840 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 01164336 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 00998032 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 00914024 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBAPO64.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 00768816 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\MBAPO32.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 00743968 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 00727440 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 00708320 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 00689888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 00678192 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 00677672 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 00642928 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBTHX64.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 00577840 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\MBTHX32.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 00574760 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 00504312 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 00447720 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 00445408 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 00441272 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 00387320 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 00343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 00330568 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 00327456 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 00272720 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 00253904 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 00253872 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 00252880 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 00214840 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 00203560 _____ (Waves Audio) C:\WINDOWS\system32\MaxxAudioVienna264.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 00164432 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkXInterface64.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 00151792 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 00134208 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 00122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 00118600 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 00110992 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 00088352 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 00084624 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 00074608 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBppld64.dll
2016-01-31 21:15 - 2016-01-31 21:15 - 00069928 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBPPCn64.dll
2016-01-30 21:24 - 2016-01-31 13:04 - 05111240 _____ (Piriform Ltd) C:\Users\rigoj_000\Downloads\spsetup129.exe
2016-01-30 19:52 - 2016-01-30 19:52 - 00000000 __HDC C:\ProgramData\{010DD54D-6F97-418D-BC47-2089F30A0075}
2016-01-30 19:51 - 2016-01-30 19:53 - 00000000 ____D C:\ProgramData\SupportAssistAgent
2016-01-30 13:24 - 2016-01-30 13:28 - 00000000 ____D C:\Users\rigoj_000\Downloads\Cumulative Update for Windows 10 Version 1511 for x64-based Systems (KB3124262)
2016-01-29 22:04 - 2016-01-29 22:04 - 01645739 _____ C:\Users\rigoj_000\Documents\bookmarksm.html
2016-01-29 21:45 - 2016-01-29 22:02 - 00000000 ____D C:\Users\rigoj_000\AppData\Roaming\WinningPutt
2016-01-29 21:45 - 2016-01-29 21:45 - 00000000 ____D C:\Users\rigoj_000\AppData\Roaming\Kamuse
2016-01-29 21:12 - 2016-01-29 21:12 - 00000000 ____D C:\Users\rigoj_000\AppData\Local\Solid State Networks
2016-01-29 21:11 - 2016-01-29 21:11 - 00002771 _____ C:\Users\Public\Desktop\Winning Putt.lnk
2016-01-29 21:11 - 2016-01-29 21:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BANDAI NAMCO Entertainment America Inc
2016-01-29 21:11 - 2016-01-29 21:11 - 00000000 ____D C:\BANDAI NAMCO Entertainment America
2016-01-29 16:31 - 2016-01-29 16:32 - 144963256 _____ (BANDAI NAMCO Entertainment America Inc.) C:\Users\rigoj_000\Downloads\wput_setup.exe
2016-01-29 10:47 - 2016-01-29 10:47 - 00000000 ____D C:\Users\rigoj_000\Downloads\wumt
2016-01-29 09:30 - 2016-01-29 09:30 - 02867979 _____ C:\Users\rigoj_000\Downloads\wumt.zip
2016-01-29 07:43 - 2016-01-29 07:43 - 00000000 ____D C:\WINDOWS\system32\PocketCloud
2016-01-28 12:37 - 2016-01-28 12:37 - 00001168 _____ C:\Users\rigoj_000\AppData\Roaming\Microsoft\Windows\Start Menu\Settings - Shortcut.lnk
2016-01-27 09:01 - 2016-01-27 09:02 - 44082264 _____ C:\Users\rigoj_000\Downloads\torbrowser-install-5.5_en-US.exe
2016-01-26 17:17 - 2016-01-26 17:20 - 452514024 _____ C:\Users\rigoj_000\Downloads\Andy_v46.2_40_x64.exe
2016-01-25 21:32 - 2016-01-25 21:34 - 00000000 ____D C:\Users\rigoj_000\Downloads\Cumulative Update for Windows 10 Version 1511 for x64-based Systems (KB3124263)
2016-01-25 21:22 - 2016-01-25 21:25 - 341464444 _____ C:\Users\rigoj_000\Downloads\windows10.0-kb3124263-x64_cced6d1037c3f826dcef3bc43cc60514f5dd2eab.msu
2016-01-25 17:30 - 2016-01-25 17:30 - 00001273 _____ C:\Users\rigoj_000\Desktop\sbframe.exe - Shortcut.lnk
2016-01-25 13:45 - 2016-02-04 18:29 - 00000000 ____D C:\Users\rigoj_000\Downloads\SlimBrowser
2016-01-22 19:30 - 2016-01-22 19:30 - 00000000 ____D C:\Users\Public\Foxit Software
2016-01-22 19:18 - 2016-01-22 19:18 - 00001511 _____ C:\Users\rigoj_000\Desktop\WonderFox DVD Video Converter.lnk
2016-01-21 20:29 - 2016-01-21 20:29 - 00001237 _____ C:\Users\rigoj_000\AppData\Roaming\Microsoft\Windows\Start Menu\Task Manager.lnk
2016-01-21 19:13 - 2016-01-21 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
2016-01-21 19:13 - 2016-01-21 19:13 - 00000000 ____D C:\Program Files\TAP-Windows
2016-01-21 16:28 - 2016-01-21 16:29 - 08973864 _____ (Betternet Technologies Inc.) C:\Users\rigoj_000\Downloads\BetternetForWindows.exe
2016-01-21 16:27 - 2016-01-21 16:27 - 09757920 _____ (CyberGhost S.R.L. ) C:\Users\rigoj_000\Downloads\CG_5.5.1.3.exe
2016-01-21 15:43 - 2016-01-21 15:43 - 00001239 _____ C:\Users\Public\Desktop\Kerish Doctor 2016.lnk
2016-01-21 15:43 - 2016-01-21 15:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kerish Doctor
2016-01-21 15:43 - 2016-01-21 15:43 - 00000000 ____D C:\Program Files (x86)\Kerish Doctor
2016-01-21 15:43 - 2014-04-05 18:38 - 00059880 _____ (Kerish Products) C:\WINDOWS\SysWOW64\GPUTemp.dll
2016-01-21 15:38 - 2016-01-21 15:38 - 25705000 _____ (Kerish Products ) C:\Users\rigoj_000\Downloads\Setu1p.exe
2016-01-19 16:28 - 2016-01-19 16:28 - 00001456 _____ C:\Users\rigoj_000\AppData\Roaming\Microsoft\Windows\Start Menu\Trivial Pursuit & Friends.lnk
2016-01-18 22:18 - 2016-01-18 22:18 - 00082544 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2016-01-18 11:03 - 2016-02-08 15:12 - 00004020 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2016-01-17 15:52 - 2016-01-17 15:52 - 00000000 ____D C:\Program Files (x86)\FreeCodecPack
2016-01-17 15:51 - 2016-01-17 16:50 - 39261480 _____ (DVDVideoSoft Ltd. ) C:\Users\rigoj_000\Downloads\FreeYouTubeToMP3Converter.exe
2016-01-14 14:38 - 2016-01-17 16:02 - 00000022 _____ C:\Users\rigoj_000\Downloads\u.zip
2016-01-10 19:13 - 2016-01-10 19:13 - 00002428 _____ C:\Users\rigoj_000\AppData\Roaming\Microsoft\Windows\Start Menu\OneDrive.lnk
2016-01-09 15:44 - 2016-02-03 09:51 - 03555352 _____ (迈微科技) C:\Users\rigoj_000\Downloads\XYAZ-Installer.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-08 16:44 - 2015-12-20 15:23 - 00000000 ____D C:\Users\rigoj_000\AppData\Roaming\Mozilla
2016-02-08 16:44 - 2015-06-25 14:55 - 00000000 ____D C:\Users\rigoj_000\AppData\LocalLow\LastPass
2016-02-08 16:35 - 2014-05-15 15:44 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2016-02-08 16:16 - 2015-04-14 12:35 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-02-08 14:35 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-08 13:56 - 2014-07-03 13:14 - 00004008 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{716F61F4-2A8F-4D8F-BD3A-926FB0ABAAF9}
2016-02-08 13:21 - 2015-10-30 01:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-08 12:24 - 2015-05-16 16:28 - 00000000 ____D C:\Users\rigoj_000\AppData\Roaming\Thunderbird
2016-02-08 12:16 - 2015-12-07 18:46 - 00000000 ____D C:\Users\rigoj_000\AppData\Local\ClassicShell
2016-02-08 11:35 - 2015-12-06 17:07 - 00000000 ____D C:\Users\rigoj_000
2016-02-08 10:34 - 2015-11-14 17:47 - 00000000 ____D C:\Users\rigoj_000\AppData\Local\PrivaZer
2016-02-08 09:12 - 2014-07-09 12:50 - 00000000 ____D C:\Users\rigoj_000\AppData\Local\CrashDumps
2016-02-08 08:36 - 2014-07-03 13:10 - 00000000 ____D C:\Users\rigoj_000\AppData\Local\Packages
2016-02-08 08:21 - 2015-10-31 13:25 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-02-08 07:29 - 2015-12-06 17:02 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-02-08 07:29 - 2015-11-15 13:36 - 00000000 ____D C:\Users\rigoj_000\Downloads\my_daily_wallpaper
2016-02-08 07:29 - 2015-04-02 13:48 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-02-08 07:29 - 2014-09-01 21:31 - 00000000 __SHD C:\Users\rigoj_000\IntelGraphicsProfiles
2016-02-08 07:29 - 2014-07-10 20:52 - 00000000 ____D C:\Users\rigoj_000\AppData\Roaming\7 Sticky Notes
2016-02-08 07:28 - 2015-12-06 17:33 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-08 07:27 - 2015-10-30 00:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-02-08 07:26 - 2015-10-30 01:21 - 00000000 ____D C:\WINDOWS\INF
2016-02-07 21:19 - 2014-07-03 14:34 - 00000000 ____D C:\Users\rigoj_000\AppData\Roaming\Foxit Software
2016-02-07 19:39 - 2014-07-06 15:38 - 00000000 ____D C:\Users\rigoj_000\AppData\Roaming\Skype
2016-02-07 19:35 - 2014-07-06 15:38 - 00000000 ____D C:\ProgramData\Skype
2016-02-07 16:17 - 2015-10-30 01:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-06 19:17 - 2015-09-10 20:37 - 00000000 ____D C:\Users\rigoj_000\AppData\Roaming\DivX
2016-02-06 19:17 - 2015-09-10 20:35 - 00000000 ____D C:\Program Files (x86)\DivX
2016-02-06 19:17 - 2015-09-10 20:34 - 00000000 ____D C:\ProgramData\DivX
2016-02-06 19:16 - 2015-09-24 14:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2016-02-06 13:46 - 2015-10-30 00:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-02-05 20:45 - 2015-12-09 17:28 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-02-05 20:44 - 2015-12-07 18:05 - 00000000 ____D C:\WINDOWS\Minidump
2016-02-05 20:44 - 2015-11-11 18:23 - 00158213 ____N C:\WINDOWS\Minidump\020516-14984-01.dmp
2016-02-04 09:27 - 2015-12-09 21:51 - 00001213 _____ C:\Users\rigoj_000\Desktop\Free Virtual Keyboard.lnk
2016-02-04 09:27 - 2015-12-09 21:51 - 00000000 ____D C:\Program Files (x86)\Free Virtual Keyboard
2016-02-04 08:54 - 2015-03-26 15:34 - 00000000 ____D C:\Users\rigoj_000\AppData\Local\ElevatedDiagnostics
2016-02-04 07:57 - 2015-07-06 14:35 - 00000000 ____D C:\ProgramData\ProductData
2016-02-03 12:34 - 2014-09-10 14:30 - 00000000 ____D C:\Program Files (x86)\Steam
2016-02-03 12:33 - 2015-12-06 18:57 - 00000000 ___DC C:\WINDOWS\Panther
2016-02-03 10:53 - 2014-07-03 19:04 - 00000000 ____D C:\Users\rigoj_000\AppData\Roaming\Winamp
2016-02-03 10:17 - 2014-08-01 13:11 - 00001493 _____ C:\Users\Public\Desktop\MacX DVD Ripper Pro For Windows.lnk
2016-02-03 10:13 - 2015-11-14 17:47 - 00001972 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrivaZer.lnk
2016-02-03 10:13 - 2015-11-14 17:47 - 00001960 _____ C:\Users\Public\Desktop\PrivaZer.lnk
2016-02-02 21:38 - 2015-12-14 20:57 - 00003428 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler
2016-02-02 21:38 - 2015-12-14 20:57 - 00002229 _____ C:\Users\Public\Desktop\Driver Booster 3.lnk
2016-02-02 21:38 - 2015-12-14 20:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2016-02-02 21:38 - 2015-12-07 18:30 - 00003084 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (rigoj_000)
2016-02-02 21:35 - 2015-12-06 17:02 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-02-02 21:32 - 2015-12-06 17:02 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2016-02-02 21:32 - 2015-12-06 17:02 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2016-02-02 21:32 - 2015-07-18 00:36 - 07862736 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2016-02-02 21:32 - 2015-07-18 00:35 - 00384104 _____ C:\WINDOWS\system32\igfxTray.exe
2016-02-02 21:32 - 2015-07-18 00:35 - 00354920 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2016-02-02 21:32 - 2015-07-18 00:35 - 00335976 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2016-02-02 21:32 - 2015-07-18 00:35 - 00250472 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2016-02-02 21:32 - 2015-07-18 00:34 - 31213112 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2016-02-02 21:32 - 2015-07-18 00:34 - 25836024 _____ (Intel Corporation) C:\WINDOWS\system32\igd11dxva64.dll
2016-02-02 21:32 - 2015-07-18 00:34 - 13680976 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2016-02-02 21:32 - 2015-07-18 00:34 - 06457088 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2016-02-02 21:32 - 2015-07-18 00:34 - 04941952 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2016-02-02 21:32 - 2015-07-18 00:28 - 02041344 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2016-02-02 21:32 - 2015-07-18 00:28 - 00733184 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2016-02-02 21:32 - 2015-07-18 00:28 - 00369664 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2016-02-02 21:08 - 2015-06-03 16:04 - 00000000 ____D C:\Users\rigoj_000\AppData\Local\Citrix
2016-02-02 20:49 - 2015-06-25 16:25 - 00000000 ____D C:\Program Files (x86)\LastPass
2016-02-02 20:48 - 2015-06-25 16:25 - 00000000 ____D C:\Users\rigoj_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass
2016-02-02 20:48 - 2015-06-25 16:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass
2016-02-01 20:30 - 2014-11-24 19:42 - 00000172 _____ C:\Users\rigoj_000\Downloads\FreeVK.ini
2016-02-01 08:31 - 2014-05-15 15:47 - 00000000 ____D C:\Program Files (x86)\Dell
2016-02-01 08:31 - 2014-05-15 15:37 - 00000000 ____D C:\ProgramData\Dell
2016-01-31 21:17 - 2015-12-06 17:02 - 01019725 _____ C:\WINDOWS\system32\Drivers\rtwavesskdy.dat
2016-01-31 21:17 - 2015-12-06 17:02 - 00188557 _____ C:\WINDOWS\system32\Drivers\rtwaves40.dat
2016-01-31 21:17 - 2015-12-06 17:02 - 00031095 _____ C:\WINDOWS\system32\Drivers\rtwavesEFX.dat
2016-01-31 21:17 - 2015-12-06 17:02 - 00017972 _____ C:\WINDOWS\system32\Drivers\rtwavesvpcap.dat
2016-01-31 21:17 - 2015-12-06 17:02 - 00010945 _____ C:\WINDOWS\system32\Drivers\rtwavesMFX.dat
2016-01-31 21:16 - 2015-12-06 17:02 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-01-31 21:15 - 2015-12-17 13:47 - 03271912 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2016-01-31 21:15 - 2015-12-17 13:47 - 00192984 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2016-01-31 21:15 - 2015-10-18 15:58 - 04686592 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2016-01-31 21:15 - 2015-10-18 15:58 - 03040488 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2016-01-31 21:15 - 2015-10-18 15:58 - 01976560 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBAPO264.dll
2016-01-31 21:15 - 2015-10-18 15:58 - 00410040 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBWrp64.dll
2016-01-31 21:15 - 2015-10-18 15:58 - 00023704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2016-01-30 21:41 - 2015-03-28 13:40 - 00001409 _____ C:\Users\Public\Desktop\WinX DVD Ripper Platinum.lnk
2016-01-30 19:53 - 2015-07-06 11:57 - 00000000 ____D C:\ProgramData\PCDr
2016-01-30 19:52 - 2014-07-25 21:24 - 02836500 _____ C:\Users\rigoj_000\Documents\inspiron-3847-desktop_Owner's Manual_en-us.pdf
2016-01-30 19:52 - 2014-05-15 15:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2016-01-30 19:51 - 2015-04-01 15:45 - 00003924 _____ C:\WINDOWS\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2016-01-29 10:48 - 2015-11-11 19:40 - 00000000 ____D C:\Program Files\Bandizip
2016-01-29 10:46 - 2014-09-25 17:49 - 00001020 _____ C:\Users\rigoj_000\Desktop\Daum Potplayer-64 Bits.lnk
2016-01-29 08:06 - 2015-08-20 12:48 - 00000000 ____D C:\Users\rigoj_000\.oracle_jre_usage
2016-01-29 08:06 - 2015-05-18 20:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-01-29 08:05 - 2015-05-18 20:05 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-01-29 08:05 - 2014-07-23 18:07 - 00000000 ____D C:\Program Files (x86)\Java
2016-01-28 07:40 - 2015-02-23 21:04 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-28 07:40 - 2015-02-23 21:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-27 15:22 - 2015-02-23 21:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-27 07:25 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-01-26 21:17 - 2015-12-30 13:59 - 00000000 ____D C:\Users\rigoj_000\Downloads\CyberfoxPortable
2016-01-25 21:29 - 2015-10-30 01:24 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-01-23 15:56 - 2014-07-03 19:49 - 00000000 ____D C:\Users\rigoj_000\AppData\Roaming\dvdcss
2016-01-22 19:18 - 2015-12-19 15:17 - 00000000 ____D C:\Users\rigoj_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WonderFox Soft
2016-01-21 21:52 - 2014-07-03 13:12 - 00000000 __RDO C:\Users\rigoj_000\OneDrive
2016-01-21 19:19 - 2015-09-14 13:06 - 00001078 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PicPick.lnk
2016-01-21 19:19 - 2014-10-09 14:38 - 00001066 _____ C:\Users\Public\Desktop\PicPick.lnk
2016-01-21 19:19 - 2014-07-13 18:41 - 00000000 ____D C:\Program Files (x86)\PicPick
2016-01-21 19:12 - 2015-03-01 15:20 - 00000000 ____D C:\Users\rigoj_000\AppData\Local\Downloaded Installations
2016-01-20 15:35 - 2015-10-30 01:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-01-20 15:35 - 2015-02-26 10:52 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-01-18 22:18 - 2015-09-10 19:25 - 00935168 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2016-01-18 21:21 - 2015-01-17 18:58 - 00014300 _____ C:\WINDOWS\wininit.ini
2016-01-18 13:23 - 2014-07-06 15:38 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-01-17 20:04 - 2016-01-08 17:24 - 00000136 _____ C:\WINDOWS\ODBC.INI
2016-01-17 20:02 - 2014-07-04 12:05 - 00000000 ____D C:\ProgramData\softthinks
2016-01-17 19:11 - 2015-12-06 17:20 - 00881036 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-17 16:48 - 2015-04-29 18:55 - 00000000 ____D C:\Users\rigoj_000\AppData\Roaming\DVDVideoSoft
2016-01-16 19:00 - 2015-06-15 14:45 - 00001221 _____ C:\Users\Public\Desktop\Registry Life.lnk
2016-01-16 19:00 - 2015-02-19 17:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Life
2016-01-16 19:00 - 2015-02-19 17:54 - 00000000 ____D C:\Program Files (x86)\Registry Life
2016-01-16 14:43 - 2014-07-03 21:06 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-16 14:36 - 2014-07-03 21:06 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-10 19:25 - 2015-12-06 17:50 - 00002417 _____ C:\Users\rigoj_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-01-10 19:13 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\NDF

==================== Files in the root of some directories =======

2015-12-03 19:45 - 2015-12-02 07:45 - 0000040 ____H () C:\Program Files (x86)\f76a72fd.tmp
2015-05-29 15:36 - 2015-05-29 15:36 - 0000949 _____ () C:\Program Files (x86)\Common Files\Konvertor.lnk
2014-11-22 20:55 - 2016-02-02 20:49 - 21405208 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2014-07-03 17:12 - 2014-07-03 17:12 - 0000189 _____ () C:\Users\rigoj_000\AppData\Roaming\burnaware.ini
2014-10-13 18:47 - 2015-09-17 14:31 - 0000097 _____ () C:\Users\rigoj_000\AppData\Roaming\LauncherSettings_live.cfg
2014-09-30 13:55 - 2014-09-30 13:56 - 0000010 _____ () C:\Users\rigoj_000\AppData\Roaming\pdfdrawcodec.dll
2015-09-17 14:26 - 2015-09-17 14:28 - 0000039 _____ () C:\Users\rigoj_000\AppData\Roaming\TheHunterSettings_steam_live.cfg
2015-11-23 17:22 - 2015-11-23 17:22 - 0000036 _____ () C:\Users\rigoj_000\AppData\Local\housecall.guid.cache
2015-05-09 14:42 - 2015-05-09 14:42 - 0017408 _____ () C:\Users\rigoj_000\AppData\Local\WebpageIcons.db
2015-01-13 21:43 - 2015-01-13 21:43 - 0740775 _____ () C:\ProgramData\AndyDrivers.zip
2015-12-06 17:02 - 2015-12-06 17:02 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-09-25 13:04 - 2015-11-04 14:31 - 0003465 _____ () C:\ProgramData\hpzinstall.log
2014-07-29 18:07 - 2014-07-29 18:07 - 0000140 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2015-05-08 20:45 - 2015-05-08 20:45 - 0000032 _____ () C:\ProgramData\Temp.log
2014-05-15 15:35 - 2014-05-15 15:35 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2014-05-15 15:32 - 2014-05-15 15:33 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2014-05-15 15:33 - 2014-05-15 15:33 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2014-05-15 15:33 - 2014-05-15 15:35 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2014-05-15 15:32 - 2014-05-15 15:32 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Some files in TEMP:
====================
C:\Users\rigoj_000\AppData\Local\Temp\FoxitUpdater.exe
C:\Users\rigoj_000\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-02-08 13:25

==================== End of FRST.txt ============================

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-02-2016
Ran by rigoj_000 (2016-02-08 16:52:00)
Running from C:\Users\rigoj_000\Desktop
Windows 10 Home (X64) (2015-12-06 23:45:12)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4151019796-3771742870-4154944045-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4151019796-3771742870-4154944045-503 - Limited - Disabled)
fbwuser0C88 (S-1-5-21-4151019796-3771742870-4154944045-1004 - Limited - Disabled) => C:\Users\fbwuser0C88
fbwuserD5E5 (S-1-5-21-4151019796-3771742870-4154944045-1006 - Limited - Disabled) => C:\Users\fbwuserD5E5
fbwuserE4A0 (S-1-5-21-4151019796-3771742870-4154944045-1005 - Limited - Disabled) => C:\Users\fbwuserE4A0
Guest (S-1-5-21-4151019796-3771742870-4154944045-501 - Limited - Disabled)
rigoj_000 (S-1-5-21-4151019796-3771742870-4154944045-1001 - Administrator - Enabled) => C:\Users\rigoj_000

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7 Sticky Notes (HKLM-x32\...\{2DB7DD8E-F17B-408A-B93B-92867EF7974D}_is1) (Version:  - Fabio Martin)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.233 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.3.183 - Adobe Systems, Inc.)
AIO_CDB_ProductContext (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
AquaSoft DiaShow 7 Premium (HKLM-x32\...\AquaSoft DiaShow 7 Premium) (Version: 7.8.02 - AquaSoft)
AquaSoft DiaShow 7 Premium (x32 Version: 7.8.02 - AquaSoft) Hidden
Ashampoo Burning Studio 2016 (HKLM-x32\...\{91B33C97-B4A4-B41A-6B97-C62C82CEB6A9}_is1) (Version: 16.0.2 - Ashampoo GmbH & Co. KG)
Atlantis Word Processor (HKLM-x32\...\Atlantis Word Processor) (Version:  - )
Bandizip (HKLM\...\Bandizip) (Version: 5.11 - Bandisoft.com)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Classic Shell (HKLM\...\{D4B3454F-7529-4F5F-851D-2C36933F7D64}) (Version: 4.2.5 - IvoSoft)
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell App Launcher for Unifying Software (HKLM\...\Unifying Software Launcher) (Version: 1.00.44 - Logitech)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.9.2.8 - Dell Inc.)
Dell Customer Connect (HKLM-x32\...\{124DE80C-9BFE-4D04-A8D9-69C5019DEEBF}) (Version: 1.3.28.0 - Dell Inc.)
Dell Data Vault (Version: 4.3.7.0 - Dell Inc.) Hidden
Dell Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP)
Dell Product Registration (HKLM-x32\...\{764E68FE-C2F9-410E-90A8-CE7F8B9A36E2}) (Version: 2.03.0204 - Aviata Inc.)
Dell SupportAssistAgent (HKLM-x32\...\{A62A2F03-3006-40CA-A3FA-C1086B2FEF5D}) (Version: 1.2.0.94 - Dell)
Dell System Detect (HKU\S-1-5-21-4151019796-3771742870-4154944045-1001\...\73f463568823ebbe) (Version: 6.6.0.2 - Dell)
Dell Update (HKLM-x32\...\{DB82968B-57A4-4397-81A5-ECAB21B5DFCD}) (Version: 1.7.1015.0 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
Desktop Sidebar (HKLM-x32\...\{A92D7264-1A13-45BE-B769-88445DD04FD6}) (Version: 1.05.116 - Idea2)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.8.0.13 - DivX, LLC)
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Driver Booster 3.2 (HKLM-x32\...\Driver Booster_is1) (Version: 3.2 - IObit)
Empire of Sports (HKU\S-1-5-21-4151019796-3771742870-4154944045-1001\...\EoS-{5CCCD423-F673-4CD8-9464-9D950F49BBC3}) (Version:  - F4)
F300 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
F300_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
F300Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}) (Version: 2.1.27.0 - MAGIX AG)
Fishing Planet (HKLM-x32\...\Steam App 380600) (Version:  - Fishing Planet LLC)
Free Virtual Keyboard version 1.0 (HKLM-x32\...\VirtualKeyboard_is1) (Version:  - Media Freeware)
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software (HKLM\...\{6F5B70F0-EA6C-4A5B-BB16-8390BD66B251}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
IncrediMail (x32 Version: 6.6.0.5288 - IncrediMail) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4352 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java 8 Update 72 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218072F0}) (Version: 8.0.720.15 - Oracle Corporation)
Kerish Doctor 2016 (HKLM-x32\...\{EF70A54F-E09E-4570-8F21-C7674CDDB5B6}_is1) (Version: 4.60 - Kerish Products)
K-Lite Mega Codec Pack 11.1.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.1.0 - )
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
Logitech Unifying Software 2.10 (HKLM\...\Logitech Unifying) (Version: 2.10.37 - Logitech)
MacX DVD Ripper Pro For Windows 7.6.6 (HKLM-x32\...\MacX DVD Ripper Pro For Windows_is1) (Version:  - Digiarty Software, Inc.)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MarketResearch (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Maxx Audio Installer (x64) (Version: 2.6.5320.104 - Waves Audio Ltd.) Hidden
McAfee SecurityCenter (HKLM-x32\...\MSC) (Version: 14.0.6136 - McAfee, Inc.)
Microsoft OneNote 2013 - en-us (HKLM\...\OneNoteFreeRetail - en-us) (Version: 15.0.4787.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4787.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4787.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4787.1002 - Microsoft Corporation) Hidden
OpenOffice 4.1.1 Language Pack (English) (HKLM-x32\...\{53E5F858-54E3-406D-A927-09AC86FCBA1A}) (Version: 4.11.9775 - Apache Software Foundation)
OpenOffice 4.1.2 (HKLM-x32\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
PicPick (HKLM-x32\...\PicPick) (Version: 4.1.1 - NGWIN)
Pinball Arcade (HKLM-x32\...\Steam App 238260) (Version:  - FarSight Studios)
Pinball FX2 (HKLM-x32\...\Steam App 226980) (Version:  - Zen Studios)
PocketCloud (HKLM-x32\...\{D9752C7D-A595-4687-A0D5-362E9C311C55}) (Version: 2.7.14 - Wyse Technology)
Potplayer-64 Bits (HKLM\...\PotPlayer64) (Version:  - Kakao Corp.)
Print Envelope 3.2.2.8 (HKLM-x32\...\Print Envelope_is1) (Version: 3.2.2.8 - Radovan Kraus)
PrivaZer (HKLM-x32\...\PrivaZer) (Version: 2.45.2.0 - Goversoft LLC)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.304 - Qualcomm Atheros Communications)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10240.31218 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 2.0.2.11 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7673 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: 1.00.0199 - REALTEK Semiconductor Corp.)
Registry Life version 3.24 (HKLM-x32\...\Registry Life_is1) (Version: 3.24 - ChemTable Software)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Scanitto Pro (HKLM-x32\...\{FC9FED7B-11C5-4BAA-AAF0-395AD111EE92}_is1) (Version: 3.2 - Masters ITC Software)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.111 - Skype Technologies S.A.)
SmartCallMonitor V1.7.2.265 (HKLM-x32\...\SmartCallMonitor_is1) (Version: 1.7.2.265 - JAM Software)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
The Four Kings Casino and Slots (HKLM-x32\...\Steam App 260430) (Version:  - Digital Leisure Inc.)
theHunter (HKLM-x32\...\Steam App 253710) (Version:  - Expansive Worlds)
theHunter Launcher (HKLM-x32\...\FBDFBE7F-2DB8-47E2-B88E-32F4A2A74AA8_is1) (Version: 736 - Expansive Worlds)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
Winning Putt (HKLM-x32\...\{B6DECC70-4F95-402B-B07D-ADFFB2DCFA6D}) (Version: 1.00.0001 - BANDAI NAMCO Entertainment America Inc.)
WinPDFEditor V2.1 (HKLM-x32\...\WinPDFEditor_is1) (Version:  - hxxp://www.WinPDFEditor.com)
WinX DVD Ripper Platinum 7.5.13 (HKLM-x32\...\WinX DVD Ripper Platinum_is1) (Version:  - Digiarty Software, Inc.)
WonderFox DVD Ripper Pro 7.5 (HKLM-x32\...\WonderFox DVD Ripper Pro) (Version: 7.5 - WonderFox Soft, Inc.)
WonderFox DVD Video Converter 8.8 (HKLM-x32\...\WonderFox DVD Video Converter) (Version: 8.8 - WonderFox Soft, Inc.)
WordWeb (HKLM-x32\...\WordWeb) (Version: 8 - WordWeb Software)
XWidget Ver1.92 (HKLM-x32\...\{A6E16998-A241-438F-A916-5CD59B5506C0}_is1) (Version:  - XWidget Software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4151019796-3771742870-4154944045-1001_Classes\CLSID\{5B69A6B4-393B-459C-8EBB-214237A9E7AC}\InprocServer32 -> C:\Program Files\Bandizip\bdzshl64.dll (Bandisoft.com)
CustomCLSID: HKU\S-1-5-21-4151019796-3771742870-4154944045-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\rigoj_000\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1826BAC8-641B-4F34-9B62-4EB0B5400F19} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {191DA9EB-ECC0-4301-8BF7-48320DB72921} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {2350F9F9-BDC8-4965-B096-02183305A64B} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {264BB91C-F80C-497B-B3B5-D58672FE74C0} - System32\Tasks\Driver Booster SkipUAC (rigoj_000) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2016-01-18] (IObit)
Task: {306FD277-3484-44FA-BEDC-0E68D46C273F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-16] (Microsoft Corporation)
Task: {387DDA32-EABD-4F12-80BF-F82E571063DF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-15] (Piriform Ltd)
Task: {3F731F69-41BC-414B-A466-928B71A81399} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {427B1575-E578-42ED-A4CB-BB7E2BB39061} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-12-22] (Microsoft Corporation)
Task: {43EE44C2-0228-4BAC-AE22-65D5D6BB20DC} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {5200CC47-F2AC-4B39-8E02-A8ED68EC64EF} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\21.0\mcdatrep.exe [2016-01-07] (McAfee, Inc.)
Task: {5A0E6AD2-46C0-4225-9EEC-2380F93FBD0E} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe
Task: {5A6C47AF-C0E6-4F3B-BC6F-4C919C0148C6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {74EBCC0F-9727-4552-9585-D89B10BD53E5} - System32\Tasks\0914avtUpdateInfo => C:\ProgramData\Avg_Update_0914avt\0914avt_AVG-Secure-Search-Update.exe [2014-09-14] ()
Task: {77AD911D-3E64-4586-AD3D-B9B9A0588468} - System32\Tasks\PocketCloud => C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudDesktopApp.exe [2013-08-22] ()
Task: {7924C702-06AD-4683-918B-A3A406142AB8} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe
Task: {8F2E135C-65AA-4180-BA9A-384C2DDE0F42} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {93A5519E-B819-47C7-9FE5-A869818A659C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {99BE192D-899F-4C2F-9931-5FF412AD256D} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2016-01-12] (Dell Inc.)
Task: {A08A67B6-60F3-41BE-918B-3E0EB39095C7} - System32\Tasks\PrivaZer_SkipUAC => C:\Program Files (x86)\PrivaZer\PrivaZer.exe [2016-02-03] (Goversoft LLC)
Task: {A3BFC66A-B616-4F7C-A72D-99503E312B84} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2016-01-13] (IObit)
Task: {A4122729-3A3A-44B6-BF5D-436DE0DF34F4} - System32\Tasks\Dell\Dell Product Registration => /boot /LSRC=autolaunch
Task: {A6B84893-9389-4BCC-875D-D324C3DD5885} - System32\Tasks\PocketCloudVirtualChannel => C:\Program Files (x86)\Wyse\PocketCloud\WPCRDPVirtualChannelServer.exe [2013-08-22] ()
Task: {A7C9EADB-D538-43C7-B71C-EB758ADA431C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {B615B7B3-CAAC-4043-A100-0670346784D2} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\Qt4.8\DivXUpdate.exe [2015-11-30] (DivX, LLC)
Task: {B9954F78-FD59-4174-978B-277D0160489D} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {C04C135F-84BF-4ABD-A387-378189CC703C} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {D503D2FA-BF1F-4FA8-B7CD-0B48929FAC12} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-19] (Adobe Systems Incorporated)
Task: {DAAC6FB5-13BB-4D72-A73A-071A4AB52B70} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2015-11-02] (McAfee, Inc.)
Task: {E16865BD-091C-4695-B341-11C389BEDB6B} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\21.0\mcdatrep.exe [2016-01-07] (McAfee, Inc.)
Task: {E43177A2-30CB-468E-933D-7F0E305B90F6} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {F2457880-A85A-485D-AF5E-EB7F949BC41B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-12-22] (Microsoft Corporation)
Task: {F36864F5-B51B-4AC1-AF5A-4F19DBC66642} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-01-31] (Realtek Semiconductor)
Task: {F4586832-156B-4191-AAD5-1B3064E05A17} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\0914avtUpdateInfo.job => C:\ProgramData\Avg_Update_0914avt\0914avt_AVG-Secure-Search-Update.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job =>

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 01:18 - 2015-10-30 01:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-02-26 10:52 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-07-16 12:58 - 2014-05-04 09:02 - 01232880 _____ () C:\Program Files (x86)\Common Files\Appkeys\yytool64.exe
2013-08-22 12:40 - 2013-08-22 12:40 - 00016176 _____ () C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe
2015-12-06 18:54 - 2015-12-06 18:54 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-06 18:54 - 2015-12-06 18:54 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-02-03 10:13 - 2016-02-03 10:13 - 03525431 _____ () C:\Program Files (x86)\PrivaZer\PrivaMenu5.dll
2015-12-17 13:09 - 2015-12-06 22:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-17 13:09 - 2015-12-06 22:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-17 13:09 - 2015-12-06 22:00 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2015-07-18 00:35 - 2016-02-02 21:32 - 00384104 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-12-17 13:09 - 2015-12-06 21:37 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-17 13:09 - 2015-12-06 21:33 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-17 13:09 - 2015-12-06 21:34 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-12-17 13:09 - 2015-12-06 21:36 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-02-05 11:41 - 2016-02-05 11:41 - 00015872 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.201.11370.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-02-05 11:41 - 2016-02-05 11:41 - 14869504 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.201.11370.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-01-08 13:00 - 2016-01-08 13:00 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.201.11370.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-01-20 15:32 - 2016-01-20 15:32 - 03746816 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\Calculator.exe
2016-01-09 14:37 - 2016-01-09 14:37 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2015-12-09 21:51 - 2013-08-29 11:51 - 03338752 _____ () C:\Program Files (x86)\Free Virtual Keyboard\Virtual Keyboard.exe
2015-12-12 18:02 - 2015-12-12 18:08 - 12081664 _____ () C:\Program Files\WindowsApps\A278AB0D.TrivialPursuit_1.1.1.0_x86__h6adky7gbf63m\TrivialPursuit.exe
2016-01-27 11:53 - 2016-01-27 11:53 - 09737216 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.25.24.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2016-01-06 14:17 - 2016-01-06 14:17 - 01232408 _____ () C:\Users\rigoj_000\Downloads\CyberfoxPortable\Data\profile\extensions\[email protected]\platform\WINNT_x86_64-msvc\components\lpxpcom_x86_64.dll
2014-11-18 01:15 - 2014-11-18 01:15 - 00493568 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\http_hook.dll
2016-01-17 15:26 - 2015-12-24 17:34 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-01-17 15:26 - 2015-12-29 12:17 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2016-01-17 15:26 - 2015-12-29 12:17 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2016-01-17 15:26 - 2015-12-29 12:17 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-01-17 15:26 - 2015-12-29 12:17 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-01-17 15:26 - 2015-12-29 12:17 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2014-07-18 13:46 - 2014-10-16 09:26 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2015-12-25 17:14 - 2012-11-06 09:47 - 00114688 _____ () C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\EnumDevLib.dll
2014-07-03 20:09 - 2009-08-12 11:09 - 00077824 _____ () C:\Program Files (x86)\XWidget\Res\Lib\lib.dll
2014-05-15 15:35 - 2013-12-09 16:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2016-01-05 11:17 - 2015-12-18 17:52 - 01607920 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2014-05-15 15:45 - 2012-11-25 23:19 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2015-02-26 10:07 - 2014-02-18 12:12 - 00117568 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll
2015-12-12 18:02 - 2015-12-12 18:08 - 00048640 _____ () C:\Program Files\WindowsApps\A278AB0D.TrivialPursuit_1.1.1.0_x86__h6adky7gbf63m\GLAdsManager.win10.dll
2015-12-12 18:02 - 2015-12-12 18:08 - 00044032 _____ () C:\Program Files\WindowsApps\A278AB0D.TrivialPursuit_1.1.1.0_x86__h6adky7gbf63m\IGPLib_Windows_10.dll
2015-12-12 18:02 - 2015-12-12 18:08 - 00416256 _____ () C:\Program Files\WindowsApps\A278AB0D.TrivialPursuit_1.1.1.0_x86__h6adky7gbf63m\InAppPurchaseComponentW10.dll
2015-12-12 18:02 - 2015-12-12 18:08 - 00023552 _____ () C:\Program Files\WindowsApps\A278AB0D.TrivialPursuit_1.1.1.0_x86__h6adky7gbf63m\InGameBrowser_NativeWin10.dll
2015-12-12 18:02 - 2015-12-12 18:08 - 00029696 _____ () C:\Program Files\WindowsApps\A278AB0D.TrivialPursuit_1.1.1.0_x86__h6adky7gbf63m\PopupRuntimeModule.dll
2015-12-12 18:02 - 2015-12-12 18:08 - 00376320 _____ () C:\Program Files\WindowsApps\A278AB0D.TrivialPursuit_1.1.1.0_x86__h6adky7gbf63m\WindowsCorePackage.Windows10.dll
2015-12-12 18:02 - 2015-12-12 18:08 - 08644096 _____ () C:\Program Files\WindowsApps\A278AB0D.TrivialPursuit_1.1.1.0_x86__h6adky7gbf63m\A278AB0D.TrivialPursuit.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Syst44975699:$WIMMOUNTDATA
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\ProgramData\Temp:5C321E34

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-4151019796-3771742870-4154944045-1001\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-4151019796-3771742870-4154944045-1001\...\hola.org -> hxxp://hola.org

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 07:25 - 2015-05-07 12:01 - 00001991 ____A C:\WINDOWS\system32\Drivers\etc\hosts

0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com
0.0.0.0 cdn.bisrv.com

There are 3 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4151019796-3771742870-4154944045-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: CyberGhost =>
MSCONFIG\startupreg: Dell Unifying Software Launcher => C:\Program Files\Dell\UnifyingSoftwareLauncher\DellLaunchUnifyingApp.exe /s
MSCONFIG\startupreg: GlobusVpnAgent =>
HKLM\...\StartupApproved\Run: => "hola"
HKLM\...\StartupApproved\Run32: => "AVG_UI"
HKLM\...\StartupApproved\Run32: => "DivXMediaServer"
HKU\S-1-5-21-4151019796-3771742870-4154944045-1001\...\StartupApproved\StartupFolder: => "Howard.lnk"
HKU\S-1-5-21-4151019796-3771742870-4154944045-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-4151019796-3771742870-4154944045-1001\...\StartupApproved\Run: => "GUDelayStartup"
HKU\S-1-5-21-4151019796-3771742870-4154944045-1001\...\StartupApproved\Run: => "StartMenuX39"
HKU\S-1-5-21-4151019796-3771742870-4154944045-1001\...\StartupApproved\Run: => "StartMenuX"
HKU\S-1-5-21-4151019796-3771742870-4154944045-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-4151019796-3771742870-4154944045-1001\...\StartupApproved\Run: => "Power2GoExpress8"
HKU\S-1-5-21-4151019796-3771742870-4154944045-1001\...\StartupApproved\Run: => "OKAYFREEDOM_Agent"
HKU\S-1-5-21-4151019796-3771742870-4154944045-1001\...\StartupApproved\Run: => "BingSvc"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{3FEABE40-8267-4520-9B17-AAB701992A24}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\theHunter\launcher\launcher.exe
FirewallRules: [{B2338FE1-19CB-43CC-9AE8-7A217124B7B3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\theHunter\launcher\launcher.exe
FirewallRules: [{90B39676-F908-44E7-821E-1E3307C0D9E1}] => (Block) C:\users\rigoj_000\appdata\roaming\f4\empireofsports\empireofsports.exe
FirewallRules: [{18980B57-6093-4A9C-8293-ACAC3FD4163A}] => (Block) C:\users\rigoj_000\appdata\roaming\f4\empireofsports\empireofsports.exe
FirewallRules: [UDP Query User{19695B62-3C8A-4606-A08B-2D5355B3278E}C:\users\rigoj_000\appdata\roaming\f4\empireofsports\empireofsports.exe] => (Allow) C:\users\rigoj_000\appdata\roaming\f4\empireofsports\empireofsports.exe
FirewallRules: [TCP Query User{36059A62-E002-49D0-A330-F1FC0748E5A4}C:\users\rigoj_000\appdata\roaming\f4\empireofsports\empireofsports.exe] => (Allow) C:\users\rigoj_000\appdata\roaming\f4\empireofsports\empireofsports.exe
FirewallRules: [UDP Query User{95E86B86-23E4-485D-8D18-87FDA2BE4135}C:\program files (x86)\steam\steamapps\common\thehunter\game\thehunter.exe] => (Block) C:\program files (x86)\steam\steamapps\common\thehunter\game\thehunter.exe
FirewallRules: [TCP Query User{86EBC09E-B756-4CA0-B758-057DBBE11008}C:\program files (x86)\steam\steamapps\common\thehunter\game\thehunter.exe] => (Block) C:\program files (x86)\steam\steamapps\common\thehunter\game\thehunter.exe
FirewallRules: [{F396C49A-3665-4863-85F9-DC8A1FDF4BDB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fishing Planet\FishingPlanet.exe
FirewallRules: [{56C52C7D-93CD-4613-8FC9-EF235BCCB186}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fishing Planet\FishingPlanet.exe
FirewallRules: [{1B66617E-1319-492F-BEBD-4D2EDE3073E0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Four Kings Casino and Slots\Casino.exe
FirewallRules: [{0D0FE20E-642E-41DC-AE2B-F8B25DE933E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Four Kings Casino and Slots\Casino.exe
FirewallRules: [{E87FAAC7-DDDD-47D0-B9EF-127B083E17EB}] => (Allow) C:\Users\rigoj_000\AppData\Roaming\Steganos\OkayFreedom\Proxy\node.exe
FirewallRules: [{41095B50-1232-4345-9FAF-5BD7841D40DB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F4228ED8-3424-4CED-82ED-FD8EFBD5808F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PinballArcade\PinballArcade11.exe
FirewallRules: [{6F41511E-22E2-4306-B5F2-659A9FB5A8B0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PinballArcade\PinballArcade11.exe
FirewallRules: [{F48EC99B-BE53-4C2C-97FF-8CB3DFE9CBE3}] => (Allow) C:\Users\rigoj_000\AppData\Roaming\McAfee\Supportability\MVTLogs\ProductDetection64.exe
FirewallRules: [{2E6EBA81-79E5-4245-A98E-4D655977D9FC}] => (Allow) C:\Users\rigoj_000\AppData\Roaming\McAfee\Supportability\MVTLogs\ProductDetection64.exe
FirewallRules: [{10AFBEA0-58AE-4140-9D47-BF3810A9E09C}] => (Allow) LPort=1900
FirewallRules: [{351417DB-FC77-46CB-9C7E-BE33A8C67285}] => (Allow) LPort=2869
FirewallRules: [{95468B65-E1D1-4FE3-844A-590C441EDFC0}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{0CFD7078-99BF-4C1E-9C05-97CE0C942E3F}] => (Allow) C:\Program Files (x86)\theHunter\launcher\launcher.exe
FirewallRules: [{23449918-39D7-47EA-BFA0-D2965525F4CE}] => (Allow) C:\Program Files (x86)\theHunter\launcher\launcher.exe
FirewallRules: [{7872850C-7778-4125-8F2A-8058664FA64C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Pinball FX2\Pinball FX2.exe
FirewallRules: [{2572C7F5-DC35-41A1-9766-772135678760}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Pinball FX2\Pinball FX2.exe
FirewallRules: [{6F1897D1-6217-4B1D-9A9D-5EB9E84261E9}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{FEF46500-7CAA-47D1-89DB-060AC2CA6B6F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{94599C25-9064-453C-9094-5FCDE9A23600}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{37F4516A-FBA1-4A5A-92BE-D48A4D85E7E6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{47C02143-7263-441D-8972-CA25C9918B84}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{E8B1D74D-CBA9-483B-821C-9D307BD40B23}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{A9EC0407-556B-40D0-9E9F-64B4345C4E4C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{4C715E78-6357-46A4-BD7F-E3D05D8820F2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{4FD83C08-952F-4EC6-8851-11FEEBBDCD20}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{C6D50A93-7A7B-47D1-AE24-85C92E7D31B6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{9F82DC99-8317-4A65-91AC-BB04B6EDB1DA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{12EDDB26-344F-4BE9-BD42-7EA7019C7768}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{7A46D86A-44CC-479C-8261-028C988D6245}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{F3E526A6-7B39-49D1-8E6D-EFD51F7952BB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{397E7546-2FD8-467A-8329-C7FB97D666FE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{106D290A-A5BE-4A34-8862-341CBBB58A88}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{C251CBC0-D969-4C9E-9215-CA2A76796054}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{D0F962D0-012A-4670-B297-8E4AD9AC5B4F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{F62DA12A-BF6C-491F-A983-21B89E21128E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{5C983026-E3B7-42DA-B0F7-E4F1F9493D53}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PinballArcade\PBAConfig.exe
FirewallRules: [{2B765B7C-EB1F-4C34-9FF7-0E5022A4C78C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PinballArcade\PBAConfig.exe
FirewallRules: [{B84A1EBC-74D2-40BE-9374-0DA3F21335E9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PinballArcade\PinballArcade.exe
FirewallRules: [{B86B9EF0-7696-4CB3-AD99-7917C96179E3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PinballArcade\PinballArcade.exe
FirewallRules: [{1309BFBC-B621-411C-BE6E-40EBF4FD4032}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C454C55C-143A-4000-AE6E-A75609E2F614}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{43200C98-65B0-4612-BC77-02ABA7DB5DF5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{191DF823-7B9D-4567-B9FB-52E48EBD0153}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AF63A783-FD7D-455D-9112-CC6585110C67}] => (Allow) C:\Program Files (x86)\Scanitto Pro\scanittopro.exe
FirewallRules: [{204B7BD0-6330-4049-BFFC-56BD9C201048}] => (Allow) C:\Program Files (x86)\Scanitto Pro\scanittopro.exe
FirewallRules: [{BAA98CBC-4A70-4F07-BDA3-CCD3A0BF2C92}] => (Allow) C:\Program Files\DAUM\PotPlayer\PotPlayerMini64.exe
FirewallRules: [Daum PotPlayer(PotPlayerMini64.exe)] => (Allow) C:\Program Files\DAUM\PotPlayer\PotPlayerMini64.exe
FirewallRules: [{8A8C93A0-E581-408E-AE10-5E42CDEEA625}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{31196686-1E7C-49F7-896B-2E5B23192E1A}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{4CFB276D-67CB-459E-A75E-DC0D05FE8745}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe
FirewallRules: [{EB45D95D-C357-4559-B12A-EA8E469B5E40}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudDesktopApp.exe
FirewallRules: [{6B4EF331-5645-4437-BC04-5FAF32F21FA7}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{95B04C12-B2C5-4EB7-B7CD-608F0BD733FD}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{44CAC601-D36C-45FF-B4B0-82C934DB8B21}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{EC094C41-6035-490A-BD85-F128E4879D99}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{AAE6671A-72EF-423E-A2C4-FDBE2E1D0134}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{32210144-8BDF-4849-AB30-B6224968D33C}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [TCP Query User{399F82D6-846F-4501-BEA8-EF9F619E408B}C:\users\rigoj_000\downloads\sdi_r423\sdi_r423\sdi_x64_r423.exe] => (Allow) C:\users\rigoj_000\downloads\sdi_r423\sdi_r423\sdi_x64_r423.exe
FirewallRules: [UDP Query User{8D951D46-3FAB-4407-9060-2B9100D95C55}C:\users\rigoj_000\downloads\sdi_r423\sdi_r423\sdi_x64_r423.exe] => (Allow) C:\users\rigoj_000\downloads\sdi_r423\sdi_r423\sdi_x64_r423.exe
FirewallRules: [{C73E813C-2193-49AE-A447-746A63BB0481}] => (Block) C:\users\rigoj_000\downloads\sdi_r423\sdi_r423\sdi_x64_r423.exe
FirewallRules: [{3EEC4A8F-F73D-4D94-9932-2A2E7D0A6E0C}] => (Block) C:\users\rigoj_000\downloads\sdi_r423\sdi_r423\sdi_x64_r423.exe
FirewallRules: [{91BC258E-321E-405C-A67A-24E05803D7A6}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{71CAB52E-0506-4CAF-9AA3-F85D126A605C}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{0F2860EC-5602-49D2-8752-FBBF20C1022A}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{8CA9D1C7-5AC2-42A4-8384-D49C4D7B9342}] => (Allow) LPort=1542
FirewallRules: [{CACF31BD-06B8-4C0A-90F1-1FCC2EF51760}] => (Allow) LPort=1542
FirewallRules: [{D689824B-A62D-424B-AE2E-6A0E295888D9}] => (Allow) LPort=53
FirewallRules: [{24A1FB6F-873D-4487-A595-D7DE8442468A}] => (Allow) LPort=67
FirewallRules: [{6277902A-704A-4133-9EC5-CF90C9C130F8}] => (Allow) LPort=68
FirewallRules: [{6CDB7C6C-BF3F-4390-A15F-FDA5591EDA49}] => (Allow) LPort=53
FirewallRules: [{899D32B2-FF3B-4123-876F-A853343A28D5}] => (Allow) LPort=53
FirewallRules: [{9F34AEDF-1186-4059-A44A-C5C1225D01AF}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\Rtldhcp.exe
FirewallRules: [{DE20F58C-2596-4E61-972C-ACC9C6518022}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\theHunter\launcher\launcher.exe
FirewallRules: [{CA7B9048-7D54-4B78-8026-472FFF9FB14A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\theHunter\launcher\launcher.exe
FirewallRules: [TCP Query User{2FA9662A-68B6-4217-9DA5-28873DDA5727}C:\users\rigoj_000\downloads\cyberfoxportable\app\cyberfox\plugin-container.exe] => (Allow) C:\users\rigoj_000\downloads\cyberfoxportable\app\cyberfox\plugin-container.exe
FirewallRules: [UDP Query User{AD858A18-7694-4C0B-893F-503A88E7933A}C:\users\rigoj_000\downloads\cyberfoxportable\app\cyberfox\plugin-container.exe] => (Allow) C:\users\rigoj_000\downloads\cyberfoxportable\app\cyberfox\plugin-container.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\DAUM\PotPlayer\PotPlayerMini64.exe] => Enabled:Daum PotPlayer

==================== Restore Points =========================

04-02-2016 22:05:38 restp

==================== Faulty Device Manager Devices =============

Name: Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter
Description: Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RtlWlanu
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/08/2016 04:44:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: McSvHost.exe, version: 5.0.6060.0, time stamp: 0x563809af
Faulting module name: McSvHost.exe, version: 5.0.6060.0, time stamp: 0x563809af
Exception code: 0xc0000409
Fault offset: 0x000000000002f018
Faulting process id: 0x154c
Faulting application start time: 0xMcSvHost.exe0
Faulting application path: McSvHost.exe1
Faulting module path: McSvHost.exe2
Report Id: McSvHost.exe3
Faulting package full name: McSvHost.exe4
Faulting package-relative application ID: McSvHost.exe5

Error: (02/08/2016 04:43:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: McSvHost.exe, version: 5.0.6060.0, time stamp: 0x563809af
Faulting module name: McSvHost.exe, version: 5.0.6060.0, time stamp: 0x563809af
Exception code: 0xc0000409
Fault offset: 0x000000000002f018
Faulting process id: 0x2080
Faulting application start time: 0xMcSvHost.exe0
Faulting application path: McSvHost.exe1
Faulting module path: McSvHost.exe2
Report Id: McSvHost.exe3
Faulting package full name: McSvHost.exe4
Faulting package-relative application ID: McSvHost.exe5

Error: (02/08/2016 01:21:36 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (02/08/2016 11:59:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: McSvHost.exe, version: 5.0.6060.0, time stamp: 0x563809af
Faulting module name: McSvHost.exe, version: 5.0.6060.0, time stamp: 0x563809af
Exception code: 0xc0000409
Fault offset: 0x000000000002f018
Faulting process id: 0xc0c
Faulting application start time: 0xMcSvHost.exe0
Faulting application path: McSvHost.exe1
Faulting module path: McSvHost.exe2
Report Id: McSvHost.exe3
Faulting package full name: McSvHost.exe4
Faulting package-relative application ID: McSvHost.exe5

Error: (02/08/2016 10:44:03 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (02/08/2016 09:12:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 44.0.0.5869, time stamp: 0x56a6b7f8
Faulting module name: ntdll.dll, version: 10.0.10586.20, time stamp: 0x56540c3b
Exception code: 0xc0000005
Fault offset: 0x0000000000074eea
Faulting process id: 0x1a20
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Faulting package full name: plugin-container.exe4
Faulting package-relative application ID: plugin-container.exe5

Error: (02/08/2016 08:47:24 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (02/08/2016 08:41:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: McSvHost.exe, version: 5.0.6060.0, time stamp: 0x563809af
Faulting module name: McSvHost.exe, version: 5.0.6060.0, time stamp: 0x563809af
Exception code: 0xc0000409
Fault offset: 0x000000000002f018
Faulting process id: 0x1b70
Faulting application start time: 0xMcSvHost.exe0
Faulting application path: McSvHost.exe1
Faulting module path: McSvHost.exe2
Report Id: McSvHost.exe3
Faulting package full name: McSvHost.exe4
Faulting package-relative application ID: McSvHost.exe5

Error: (02/08/2016 08:36:55 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (02/08/2016 07:44:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: McSvHost.exe, version: 5.0.6060.0, time stamp: 0x563809af
Faulting module name: McSvHost.exe, version: 5.0.6060.0, time stamp: 0x563809af
Exception code: 0xc0000409
Fault offset: 0x000000000002f018
Faulting process id: 0x1a70
Faulting application start time: 0xMcSvHost.exe0
Faulting application path: McSvHost.exe1
Faulting module path: McSvHost.exe2
Report Id: McSvHost.exe3
Faulting package full name: McSvHost.exe4
Faulting package-relative application ID: McSvHost.exe5


System errors:
=============
Error: (02/08/2016 04:44:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The McAfee Platform Services service terminated unexpectedly.  It has done this 8 time(s).

Error: (02/08/2016 04:44:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The McAfee VirusScan Announcer service terminated unexpectedly.  It has done this 9 time(s).

Error: (02/08/2016 04:44:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The McAfee Personal Firewall Service service terminated unexpectedly.  It has done this 9 time(s).

Error: (02/08/2016 04:43:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The McAfee Platform Services service terminated unexpectedly.  It has done this 7 time(s).

Error: (02/08/2016 04:43:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The McAfee VirusScan Announcer service terminated unexpectedly.  It has done this 8 time(s).

Error: (02/08/2016 04:43:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The McAfee Personal Firewall Service service terminated unexpectedly.  It has done this 8 time(s).

Error: (02/08/2016 01:21:28 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Interactive Services Detection service terminated with the following error:
%%1

Error: (02/08/2016 12:01:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The McAfee Platform Services service terminated unexpectedly.  It has done this 6 time(s).

Error: (02/08/2016 12:01:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The McAfee VirusScan Announcer service terminated unexpectedly.  It has done this 7 time(s).

Error: (02/08/2016 12:01:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The McAfee Personal Firewall Service service terminated unexpectedly.  It has done this 7 time(s).


CodeIntegrity:
===================================
  Date: 2016-01-07 13:58:51.682
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-06 15:09:11.958
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-06 14:09:05.591
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-05 14:26:45.605
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-05 13:29:11.722
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-04 17:55:25.826
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows.old\Windows\WinSxS\x86_microsoft-windows-cloudstoragewizard_31bf3856ad364e35_6.3.9600.17415_none_895a2497a8f7a9b7\CloudStorageWizard.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-01-04 17:55:25.805
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows.old\Windows\WinSxS\x86_microsoft-windows-cloudstoragewizard_31bf3856ad364e35_6.3.9600.17415_none_895a2497a8f7a9b7\CloudStorageWizard.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-01-04 17:32:07.832
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows.old\Windows\WinSxS\amd64_microsoft-windows-s..rics-storageadapter_31bf3856ad364e35_6.3.9600.17415_none_c7b14887291942c9\winbiostorageadapter.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-01-04 17:32:07.823
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows.old\Windows\WinSxS\amd64_microsoft-windows-s..rics-storageadapter_31bf3856ad364e35_6.3.9600.17415_none_c7b14887291942c9\winbiostorageadapter.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-01-04 17:31:56.075
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows.old\Windows\WinSxS\amd64_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.3.9600.17415_none_04bcc3084936a7f6\winbiosensoradapter.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel® Core™ i3-4150 CPU @ 3.50GHz
Percentage of memory in use: 37%
Total physical RAM: 8108.93 MB
Available physical RAM: 5034.51 MB
Total Virtual: 8620.93 MB
Available Virtual: 5049.89 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:918.88 GB) (Free:746.95 GB) NTFS
Drive d: (ESP) (Fixed) (Total:0.48 GB) (Free:0.46 GB) FAT32
Drive w: () (Fixed) (Total:0.44 GB) (Free:0.1 GB) NTFS
Drive x: (PBR Image) (Fixed) (Total:10.81 GB) (Free:0.7 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: B263B0DF)

Partition: GPT.

==================== End of Addition.txt ============================


Edited by rigs, 08 February 2016 - 06:56 PM.

  • 0

Advertisements


#2
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 8,087 posts
Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions! :)


Next

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the logfile button and the log will open in Notepad.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished and the PC has rebooted.
  • Please post the content of that log file with your next answer.
  • The report will be saved in the C:\AdwCleaner folder.

    Next

    thisisujrt.gif Please download Junkware Removal Tool to your Desktop.
    Please close your security software to avoid potential conflicts. See Here how to disable you security protection (Anti Virus)
    Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
    The tool will open and start scanning your system.
    Please be patient as this can take a while to complete, depending on your system's specifications.
    On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
    Please post the contents of JRT.txt into your reply.

    Next
  • Please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mbam-setup-version.exe and follow the prompts to install the program.
  • Launch Malwarebytes Anti-Malware
  • Then click Finish.
  • If an update is found, you will be prompted to download and install the latest version.
  • Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
  • When the scan is complete , make sure that that all Threats are selected, and click Remove Selected.
  • Reboot your computer if prompted.


    Posting the Malwarebytes log.
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • post that saved log to your next reply.

    In your next reply post;
  • The AdwCleaner [SO].txt Log
  • The JRT.txt Log
  • Malwarebytes log

  • 0

#3
rigs

rigs

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 331 posts

first of all, thank you for taking on my problem.  here are the logs........

 

adwcleaner

 

# AdwCleaner v5.033 - Logfile created 09/02/2016 at 08:55:20
# Updated 07/02/2016 by Xplode
# Database : 2016-02-07.2 [Server]
# Operating system : Windows 10 Home  (x64)
# Username : rigoj_000 - MYPC
# Running from : C:\Users\rigoj_000\Desktop\adwcleaner_5.033.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

Folder Found : C:\ProgramData\Avg_Update_0914avt

***** [ Files ] *****

File Found : C:\Users\rigoj_000\AppData\Local\Chromium\User Data\Default\Local Extension Settings\pnknnijoleibcpmkdcooclmnjmmdhgbg

***** [ DLL ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

***** [ Web browsers ] *****


########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [862 bytes] ##########
 

JRT

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.2 (01.06.2016)
Operating System: Windows 10 Home x64
Ran by rigoj_000 (Administrator) on Tue 02/09/2016 at 14:08:33.05
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 26

Successfully deleted: C:\ProgramData\iobit\driver booster (Folder)
Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\ProgramData\Start Menu\Programs\media freeware (Folder)
Successfully deleted: C:\ProgramData\thunder network (Folder)
Successfully deleted: C:\Users\Public\thunder network (Folder)
Successfully deleted: C:\Users\rigoj_000\AppData\Local\crashrpt (Folder)
Successfully deleted: C:\Users\rigoj_000\AppData\Roaming\9656 (Folder)
Successfully deleted: C:\Users\rigoj_000\AppData\Roaming\iobit\driver booster (Folder)
Successfully deleted: C:\Users\rigoj_000\AppData\Roaming\Mozilla\Firefox\Profiles\8ey0etg7.default\extensions\[email protected] (File)
Successfully deleted: C:\Users\rigoj_000\AppData\Roaming\productdata (Folder)
Successfully deleted: C:\WINDOWS\system32\Tasks\Driver Booster Scheduler (Task)
Successfully deleted: C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (rigoj_000) (Task)
Successfully deleted: C:\WINDOWS\wininit.ini (File)
Successfully deleted: C:\Program Files (x86)\iobit\driver booster (Folder)
Successfully deleted: C:\WINDOWS\prefetch\DRIVERBOOSTER.EXE-96C4BAB3.pf (File)
Successfully deleted: C:\WINDOWS\system32\REN43F0.tmp (File)
Successfully deleted: C:\WINDOWS\system32\REN79F5.tmp (File)
Successfully deleted: C:\WINDOWS\system32\REN96C9.tmp (File)
Successfully deleted: C:\WINDOWS\SysWOW64\REN1D33.tmp (File)
Successfully deleted: C:\WINDOWS\SysWOW64\REN2909.tmp (File)
Successfully deleted: C:\WINDOWS\SysWOW64\REN43E2.tmp (File)
Successfully deleted: C:\WINDOWS\SysWOW64\REN5B16.tmp (File)
Successfully deleted: C:\WINDOWS\SysWOW64\REN5FEC.tmp (File)
Successfully deleted: C:\WINDOWS\SysWOW64\RENC08B.tmp (File)
Successfully deleted: C:\WINDOWS\SysWOW64\RENCB13.tmp (File)
Successfully deleted: C:\WINDOWS\SysWOW64\RENFDA8.tmp (File)

Deleted the following from C:\Users\rigoj_000\AppData\Roaming\Mozilla\Firefox\Profiles\8ey0etg7.default\prefs.js
user_pref(extensions.lastpass.loginusers, rasc_%40excite.com);



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 02/09/2016 at 14:10:40.73
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

MALAWABYTES

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 2/9/2016
Scan Time: 2:16 PM
Logfile: mbscan.txt
Administrator: Yes

Version: 2.2.0.1024
Malware Database: v2016.02.09.04
Rootkit Database: v2016.02.08.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 10
CPU: x64
File System: NTFS
User: rigoj_000

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 589784
Time Elapsed: 18 min, 7 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)


  • 0

#4
rigs

rigs

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 331 posts

hey,

after running the three programs, my mccafee firewall has not shut off.  I don't know which program did the fixing but so far it's staying on.  that this mean my problem is fixed or do I need to run another program to be sure.  one thing though, one of my programs(driver booster 3) was deleted.  was this program the cause of my problem?  can I reinstall it?

 

thank you


  • 0

#5
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 8,087 posts
Hello,
We need to do fix with FRST

Download the enclosed =>Attached File  fixlist.txt   1.38KB   175 downloads Save it in the location FRST64 is. Run FRST and click on the Fix button. Wait until finished.
The tool will make a log in the location FRST is, (Fixlog.txt). Please post it to your reply.

Yes go ahead and reinstall drive booster 3 and see how things go.

Thanks
Joe :)
  • 0

#6
rigs

rigs

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 331 posts

ok, here's the log........

 

 

Fix result of Farbar Recovery Scan Tool (x64) Version:07-02-2016
Ran by rigoj_000 (2016-02-11 08:07:42) Run:1
Running from C:\Users\rigoj_000\Desktop
Loaded Profiles: rigoj_000 (Available Profiles: rigoj_000 & fbwuser0C88 & fbwuserE4A0 & fbwuserD5E5)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} =>  No File
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} =>  No File
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4151019796-3771742870-4154944045-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {C9D7BC04-183E-4AC3-957E-5CAFB73BC071} URL =
S2 ASD2Svc; C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASD2Srv.exe [1187840 2014-11-23] (Anvisoft) [File not signed]
C:\Program Files (x86)\Anvisoft
S2 DTLSvc6; no ImagePath
S2 OkayFreedom VPN Starter Service; no ImagePath
S3 RtlWlanu; \SystemRoot\System32\drivers\rtwlanu.sys [X]
2014-11-18 01:15 - 2014-11-18 01:15 - 00493568 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\http_hook.dll
AlternateDataStreams: C:\Syst44975699:$WIMMOUNTDATA
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state Off
CMD: bitsadmin /reset /allusers
CMD: ipconfig /flushdns
Emptytemp:
*****************

Processes closed successfully.
Restore point was successfully created.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DBARFileBackuped" => key removed successfully
HKCR\CLSID\{831cebdd-6baf-4432-be76-9e0989c14aef} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DBARFileNotBackuped" => key removed successfully
HKCR\CLSID\{275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => key not found.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-4151019796-3771742870-4154944045-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
ASD2Svc => service removed successfully
C:\Program Files (x86)\Anvisoft => moved successfully
DTLSvc6 => service removed successfully
OkayFreedom VPN Starter Service => service removed successfully
RtlWlanu => service removed successfully
"C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\http_hook.dll" => not found.
C:\Syst44975699 => ":$WIMMOUNTDATA" ADS removed successfully.
C:\ProgramData\Temp => ":56E2E879" ADS removed successfully.
C:\ProgramData\Temp => ":5C321E34" ADS removed successfully.

=========  netsh advfirewall reset =========

Ok.


========= End of CMD: =========


=========  netsh advfirewall set allprofiles state Off =========

Ok.


========= End of CMD: =========


=========  bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.8.10586 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========


=========  ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

EmptyTemp: => 349.6 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 08:09:36 ====


  • 0

#7
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 8,087 posts
Hello rigs,

Sorry, I must have missed this post or did not get E-Mail notification.

How is everything ?
  • 0

#8
rigs

rigs

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 331 posts

No problem……

my firewall is staying on and no problems to report.  Anymore programs to run or is my computer in the clear? If so, can you recommend a free pop up windows blocker and maybe an extra malware detection program that will work along with my McCafee AV.  What caused my problem?  I don’t know how you guys do it but I’m really thankful…….
 


  • 0

#9
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 8,087 posts
Hello,

I think McAfee has you covered and no need for additional security software.

The only blocker I use is adblock plus,
https://adblockplus.org/en/

It looks like the windows firewall could have caused a problem with McAfee firewall but I'm not certain exactly what fixed it a couple of reboots could have helped as well.

If there are no further issue I'll close the topic.
  • 0

#10
rigs

rigs

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 331 posts

nope......everything is working fine.

 

once again, thank you


  • 0

#11
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 8,087 posts
You're welcome rigs, closing topic now.


You usually get infected because your security settings are too low.

Here are a number of recommendations that will help tighten them, and which will contribute to making you a less likely victim:

Safe Computing Practices please read Here


Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.

Thanks
Joe :)
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP