Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Processor Usage 100%

#Registry #DcomLaunch #svchost.exe - DcomLaunch

  • Please log in to reply

#1
XxF00L2UxX

XxF00L2UxX

    New Member

  • Member
  • Pip
  • 1 posts

I Think I might have put this in the wrong forum. I have just about done everything known to man trying to fix these issues with my cpu. I am avoiding a reinstall and instead want to eliminate all threats manually. I want to do this for a few different reasons that are irrelevant to this right now. Right now this Trojan is beating me down and the guy on the other end is having a blast. Seriously I don't know what else to do at this point. This is where I am currently. I have ran and eliminated 11 threats with avg. those threats weren't the issue anyways that was just some malware. The issue is when connected to the internet 100% of my processing power is used and im always connected to the internet so this is slowing me down big time. essentially I have a paper weight over here but soon it will become an anchor if I cant find helps repairing it. I have tried a few different guides trying to manually remove with no success. I have also ran rkill iExplore esetpowelik. ive tried a lot of things. 2 weeks now and still no better..... I have a few txts from the various scanners ive used. im open to anything any suggestions or directions that will get me processing again... thanks

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-11-2016 01
Ran by XxF00L2UxX (administrator) on BUBBA-PC (20-11-2016 17:54:36)
Running from C:\Users\XxF00L2UxX\Desktop
Loaded Profiles: XxF00L2UxX (Available Profiles: Bubba & XxF00L2UxX & Administrator)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgfwsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.6\ToolbarUpdater.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(AVG Netherlands B.V) C:\Program Files (x86)\AVG Driver Updater\AVG Driver Updater.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\40.3.6\ScriptHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\XxF00L2UxX\Desktop\FRST64 (1).exe
 
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1354712 2016-08-30] (Microsoft Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [218896 2016-09-13] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2180680 2016-11-17] ()
HKLM-x32\...\Run: [USB Renumeration Utility] => C:\Windows\SysWOW64\RenumNNT.exe [69632 2005-05-20] (NEXIQ Technologies, Inc.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [218896 2016-09-13] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
Startup: C:\Users\Bubba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-08-28]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (No File)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{BB05F8AA-D901-47F0-9ACD-6EA65E7B6BDE}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
SearchScopes: HKLM-x32 -> DefaultScope {0B4A10D1-FBD6-451d-BFDA-F03252B05984} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&query={searchTerms}&invocationType=tb50-ie-aim-chromesbox-en-us&tb_uuid=20110122073055588&tb_oid=22-01-2011&tb_mrud=22-01-2011
SearchScopes: HKLM-x32 -> {0B4A10D1-FBD6-451d-BFDA-F03252B05984} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&query={searchTerms}&invocationType=tb50-ie-aim-chromesbox-en-us&tb_uuid=20110122073055588&tb_oid=22-01-2011&tb_mrud=22-01-2011
SearchScopes: HKU\S-1-5-21-1650318354-1133879312-1467673443-1180 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={393C23D9-F0A6-431E-B3A3-BF19BBC66A31}&mid=7c8a3bcde25e47cd8ba075f39d4797ce-e4c496ffd115e881f3c2f5ff9e1f8447ea24ea80&lang=en&ds=AVG&coid=avgtbavg&cmpid=ZenTest_B_0&pr=fr&d=2016-11-18 00:21:07&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll [2016-11-17] (AVG)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
DPF: HKLM-x32 {CAFECAFE-0013-0001-0022-ABCDEFABCDEF} hxxp://terminalops3.gaports.com/forms/jinitiator/jinit.exe
 
FireFox:
========
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.6\\npsitesafety.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-04-05] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-11-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-11-19] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2013-02-15] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-02-09] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-02-09] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-02-09] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-02-09] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2013-02-09] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2013-02-09] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2013-02-09] (Apple Inc.)
 
Chrome: 
=======
CHR HomePage: Default -> mysearch.avg.com/?rvt=1
CHR DefaultSearchURL: Default -> hxxps://mysearch.avg.com/search?rvt=1&sap=dsp&q={searchTerms}
CHR DefaultSearchKeyword: Default -> https://mysearch.avg.com
CHR DefaultSuggestURL: Default -> hxxps://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Profile: C:\Users\XxF00L2UxX\AppData\Local\Google\Chrome\User Data\Default [2016-11-20]
CHR Extension: (Google Slides) - C:\Users\XxF00L2UxX\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-19]
CHR Extension: (Google Docs) - C:\Users\XxF00L2UxX\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-19]
CHR Extension: (Google Drive) - C:\Users\XxF00L2UxX\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-19]
CHR Extension: (YouTube) - C:\Users\XxF00L2UxX\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-19]
CHR Extension: (AVG Secure Search) - C:\Users\XxF00L2UxX\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2016-11-19]
CHR Extension: (Google Sheets) - C:\Users\XxF00L2UxX\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-19]
CHR Extension: (Google Docs Offline) - C:\Users\XxF00L2UxX\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\XxF00L2UxX\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-19]
CHR Extension: (Gmail) - C:\Users\XxF00L2UxX\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-19]
CHR Extension: (Chrome Media Router) - C:\Users\XxF00L2UxX\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-19]
CHR HKU\S-1-5-21-1650318354-1133879312-1467673443-1180\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [647864 2016-11-02] (AVG Technologies CZ, s.r.o.)
R2 avgfws; C:\Program Files (x86)\AVG\Av\avgfwsa.exe [1828472 2016-11-02] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5337696 2016-11-02] (AVG Technologies CZ, s.r.o.)
S2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1149712 2016-09-13] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [727512 2016-11-02] (AVG Technologies CZ, s.r.o.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [42096 2016-11-07] (Dropbox, Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [120888 2016-08-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-08-30] (Microsoft Corporation)
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [4788496 2016-11-02] (AVG Technologies CZ, s.r.o.)
R2 vToolbarUpdater40.3.6; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.6\ToolbarUpdater.exe [1349704 2016-11-17] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [980552 2016-11-17] ()
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [73992 2016-10-23] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [312576 2016-10-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [267520 2016-10-19] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [254208 2016-09-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [299264 2016-07-27] (AVG Technologies CZ, s.r.o.)
R0 avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S2 PAR1284; C:\Windows\SysWOW64\PAR1284.sys [53216 2005-05-20] (Warp Nine Engineering) [File not signed]
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [25608 2016-11-20] (SlimWare Utilities, Inc.)
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-11-02] (AVG Netherlands B.V.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Apple, Inc.) [File not signed]
S3 VASDeviceDrm; C:\Windows\System32\drivers\vasdDev.sys [1454896 2015-07-21] (ShiningMorning Inc.)
S3 WinDriver; C:\Windows\SysWOW64\drivers\WINDRVR.SYS [215640 2005-05-20] (Jungo) [File not signed]
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
S3 dbx; system32\DRIVERS\dbx.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-11-20 17:54 - 2016-11-20 17:57 - 00014519 _____ C:\Users\XxF00L2UxX\Desktop\FRST.txt
2016-11-20 17:52 - 2016-11-20 17:54 - 00000000 ____D C:\FRST
2016-11-20 17:50 - 2016-11-20 17:52 - 02412544 _____ (Farbar) C:\Users\XxF00L2UxX\Desktop\FRST64 (1).exe
2016-11-20 17:49 - 2016-11-20 17:50 - 02412544 _____ (Farbar) C:\Users\XxF00L2UxX\Downloads\FRST64.exe
2016-11-20 17:43 - 2016-11-20 17:43 - 417995747 _____ C:\Windows\MEMORY.DMP
2016-11-20 17:43 - 2016-11-20 17:43 - 00285824 _____ C:\Windows\Minidump\112016-62977-01.dmp
2016-11-20 17:35 - 2016-11-20 17:35 - 00000000 ____D C:\Qoobox
2016-11-20 17:31 - 2016-11-20 17:31 - 00000000 ____D C:\Windows\erdnt
2016-11-20 17:30 - 2016-11-20 17:41 - 00000000 ___SD C:\32788R22FWJFW
2016-11-20 17:26 - 2016-11-20 17:28 - 05659276 ____R (Swearware) C:\Users\XxF00L2UxX\Downloads\ComboFix.exe
2016-11-20 16:43 - 2016-11-20 16:46 - 00634708 _____ C:\TDSSKiller.3.1.0.12_20.11.2016_16.43.16_log.txt
2016-11-20 16:32 - 2016-11-20 16:37 - 00004654 _____ C:\TDSSKiller.3.1.0.12_20.11.2016_16.32.30_log.txt
2016-11-20 16:19 - 2016-11-20 16:11 - 04747704 _____ (AO Kaspersky Lab) C:\Users\XxF00L2UxX\Desktop\tdsskiller.exe
2016-11-20 16:17 - 2016-11-20 16:19 - 00004488 _____ C:\TDSSKiller.3.1.0.12_20.11.2016_16.17.55_log.txt
2016-11-20 16:12 - 2016-11-20 16:15 - 00098398 _____ C:\TDSSKiller.3.1.0.12_20.11.2016_16.12.33_log.txt
2016-11-20 16:11 - 2016-11-20 16:11 - 04747704 _____ (AO Kaspersky Lab) C:\Users\XxF00L2UxX\Downloads\tdsskiller.exe
2016-11-19 23:03 - 2016-11-20 02:03 - 00077890 _____ C:\Windows\ntbtlog.txt
2016-11-19 22:48 - 2016-11-19 22:55 - 00000000 ____D C:\Users\XxF00L2UxX\Downloads\Autoruns
2016-11-19 22:47 - 2016-11-19 22:47 - 01304400 _____ C:\Users\XxF00L2UxX\Downloads\Autoruns.zip
2016-11-19 22:28 - 2016-11-19 22:29 - 00000000 ____D C:\Windows\pss
2016-11-19 21:44 - 2016-11-19 23:07 - 00000000 ____D C:\Users\XxF00L2UxX\AppData\Local\ElevatedDiagnostics
2016-11-19 21:02 - 2016-11-19 21:02 - 00003544 ____N C:\bootsqm.dat
2016-11-19 03:27 - 2016-11-19 03:27 - 00000000 ____D C:\Program Files (x86)\Citrix
2016-11-19 03:26 - 2016-11-19 03:26 - 00000000 ____D C:\Users\XxF00L2UxX\AppData\Local\Citrix
2016-11-19 01:39 - 2016-11-19 01:41 - 00002233 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-19 01:39 - 2016-11-19 01:41 - 00002221 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-19 01:37 - 2016-11-20 17:45 - 00000902 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-19 01:37 - 2016-11-20 16:42 - 00000906 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-19 01:37 - 2016-11-19 01:37 - 00003902 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-11-19 01:37 - 2016-11-19 01:37 - 00003650 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-11-19 01:35 - 2016-11-20 17:55 - 00000000 ____D C:\Users\XxF00L2UxX\AppData\Local\Google
2016-11-19 01:34 - 2016-11-19 01:37 - 00000000 ____D C:\Users\XxF00L2UxX\AppData\Local\Deployment
2016-11-19 01:34 - 2016-11-19 01:34 - 00000000 ____D C:\Users\XxF00L2UxX\AppData\Local\Apps\2.0
2016-11-19 01:18 - 2016-11-19 01:19 - 00000000 ____D C:\Users\XxF00L2UxX\New folder
2016-11-19 00:46 - 2016-11-19 04:32 - 00000000 ____D C:\Users\XxF00L2UxX\Desktop\AVGSS
2016-11-17 20:07 - 2016-11-17 20:07 - 00378120 _____ C:\Windows\system32\FNTCACHE.DAT
2016-11-17 19:23 - 2016-11-17 19:23 - 00000000 ____D C:\Users\XxF00L2UxX\AppData\Local\AVG Web TuneUp
2016-11-17 19:23 - 2016-11-17 19:23 - 00000000 ____D C:\Program Files\Common Files\AVG Secure Search
2016-11-17 19:22 - 2016-11-17 19:23 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2016-11-17 19:21 - 2016-11-17 19:22 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2016-11-17 19:16 - 2016-11-17 19:16 - 00000000 ____D C:\Users\XxF00L2UxX\AppData\Roaming\AVG
2016-11-17 19:14 - 2016-11-17 19:14 - 00000000 ____D C:\Program Files\Common Files\AV
2016-11-17 19:11 - 2016-11-17 19:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-11-17 19:03 - 2016-11-17 19:03 - 00000000 ___HD C:\$AVG
2016-11-17 18:52 - 2016-11-17 18:53 - 03312896 _____ (AVG Technologies CZ, s.r.o.) C:\Users\XxF00L2UxX\Downloads\AVG_Protection_Free_1606.exe
2016-11-17 17:58 - 2016-11-20 17:58 - 00000530 _____ C:\Windows\Tasks\AVG Driver Updater Scan.job
2016-11-17 17:58 - 2016-11-17 17:58 - 00003268 _____ C:\Windows\System32\Tasks\AVG Driver Updater Scan
2016-11-17 17:57 - 2016-11-20 17:44 - 00025608 _____ (SlimWare Utilities, Inc.) C:\Windows\system32\Drivers\SWDUMon.sys
2016-11-17 17:57 - 2016-11-20 17:44 - 00002912 _____ C:\Windows\System32\Tasks\AVG Driver Updater Startup
2016-11-17 17:57 - 2016-11-20 17:44 - 00000476 _____ C:\Windows\Tasks\AVG Driver Updater Startup.job
2016-11-17 17:56 - 2016-11-17 17:56 - 00002497 _____ C:\Users\Public\Desktop\AVG Driver Updater.lnk
2016-11-17 17:56 - 2016-11-17 17:56 - 00000000 ____D C:\Users\XxF00L2UxX\AppData\Local\AVG Netherlands BV
2016-11-17 17:56 - 2016-11-17 17:56 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2016-11-17 17:56 - 2016-11-17 17:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Driver Updater
2016-11-17 17:56 - 2016-11-17 17:56 - 00000000 ____D C:\Program Files (x86)\AVG Driver Updater
2016-11-17 17:55 - 2016-11-17 17:55 - 01205376 _____ (Slimware Utilities Holdings, Inc.) C:\Users\XxF00L2UxX\Downloads\AVG_Driver_Updater_Setup_11_3.exe
2016-11-17 16:42 - 2016-11-17 16:42 - 00002546 _____ C:\Users\Public\Desktop\AVG PC TuneUp.lnk
2016-11-17 15:58 - 2016-11-02 13:19 - 00053008 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\TURegOpt.exe
2016-11-17 15:58 - 2016-11-02 13:14 - 00044304 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\authuitu.dll
2016-11-17 15:57 - 2016-11-17 15:57 - 00002558 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2016-11-17 15:57 - 2016-11-17 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp
2016-11-17 15:57 - 2016-11-02 13:14 - 00042256 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\SysWOW64\authuitu.dll
2016-11-17 15:50 - 2016-11-17 15:50 - 00000984 _____ C:\Users\Public\Desktop\AVG.lnk
2016-11-17 15:50 - 2016-11-17 15:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-11-17 15:46 - 2016-11-19 16:48 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2016-11-17 12:50 - 2016-11-17 12:50 - 00000000 ____D C:\Users\XxF00L2UxX\AppData\Local\MFAData
2016-11-17 12:46 - 2016-11-17 18:59 - 00000000 ____D C:\Users\XxF00L2UxX\AppData\Local\AvgSetupLog
2016-11-17 08:46 - 2016-11-17 08:46 - 00090592 _____ C:\Users\XxF00L2UxX\AppData\Local\GDIPFONTCACHEV1.DAT
2016-11-17 08:44 - 2016-11-17 08:44 - 00001379 _____ C:\Users\XxF00L2UxX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-11-17 08:44 - 2016-11-17 08:44 - 00000000 ____D C:\Users\XxF00L2UxX\AppData\Roaming\Adobe
2016-11-17 08:42 - 2016-11-17 08:42 - 00000000 ____D C:\Users\XxF00L2UxX\AppData\Local\VirtualStore
2016-11-17 08:41 - 2016-11-19 01:18 - 00000000 ____D C:\Users\XxF00L2UxX
2016-11-17 08:41 - 2016-11-17 19:16 - 00000000 ____D C:\Users\XxF00L2UxX\AppData\Local\AVG
2016-11-17 08:41 - 2016-11-17 08:41 - 00000020 ___SH C:\Users\XxF00L2UxX\ntuser.ini
2016-11-17 08:41 - 2016-11-17 08:41 - 00000000 _SHDL C:\Users\XxF00L2UxX\My Documents
2016-11-17 08:41 - 2016-11-17 08:41 - 00000000 _SHDL C:\Users\XxF00L2UxX\Documents\My Videos
2016-11-17 08:41 - 2016-11-17 08:41 - 00000000 _SHDL C:\Users\XxF00L2UxX\Documents\My Pictures
2016-11-17 08:41 - 2016-11-17 08:41 - 00000000 _SHDL C:\Users\XxF00L2UxX\Documents\My Music
2016-11-17 08:41 - 2015-10-17 14:12 - 00000000 ____D C:\Users\XxF00L2UxX\AppData\Roaming\TuneUp Software
2016-11-17 08:41 - 2012-07-24 06:29 - 00000000 ____D C:\Users\XxF00L2UxX\AppData\Local\Symantec
2016-11-17 08:41 - 2011-01-22 01:42 - 00000000 ____D C:\Users\XxF00L2UxX\AppData\Local\Microsoft Help
2016-11-17 08:41 - 2009-07-14 02:44 - 00000000 ____D C:\Users\XxF00L2UxX\AppData\Roaming\Media Center Programs
2016-11-17 06:03 - 2016-11-17 06:03 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\AVG
2016-11-17 05:44 - 2016-11-17 05:44 - 00000000 ____D C:\Users\Administrator\AppData\Local\ElevatedDiagnostics
2016-11-17 05:37 - 2016-11-17 05:58 - 00000000 ____D C:\Users\Administrator\AppData\Local\Deployment
2016-11-17 05:37 - 2016-11-17 05:37 - 00000000 ____D C:\Users\Administrator\AppData\Local\Apps\2.0
2016-11-17 05:03 - 2016-11-17 05:03 - 00090592 _____ C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2016-11-17 05:01 - 2016-11-17 05:01 - 00001375 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-11-17 05:01 - 2016-11-17 05:01 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2016-11-17 04:59 - 2016-11-17 05:01 - 00000000 ____D C:\Users\Administrator
2016-11-17 04:59 - 2016-11-17 04:59 - 00000020 ___SH C:\Users\Administrator\ntuser.ini
2016-11-17 04:59 - 2016-11-17 04:59 - 00000000 _SHDL C:\Users\Administrator\My Documents
2016-11-17 04:59 - 2016-11-17 04:59 - 00000000 _SHDL C:\Users\Administrator\Documents\My Videos
2016-11-17 04:59 - 2016-11-17 04:59 - 00000000 _SHDL C:\Users\Administrator\Documents\My Pictures
2016-11-17 04:59 - 2016-11-17 04:59 - 00000000 _SHDL C:\Users\Administrator\Documents\My Music
2016-11-17 04:59 - 2016-11-03 16:03 - 00000000 ____D C:\Users\Administrator\AppData\Local\AVG
2016-11-17 04:59 - 2015-10-17 14:12 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\TuneUp Software
2016-11-17 04:59 - 2012-07-24 06:29 - 00000000 ____D C:\Users\Administrator\AppData\Local\Symantec
2016-11-17 04:59 - 2011-01-22 01:42 - 00000000 ____D C:\Users\Administrator\AppData\Local\Microsoft Help
2016-11-17 04:59 - 2009-07-14 02:44 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Media Center Programs
2016-11-17 04:42 - 2016-11-17 06:01 - 00000000 ____D C:\ProgramData\SecTaskMan
2016-11-17 04:42 - 2016-11-17 04:42 - 00001124 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Protector.lnk
2016-11-17 04:42 - 2016-11-17 04:42 - 00001113 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager.lnk
2016-11-17 04:42 - 2016-11-17 04:42 - 00001101 _____ C:\Users\Public\Desktop\Security Task Manager.lnk
2016-11-17 04:42 - 2016-11-17 04:42 - 00000000 ____D C:\Program Files (x86)\Security Task Manager
2016-11-17 04:39 - 2016-11-17 04:41 - 02832424 _____ C:\Users\Bubba\Downloads\SecurityTaskManager_Setup.exe
2016-11-17 04:07 - 2016-11-17 04:10 - 00000000 ____D C:\Users\Bubba\Desktop\Windows Repair
2016-11-17 03:57 - 2016-11-17 03:59 - 01270466 _____ C:\Users\Bubba\Downloads\ProcessExplorer.zip
2016-11-16 01:36 - 2016-11-16 20:38 - 00000337 _____ C:\Users\Bubba\Desktop\avgrep.txt
2016-11-15 23:16 - 2016-08-12 11:26 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-11-15 23:16 - 2016-08-12 11:26 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-11-15 23:16 - 2016-08-12 11:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-11-15 21:47 - 2016-09-02 10:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-11-15 21:47 - 2016-09-02 10:35 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-11-15 21:47 - 2016-09-02 10:35 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-11-15 21:47 - 2016-09-02 10:35 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-11-15 21:47 - 2016-09-02 10:35 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-11-15 21:47 - 2016-09-02 10:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-11-15 21:47 - 2016-09-02 10:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-11-15 21:47 - 2016-09-02 10:31 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-11-15 21:47 - 2016-09-02 10:31 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-11-15 21:47 - 2016-09-02 10:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-11-15 21:47 - 2016-09-02 10:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-11-15 21:47 - 2016-09-02 10:31 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-11-15 21:47 - 2016-09-02 10:30 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-11-15 21:47 - 2016-09-02 10:30 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-11-15 21:47 - 2016-09-02 10:30 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-11-15 21:47 - 2016-09-02 10:30 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-11-15 21:47 - 2016-09-02 10:30 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-11-15 21:47 - 2016-09-02 10:30 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-11-15 21:47 - 2016-09-02 10:30 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-11-15 21:47 - 2016-09-02 10:30 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-11-15 21:47 - 2016-09-02 10:30 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-11-15 21:47 - 2016-09-02 10:30 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-11-15 21:47 - 2016-09-02 10:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-15 21:47 - 2016-09-02 10:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-15 21:47 - 2016-09-02 10:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-15 21:47 - 2016-09-02 10:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-15 21:47 - 2016-09-02 10:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-15 21:47 - 2016-09-02 10:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-15 21:47 - 2016-09-02 10:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-15 21:47 - 2016-09-02 10:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-15 21:47 - 2016-09-02 10:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-15 21:47 - 2016-09-02 10:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-15 21:47 - 2016-09-02 10:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-15 21:47 - 2016-09-02 10:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-15 21:47 - 2016-09-02 10:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-15 21:47 - 2016-09-02 10:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-15 21:47 - 2016-09-02 10:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-15 21:47 - 2016-09-02 10:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-15 21:47 - 2016-09-02 10:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-15 21:47 - 2016-09-02 10:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-15 21:47 - 2016-09-02 10:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-15 21:47 - 2016-09-02 10:21 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-11-15 21:47 - 2016-09-02 10:21 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-11-15 21:47 - 2016-09-02 10:18 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-11-15 21:47 - 2016-09-02 10:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-11-15 21:47 - 2016-09-02 10:16 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-11-15 21:47 - 2016-09-02 10:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-11-15 21:47 - 2016-09-02 10:16 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-11-15 21:47 - 2016-09-02 10:16 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-11-15 21:47 - 2016-09-02 10:16 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-11-15 21:47 - 2016-09-02 10:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-11-15 21:47 - 2016-09-02 10:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-11-15 21:47 - 2016-09-02 10:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-15 21:47 - 2016-09-02 10:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-15 21:47 - 2016-09-02 10:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-15 21:47 - 2016-09-02 10:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-15 21:47 - 2016-09-02 10:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-15 21:47 - 2016-09-02 10:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-15 21:47 - 2016-09-02 10:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-15 21:47 - 2016-09-02 10:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-15 21:47 - 2016-09-02 10:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-15 21:47 - 2016-09-02 10:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-15 21:47 - 2016-09-02 10:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-15 21:47 - 2016-09-02 10:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-15 21:47 - 2016-09-02 10:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-15 21:47 - 2016-09-02 10:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-15 21:47 - 2016-09-02 10:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-15 21:47 - 2016-09-02 10:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-15 21:47 - 2016-09-02 10:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-15 21:47 - 2016-09-02 10:02 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-11-15 21:47 - 2016-09-02 10:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-11-15 21:47 - 2016-09-02 10:02 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-11-15 21:47 - 2016-09-02 09:58 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-11-15 21:47 - 2016-09-02 09:57 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-11-15 21:47 - 2016-09-02 09:53 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-11-15 21:47 - 2016-09-02 09:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-11-15 21:47 - 2016-09-02 09:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-11-15 21:47 - 2016-09-02 09:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-11-15 21:46 - 2016-09-02 10:31 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-11-15 21:46 - 2016-09-02 10:31 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-11-15 21:46 - 2016-09-02 10:31 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-11-15 21:46 - 2016-09-02 10:31 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-11-15 21:46 - 2016-09-02 10:30 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-15 21:46 - 2016-09-02 10:30 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-11-15 21:46 - 2016-09-02 10:30 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-11-15 21:46 - 2016-09-02 10:30 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-11-15 21:46 - 2016-09-02 10:30 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-15 21:46 - 2016-09-02 10:30 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-11-15 21:46 - 2016-09-02 10:30 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-11-15 21:46 - 2016-09-02 10:30 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-11-15 21:46 - 2016-09-02 10:30 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-11-15 21:46 - 2016-09-02 10:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-11-15 21:46 - 2016-09-02 10:30 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-11-15 21:46 - 2016-09-02 10:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-11-15 21:46 - 2016-09-02 10:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-11-15 21:46 - 2016-09-02 10:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-15 21:46 - 2016-09-02 10:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-15 21:46 - 2016-09-02 10:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-15 21:46 - 2016-09-02 10:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-15 21:46 - 2016-09-02 10:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-15 21:46 - 2016-09-02 10:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-15 21:46 - 2016-09-02 10:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-15 21:46 - 2016-09-02 10:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-15 21:46 - 2016-09-02 10:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-15 21:46 - 2016-09-02 10:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-11-15 21:46 - 2016-09-02 10:16 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-11-15 21:46 - 2016-09-02 10:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-11-15 21:46 - 2016-09-02 10:16 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-11-15 21:46 - 2016-09-02 10:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-11-15 21:46 - 2016-09-02 10:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-11-15 21:46 - 2016-09-02 10:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-11-15 21:46 - 2016-09-02 10:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-11-15 21:46 - 2016-09-02 10:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-11-15 21:46 - 2016-09-02 10:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-11-15 21:46 - 2016-09-02 10:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-11-15 21:46 - 2016-09-02 10:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-11-15 21:46 - 2016-09-02 10:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-11-15 21:46 - 2016-09-02 10:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-11-15 21:46 - 2016-09-02 10:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-15 21:46 - 2016-09-02 10:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-15 21:46 - 2016-09-02 10:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-15 21:46 - 2016-09-02 10:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-15 21:46 - 2016-09-02 10:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-15 21:46 - 2016-09-02 10:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-15 21:46 - 2016-09-02 10:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-15 21:46 - 2016-09-02 10:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-11-15 21:46 - 2016-09-02 09:55 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-11-15 21:46 - 2016-09-02 09:54 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-11-15 21:46 - 2016-09-02 09:54 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-11-15 21:46 - 2016-09-02 09:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-11-15 21:46 - 2016-09-02 09:53 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-11-15 21:46 - 2016-09-02 09:49 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-11-15 21:46 - 2016-09-02 09:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-11-15 21:46 - 2016-09-02 09:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-15 21:46 - 2016-09-02 09:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-15 21:46 - 2016-09-02 09:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-15 21:46 - 2016-09-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-15 21:44 - 2016-08-16 12:36 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-11-15 21:44 - 2016-08-15 21:48 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-11-15 21:44 - 2016-08-15 21:35 - 03218432 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-11-15 21:44 - 2016-08-06 10:31 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-11-15 21:44 - 2016-08-06 10:15 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-11-15 20:46 - 2016-11-15 20:46 - 00000000 _____ C:\Users\Bubba\AppData\Local\{3261FC93-C346-43E7-B21A-77522056D3F0}
2016-11-07 17:49 - 2016-11-07 17:49 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2016-11-07 17:49 - 2016-11-07 17:49 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2016-11-07 17:49 - 2016-11-07 17:49 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2016-11-07 17:49 - 2016-11-07 17:49 - 00042096 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2016-11-03 16:02 - 2016-11-03 16:03 - 00000000 ____D C:\Users\Default\AppData\Local\AVG
2016-11-03 16:02 - 2016-11-03 16:03 - 00000000 ____D C:\Users\Default User\AppData\Local\AVG
2016-11-02 15:44 - 2016-11-03 04:28 - 00000000 ____D C:\Users\Bubba\AppData\Local\AvgSetupLog
2016-10-23 05:21 - 2016-10-23 05:21 - 00073992 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgfwd6a.sys
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-11-20 18:06 - 2015-08-04 20:32 - 00000000 ____D C:\ProgramData\MFAData
2016-11-20 17:51 - 2009-07-13 23:45 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-20 17:51 - 2009-07-13 23:45 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-20 17:49 - 2009-07-14 00:13 - 00782510 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-20 17:49 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf
2016-11-20 17:43 - 2012-07-10 23:03 - 00000000 ____D C:\Windows\Minidump
2016-11-20 17:43 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-20 12:14 - 2011-02-25 23:23 - 00000000 ____D C:\Program Files\Dell
2016-11-19 01:38 - 2011-02-06 13:28 - 00000000 ____D C:\Program Files (x86)\Google
2016-11-17 19:00 - 2015-02-04 03:05 - 00000000 ____D C:\Program Files (x86)\AVG
2016-11-17 18:09 - 2015-02-04 03:37 - 00003696 _____ C:\Windows\System32\Tasks\Adobe Reader and Acrobat Manager
2016-11-17 18:09 - 2015-02-03 19:08 - 00003198 _____ C:\Windows\System32\Tasks\IHSelfDeleteTASK
2016-11-17 18:08 - 2015-02-03 19:08 - 00003198 _____ C:\Windows\System32\Tasks\IHUninstallTrackingTASK
2016-11-17 17:33 - 2015-11-13 22:34 - 00000000 ____D C:\1980iMix
2016-11-17 16:38 - 2016-03-26 18:21 - 00000000 ____D C:\ProgramData\Native Instruments
2016-11-17 15:49 - 2015-02-04 03:01 - 00000000 ____D C:\ProgramData\AVG
2016-11-17 13:21 - 2015-02-04 03:03 - 00000000 ____D C:\Users\Bubba\AppData\Local\Avg
2016-11-17 06:02 - 2009-07-13 23:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-11-16 00:17 - 2014-06-21 21:56 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-11-16 00:17 - 2014-06-21 21:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-11-15 22:00 - 2016-06-25 18:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-11-15 21:55 - 2016-05-07 20:14 - 00002079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-11-15 21:55 - 2016-05-07 20:14 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-11-15 21:55 - 2016-05-07 19:55 - 00001945 _____ C:\Windows\epplauncher.mif
2016-11-15 21:53 - 2016-05-07 20:14 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2016-11-15 21:14 - 2016-03-26 18:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2016-11-15 21:14 - 2016-03-26 18:21 - 00000000 ____D C:\Program Files\Native Instruments
2016-11-15 21:14 - 2016-03-07 15:34 - 00000000 ____D C:\Program Files\Common Files\Native Instruments
2016-11-15 21:06 - 2016-03-26 15:17 - 00000000 ____D C:\Program Files (x86)\AkaiPro
2016-11-15 20:55 - 2016-06-19 14:49 - 00000000 ___RD C:\Users\Bubba\Dropbox
2016-11-15 20:52 - 2011-01-22 13:50 - 00000000 ____D C:\ProgramData\Adobe
2016-11-15 20:47 - 2012-07-05 10:24 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-15 20:47 - 2011-01-22 01:03 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-11-15 20:44 - 2016-03-05 12:32 - 00000000 ____D C:\Program Files\Acoustica Mixcraft 7
2016-11-10 03:20 - 2013-08-15 06:32 - 00000000 ____D C:\Windows\system32\MRT
2016-11-10 03:04 - 2011-01-22 00:08 - 144199024 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-11-02 15:59 - 2015-02-04 03:05 - 00000000 ____D C:\Users\Bubba\AppData\Roaming\AVG
2016-10-27 20:22 - 2011-01-21 23:20 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
 
==================== Files in the root of some directories =======
 
2016-06-30 21:32 - 2016-06-30 21:32 - 0000016 _____ () C:\ProgramData\mntemp
2016-06-30 21:32 - 2016-06-30 21:32 - 0004864 _____ () C:\ProgramData\oqztiqep.adk
2013-02-26 15:53 - 2013-02-26 15:53 - 0004999 _____ () C:\ProgramData\xgsomrik.nnq
 
Some files in TEMP:
====================
C:\Users\Bubba\AppData\Local\Temp\acufutls.dll
C:\Users\Bubba\AppData\Local\Temp\patch-Mix7-64-to-7.0.7.310.exe
C:\Users\Bubba\AppData\Local\Temp\procexp64.exe
C:\Users\Bubba\AppData\Local\Temp\VirtualDJ New Version.exe
C:\Users\Bubba\AppData\Local\Temp\{05B4D423-88B9-46A0-AED6-7E9B993FB390}-DropboxClient_10.4.25.exe
 
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-02-26 03:47
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-11-2016 01
Ran by XxF00L2UxX (20-11-2016 18:18:23)
Running from C:\Users\XxF00L2UxX\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-01-22 04:03:24)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1650318354-1133879312-1467673443-500 - Administrator - Enabled) => C:\Users\Administrator
Bubba (S-1-5-21-1650318354-1133879312-1467673443-1000 - Administrator - Enabled) => C:\Users\Bubba
Guest (S-1-5-21-1650318354-1133879312-1467673443-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1650318354-1133879312-1467673443-1008 - Limited - Enabled)
XxF00L2UxX (S-1-5-21-1650318354-1133879312-1467673443-1180 - Administrator - Enabled) => C:\Users\XxF00L2UxX
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AV: AVG Internet Security (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
AVG (HKLM\...\AvgZen) (Version: 1.111.2.45832 - AVG Technologies)
AVG (Version: 16.131.7924 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4664 - AVG Technologies) Hidden
AVG Driver Updater (HKLM-x32\...\AVG Driver Updater) (Version: 2.2.2 - AVG Netherlands B.V)
AVG Driver Updater (x32 Version: 2.2.2 - AVG Netherlands B.V) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.62.2.46691 - AVG Technologies)
AVG PC TuneUp (x32 Version: 16.62.4 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.131.7924 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.6.255 - AVG Technologies)
AVG Zen (Version: 1.111.9 - AVG Technologies) Hidden
AXIS Media Control Embedded Installer (HKLM-x32\...\{6285BF65-DC04-4E8E-BAB3-22393956762D}) (Version: 5.9.101 - Axis Communications)
Dell Resource CD (HKLM-x32\...\{42929F0F-CE14-47AF-9FC7-FF297A603021}) (Version: 1.00.0000 - Dell Inc.)
FMW 1 (Version: 1.132.1 - AVG Technologies) Hidden
GEAR driver installer for AMD64 and Intel EM64T (HKLM\...\{50CBBEC7-1010-41C5-8718-A1A6FEDD9C3A}) (Version: 2.003.1 - GEAR Software, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.65 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1029 - Intel Corporation)
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version:  - )
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50709.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 Design Tools ENU (HKLM-x32\...\{2E5C075E-11AB-4BDD-918C-7B9A68953FF8}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 ENU (HKLM-x32\...\{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NEXIQ RP1210A Drivers (HKLM-x32\...\NEXIQ RP1210A Drivers) (Version: 2.0     (06/27/2005) - NEXIQ Technologies)
Security Task Manager 2.1g (HKLM-x32\...\Security Task Manager) (Version: 2.1g - Neuber Software)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {15FC43E9-FA34-4C0F-BD57-E72541A8222A} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-08-30] (Microsoft Corporation)
Task: {245B20DB-CB7C-4470-8ECE-32117555586E} - System32\Tasks\AVG Driver Updater Scan => C:\Program Files (x86)\AVG Driver Updater\AVG Driver Updater.exe [2016-08-10] (AVG Netherlands B.V)
Task: {477044ED-9D30-4EE4-B0B5-F5A08F4D9948} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-19] (Google Inc.)
Task: {4B365215-24C3-44C8-A585-AF5C8826E149} - System32\Tasks\{8BAA29FC-507C-4146-8FC0-9735C9B127D3} => pcalua.exe -a C:\Users\Bubba\Desktop\jinit13122.exe -d C:\Users\Bubba\Desktop
Task: {6B3C0D72-308D-4F7F-B5CD-DDEC6E2AD644} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: {87D376FA-B188-48C1-9989-EE1B6E6D46E6} - System32\Tasks\AVG Driver Updater Startup => C:\Program Files (x86)\AVG Driver Updater\AVG Driver Updater.exe [2016-08-10] (AVG Netherlands B.V)
Task: {8E87D72D-47D0-4A1A-82AF-F8392E60067C} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-08-30] (Microsoft Corporation)
Task: {B0C4E2F4-45F9-470D-BE1A-9C50DBA2D5E8} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {B46F63A2-B858-46EB-AE6B-A1328E919DBB} - System32\Tasks\IHSelfDeleteTASK => /C DEL C:\Users\Bubba\AppData\Local\Temp\IHUA257.tmp.exe <==== ATTENTION
Task: {D98F6EF3-A0A4-4A03-B16D-5739243C683F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-19] (Google Inc.)
Task: {F0E7115A-8681-4BD3-8A95-D2B69EBFCC35} - System32\Tasks\IHUninstallTrackingTASK => /C DEL C:\Users\Bubba\AppData\Local\Temp\IHU9FE6.tmp.exe <==== ATTENTION
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\AVG Driver Updater Scan.job => C:\Program Files (x86)\AVG Driver Updater\AVG Driver Updater.exe
Task: C:\Windows\Tasks\AVG Driver Updater Startup.job => C:\Program Files (x86)\AVG Driver Updater\AVG Driver Updater.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-11-17 19:21 - 2016-11-17 19:20 - 00980552 ____N () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2016-11-17 19:22 - 2016-11-17 19:20 - 02180680 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2016-11-19 01:39 - 2016-11-08 16:03 - 02367080 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libglesv2.dll
2016-11-19 01:39 - 2016-11-08 16:03 - 00107112 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData:C5514E4DBEEB8788 [217]
AlternateDataStreams: C:\Users\All Users:C5514E4DBEEB8788 [217]
AlternateDataStreams: C:\ProgramData\Application Data:C5514E4DBEEB8788 [217]
AlternateDataStreams: C:\Users\Bubba\Downloads\Getting Started.pdf:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Bubba\Downloads\grimm.mp3:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Bubba\Downloads\ReTainted.mp3:com.dropbox.attributes [168]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\27377163.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\27377163.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1650318354-1133879312-1467673443-1180\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{8634423C-360E-4A73-B4FD-7C46C23D0F9C}] => (Allow) C:\Program Files (x86)\DD20.4.6201110281617\DualDesk.exe
FirewallRules: [{3D0C5DDC-63C1-4910-8F68-65063750A040}] => (Allow) C:\Program Files (x86)\DD20.4.6201110281617\DualDesk.exe
FirewallRules: [{0510A707-B678-4BFC-9134-6FD92E504E88}] => (Allow) C:\Program Files (x86)\DD20.4.6201204170840\DualDesk.exe
FirewallRules: [{FDC38F0F-F0DD-4CAE-80EE-897964FFE912}] => (Allow) C:\Program Files (x86)\DD20.4.6201204170840\DualDesk.exe
FirewallRules: [{0C600387-0079-420E-A737-BE0159369627}] => (Allow) C:\Program Files (x86)\DD20.4.6201204170844\DualDesk.exe
FirewallRules: [{0B5CFD52-ECD1-4714-9C1F-FAA300792E46}] => (Allow) C:\Program Files (x86)\DD20.4.6201204170844\DualDesk.exe
FirewallRules: [{8FCAF217-1314-4E7F-B368-017DB4EBBBC6}] => (Allow) C:\Program Files (x86)\DD20.4.6201204170857\DualDesk.exe
FirewallRules: [{F58D7955-F985-4909-B847-815BCB5E4B48}] => (Allow) C:\Program Files (x86)\DD20.4.6201204170857\DualDesk.exe
FirewallRules: [{1C444B47-D1BF-4A0C-B422-756E29B98915}] => (Allow) C:\Program Files (x86)\DD20.4.6201205090825\DualDesk.exe
FirewallRules: [{C7D2DB17-A05F-4F2F-82D5-077E312562F5}] => (Allow) C:\Program Files (x86)\DD20.4.6201205090825\DualDesk.exe
FirewallRules: [{E2EF1A71-3269-493F-90D7-76BBDEF1A741}] => (Allow) C:\Program Files (x86)\DD20.4.6201205090846\DualDesk.exe
FirewallRules: [{1122C060-E4E9-4A37-BFD9-49BE9110483D}] => (Allow) C:\Program Files (x86)\DD20.4.6201205090846\DualDesk.exe
FirewallRules: [{8ED4743F-F32F-42D8-9634-D837D686DAB9}] => (Allow) C:\Program Files (x86)\DD20.4.6201208211435\DualDesk.exe
FirewallRules: [{5DD64B9F-042A-4C51-982D-34005E872D0A}] => (Allow) C:\Program Files (x86)\DD20.4.6201208211435\DualDesk.exe
FirewallRules: [{B24391CE-93A3-4696-8ED6-D206B0203B7A}] => (Allow) C:\Program Files (x86)\DD20.4.6201208211458\DualDesk.exe
FirewallRules: [{F711F89B-354C-45E6-A684-B40E0C90722C}] => (Allow) C:\Program Files (x86)\DD20.4.6201208211458\DualDesk.exe
FirewallRules: [TCP Query User{D349B4CD-8178-494E-8104-32D56E0EB9C4}C:\users\bubba\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\bubba\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{E509B7D6-7D44-4AF6-AC49-6940107EE53A}C:\users\bubba\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\bubba\appdata\roaming\spotify\spotify.exe
FirewallRules: [{7A9A69AA-FCE2-4A56-9BA9-B9A9E48886EF}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{75138A93-CBA3-4E95-8CBF-033A8CDA7F88}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{3644BB0B-F191-43DE-8F22-450332EF27C8}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{C6C2F72B-6E20-4E84-9476-2F7EA04FA3D0}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{91B3D4B8-362F-4266-A115-25F601201EBF}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{E5FEEC7C-5E90-4A1B-A573-A8B2DDD1C6EC}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{90F0387F-ECD7-498F-BAAF-D60B3E9600AA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/20/2016 06:22:34 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Volume Shadow Copy Service error: Error creating the Shadow Copy Provider COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
].
 
 
Operation:
   Obtain a callable interface for this provider
   List interfaces for all providers supporting this context
   Query Shadow Copies
 
Context:
   Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Class ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshot Context: 13
   Snapshot Context: 13
   Execution Context: Coordinator
 
Error: (11/20/2016 06:22:34 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} and name SW_PROV cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
]
 
 
Operation:
   Obtain a callable interface for this provider
   List interfaces for all providers supporting this context
   Query Shadow Copies
 
Context:
   Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Class ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshot Context: 13
   Snapshot Context: 13
   Execution Context: Coordinator
 
Error: (11/20/2016 05:43:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TuneUpUtilitiesService64.exe, version: 16.62.2.46691, time stamp: 0x5819d93c
Faulting module name: TuneUpUtilitiesService64.exe, version: 16.62.2.46691, time stamp: 0x5819d93c
Exception code: 0xc0000005
Fault offset: 0x00000000000d0765
Faulting process id: 0xb5c
Faulting application start time: 0x01d2437f90d2d255
Faulting application path: C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
Faulting module path: C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
Report Id: ceb61cdc-af72-11e6-872e-a4badba37e3d
 
Error: (11/20/2016 05:43:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TuneUpUtilitiesService64.exe, version: 16.62.2.46691, time stamp: 0x5819d93c
Faulting module name: TuneUpUtilitiesService64.exe, version: 16.62.2.46691, time stamp: 0x5819d93c
Exception code: 0xc0000005
Fault offset: 0x00000000000d0765
Faulting process id: 0x7b4
Faulting application start time: 0x01d2437f9022ac81
Faulting application path: C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
Faulting module path: C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
Report Id: ce085868-af72-11e6-872e-a4badba37e3d
 
Error: (11/20/2016 05:43:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TuneUpUtilitiesService64.exe, version: 16.62.2.46691, time stamp: 0x5819d93c
Faulting module name: TuneUpUtilitiesService64.exe, version: 16.62.2.46691, time stamp: 0x5819d93c
Exception code: 0xc0000005
Fault offset: 0x00000000000d0765
Faulting process id: 0x7c8
Faulting application start time: 0x01d2437f7cd6fda4
Faulting application path: C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
Faulting module path: C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
Report Id: c348a1ab-af72-11e6-872e-a4badba37e3d
 
Error: (11/20/2016 05:43:17 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified.
 
Error: (11/20/2016 04:40:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TuneUpUtilitiesService64.exe, version: 16.62.2.46691, time stamp: 0x5819d93c
Faulting module name: TuneUpUtilitiesService64.exe, version: 16.62.2.46691, time stamp: 0x5819d93c
Exception code: 0xc0000005
Fault offset: 0x00000000000d0765
Faulting process id: 0xc3c
Faulting application start time: 0x01d24376c367dc24
Faulting application path: C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
Faulting module path: C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
Report Id: 015e31ad-af6a-11e6-9626-a4badba37e3d
 
Error: (11/20/2016 04:40:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TuneUpUtilitiesService64.exe, version: 16.62.2.46691, time stamp: 0x5819d93c
Faulting module name: TuneUpUtilitiesService64.exe, version: 16.62.2.46691, time stamp: 0x5819d93c
Exception code: 0xc0000005
Fault offset: 0x00000000000d0765
Faulting process id: 0xae0
Faulting application start time: 0x01d24376c27e954a
Faulting application path: C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
Faulting module path: C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
Report Id: 008a5735-af6a-11e6-9626-a4badba37e3d
 
Error: (11/20/2016 04:40:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TuneUpUtilitiesService64.exe, version: 16.62.2.46691, time stamp: 0x5819d93c
Faulting module name: TuneUpUtilitiesService64.exe, version: 16.62.2.46691, time stamp: 0x5819d93c
Exception code: 0xc0000005
Fault offset: 0x00000000000d0765
Faulting process id: 0x600
Faulting application start time: 0x01d24376a990a4fa
Faulting application path: C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
Faulting module path: C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
Report Id: f7fec699-af69-11e6-9626-a4badba37e3d
 
Error: (11/20/2016 04:40:07 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified.
 
 
System errors:
=============
Error: (11/20/2016 05:45:14 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070422'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
 
Error: (11/20/2016 05:44:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
 
Error: (11/20/2016 05:43:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AVG PC TuneUp Service service terminated unexpectedly.  It has done this 3 time(s).
 
Error: (11/20/2016 05:43:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The AVG PC TuneUp Service service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 500 milliseconds: Restart the service.
 
Error: (11/20/2016 05:43:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The AVG PC TuneUp Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 250 milliseconds: Restart the service.
 
Error: (11/20/2016 05:43:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The PAR1284 service failed to start due to the following error: 
The system cannot find the file specified.
 
Error: (11/20/2016 05:43:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AVG Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (11/20/2016 05:43:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the AVG Service service to connect.
 
Error: (11/20/2016 05:43:15 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: The computer has rebooted from a bugcheck.  The bugcheck was: 0x00000019 (0x0000000000000020, 0xfffff8a00f106b30, 0xfffff8a00f106bb0, 0x000000000508021c). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 112016-62977-01.
 
Error: (11/20/2016 05:42:31 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Performance power management features on processor 0 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
 
 
CodeIntegrity:
===================================
  Date: 2015-08-18 02:30:44.364
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-08-18 02:30:44.052
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-08-18 02:30:43.740
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-08-18 02:30:43.444
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-08-18 02:30:29.575
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-08-18 02:30:29.263
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-08-18 02:30:28.889
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-08-18 02:30:28.561
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-08-18 02:30:28.171
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-08-18 02:30:27.797
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Celeron® CPU 900 @ 2.20GHz
Percentage of memory in use: 64%
Total physical RAM: 2008.36 MB
Available physical RAM: 704.05 MB
Total Virtual: 4016.73 MB
Available Virtual: 2076.29 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:138.26 GB) (Free:74.51 GB) NTFS
Drive d: (Komplete Elements Mk2) (CDROM) (Total:4.27 GB) (Free:0 GB) UDF
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: E0000000)
Partition 1: (Not Active) - (Size=110 MB) - (Type=DE)
Partition 2: (Active) - (Size=10.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=138.3 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

Attached Files


Edited by RKinner, 23 November 2016 - 07:21 AM.

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,002 posts
  • MVP
Get Process Explorer
 
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).  
 
View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures
 
 
Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  
 
Wait a full minute then:
 
File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.
 
 
Copy the next 2 lines:
 
TASKLIST /SVC  > \junk.txt
notepad \junk.txt
 
Open an Elevated Command Prompt:
Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
 
Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply. 

  • 0






Similar Topics


Also tagged with one or more of these keywords: #Registry, #DcomLaunch, #svchost.exe - DcomLaunch

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP