Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Computer has virus or malware [Closed] [Solved]

Started by DeborahT , Feb 23 2016 12:54 AM
infected computer

  • This topic is locked This topic is locked

#1
DeborahT
Posted 23 February 2016 - 12:54 AM

DeborahT

    Member

  • Member
  • PipPip
  • 50 posts
Hello, I run with windows 7 home premium and I have an HP Pavilion Slimline. I have used these programs trying to get find the problem. Malwarebytes, McAfee Security Scan Plus, Spybot S&D, SpywareBlaster, TDSSKiller, Windows Defender, and I have Avast virus blocker.
I have had programs just try to download on my computer. AdWare all of a sudden had an installer open on my screen. I went into my program files and deleted the program. Computer is super super slow and it also closes out the internet and jumps back onto windows. My homepage has been hijacked many times and the pages freeze up and I have to turn my computer off. Please Please help me. 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-02-2016
Ran by David (administrator) on DAVID-HP (20-02-2016 17:03:25)
Running from C:\Users\David\Desktop\PC SCANS\Fixes
Loaded Profiles: David (Available Profiles: David & User & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.292\SSScheduler.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139768 2016-02-16] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoFile] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\...\Policies\Explorer: [NoDesktop] 0
HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd)
HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\MountPoints2: E - E:\eFilmLite\eFilmLt.exe
HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\MountPoints2: {ccff0a48-dd3c-11e4-8a39-7071bcc9a728} - F:\TL_Bootstrap.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-10-30] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
HKU\S-1-5-18\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-18\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-18\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoStartMenuSubFolders] 0
SecurityProviders: schannel.dll
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll [2015-09-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll [2015-09-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll [2015-09-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-02-16] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll [2015-09-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll [2015-09-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll [2015-09-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-02-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-02-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-02-18] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-02-16]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.292\SSScheduler.exe (McAfee, Inc.)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKU\S-1-5-21-585021316-1980500837-2966188906-1000\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{44D24BD7-E7B0-4EF5-B7E1-18C511A9D930}: [DhcpNameServer] 192.168.254.254
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-585021316-1980500837-2966188906-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-585021316-1980500837-2966188906-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-585021316-1980500837-2966188906-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = www.bing.com
SearchScopes: HKLM -> DefaultScope {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = 
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = hxxp://rover.ebay.com/rover/1/711-111092-2357-0/4?satitle={searchTerms}&mfe=Desktops
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = 
SearchScopes: HKLM -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\.DEFAULT -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = 
SearchScopes: HKU\.DEFAULT -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = 
SearchScopes: HKU\S-1-5-21-585021316-1980500837-2966188906-1000 -> 3B4CB17A98734066A3E2C70724C42744 URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-585021316-1980500837-2966188906-1000 -> 51E9250E8F084AF0A67C34BE9EC8E5DD URL = 
SearchScopes: HKU\S-1-5-21-585021316-1980500837-2966188906-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-585021316-1980500837-2966188906-1000 -> {61D54D14-7B8E-4C3D-8790-0FA769565770} URL = 
SearchScopes: HKU\S-1-5-21-585021316-1980500837-2966188906-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-585021316-1980500837-2966188906-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKU\S-1-5-21-585021316-1980500837-2966188906-1000 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxps://search.yahoo.com/yhs/search?type=odc179&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-585021316-1980500837-2966188906-1000 -> {EAC25639-A76B-4ED3-AECF-535A7B1AAA79} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=B010US80045D20150102&p={SearchTerms}
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_74\bin\jp2ssv.dll [2016-02-12] (Oracle Corporation)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
Toolbar: HKU\S-1-5-21-585021316-1980500837-2966188906-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-585021316-1980500837-2966188906-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-07-27] (Microsoft Corporation)
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [No File]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-02-16]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-02-16]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2016-01-01] [not signed]
FF HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
 
Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\David\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.823\_platform_specific\win_x64\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\50.0.2652.0\PepperFlash\pepflashplayer.dll ()
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast Online Security) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-02-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-15]
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 2
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-02-16]
CHR HKLM-x32\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - <no Path/update_url>
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-02-16] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2809072 2016-01-20] (Microsoft Corporation)
S3 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [496232 2010-03-04] ()
S3 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-12] (NVIDIA Corporation)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S3 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
S3 HsdService; C:\Program Files (x86)\Windstream\Diagnostic Tools\HsdService.exe [1393976 2011-04-25] (Windstream)
S3 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-05-19] (Hewlett-Packard Company) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.292\McCHSvc.exe [293128 2016-02-05] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [209000 2010-03-04] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-12] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-12] (NVIDIA Corporation)
S3 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-12] (NVIDIA Corporation)
S3 pcCMService; C:\Program Files (x86)\Common Files\Motive\pcCMService.exe [369152 2013-03-02] (Alcatel-Lucent) [File not signed]
S3 pcCMService64; C:\Program Files\Common Files\Motive\pcCMService.exe [460288 2013-03-02] (Alcatel-Lucent) [File not signed]
S3 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1119768 2010-09-28] (PDF Complete Inc)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S2 rsEngineSvc; C:\Program Files\Reason\Security\rsEngineSvc.exe [82680 2015-12-24] (Reason Software Company Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [307456 2016-02-15] (Realtek Semiconductor)
S3 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S3 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
S3 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 ServicepointService; C:\Program Files (x86)\Windstream\Service Agent\ServicepointService.exe [10315064 2011-10-13] (Radialpoint SafeCare Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 Windstream MAHostService; C:\Program Files (x86)\Windstream\8.3.1.7\ma\bin\MAHostService.exe [321024 2014-01-20] (Alcatel-Lucent) [File not signed]
S2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [X]
S2 HPSLPSVC; C:\Users\David\AppData\Local\Temp\7zS2866\hpslpsvc64.dll [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-02-16] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-02-05] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-02-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-02-16] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-02-16] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1065720 2016-02-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-02-16] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-02-16] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287016 2016-02-16] (AVAST Software)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-04] (Microsoft Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-02-14] (REALiX™)
S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MREMP50a64; C:\Program Files\Common Files\Motive\MREMP50a64.SYS [43008 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50a64; C:\Program Files\Common Files\Motive\MRESP50a64.SYS [40960 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA))
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-10] (NVIDIA Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
U0 SR; no ImagePath
U2 srservice; no ImagePath
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-02-20 17:02 - 2016-02-20 17:03 - 00000000 ____D C:\FRST
2016-02-20 14:16 - 2016-02-20 14:44 - 00000000 ____D C:\Users\David\Desktop\EVENT VIEWER
2016-02-20 13:39 - 2016-02-20 13:59 - 00057294 _____ C:\Windows\ntbtlog.txt
2016-02-19 16:32 - 2016-02-19 16:34 - 54329568 _____ (Microsoft Corporation) C:\Users\David\Downloads\Windows-KB890830-x64-V5.33.exe
2016-02-19 16:32 - 2016-02-19 16:34 - 38808920 _____ (Microsoft Corporation) C:\Users\David\Downloads\FileFormatConverters.exe
2016-02-18 21:30 - 2016-02-19 16:34 - 00129808 _____ C:\Users\David\AppData\Local\GDIPFONTCACHEV1.DAT
2016-02-18 21:08 - 2016-02-18 21:08 - 00469504 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-18 20:32 - 2016-02-18 20:32 - 00002980 _____ C:\Windows\System32\Tasks\{EDDB7748-A656-4694-B66F-5F2DCA531D8F}
2016-02-18 20:31 - 2016-02-18 20:31 - 00002980 _____ C:\Windows\System32\Tasks\{C66F275F-6A0E-44CD-8F46-24AEDB0C094B}
2016-02-18 20:31 - 2016-02-18 20:31 - 00002980 _____ C:\Windows\System32\Tasks\{431BE851-2D3F-425B-B54E-0F5118333F92}
2016-02-16 18:30 - 2016-02-16 18:19 - 00398152 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-02-16 18:26 - 2016-02-16 01:06 - 00449674 _____ C:\Windows\system32\Drivers\etc\hosts.20160216-182605.backup
2016-02-16 18:22 - 2016-02-16 18:22 - 00000000 ____D C:\Users\David\AppData\Roaming\AVAST Software
2016-02-16 18:20 - 2016-02-16 18:20 - 00001884 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-02-16 18:20 - 2016-02-16 18:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-02-16 18:16 - 2016-02-16 18:16 - 00000000 ____D C:\Program Files\AVAST Software
2016-02-16 18:15 - 2016-02-16 18:15 - 00000000 ____D C:\ProgramData\AVAST Software
2016-02-16 01:06 - 2016-02-16 01:06 - 00001926 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2016-02-16 01:06 - 2016-02-16 01:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2016-02-16 01:06 - 2016-02-16 01:06 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2016-02-16 01:06 - 2016-02-16 01:06 - 00000000 ____D C:\Program Files\McAfee Security Scan
2016-02-16 00:45 - 2016-02-16 00:45 - 00030504 _____ C:\Users\David\Desktop\REASON CORE.txt
2016-02-16 00:12 - 2016-02-20 15:35 - 00000388 _____ C:\Windows\Tasks\ReasonSecurityScheduledScan.job
2016-02-16 00:11 - 2016-02-16 00:11 - 00000865 _____ C:\Users\Public\Desktop\Reason Core Security.lnk
2016-02-15 19:19 - 2016-02-15 19:19 - 00000912 _____ C:\Windows\SysWOW64\${LOGFILE}
2016-02-15 19:17 - 2016-02-15 19:17 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2016-02-15 19:15 - 2016-02-15 19:15 - 00000380 _____ C:\Windows\Tasks\SuperFastPC_AutorunOnStartup.job
2016-02-15 19:14 - 2016-02-15 20:26 - 00000000 ____D C:\Users\David\AppData\Roaming\Store
2016-02-15 19:14 - 2016-02-15 20:20 - 00000000 ____D C:\Users\David\AppData\Roaming\WTools
2016-02-15 19:14 - 2016-02-15 19:19 - 00000000 ____D C:\Users\David\AppData\Roaming\Nosibay
2016-02-15 19:14 - 2016-02-15 19:14 - 00000000 ____D C:\Users\David\AppData\Local\Chromium
2016-02-15 19:09 - 2016-02-15 19:11 - 00215318 _____ C:\TDSSKiller.3.1.0.9_15.02.2016_19.09.53_log.txt
2016-02-15 19:08 - 2016-02-18 20:38 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-02-15 19:08 - 2016-02-15 19:08 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-15 18:14 - 2016-02-20 16:28 - 00000000 ____D C:\Users\David\Documents\My Filehippo Downloads
2016-02-15 18:11 - 2016-02-15 18:11 - 00003014 _____ C:\Windows\System32\Tasks\{20D0BC52-F629-48A2-BB13-9EFDE917E1B7}
2016-02-15 18:09 - 2016-02-15 20:22 - 00000000 ____D C:\Program Files (x86)\SuperBoost
2016-02-15 18:09 - 2016-02-15 18:09 - 00003274 _____ C:\Windows\System32\Tasks\SuperbGameBoost
2016-02-15 18:09 - 2016-02-15 18:09 - 00000000 ____D C:\Users\David\AppData\Roaming\SuperBoost
2016-02-15 18:09 - 2016-02-15 18:09 - 00000000 ____D C:\ProgramData\SuperBoost
2016-02-15 17:53 - 2016-02-15 17:59 - 00003278 _____ C:\Windows\System32\Tasks\ASC Task (One-Time)
2016-02-15 17:53 - 2016-02-15 17:53 - 00003180 _____ C:\Windows\System32\Tasks\ASC9_PerformanceMonitor
2016-02-15 17:53 - 2016-02-15 17:53 - 00002868 _____ C:\Windows\System32\Tasks\ASC9_SkipUac_David
2016-02-15 13:38 - 2016-02-15 13:38 - 72203792 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2016-02-15 13:38 - 2016-02-15 13:38 - 04686592 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2016-02-15 13:38 - 2016-02-15 13:38 - 04307112 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2016-02-15 13:38 - 2016-02-15 13:38 - 03282032 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 03271912 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 03195648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 03040488 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 02893568 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2016-02-15 13:38 - 2016-02-15 13:38 - 02130584 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 02030208 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 01601952 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 01435144 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 01356512 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 01328496 _____ (DTS, Inc.) C:\Windows\system32\slcnt64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 01020208 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00689888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00574760 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00532384 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00467168 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00387320 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00381416 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00343712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00341160 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00258504 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00221968 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00214840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00209544 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00192984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00166208 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00122320 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00118600 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00110992 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00088352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00023704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2016-02-15 13:36 - 2016-02-15 13:36 - 01077248 _____ C:\Windows\system32\AmRdrIco.icl
2016-02-15 13:36 - 2016-02-15 13:36 - 00084480 _____ (Alcor Micro, Corp.) C:\Windows\system32\Drivers\AmUStor.sys
2016-02-15 13:36 - 2016-02-15 13:36 - 00019399 _____ C:\Windows\system32\AmUStor.ini
2016-02-15 13:36 - 2016-02-15 13:36 - 00012800 _____ (Alcor Micro, Corp.) C:\Windows\system32\AmUStor2.dll
2016-02-15 13:36 - 2016-02-15 13:36 - 00000640 _____ C:\Windows\system32\VendorCmd6435.bin
2016-02-15 13:36 - 2016-02-15 13:36 - 00000032 _____ C:\Windows\system32\VendorCmd6485.bin
2016-02-15 13:36 - 2016-02-15 13:36 - 00000032 _____ C:\Windows\system32\VendorCmd6465.bin
2016-02-15 13:36 - 2016-02-15 13:36 - 00000008 _____ C:\Windows\system32\CardDetect6485.bin
2016-02-15 13:36 - 2016-02-15 13:36 - 00000008 _____ C:\Windows\system32\CardDetect.bin
2016-02-15 13:31 - 2016-02-15 13:31 - 26341704 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-02-15 13:31 - 2016-02-15 13:31 - 25255568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2016-02-15 13:31 - 2016-02-15 13:31 - 19916432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-02-15 13:31 - 2016-02-15 13:31 - 17559184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2016-02-15 13:31 - 2016-02-15 13:31 - 15373568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-02-15 13:31 - 2016-02-15 13:31 - 13585736 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-02-15 13:31 - 2016-02-15 13:31 - 09185504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-02-15 13:31 - 2016-02-15 13:31 - 07755632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-02-15 13:31 - 2016-02-15 13:31 - 07639952 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-02-15 13:31 - 2016-02-15 13:31 - 06295288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-02-15 13:31 - 2016-02-15 13:31 - 02748232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-02-15 13:31 - 2016-02-15 13:31 - 02576200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-02-15 13:31 - 2016-02-15 13:31 - 02447000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-02-15 13:31 - 2016-02-15 13:31 - 02220176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2016-02-15 13:31 - 2016-02-15 13:31 - 01868104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2016-02-15 13:31 - 2016-02-15 13:31 - 01801544 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6430908.dll
2016-02-15 13:31 - 2016-02-15 13:31 - 01510728 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6430908.dll
2016-02-15 13:31 - 2016-02-15 13:31 - 00017616 _____ C:\Windows\system32\nvinfo.pb
2016-02-15 13:29 - 2016-02-15 13:29 - 00000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-02-14 22:10 - 2016-02-15 18:53 - 00003242 _____ C:\Windows\System32\Tasks\Driver Booster Scheduler
2016-02-14 22:10 - 2016-02-15 18:53 - 00002874 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (David)
2016-02-14 22:10 - 2016-02-14 22:10 - 00027552 _____ (REALiX™) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2016-02-14 22:10 - 2016-02-14 22:10 - 00003184 _____ C:\Windows\System32\Tasks\SmartDefrag4_Startup
2016-02-14 22:10 - 2016-02-14 22:10 - 00003182 _____ C:\Windows\System32\Tasks\SmartDefrag4_Update
2016-02-14 22:10 - 2015-01-10 15:32 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2016-02-14 22:10 - 2014-06-04 15:17 - 00034080 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe
2016-02-14 22:01 - 2016-02-14 22:01 - 00000000 ____D C:\Users\David\AppData\IObit
2016-02-14 20:30 - 2016-02-14 20:30 - 00000000 ____D C:\ProgramData\BDLogging
2016-02-14 20:29 - 2016-02-15 18:52 - 00002904 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_David
2016-02-14 20:29 - 2016-02-14 20:29 - 00000000 ____D C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2016-02-14 20:29 - 2016-02-14 20:29 - 00000000 ____D C:\ProgramData\{ACBCD40A-42A8-4FF9-BD42-ABCD14998CBA}
2016-02-14 14:17 - 2016-02-14 14:18 - 00000000 _____ C:\Prefs.js
2016-02-13 09:50 - 2016-02-13 09:50 - 00000000 ____D C:\Users\David\AppData\Roaming\Lavasoft
2016-02-12 16:25 - 2016-02-12 16:25 - 61132800 _____ C:\Windows\system32\config\components.iobit
2016-02-12 16:25 - 2016-02-12 16:25 - 00061440 _____ C:\Windows\system32\config\SAM.iobit
2016-02-12 16:25 - 2016-02-12 16:25 - 00024576 _____ C:\Windows\system32\config\SECURITY.iobit
2016-02-12 16:24 - 2016-02-12 16:25 - 05615616 _____ C:\Windows\system32\config\DEFAULT.iobit
2016-02-12 16:24 - 2016-02-12 16:24 - 127008768 _____ C:\Windows\system32\config\SOFTWARE.iobit
2016-02-12 16:01 - 2016-02-12 16:01 - 00000000 ____D C:\Windows\system32\SRSLabs
2016-02-12 15:28 - 2016-02-15 13:15 - 00000000 ____D C:\Users\David\AppData\Roaming\ProductData
2016-02-12 15:27 - 2016-02-15 20:18 - 00000000 ____D C:\ProgramData\IObit
2016-02-12 15:27 - 2016-02-15 20:16 - 00000000 ____D C:\ProgramData\ProductData
2016-02-12 15:27 - 2016-02-14 22:00 - 00000000 ____D C:\Users\David\AppData\LocalLow\IObit
2016-02-12 15:27 - 2016-02-12 15:27 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled
2016-02-12 15:26 - 2016-02-15 20:12 - 00000000 ____D C:\Users\David\AppData\Roaming\IObit
2016-02-12 11:26 - 2016-02-16 00:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reason Core Security
2016-02-12 11:26 - 2016-02-12 11:26 - 00000000 ____D C:\Program Files\Reason
2016-02-10 14:14 - 2016-02-06 05:48 - 25839104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-10 14:14 - 2016-02-06 05:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-02-10 14:14 - 2016-02-06 05:24 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-10 14:14 - 2016-02-06 05:11 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-02-10 14:14 - 2016-02-06 05:10 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-02-10 14:14 - 2016-02-06 05:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-02-10 14:14 - 2016-02-06 04:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-02-10 14:14 - 2016-02-06 04:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-02-10 14:14 - 2016-02-06 04:38 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-02-10 14:14 - 2016-02-06 04:37 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-02-10 14:14 - 2016-02-06 04:32 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-10 14:14 - 2016-02-06 04:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-02-10 14:14 - 2016-02-06 04:09 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-10 14:14 - 2016-02-06 03:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-02-10 14:14 - 2016-01-16 14:06 - 00025024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-02-10 14:14 - 2016-01-16 13:54 - 01162240 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-02-10 14:14 - 2016-01-11 09:08 - 01362944 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-02-10 14:14 - 2016-01-11 09:08 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-02-10 14:14 - 2016-01-11 09:08 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-02-10 14:14 - 2016-01-11 09:08 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-02-10 14:14 - 2016-01-11 09:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-02-10 14:14 - 2016-01-06 14:02 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-02-10 14:14 - 2016-01-06 14:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-02-10 14:14 - 2016-01-06 13:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-02-10 14:13 - 2016-01-22 15:31 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-02-10 14:13 - 2016-01-22 15:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-02-10 14:13 - 2016-01-22 01:56 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-02-10 14:13 - 2016-01-22 01:41 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-02-10 14:13 - 2016-01-22 01:40 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-10 14:13 - 2016-01-22 01:40 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-02-10 14:13 - 2016-01-22 01:40 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-02-10 14:13 - 2016-01-22 01:40 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-02-10 14:13 - 2016-01-22 01:33 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-02-10 14:13 - 2016-01-22 01:32 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-02-10 14:13 - 2016-01-22 01:29 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-10 14:13 - 2016-01-22 01:27 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-10 14:13 - 2016-01-22 01:27 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-02-10 14:13 - 2016-01-22 01:27 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-02-10 14:13 - 2016-01-22 01:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-10 14:13 - 2016-01-22 01:17 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-02-10 14:13 - 2016-01-22 01:09 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-10 14:13 - 2016-01-22 01:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-02-10 14:13 - 2016-01-22 01:05 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-02-10 14:13 - 2016-01-22 01:04 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-02-10 14:13 - 2016-01-22 01:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-02-10 14:13 - 2016-01-22 01:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-02-10 14:13 - 2016-01-22 01:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-02-10 14:13 - 2016-01-22 01:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-02-10 14:13 - 2016-01-22 01:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-02-10 14:13 - 2016-01-22 01:00 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-02-10 14:13 - 2016-01-22 01:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-02-10 14:13 - 2016-01-22 00:55 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-02-10 14:13 - 2016-01-22 00:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-02-10 14:13 - 2016-01-22 00:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-02-10 14:13 - 2016-01-22 00:51 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-02-10 14:13 - 2016-01-22 00:50 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-02-10 14:13 - 2016-01-22 00:48 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-02-10 14:13 - 2016-01-22 00:47 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-10 14:13 - 2016-01-22 00:46 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-10 14:13 - 2016-01-22 00:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-02-10 14:13 - 2016-01-22 00:43 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-02-10 14:13 - 2016-01-22 00:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-02-10 14:13 - 2016-01-22 00:38 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-02-10 14:13 - 2016-01-22 00:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-02-10 14:13 - 2016-01-22 00:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-02-10 14:13 - 2016-01-22 00:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-02-10 14:13 - 2016-01-22 00:34 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-02-10 14:13 - 2016-01-22 00:33 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-02-10 14:13 - 2016-01-22 00:31 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-10 14:13 - 2016-01-22 00:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-02-10 14:13 - 2016-01-22 00:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-02-10 14:13 - 2016-01-22 00:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-02-10 14:13 - 2016-01-22 00:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-02-10 14:13 - 2016-01-22 00:08 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-02-10 14:13 - 2016-01-22 00:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-02-10 14:13 - 2016-01-22 00:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-02-10 14:10 - 2016-01-16 14:01 - 02085888 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-02-10 14:10 - 2016-01-16 13:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-02-10 14:10 - 2016-01-11 14:05 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-02-10 14:10 - 2016-01-11 14:05 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-02-10 14:10 - 2016-01-11 14:05 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-02-10 14:10 - 2016-01-11 13:52 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-02-10 14:10 - 2016-01-11 13:47 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-02-10 14:10 - 2016-01-11 13:26 - 02610176 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-02-10 14:10 - 2016-01-11 13:24 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-02-10 14:10 - 2016-01-11 13:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-02-10 14:10 - 2016-01-11 13:23 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-02-10 14:10 - 2016-01-11 13:23 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-02-10 14:10 - 2016-01-11 13:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-02-10 14:10 - 2016-01-11 13:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-02-10 14:10 - 2016-01-11 13:14 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-02-10 14:10 - 2016-01-11 13:14 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-02-10 14:10 - 2016-01-11 13:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-02-10 14:10 - 2016-01-11 13:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-02-10 14:10 - 2016-01-07 12:53 - 03211776 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-10 14:10 - 2016-01-07 12:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-10 14:10 - 2015-12-20 13:50 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-02-10 14:10 - 2015-12-20 13:50 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-02-10 14:10 - 2015-12-20 09:08 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-02-10 14:09 - 2016-01-22 01:27 - 05573056 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-10 14:09 - 2016-01-22 01:27 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-02-10 14:09 - 2016-01-22 01:27 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-02-10 14:09 - 2016-01-22 01:24 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-10 14:09 - 2016-01-22 01:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-02-10 14:09 - 2016-01-22 01:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-02-10 14:09 - 2016-01-22 01:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-02-10 14:09 - 2016-01-22 01:20 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-02-10 14:09 - 2016-01-22 01:20 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-02-10 14:09 - 2016-01-22 01:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-02-10 14:09 - 2016-01-22 01:20 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-02-10 14:09 - 2016-01-22 01:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-02-10 14:09 - 2016-01-22 01:20 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-02-10 14:09 - 2016-01-22 01:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-02-10 14:09 - 2016-01-22 01:19 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-02-10 14:09 - 2016-01-22 01:19 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-02-10 14:09 - 2016-01-22 01:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-02-10 14:09 - 2016-01-22 01:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-10 14:09 - 2016-01-22 01:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-10 14:09 - 2016-01-22 01:18 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-02-10 14:09 - 2016-01-22 01:17 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-10 14:09 - 2016-01-22 01:17 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-02-10 14:09 - 2016-01-22 01:17 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-10 14:09 - 2016-01-22 01:16 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-10 14:09 - 2016-01-22 01:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-02-10 14:09 - 2016-01-22 01:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-02-10 14:09 - 2016-01-22 01:15 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-02-10 14:09 - 2016-01-22 01:15 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-10 14:09 - 2016-01-22 01:15 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-10 14:09 - 2016-01-22 01:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-02-10 14:09 - 2016-01-22 01:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-02-10 14:09 - 2016-01-22 01:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-02-10 14:09 - 2016-01-22 01:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-02-10 14:09 - 2016-01-22 01:13 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-02-10 14:09 - 2016-01-22 01:12 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-02-10 14:09 - 2016-01-22 01:12 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-02-10 14:09 - 2016-01-22 01:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-02-10 14:09 - 2016-01-22 01:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 01:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 01:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 01:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 01:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 01:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 01:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 01:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 01:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 01:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 01:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 01:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 01:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 01:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 01:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 01:09 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-02-10 14:09 - 2016-01-22 01:06 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-02-10 14:09 - 2016-01-22 01:06 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-02-10 14:09 - 2016-01-22 01:06 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-02-10 14:09 - 2016-01-22 01:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-02-10 14:09 - 2016-01-22 01:06 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-02-10 14:09 - 2016-01-22 01:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-02-10 14:09 - 2016-01-22 01:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-02-10 14:09 - 2016-01-22 01:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-02-10 14:09 - 2016-01-22 01:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-02-10 14:09 - 2016-01-22 01:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-02-10 14:09 - 2016-01-22 01:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-02-10 14:09 - 2016-01-22 01:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-02-10 14:09 - 2016-01-22 01:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-02-10 14:09 - 2016-01-22 01:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-02-10 14:09 - 2016-01-22 01:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-02-10 14:09 - 2016-01-22 01:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-02-10 14:09 - 2016-01-22 01:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-02-10 14:09 - 2016-01-22 01:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-02-10 14:09 - 2016-01-22 01:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-02-10 14:09 - 2016-01-22 00:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-02-10 14:09 - 2016-01-22 00:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-02-10 14:09 - 2016-01-22 00:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-02-10 14:09 - 2016-01-22 00:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-02-10 14:09 - 2016-01-22 00:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 00:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 00:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 00:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 00:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 00:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 00:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 00:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 00:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 00:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 00:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 00:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 00:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-02-10 14:09 - 2016-01-22 00:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-02-10 14:09 - 2016-01-22 00:07 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-02-10 14:09 - 2016-01-22 00:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-02-10 14:09 - 2016-01-22 00:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-02-10 14:09 - 2016-01-21 23:59 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-10 14:09 - 2016-01-21 23:58 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-02-10 14:09 - 2016-01-21 23:58 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-10 14:09 - 2016-01-21 23:57 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-02-10 14:09 - 2016-01-21 23:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-02-10 14:09 - 2016-01-21 23:53 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-02-10 14:09 - 2016-01-21 23:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-02-10 14:09 - 2016-01-21 23:53 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-02-10 14:09 - 2016-01-21 23:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-02-10 14:09 - 2016-01-21 23:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-02-10 14:09 - 2016-01-21 23:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-02-10 14:09 - 2016-01-21 23:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 14:09 - 2016-01-21 23:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 14:09 - 2016-01-21 23:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-02-10 14:08 - 2016-01-22 01:19 - 14179840 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-02-10 14:08 - 2016-01-22 01:15 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-02-10 14:08 - 2016-01-22 01:12 - 01940992 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-02-10 14:08 - 2016-01-22 01:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-02-10 14:08 - 2016-01-22 01:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-02-10 14:08 - 2016-01-22 00:59 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-02-10 14:08 - 2016-01-22 00:19 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-02-10 14:08 - 2016-01-22 00:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-02-10 08:59 - 2016-02-11 09:10 - 00002856 _____ C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
2016-02-10 08:59 - 2016-02-11 09:10 - 00002856 _____ C:\Windows\system32\LavasoftTcpServiceOff.ini
2016-02-10 08:59 - 2016-02-10 08:59 - 00425744 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2016-02-10 08:59 - 2016-02-10 08:59 - 00345360 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
2016-02-10 08:48 - 2016-02-10 08:48 - 00003258 _____ C:\Windows\System32\Tasks\{66AED39D-C8F9-4D71-9FE3-48533CE8B638}
2016-02-09 17:18 - 2016-02-09 17:18 - 00117350 _____ C:\Users\David\Desktop\SearchSoft - Stephens County School System - Application Frame.pdf
2016-02-05 09:11 - 2016-02-05 09:10 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-02-05 09:10 - 2016-02-05 09:10 - 00478128 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2016-02-05 09:10 - 2016-02-05 09:10 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-02-05 08:50 - 2016-02-05 08:50 - 00000326 _____ C:\Users\David\Desktop\HP Printer Diagnostic Tools.url
2016-01-31 15:09 - 2016-01-31 15:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-01-23 22:37 - 2016-01-23 22:37 - 00099328 _____ C:\Users\Guest\Documents\vocab.pub
2016-01-23 22:36 - 2016-01-23 22:37 - 00097280 _____ C:\Users\Guest\Documents\Publication2.pub
2016-01-23 22:19 - 2016-01-23 22:19 - 00095232 _____ C:\Users\Guest\Documents\Publication1.pub
2016-01-23 22:19 - 2016-01-23 22:19 - 00000000 ____D C:\Users\Guest\Documents\Custom Office Templates
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-02-20 16:58 - 2009-07-13 23:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-20 16:58 - 2009-07-13 23:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-20 16:55 - 2014-03-05 09:59 - 00000000 ____D C:\Users\David\Desktop\PC SCANS
2016-02-20 16:44 - 2014-05-04 11:18 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-20 16:41 - 2015-05-12 11:53 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-20 16:23 - 2015-05-12 11:53 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-02-20 16:15 - 2014-09-06 18:22 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-20 16:14 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-20 13:59 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf
2016-02-20 13:32 - 2013-10-28 18:16 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{A0B974DB-CB5C-4689-9CD9-085B2BCAE397}
2016-02-20 13:30 - 2014-02-27 18:34 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-02-19 22:08 - 2013-10-28 19:38 - 00000000 ____D C:\Windows\system32\MRT
2016-02-19 22:01 - 2013-10-28 19:38 - 146614896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-19 16:36 - 2010-10-28 15:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-02-19 16:34 - 2015-03-25 15:49 - 00000000 ____D C:\Program Files (x86)\MSECache
2016-02-18 21:18 - 2015-07-23 13:53 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2016-02-18 21:17 - 2015-07-27 15:19 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-02-18 21:00 - 2013-10-28 17:38 - 00000000 ____D C:\Users\David\AppData\Roaming\SoftGrid Client
2016-02-18 20:53 - 2015-07-27 15:11 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-02-18 20:51 - 2013-10-31 15:29 - 00000000 ____D C:\Users\David\AppData\Local\CrashDumps
2016-02-16 20:23 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2016-02-16 20:05 - 2014-06-05 07:43 - 00002197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-16 18:20 - 2014-02-27 18:33 - 00287016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-02-16 18:19 - 2014-05-04 11:13 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-02-16 18:19 - 2014-02-27 18:33 - 00463744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-02-16 18:19 - 2014-02-27 18:33 - 00165344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-02-16 18:19 - 2014-02-27 18:33 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-02-16 18:19 - 2014-02-27 18:33 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-02-16 18:19 - 2014-02-27 18:33 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-02-16 18:18 - 2014-02-27 18:33 - 01065720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-02-16 18:16 - 2010-10-28 15:45 - 00000000 ____D C:\ProgramData\Temp
2016-02-16 01:09 - 2016-01-01 14:48 - 00000258 __RSH C:\ProgramData\ntuser.pol
2016-02-16 00:38 - 2013-10-28 17:11 - 00000000 ____D C:\Users\David
2016-02-15 20:31 - 2016-01-01 14:45 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2016-02-15 20:08 - 2014-06-05 07:32 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-02-15 18:04 - 2014-03-19 12:54 - 00000000 ____D C:\Program Files\Common Files\Motive
2016-02-15 13:44 - 2014-05-29 11:31 - 00000683 _____ C:\ProgramData\EventStore.xml
2016-02-15 13:44 - 2014-05-29 11:31 - 00000545 _____ C:\ProgramData\CampaignStore.xml
2016-02-15 13:44 - 2014-05-29 11:31 - 00000424 _____ C:\ProgramData\SoftwareVersionStore.xml
2016-02-15 13:44 - 2014-05-29 11:31 - 00000150 _____ C:\ProgramData\SubscriberStatusStore.json
2016-02-15 13:44 - 2014-05-29 11:30 - 00000619 _____ C:\ProgramData\SubscriptionStore.xml
2016-02-15 13:44 - 2014-05-29 11:30 - 00000583 _____ C:\ProgramData\UpgradeStore.xml
2016-02-15 13:44 - 2014-05-29 11:30 - 00000412 _____ C:\ProgramData\ConfigurationStore.xml
2016-02-15 13:44 - 2014-05-29 11:30 - 00000408 _____ C:\ProgramData\FulfillmentStateMachineStores.xml
2016-02-15 13:44 - 2014-05-29 11:30 - 00000066 _____ C:\ProgramData\AaaAuthorizationStore.json
2016-02-15 13:39 - 2010-10-28 15:32 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-02-15 13:38 - 2009-07-14 00:13 - 00820796 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-15 13:35 - 2010-10-28 15:44 - 00000000 ____D C:\ProgramData\NVIDIA
2016-02-15 13:33 - 2010-10-28 15:32 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-02-15 13:31 - 2010-10-28 16:29 - 18320440 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-02-15 13:31 - 2010-10-28 16:29 - 02753952 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-02-14 20:41 - 2014-12-25 13:40 - 00003888 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-02-14 16:40 - 2014-05-29 11:30 - 00000466 _____ C:\ProgramData\SharedProperties.xml
2016-02-14 14:18 - 2013-11-05 20:22 - 00000000 ____D C:\ProgramData\Lavasoft
2016-02-13 01:42 - 2013-11-06 10:22 - 00000000 ____D C:\Users\Guest
2016-02-13 01:42 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Windows Defender
2016-02-13 01:42 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\DVD Maker
2016-02-13 01:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\ras
2016-02-13 01:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2016-02-13 01:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\ras
2016-02-13 01:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\oobe
2016-02-13 01:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\migwiz
2016-02-13 01:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\ias
2016-02-13 01:42 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\System
2016-02-13 01:42 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\Services
2016-02-13 01:41 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2016-02-13 01:41 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2016-02-13 01:41 - 2009-07-13 22:20 - 00000000 __RSD C:\Windows\Media
2016-02-13 01:41 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\Setup
2016-02-13 01:41 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\lv-LV
2016-02-13 01:41 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\lt-LT
2016-02-13 01:41 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\et-EE
2016-02-13 01:41 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\Setup
2016-02-13 01:41 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\lv-LV
2016-02-13 01:41 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\lt-LT
2016-02-13 01:41 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\et-EE
2016-02-13 01:41 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2016-02-13 01:41 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\L2Schemas
2016-02-13 01:38 - 2016-01-01 14:45 - 00000000 ____D C:\ProgramData\Licenses
2016-02-13 01:38 - 2015-12-03 08:58 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-02-13 01:38 - 2015-03-01 17:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My Wal-Mart Digital Photo Center
2016-02-13 01:38 - 2014-12-08 13:49 - 00000000 ____D C:\Users\User\AppData\Local\HuluDesktop
2016-02-13 01:38 - 2014-04-02 17:57 - 00000000 ____D C:\Program Files (x86)\null
2016-02-13 01:38 - 2014-02-27 19:57 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-02-13 01:38 - 2013-10-28 21:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-02-13 01:38 - 2013-10-28 21:38 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-02-13 01:38 - 2013-10-28 21:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-02-13 01:38 - 2010-10-28 15:32 - 00000000 ____D C:\Program Files\Realtek
2016-02-13 01:38 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2016-02-13 01:36 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\registration
2016-02-13 01:11 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\security
2016-02-13 01:09 - 2013-11-09 15:42 - 00000000 ____D C:\Users\David\AppData\Local\Google
2016-02-13 01:09 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-02-13 01:07 - 2013-12-04 15:21 - 00000000 __RHD C:\MSOCache
2016-02-13 01:07 - 2013-11-09 15:41 - 00000000 ____D C:\Program Files (x86)\Google
2016-02-12 16:05 - 2009-07-24 14:22 - 00000000 ____D C:\Windows\Panther
2016-02-12 15:27 - 2015-06-23 10:24 - 00000000 ____D C:\Users\David\AppData\Roaming\Apple Computer
2016-02-12 13:25 - 2015-12-03 15:17 - 00000000 ____D C:\Users\David\AppData\Local\NVIDIA Corporation
2016-02-12 11:32 - 2013-11-05 19:51 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2016-02-12 10:52 - 2015-07-18 17:29 - 00000000 ____D C:\log
2016-02-12 09:34 - 2015-08-21 13:41 - 00000000 ____D C:\Users\David\.oracle_jre_usage
2016-02-12 09:34 - 2015-05-02 15:43 - 00110176 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2016-02-12 09:34 - 2015-03-21 15:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-12 09:33 - 2015-05-02 15:41 - 00000000 ____D C:\Program Files\Java
2016-02-12 04:53 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2016-02-12 03:53 - 2014-12-10 10:28 - 00000000 ____D C:\Windows\system32\appraiser
2016-02-12 03:53 - 2014-04-29 20:13 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-02-12 03:53 - 2009-07-14 02:45 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-11 21:39 - 2013-10-29 17:41 - 00000000 ____D C:\Users\David\AppData\Roaming\HpUpdate
2016-02-11 10:12 - 2010-10-28 15:58 - 00000000 ____D C:\ProgramData\PDFC
2016-02-10 21:00 - 2015-01-02 15:37 - 00000000 ____D C:\Users\David\Desktop\DAVID
2016-02-10 08:41 - 2015-05-12 11:53 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-10 08:41 - 2015-05-12 11:53 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-07 15:27 - 2015-02-26 18:14 - 00000000 ____D C:\Users\David\Desktop\David School
2016-02-01 13:36 - 2014-09-06 18:22 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-01 13:36 - 2014-05-04 11:18 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-01-31 15:09 - 2013-11-04 19:15 - 00000784 _____ C:\Users\Public\Desktop\CCleaner.lnk
 
==================== Files in the root of some directories =======
 
2016-02-15 19:14 - 2016-02-15 19:14 - 0001323 _____ () C:\Users\David\AppData\Roaming\Bubble Dock.boostrap.log
2016-02-15 19:14 - 2016-02-15 19:14 - 0005712 _____ () C:\Users\David\AppData\Roaming\Bubble Dock.installation.log
2016-02-15 19:14 - 2016-02-15 19:14 - 0000078 _____ () C:\Users\David\AppData\Roaming\Selection Tools.installation.log
2014-02-27 17:41 - 2015-01-02 17:32 - 0000134 _____ () C:\Users\David\AppData\Roaming\WB.CFG
2016-02-15 19:14 - 2016-02-15 19:14 - 0000097 _____ () C:\Users\David\AppData\Roaming\WindApp.boostrap.log
2016-02-15 19:14 - 2016-02-15 19:14 - 0000078 _____ () C:\Users\David\AppData\Roaming\WindApp.installation.log
2014-12-29 19:44 - 2014-12-29 19:44 - 0000064 _____ () C:\Users\David\AppData\Local\0e5971fa8907c5fa1fa1f90ce7b319dc
2014-12-30 19:51 - 2014-12-30 21:10 - 0012800 _____ () C:\Users\David\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-02 17:32 - 2015-01-02 17:32 - 0234679 _____ () C:\Users\David\AppData\Local\dsi1.dat
2015-01-02 17:32 - 2015-01-02 17:32 - 0161916 _____ () C:\Users\David\AppData\Local\dsi2.dat
2014-05-29 11:30 - 2016-02-15 13:44 - 0000066 _____ () C:\ProgramData\AaaAuthorizationStore.json
2014-05-29 11:31 - 2016-02-15 13:44 - 0000545 _____ () C:\ProgramData\CampaignStore.xml
2014-05-29 11:30 - 2016-02-15 13:44 - 0000412 _____ () C:\ProgramData\ConfigurationStore.xml
2014-05-29 11:31 - 2016-02-15 13:44 - 0000683 _____ () C:\ProgramData\EventStore.xml
2014-05-29 11:30 - 2016-02-15 13:44 - 0000408 _____ () C:\ProgramData\FulfillmentStateMachineStores.xml
2015-12-31 18:31 - 2016-02-12 10:22 - 0004771 _____ () C:\ProgramData\hpzinstall.log
2014-02-27 19:04 - 2014-02-27 19:28 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2014-05-29 11:30 - 2016-02-14 16:40 - 0000466 _____ () C:\ProgramData\SharedProperties.xml
2014-05-29 11:31 - 2016-02-15 13:44 - 0000424 _____ () C:\ProgramData\SoftwareVersionStore.xml
2014-05-29 11:31 - 2016-02-15 13:44 - 0000150 _____ () C:\ProgramData\SubscriberStatusStore.json
2014-05-29 11:30 - 2016-02-15 13:44 - 0000619 _____ () C:\ProgramData\SubscriptionStore.xml
2014-05-29 11:30 - 2016-02-15 13:44 - 0000583 _____ () C:\ProgramData\UpgradeStore.xml
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-02-18 00:46
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:20-02-2016
Ran by David (2016-02-20 17:05:57)
Running from C:\Users\David\Desktop\PC SCANS\Fixes
Windows 7 Home Premium Service Pack 1 (X64) (2013-10-28 22:11:10)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-585021316-1980500837-2966188906-500 - Administrator - Disabled)
David (S-1-5-21-585021316-1980500837-2966188906-1000 - Administrator - Enabled) => C:\Users\David
Guest (S-1-5-21-585021316-1980500837-2966188906-501 - Limited - Disabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-585021316-1980500837-2966188906-1002 - Limited - Enabled)
User (S-1-5-21-585021316-1980500837-2966188906-1003 - Limited - Enabled) => C:\Users\User
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
6300 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
6300_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
6300Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2253 - AVAST Software)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3210 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.2.4412 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2652.0 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.2.4521 - Hewlett-Packard)
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.2.4517 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{A40F60B1-F1E1-452E-96A5-FF97F9A2D102}) (Version: 3.1.2.4 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.2.4522 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photo Creations (HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\HP Photo Creations) (Version: 1.0.0.18702 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Power Assistant (HKLM\...\{6888C635-E550-4FA4-958E-CE2880B0443B}) (Version: 1.1.1.6 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{53469506-A37E-4314-A9D9-38724EC23A75}) (Version: 8.4.4400.3525 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.0.12844.3519 - Hewlett-Packard Company)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.1.40.3 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.0.30.219 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.6.0 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Java 8 Update 72 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418072F0}) (Version: 8.0.720.15 - Oracle Corporation)
Java 8 Update 74 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418074F0}) (Version: 8.0.740.2 - Oracle Corporation)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3130 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3130 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}) (Version: 1.18.15.1 - LightScribe)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.292.3 - McAfee, Inc.)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4797.1003 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\OneDriveSetup.exe) (Version: 17.3.5951.0827 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.2.4412 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Wal-Mart Digital Photo Center (HKLM-x32\...\{DAF8B012-D559-4B8D-95C0-D98E1172E5C3}) (Version: 1.4.0.0 - Fujifilm e-Systems)
MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 7.0.0.7137 - MyHeritage.com)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.11.9745 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.61.39 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM-x32\...\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version: 1.00.7330.0 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.7.4.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.7.4.10 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4797.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4797.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4787.1002 - Microsoft Corporation) Hidden
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.9 - PDF Complete, Inc)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4329 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4329 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.4527 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.4527 - CyberLink Corp.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7673 - Realtek Semiconductor Corp.)
Reason Core Security (HKLM-x32\...\Reason Core Security) (Version: 1.1.1.0 - Reason Software Company Inc.)
Recovery Manager (x32 Version: 5.5.3219 - CyberLink Corp.) Hidden
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
SHIELD Streaming (Version: 4.1.0240 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.7.4.10 - NVIDIA Corporation) Hidden
Should I Remove It (HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\Should I Remove It 1.0.4) (Version: 1.0.4 - Reason Software Company Inc.)
Should I Remove It (x32 Version: 1.0.4 - Reason Software Company Inc.) Hidden
SierraHome Print Artist 12.0 (HKLM-x32\...\Print Artist 12.0) (Version:  - )
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SpywareBlaster 5.4 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.4.0 - BrightFort LLC)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Walmart Photo Manager (HKLM-x32\...\{1D601240-1E3C-11DE-8C30-0800200C9A66}) (Version: 2.4.0.570 - Walmart Stores Inc.)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\ZoomUMX) (Version: 3.5 - Zoom Video Communications, Inc.)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {02A0DF7D-DE76-47F4-A241-695307066BB1} - System32\Tasks\{20D0BC52-F629-48A2-BB13-9EFDE917E1B7} => C:\Users\David\Desktop\PC SCANS\Set up for PC scans\asc-ultimate-setup.exe
Task: {053FA89F-569D-4D21-A74A-FBF3DD8FAEC1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation)
Task: {0C9D7BDE-BE09-4507-86D5-C058E7F97800} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-01-06] (Hewlett-Packard)
Task: {0CA6D0CD-4DD0-4FD2-9DC6-87CE03FF75CC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {1A6FFC83-EE02-4704-AA07-36A0DFFF5228} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {1D627690-7691-43E3-B9C6-265AF3F958B0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-01-20] (Hewlett-Packard)
Task: {21FF8D8B-C79A-4F68-82E6-7587AE86501C} - System32\Tasks\{7DDDFD20-0034-47F0-9EF2-C11CC6B1A1FE} => pcalua.exe -a "C:\Users\David\Desktop\PC SCANS\Set up for PC scans\TweakUiPowertoySetup.exe" -d "C:\Users\David\Desktop\PC SCANS\Set up for PC scans"
Task: {259BD190-4D37-40AE-B129-36C676B06628} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {2E9D0A66-76BE-493A-9FAD-8514AFBD77D6} - System32\Tasks\{431BE851-2D3F-425B-B54E-0F5118333F92} => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
Task: {3558D48F-6FB1-4713-B2E3-33D224C80F37} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated)
Task: {362BAD6C-38F8-41CA-89AA-29971A10B6A5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-01-12] (Microsoft Corporation)
Task: {4EE22EC3-1037-4769-87FD-6E60EFD6A1F8} - System32\Tasks\Games\UpdateCheck_S-1-5-21-585021316-1980500837-2966188906-1000
Task: {4F1D03C4-C329-4FE9-9275-88DAEE0193E7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {5BBCDC62-40AC-4BA8-914B-91F64461E4F6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {671904C8-6859-49CF-87DB-DC546FCF04DF} - System32\Tasks\ASC9_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
Task: {6879F143-481E-4140-9209-BB7B667CF8B5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {6CC3712B-FDB1-4E63-8C1D-E53373A61079} - System32\Tasks\Driver Booster SkipUAC (David) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {6E9180E1-E038-4B59-A32C-57CF925DD139} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation)
Task: {6EC5B208-C9F1-4D46-B7D5-AE6FB49A8AC9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-02-16] (AVAST Software)
Task: {79B899D5-3F7A-44AB-8534-1E6ADF90D584} - System32\Tasks\{5C3E0562-F14F-46A4-8D0B-79520B28FA94} => pcalua.exe -a "C:\Users\David\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HUN2QOF4\startuplite-setup-1.07.exe" -d C:\Users\David\Desktop
Task: {804E739C-A348-4CAF-A337-E7584E90247C} - System32\Tasks\{C66F275F-6A0E-44CD-8F46-24AEDB0C094B} => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
Task: {8434E7F9-213E-479A-B3A9-F3DAF34C9BA4} - System32\Tasks\Uninstaller_SkipUac_David => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {85C9E102-CB77-4952-8D6A-0EDA29183A52} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-01-12] (Microsoft Corporation)
Task: {948E580D-3BE9-43AB-9763-48856EF242D4} - System32\Tasks\{EDDB7748-A656-4694-B66F-5F2DCA531D8F} => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
Task: {9F7EDF11-7951-49FB-A404-84523BA684C8} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {ACEAAD0D-C910-43AF-82B3-7C3CE94B5E36} - System32\Tasks\ASC9_SkipUac_David => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: {ACF54955-1154-4C54-914A-1C1A06972E4C} - System32\Tasks\{66AED39D-C8F9-4D71-9FE3-48533CE8B638} => pcalua.exe -a "C:\Users\David\Desktop\PC SCANS\Set up for PC scans\Adaware_Installer.exe" -d "C:\Users\David\Desktop\PC SCANS\Set up for PC scans"
Task: {B67FABF6-AD20-467F-AC52-7EBCAD40DA09} - System32\Tasks\SmartDefrag4_Startup => C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe
Task: {C2605A1E-388D-4193-9C3B-8AA341C3B20D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-01-06] (Hewlett-Packard)
Task: {C4E9C2A2-C54C-4FB6-89FF-886D178B91D2} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe
Task: {C603EC81-625C-492D-B720-262722EAB4D9} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-02-17] (AVAST Software)
Task: {D21C02DA-D847-4887-B831-4FF772540262} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-15] (Piriform Ltd)
Task: {DF009C87-4404-4649-9C31-4E0A17A90B4C} - System32\Tasks\SuperbGameBoost => C:\Program Files (x86)\SuperBoost\Superb Game Boost\SuperbGameBoostMain.exe
Task: {E6118FDA-F60A-4008-A18F-81468A425F66} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {E61B2C39-265A-4474-BBB1-C158EED29AB9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-01-12] (Hewlett-Packard Company)
Task: {F1FC7BF4-9B7C-496D-AA61-7205780EE613} - System32\Tasks\SmartDefrag4_Update => C:\Program Files (x86)\IObit\Smart Defrag 4\AutoUpdate.exe
Task: {F3034099-99E4-4BDB-99E0-FA0A7B8103FB} - System32\Tasks\ASC Task (One-Time) => C:\Program Files (x86)\IObit\Advanced SystemCare\PromoteASCAfterInstall.exe
Task: {F8B6555C-7394-4FB4-9BC0-47BC076A7F48} - System32\Tasks\{11BC1C56-1256-4DDE-B93D-817E5D31CBFC} => pcalua.exe -a "C:\Users\David\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LTQASXD5\TweakUiPowertoySetup.exe" -d C:\Users\David\Desktop
Task: {F9CBEE64-2EC9-43D5-97ED-E764B2209B0D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-02-18] (Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ReasonSecurityScheduledScan.job => C:\Program Files\Reason\Security\rsUI.exe
Task: C:\Windows\Tasks\SuperFastPC_AutorunOnStartup.job => C:\Program Files (x86)\System Optimizer Pro\SystemOptimizerPro.exe <==== ATTENTION
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-12-05 03:05 - 2015-01-30 19:57 - 00086160 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-07-27 15:11 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-10-28 09:15 - 2015-09-01 11:04 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2016-02-16 20:05 - 2016-02-16 10:33 - 02214552 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2652.0\libglesv2.dll
2016-02-16 20:05 - 2016-02-16 10:33 - 00097944 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2652.0\libegl.dll
2016-02-16 20:05 - 2016-02-16 10:33 - 31389848 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2652.0\PepperFlash\pepflashplayer.dll
2016-02-16 18:19 - 2016-02-16 18:19 - 00113496 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-02-16 18:19 - 2016-02-16 18:19 - 00133768 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-02-20 13:30 - 2016-02-20 13:30 - 02835968 _____ () C:\Program Files\AVAST Software\Avast\defs\16022000\algo.dll
2016-02-16 18:19 - 2016-02-16 18:19 - 00480760 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-02-20 16:18 - 2016-02-20 16:18 - 02835968 _____ () C:\Program Files\AVAST Software\Avast\defs\16022002\algo.dll
2015-12-03 15:17 - 2015-11-12 13:39 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-02-16 18:19 - 2016-02-16 18:19 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-02-27 19:57 - 2014-05-13 11:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-02-27 19:57 - 2014-05-13 11:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-02-27 19:57 - 2014-05-13 11:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\ProgramData\Temp:B63300D1
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HsdService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ServicepointService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HsdService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\myradioplayer => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ServicepointService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
HKU\.DEFAULT\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION
HKU\.DEFAULT\Software\Classes\exefile: "%1" %* <===== ATTENTION
HKU\S-1-5-19\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION
HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION
HKU\S-1-5-20\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION
HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
 
There are 7872 more sites.
 
IE trusted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\1-2005-search.com -> www.1-2005-search.com
 
There are 12689 more sites.
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2016-02-20 15:01 - 00449907 ____A C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
 
There are 15433 more lines.
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-585021316-1980500837-2966188906-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\David\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.254.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: ) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: 20131224 => C:\Program Files\AVAST Software\Avast\setup\emupdate\f64731f2-28ba-4cb8-a4dd-371a0a74c55a.exe /check
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DiagnosticTools.exe => "C:\Program Files (x86)\Windstream\Diagnostic Tools\DiagnosticTools.exe" /AUTORUN
MSCONFIG\startupreg: Family Tree Builder Update => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
MSCONFIG\startupreg: hpsysdrv => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: NCPluginUpdater => "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: SmartMenu => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TrayStartup => C:\Program Files (x86)\Windstream Online Data Backup\VaultClientTray.exe
MSCONFIG\startupreg: Windstream Service Agent.exe => "C:\Program Files (x86)\Windstream\Service Agent\Windstream Service Agent.exe" /AUTORUN
MSCONFIG\startupreg: Zoom => 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{D514E2F0-3FC2-43B0-957F-0B62B220E13D}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE
FirewallRules: [{494BC301-DA79-49C2-ADCB-00CFCC849207}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [{24CCEE9F-3A88-4485-B639-BDFEEB8D0C30}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Video\HPMediaSmartVideo.exe
FirewallRules: [{ED99956E-67F2-4846-ACD2-7C89C81974E9}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\HPTouchSmartMusic.exe
FirewallRules: [{86DF794A-895F-411A-96F0-DDD95797EDAD}] => (Allow) C:\Program Files (x86)\Windstream\Service Agent\ServicepointService.exe
FirewallRules: [{D9C74FD3-D301-44F4-870C-56796D91D762}] => (Allow) C:\Program Files (x86)\Windstream\Service Agent\ServicepointService.exe
FirewallRules: [{DB9B087B-D9D0-4ABD-A8B1-C60A8F73CADD}] => (Allow) C:\Program Files (x86)\Windstream\Service Agent\ServicepointService.exe
FirewallRules: [{9F3B44AE-EA71-4410-82D0-A2EFE079F78D}] => (Allow) C:\Program Files (x86)\Windstream\Service Agent\ServicepointService.exe
FirewallRules: [{F5B629A9-5106-4F26-9D2F-8CB376B9C08B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{29501870-1F04-4F58-A06E-E5CA079944B5}] => (Allow) LPort=2869
FirewallRules: [{1C18392B-F500-4FEE-BCDE-56A4F1F7777E}] => (Allow) LPort=1900
FirewallRules: [{6E61C313-CB97-4E8A-95F3-3009C3CA3757}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CF38C6C6-9ECF-4730-94FD-BB6DC4066C25}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4084B72B-245F-4578-8FE5-D3AD940DA15D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8F4D1056-7C4B-4B53-9754-F095574A4E08}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{EF0023D7-36D2-454D-9F28-7938E4AEB08E}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{6970A39F-E417-4ECC-8549-529AAFF3C3AB}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{EC1869E1-0848-4949-B836-B18F130E308C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{2561800C-EB65-49B3-9A54-E81C25329B2F}] => (Allow) C:\Users\David\AppData\Roaming\Zoom\bin\Zoom.exe
FirewallRules: [{03A19534-CAC2-478A-8E5E-F11B4A595B9B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{6C9BAA44-4435-4086-B08C-E09986275E10}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{6054475D-E651-498B-BA2B-769607D58AA1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{038DE0D6-EC01-48DB-B159-64266FA43199}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{16308062-C04E-40FD-8589-DA4E5966B79F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{FAE27FAB-25B6-4522-A87A-5013D121E93B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3F2FCF16-EC04-4A56-AA92-2AEFF0B00287}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{7F34F404-798C-4054-BE84-0A0B07341162}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C5418DDF-2424-4641-B5AC-6A2D8BFB2A78}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{BCE9B05F-0B45-4B22-BBFB-E216A0B61D58}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{1560206E-1639-4918-8649-EA3571FCAD3F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{AF6F1433-C841-4242-A22F-B7ED7ACBCC54}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{874730E1-3E83-4EE4-9201-6D497130B52F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{F981958F-821A-49F4-812C-A6201130AB84}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{D8A5E52D-A3D2-4626-B29B-9F4A6556445C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{0B53D5FC-913B-4CAA-B8E7-FA58DE6E5B0F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{C7C86B75-6676-4A9A-B34D-E49D39D47ECF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{8CD2B462-8076-4B1C-8E97-8E583356606D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{026DA215-3002-4B52-8D66-5C50163631B7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{BF748D20-FACB-467D-8984-8FC2995D8344}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{6A0029A6-C566-4AFE-AA03-3BBC40A9ED6D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{ECCC0D87-695B-4F62-B891-23AC4FD43FFD}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{69BCB9AD-0906-4D0C-9179-CCE3CC5C4787}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{1CA7E7B8-84AC-474E-BEA5-6D10FFC6AF8B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{869844ED-65DE-4D72-B7BE-1632E456894C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{C2DF03B6-6D72-4803-9993-FFB9B219488B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{89A84CE7-51AF-46D1-AF9E-377417CB60E5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{EA009BE6-666D-49EF-8243-515FAA75FB48}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{1394FB75-75C6-447F-8EB2-C34A37B24D32}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{92D94E86-9E39-4EDC-8DD0-2F2ECC170187}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{B6A0854F-F108-44F8-B5E4-0BBC53536C5B}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{5CDAAF88-D718-4DFC-AB0B-20F31AEC4368}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F4AF7B4D-7075-49DE-8636-2F020DD31A54}] => (Allow) C:\Users\David\AppData\Local\Temp\7zS6876\hppiw.exe
FirewallRules: [{97B01B96-B91D-40D7-9E73-53F6DC8393ED}] => (Allow) C:\Users\David\AppData\Local\Temp\7zS6876\hppiw.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
 
==================== Restore Points =========================
 
27-01-2016 17:05:21 Windows Update
29-01-2016 03:00:38 Windows Update
30-01-2016 03:00:19 Windows Update
30-01-2016 22:01:18 Windows Update
31-01-2016 19:01:09 Windows Backup
31-01-2016 21:10:07 Windows Update
02-02-2016 03:00:20 Windows Update
03-02-2016 03:00:21 Windows Update
04-02-2016 03:00:22 Windows Update
05-02-2016 03:00:21 Windows Update
05-02-2016 08:48:48 Installed Network64
05-02-2016 09:12:28 Device Driver Package Install: Avast Network Service
06-02-2016 03:00:21 Windows Update
07-02-2016 03:00:41 Windows Update
07-02-2016 17:13:59 Windows Update
07-02-2016 22:47:46 Windows Backup
08-02-2016 03:00:10 Windows Update
09-02-2016 03:00:10 Windows Update
09-02-2016 17:22:31 Windows Update
09-02-2016 21:27:53 Windows Update
10-02-2016 08:47:43 AA11
10-02-2016 08:49:04 AA11
10-02-2016 09:04:20 AA11
10-02-2016 21:02:54 Windows Update
12-02-2016 03:00:38 Windows Update
12-02-2016 10:12:23 AA11
12-02-2016 10:39:50 AA11
12-02-2016 11:17:48 Removed Microsoft Silverlight
12-02-2016 11:31:57 Installed Boost
12-02-2016 13:53:29 Removed service pack backup files
12-02-2016 14:25:26 Windows Update
12-02-2016 15:49:32 Driver Booster : BlackBerry Smartphone
13-02-2016 00:28:39 Driver Booster : BlackBerry Smartphone
13-02-2016 01:03:21 Restore Operation
13-02-2016 03:00:12 Windows Update
14-02-2016 03:00:52 Windows Update
14-02-2016 19:00:12 Windows Backup
15-02-2016 03:00:11 Windows Update
15-02-2016 13:29:08 Driver Booster : BlackBerry Smartphone
15-02-2016 18:23:23 Restore Point before AdAwareInstaller was removed using Program Install and Uninstall troubleshooter
15-02-2016 18:24:07  AdAwareInstaller 
16-02-2016 18:15:38 Windows Update
17-02-2016 03:00:25 Windows Update
18-02-2016 03:00:24 Windows Update
18-02-2016 21:01:37 Windows Update
19-02-2016 16:28:07 Windows Update
19-02-2016 16:34:27 Installed Compatibility Pack for the 2007 Office system
19-02-2016 22:00:11 Windows Update
 
==================== Faulty Device Manager Devices =============
 
Name: VBoxAsw Support Driver
Description: VBoxAsw Support Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: VBoxAswDrv
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/20/2016 04:26:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program CCleaner64.exe version 5.14.0.5493 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 93c
 
Start Time: 01d16c24800644e0
 
Termination Time: 2295
 
Application Path: C:\Program Files\CCleaner\CCleaner64.exe
 
Report Id: 75913731-d818-11e5-966a-7071bcc9a728
 
Error: (02/19/2016 08:22:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AitStatic.exe, version: 10.0.10004.0, time stamp: 0x54c65a8b
Faulting module name: KERNELBASE.dll, version: 6.1.7601.19135, time stamp: 0x56a1c9ac
Exception code: 0xc000000d
Fault offset: 0x000000000000965d
Faulting process id: 0xf04
Faulting application start time: 0xAitStatic.exe0
Faulting application path: AitStatic.exe1
Faulting module path: AitStatic.exe2
Report Id: AitStatic.exe3
 
Error: (02/19/2016 08:21:48 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (02/18/2016 08:55:48 PM) (Source: Microsoft Office 15) (EventID: 2011) (User: )
Description: Application: firstrun.exe; IdentityType: LiveId; HasToken: 0; AutoOrgId: 0; Roaming: 0; SessionLicensing: 0; LvuxSqm: 0; SppReady: 1; CurrentHr: 0x803d0013; CorrelationId: {52157A24-8C7D-48AF-A202-D4187CE65A13}; OlsErrorCode: 0x9; CurrentProductReleaseId: O365ProPlusRetail; AllProductReleaseIds (from store): O365ProPlusRetail,O365ProPlusRetail
 
Error: (02/18/2016 08:55:48 PM) (Source: Microsoft Office 15) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x9; CorrelationId: {52157A24-8C7D-48AF-A202-D4187CE65A13}
 
Error: (02/18/2016 08:55:08 PM) (Source: Microsoft Office 15) (EventID: 2011) (User: )
Description: Application: firstrun.exe; IdentityType: Unknown; HasToken: 1; AutoOrgId: 0; Roaming: 0; SessionLicensing: 0; LvuxSqm: 0; SppReady: 1; CurrentHr: 0x803d0013; CorrelationId: {52157A24-8C7D-48AF-A202-D4187CE65A13}; OlsErrorCode: 0x407; CurrentProductReleaseId: O365ProPlusRetail; AllProductReleaseIds (from store): O365ProPlusRetail,O365ProPlusRetail
 
Error: (02/18/2016 08:55:08 PM) (Source: Microsoft Office 15) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x407; CorrelationId: {52157A24-8C7D-48AF-A202-D4187CE65A13}
 
Error: (02/18/2016 08:51:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 50.0.2652.0, time stamp: 0x56c2bc50
Faulting module name: chrome.dll, version: 50.0.2652.0, time stamp: 0x56c2b290
Exception code: 0xc0000005
Fault offset: 0x00000000009348f4
Faulting process id: 0x16b4
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
 
Error: (02/18/2016 08:50:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 50.0.2652.0, time stamp: 0x56c2bc50
Faulting module name: chrome.dll, version: 50.0.2652.0, time stamp: 0x56c2b290
Exception code: 0xc0000005
Fault offset: 0x00000000009348f4
Faulting process id: 0x167c
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
 
Error: (02/18/2016 08:50:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 50.0.2652.0, time stamp: 0x56c2bc50
Faulting module name: chrome.dll, version: 50.0.2652.0, time stamp: 0x56c2b290
Exception code: 0xc0000005
Fault offset: 0x00000000009348f4
Faulting process id: 0x1858
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
 
 
System errors:
=============
Error: (02/20/2016 04:21:05 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.
 
Error: (02/20/2016 04:18:28 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The HP Network Devices Support service terminated with the following error: 
%%126
 
Error: (02/20/2016 04:16:45 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The HP Network Devices Support service terminated with the following error: 
%%126
 
Error: (02/20/2016 04:16:39 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {10DA4F3C-CC99-4190-BE4D-58330754E882}
 
Error: (02/20/2016 04:16:08 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The HP Network Devices Support service terminated with the following error: 
%%126
 
Error: (02/20/2016 04:15:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The VBoxAsw Support Driver service failed to start due to the following error: 
%%3
 
Error: (02/20/2016 04:15:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Reason Core Security Engine Service service failed to start due to the following error: 
%%1053
 
Error: (02/20/2016 04:15:30 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Reason Core Security Engine Service service to connect.
 
Error: (02/20/2016 04:14:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Advanced SystemCare Service 9 service failed to start due to the following error: 
%%2
 
Error: (02/20/2016 01:59:18 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084wuauserv{E60687F7-01A1-40AA-86AC-DB1CBF673334}
 
 
==================== Memory info =========================== 
 
Processor: AMD Athlon™ II X2 220 Processor
Percentage of memory in use: 65%
Total physical RAM: 3839.3 MB
Available physical RAM: 1339.79 MB
Total Virtual: 7676.82 MB
Available Virtual: 4902.02 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:452.34 GB) (Free:276.18 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:13.32 GB) (Free:1.61 GB) NTFS ==>[system with boot components (obtained from drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: CDDC5E9D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=452.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.3 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

 


  • 0

Advertisements

#2
pystryker
Posted 23 February 2016 - 06:13 PM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts
Hello and welcome to Geeks To Go! My nickname is Pystryker :) , and I will be helping you with your issue today.


Before we get started, I have a few things I need to go over with you
  • If you are receiving help for this issue at another forum, please let me know so I can close this thread.
  • Please download to and run all requested tools from your Desktop.
  • Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process.
  • At the top of your post, please click on the "Follow this topic" button and make sure that the "Received notification" box is checked and set to "Instantly" This will send an email to you as soon as I reply to your topic, allowing us to solve your problem faster.
  • If any of your security programs give you a warning about any tool I ask you to use, please do not worry. All the links and tools I provide to you will be safe.
  • Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.
  • This is a complicated process. It requires several steps, patience, and careful following of my instructions in the order they are given to diagnose your problems to get your machine back in working order.
  • Please stay with me until the end of all steps and procedures and I declare your system clean. Just because there is a lack of symptoms does not indicate a clean machine. I promise to do the same for you.
  • It is impossible for me to know what interactions may happen between your computer's software and the tools we will use to clean your machine. Therefore, I highly recommend you backup any critical personal files on your machine before we start.
  • If you have any questions at all, please don't hesitate to ask. There's no such thing as a stupid question when dealing with malware.
  • If you are unsure of an instruction I give you, or if something unexpected occurs, Do NOT proceed! Stop and ask for clarification of the instruction or tell me what occurred.
  • Please remember, the fixes are for your machine and your machine ONLY! Do not use these fixes on any other machine, each fix is tailor made for your system only. Using a fix on another machine can and will cause serious damage.
  • Once we have cleaned your machine, we'll have some cleanup and prevention steps to go through. We will also provide you with some information about how to reduce your chances of infection and get some protections in place to help defend you against this in the future
  • Please be patient while I am analyzing your logs. I know you are probably scared and very frustrated with this problem, but I am a volunteer and sometimes life does get in the way. :)
Now, let's get started, shall we? :thumbsup:


Hello :)

Could you please post the logs from TDSSKiller and Malwarebytes in your next post?

You can find the TDSSKiller Log here: C: >> TDSSKiller.V.V.V.VV_DD.DD.YYYY_TT.TT.TT_log <-- The letters denote the version and date & time etc.

The Malwarebytes log can be produced by following the steps below:
  • Start MBAM
  • Click History, then Application Logs, then check the Select box by the first Scan Log in the list and then click on the log to highlight it.
  • Click Export, select text file and save to the desktop as MBAM.txt and post in your next reply.
One of the first things we need to do is uninstall and then reinstall your copy of Chrome. The malware has changed it into a development version which allows the malware to install any extension it wishes without your permission.

Let's get started showing your unwelcome guests the door. :thumbsup:



Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.


Step 1: Disable Spybot's Tea Timer

There are two ways to disable TeaTimer

1)
  • Launch Spybot Search & Destroy icon_Spybot_-_Search_and_Destroy.png
  • In the Menu, Select Mode and choose Advanced Mode
  • Click Yes in the confirmation dialogue box
  • click on Tools to expand the menu. Make sure that Resident is checked and then click Resident in the left pane.
  • In the right pane uncheck Resident "Tea timer" (Protection of over-all system settings) to disable it.
  • Uncheck the TeaTimer box and OK any prompts.
  • If Teatimer gives you a warning that changes were made, click the "Allow Change" box when prompted.
  • Exit Spybot S&D when done.
  • (Once you are clean, you can re-enable Teatimer using the same steps but this time place a check next to "Resident TeaTimer" and check the "TeaTimer" box in System Startup.
2)
  • Right click the TeaTimer icon in the system Tray MHoTT005.gif
  • Then click Exit Spybot-S&D Resident
  • (One you are clean you can restart TeaTimer by going to C:\Program Files\Spybot - Search & Destroy, and double clicking on TeaTimer.exe
Step 2: Uninstall and Reinstall Chrome

1. If you have bookmarks, let's save them by exporting them - Export Bookmarks
2. Then I need you to go Google Sync and sign into your account
3. Scroll down until you see the "Stop and Clear" button and click on the button. At the prompt click on "Ok"
4. Now we need to uninstall chromevia the Control Panel.
Note: When asked about user data or settings you must remove this also, so please check the box.
5. Restart the computer and reinstall chrome, You can download The latest version from here - Google Chrome
6. Import your bookmarks back into Chrome.
7. Sign back in to your Chrome browser so that your bookmarks sync with your online account.


Step 3: Fix with FRST


Note: Before performing this step, please move FRST64.exe from C:\Users\David\Desktop\PC SCANS\Fixes to the Desktop or the fix will not work.
  • Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
  • Right-click in the open notepad and select Paste).
  • Save it on the desktop as fixlist.txt

    NOTE: It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

Start
CreateRestorePoint:
CloseProcesses:
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\MountPoints2: E - E:\eFilmLite\eFilmLt.exe
HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\MountPoints2: {ccff0a48-dd3c-11e4-8a39-7071bcc9a728} - F:\TL_Bootstrap.exe
HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKU\S-1-5-21-585021316-1980500837-2966188906-1000\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\.DEFAULT -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL =
SearchScopes: HKU\.DEFAULT -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL =
SearchScopes: HKU\S-1-5-21-585021316-1980500837-2966188906-1000 -> 51E9250E8F084AF0A67C34BE9EC8E5DD URL =
SearchScopes: HKU\S-1-5-21-585021316-1980500837-2966188906-1000 -> {61D54D14-7B8E-4C3D-8790-0FA769565770} URL =
SearchScopes: HKU\S-1-5-21-585021316-1980500837-2966188906-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
Toolbar: HKU\S-1-5-21-585021316-1980500837-2966188906-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-585021316-1980500837-2966188906-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
S2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [X]
S2 HPSLPSVC; C:\Users\David\AppData\Local\Temp\7zS2866\hpslpsvc64.dll [X]
U0 SR; no ImagePath
U2 srservice; no ImagePath
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
Task: {671904C8-6859-49CF-87DB-DC546FCF04DF} - System32\Tasks\ASC9_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
Task: {6CC3712B-FDB1-4E63-8C1D-E53373A61079} - System32\Tasks\Driver Booster SkipUAC (David) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {8434E7F9-213E-479A-B3A9-F3DAF34C9BA4} - System32\Tasks\Uninstaller_SkipUac_David => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {ACEAAD0D-C910-43AF-82B3-7C3CE94B5E36} - System32\Tasks\ASC9_SkipUac_David => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: {B67FABF6-AD20-467F-AC52-7EBCAD40DA09} - System32\Tasks\SmartDefrag4_Startup => C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe
Task: {C4E9C2A2-C54C-4FB6-89FF-886D178B91D2} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe
Task: C:\Windows\Tasks\SuperFastPC_AutorunOnStartup.job => C:\Program Files (x86)\System Optimizer Pro\SystemOptimizerPro.exe <==== ATTENTION
Task: {B67FABF6-AD20-467F-AC52-7EBCAD40DA09} - System32\Tasks\SmartDefrag4_Startup => C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe
Task: {F1FC7BF4-9B7C-496D-AA61-7205780EE613} - System32\Tasks\SmartDefrag4_Update => C:\Program Files (x86)\IObit\Smart Defrag 4\AutoUpdate.exe
Task: {F3034099-99E4-4BDB-99E0-FA0A7B8103FB} - System32\Tasks\ASC Task (One-Time) => C:\Program Files (x86)\IObit\Advanced SystemCare\PromoteASCAfterInstall.exe
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\ProgramData\Temp:B63300D1
HKU\.DEFAULT\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION
HKU\.DEFAULT\Software\Classes\exefile: "%1" %* <===== ATTENTION
HKU\S-1-5-19\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION
HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION
HKU\S-1-5-20\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION
HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION
2016-02-14 22:10 - 2015-01-10 15:32 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2016-02-14 22:10 - 2014-06-04 15:17 - 00034080 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe
2016-02-14 22:01 - 2016-02-14 22:01 - 00000000 ____D C:\Users\David\AppData\IObit
2016-02-12 16:25 - 2016-02-12 16:25 - 61132800 _____ C:\Windows\system32\config\components.iobit
2016-02-12 16:25 - 2016-02-12 16:25 - 00061440 _____ C:\Windows\system32\config\SAM.iobit
2016-02-12 16:25 - 2016-02-12 16:25 - 00024576 _____ C:\Windows\system32\config\SECURITY.iobit
2016-02-12 16:24 - 2016-02-12 16:25 - 05615616 _____ C:\Windows\system32\config\DEFAULT.iobit
2016-02-12 16:24 - 2016-02-12 16:24 - 127008768 _____ C:\Windows\system32\config\SOFTWARE.iobit
2016-02-12 15:27 - 2016-02-15 20:18 - 00000000 ____D C:\ProgramData\IObit
2016-02-12 15:27 - 2016-02-15 20:16 - 00000000 ____D C:\ProgramData\ProductData
2016-02-12 15:27 - 2016-02-14 22:00 - 00000000 ____D C:\Users\David\AppData\LocalLow\IObit
2016-02-12 15:26 - 2016-02-15 20:12 - 00000000 ____D C:\Users\David\AppData\Roaming\IObit
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state on
CMD: ipconfig /flushdns
Emptytemp:
End


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.


Run FRST and press the Fix button just once and wait. The tool will make a log on the desktop (Fixlog.txt) please post it in your next reply.


Things I need to see in your next post:

Please post each of these logs as a separate reply in this thread.

TDSSKiller Log

Malwarebytes Log

Fixlog.txt Log
  • 0

#3
pystryker
Posted 26 February 2016 - 06:32 AM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.


  • 0

#4
pystryker
Posted 02 March 2016 - 04:39 PM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts
User returned.
  • 0

#5
pystryker
Posted 07 March 2016 - 06:39 AM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts

Hello :)

 

Do you still require assistance?


  • 0

#6
DeborahT
Posted 09 March 2016 - 02:09 PM

DeborahT

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

19:09:53.0666 0x0668  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12

19:09:59.0921 0x0668  ============================================================

19:09:59.0921 0x0668  Current date / time: 2016/02/15 19:09:59.0921

19:09:59.0921 0x0668  SystemInfo:

19:09:59.0921 0x0668 

19:09:59.0921 0x0668  OS Version: 6.1.7601 ServicePack: 1.0

19:09:59.0921 0x0668  Product type: Workstation

19:09:59.0921 0x0668  ComputerName: DAVID-HP

19:09:59.0921 0x0668  UserName: David

19:09:59.0921 0x0668  Windows directory: C:\Windows

19:09:59.0921 0x0668  System windows directory: C:\Windows

19:09:59.0921 0x0668  Running under WOW64

19:09:59.0921 0x0668  Processor architecture: Intel x64

19:09:59.0921 0x0668  Number of processors: 2

19:09:59.0921 0x0668  Page size: 0x1000

19:09:59.0921 0x0668  Boot type: Safe boot with network

19:09:59.0921 0x0668  ============================================================

19:10:02.0932 0x0668  KLMD registered as C:\Windows\system32\drivers\40976060.sys

19:10:03.0260 0x0668  System UUID: {4FB8F858-5026-6E88-FD7A-9CEEE249F413}

19:10:03.0759 0x0668  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

19:10:03.0759 0x0668  ============================================================

19:10:03.0759 0x0668  \Device\Harddisk0\DR0:

19:10:03.0774 0x0668  MBR partitions:

19:10:03.0774 0x0668  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

19:10:03.0774 0x0668  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x388AF000

19:10:03.0774 0x0668  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x388E1800, BlocksNum 0x1AA4000

19:10:03.0774 0x0668  ============================================================

19:10:03.0806 0x0668  C: <-> \Device\Harddisk0\DR0\Partition2

19:10:03.0868 0x0668  D: <-> \Device\Harddisk0\DR0\Partition3

19:10:03.0868 0x0668  ============================================================

19:10:03.0868 0x0668  Initialize success

19:10:03.0868 0x0668  ============================================================

19:10:06.0941 0x05ec  ============================================================

19:10:06.0941 0x05ec  Scan started

19:10:06.0941 0x05ec  Mode: Manual;

19:10:06.0941 0x05ec  ============================================================

19:10:06.0941 0x05ec  KSN ping started

19:10:09.0952 0x05ec  KSN ping finished: true

19:10:11.0091 0x05ec  ================ Scan system memory ========================

19:10:11.0091 0x05ec  System memory - ok

19:10:11.0091 0x05ec  ================ Scan services =============================

19:10:11.0325 0x05ec  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys

19:10:11.0325 0x05ec  1394ohci - ok

19:10:11.0387 0x05ec  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys

19:10:11.0387 0x05ec  ACPI - ok

19:10:11.0418 0x05ec  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys

19:10:11.0418 0x05ec  AcpiPmi - ok

19:10:11.0512 0x05ec  [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

19:10:11.0512 0x05ec  AdobeARMservice - ok

19:10:11.0715 0x05ec  [ 785FD0E36CA75D90DD50042E2594BC63, 471A5ED43A3E18A5A69C28F7F351558E90F20416D9C532ADF50888808090AE89 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

19:10:11.0730 0x05ec  AdobeFlashPlayerUpdateSvc - ok

19:10:11.0777 0x05ec  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys

19:10:11.0793 0x05ec  adp94xx - ok

19:10:11.0840 0x05ec  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys

19:10:11.0840 0x05ec  adpahci - ok

19:10:11.0886 0x05ec  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys

19:10:11.0886 0x05ec  adpu320 - ok

19:10:12.0042 0x05ec  [ 91C596BE98F65830352B466C19705533, 4FB4614839E405F127B7E9B801CF9E6166EBCBAB62506F2153CEAFB07CA6BB8D ] AdvancedSystemCareService9 C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe

19:10:12.0058 0x05ec  AdvancedSystemCareService9 - ok

19:10:12.0074 0x05ec  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll

19:10:12.0089 0x05ec  AeLookupSvc - ok

19:10:12.0136 0x05ec  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys

19:10:12.0136 0x05ec  AFD - ok

19:10:12.0183 0x05ec  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys

19:10:12.0183 0x05ec  agp440 - ok

19:10:12.0230 0x05ec  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe

19:10:12.0261 0x05ec  ALG - ok

19:10:12.0292 0x05ec  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys

19:10:12.0292 0x05ec  aliide - ok

19:10:12.0323 0x05ec  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys

19:10:12.0323 0x05ec  amdide - ok

19:10:12.0354 0x05ec  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys

19:10:12.0354 0x05ec  AmdK8 - ok

19:10:12.0386 0x05ec  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys

19:10:12.0386 0x05ec  AmdPPM - ok

19:10:12.0432 0x05ec  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys

19:10:12.0432 0x05ec  amdsata - ok

19:10:12.0479 0x05ec  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys

19:10:12.0495 0x05ec  amdsbs - ok

19:10:12.0526 0x05ec  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys

19:10:12.0542 0x05ec  amdxata - ok

19:10:12.0604 0x05ec  [ 2031B877E46AEB934E1434BB52EB3700, EC072DED1D1F727AD89C5AA8062933AF6C1265B1C0D2F43D82574A90D9A907AA ] AmUStor         C:\Windows\system32\drivers\AmUStor.SYS

19:10:12.0604 0x05ec  AmUStor - ok

19:10:12.0651 0x05ec  [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID           C:\Windows\system32\drivers\appid.sys

19:10:12.0651 0x05ec  AppID - ok

19:10:12.0666 0x05ec  [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc        C:\Windows\System32\appidsvc.dll

19:10:12.0666 0x05ec  AppIDSvc - ok

19:10:12.0698 0x05ec  [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo         C:\Windows\System32\appinfo.dll

19:10:12.0698 0x05ec  Appinfo - ok

19:10:12.0807 0x05ec  [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

19:10:12.0822 0x05ec  Apple Mobile Device Service - ok

19:10:12.0854 0x05ec  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys

19:10:12.0854 0x05ec  arc - ok

19:10:12.0869 0x05ec  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys

19:10:12.0885 0x05ec  arcsas - ok

19:10:13.0025 0x05ec  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

19:10:13.0041 0x05ec  aspnet_state - ok

19:10:13.0103 0x05ec  [ 7E66DFE6B62C6C34FD6B09DB6169E9F6, BCE908BBF35FD9471018BFC9DCE357529F558693692FF51DA868024F7FD0E868 ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys

19:10:13.0119 0x05ec  aswHwid - ok

19:10:13.0181 0x05ec  [ AECE9E699CAC76DC993BB988652B5AD8, 76DB04A9CA1D2EED9EB50F9D23197B02E9D42D96BF1C239C9EE5FA9CCA36F85A ] aswKbd          C:\Windows\system32\drivers\aswKbd.sys

19:10:13.0181 0x05ec  aswKbd - ok

19:10:13.0244 0x05ec  [ 259ABA699202DCE45815128D7BEAE41E, D42C190212D8B41DCD56331E7C94AB2E57E3BE0A55056FDA715339E13F55B0CC ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys

19:10:13.0259 0x05ec  aswMonFlt - ok

19:10:13.0275 0x05ec  [ 0866D5FE02D614501B7B4AD5E1BC7B53, C34B4AF64DA9592EADC070C7A384070D564DCE3412337F671932A4818D8E12E8 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys

19:10:13.0275 0x05ec  aswRdr - ok

19:10:13.0290 0x05ec  [ 0AA12ADF5F87B4A70BDBAED77F54B978, 2C33F656EC2E51493A40FF32A5C934E209CF1475A8B0F3573396E97F8A10A76A ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys

19:10:13.0306 0x05ec  aswRvrt - ok

19:10:13.0353 0x05ec  [ C445C4459ADC7A04E02D4646980515FC, 231BAA4D0B3F5B8EDE9ED849B0D192E8BB12FAB8AAB60FD8224EB96E41924A51 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys

19:10:13.0400 0x05ec  aswSnx - ok

19:10:13.0478 0x05ec  [ 6538FDD733D155F901913D3C09C618CB, 253B1ED73647BD9EC558E5CCAE7277AE5F97DB4514DB6467A5A9A2947F8C057F ] aswSP           C:\Windows\system32\drivers\aswSP.sys

19:10:13.0493 0x05ec  aswSP - ok

19:10:13.0524 0x05ec  [ 219D0E2348629FAE4E6E3478C21B23D6, 3545F59A966F31CE949596629217FD4D7119162411073D4D811575620728AC68 ] aswStm          C:\Windows\system32\drivers\aswStm.sys

19:10:13.0524 0x05ec  aswStm - ok

19:10:13.0556 0x05ec  [ 9949BBD5BB70C4D317B7549896132579, DD92AAD8530C04365C24BD540C909FBDCFC92B18CB6ABB0E655F360EBC4DCD1E ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys

19:10:13.0571 0x05ec  aswVmm - ok

19:10:13.0602 0x05ec  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys

19:10:13.0602 0x05ec  AsyncMac - ok

19:10:13.0649 0x05ec  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys

19:10:13.0649 0x05ec  atapi - ok

19:10:13.0712 0x05ec  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

19:10:13.0727 0x05ec  AudioEndpointBuilder - ok

19:10:13.0758 0x05ec  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll

19:10:13.0774 0x05ec  AudioSrv - ok

19:10:13.0821 0x05ec  [ 501E11AE85EE28D305D228F5931AC76C, FB7052CFA143E5D431131EBB59D4EDAEEFCB56A017552E2395F1954F861613A0 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe

19:10:13.0852 0x05ec  avast! Antivirus - ok

19:10:13.0914 0x05ec  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll

19:10:13.0930 0x05ec  AxInstSV - ok

19:10:13.0977 0x05ec  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys

19:10:13.0977 0x05ec  b06bdrv - ok

19:10:14.0024 0x05ec  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys

19:10:14.0024 0x05ec  b57nd60a - ok

19:10:14.0070 0x05ec  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll

19:10:14.0086 0x05ec  BDESVC - ok

19:10:14.0117 0x05ec  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys

19:10:14.0117 0x05ec  Beep - ok

19:10:14.0164 0x05ec  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll

19:10:14.0195 0x05ec  BFE - ok

19:10:14.0258 0x05ec  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll

19:10:14.0367 0x05ec  BITS - ok

19:10:14.0398 0x05ec  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys

19:10:14.0398 0x05ec  blbdrive - ok

19:10:14.0476 0x05ec  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

19:10:14.0492 0x05ec  Bonjour Service - ok

19:10:14.0538 0x05ec  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys

19:10:14.0538 0x05ec  bowser - ok

19:10:14.0570 0x05ec  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys

19:10:14.0570 0x05ec  BrFiltLo - ok

19:10:14.0585 0x05ec  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys

19:10:14.0585 0x05ec  BrFiltUp - ok

19:10:14.0616 0x05ec  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll

19:10:14.0616 0x05ec  Browser - ok

19:10:14.0648 0x05ec  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys

19:10:14.0648 0x05ec  Brserid - ok

19:10:14.0679 0x05ec  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys

19:10:14.0679 0x05ec  BrSerWdm - ok

19:10:14.0710 0x05ec  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys

19:10:14.0710 0x05ec  BrUsbMdm - ok

19:10:14.0726 0x05ec  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys

19:10:14.0726 0x05ec  BrUsbSer - ok

19:10:14.0757 0x05ec  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys

19:10:14.0757 0x05ec  BTHMODEM - ok

19:10:14.0788 0x05ec  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll

19:10:14.0788 0x05ec  bthserv - ok

19:10:14.0819 0x05ec  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys

19:10:14.0819 0x05ec  cdfs - ok

19:10:14.0866 0x05ec  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys

19:10:14.0866 0x05ec  cdrom - ok

19:10:14.0913 0x05ec  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll

19:10:14.0928 0x05ec  CertPropSvc - ok

19:10:14.0960 0x05ec  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys

19:10:14.0975 0x05ec  circlass - ok

19:10:15.0006 0x05ec  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys

19:10:15.0022 0x05ec  CLFS - ok

19:10:15.0240 0x05ec  [ 39A1A170E8491EDC0F904FCAEB1AF4E9, 46D695A45500678D3D9B91BA73EE072DAAE517A2DF62051D17A30EFAABF529CF ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe

19:10:15.0350 0x05ec  ClickToRunSvc - ok

19:10:15.0428 0x05ec  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

19:10:15.0428 0x05ec  clr_optimization_v2.0.50727_32 - ok

19:10:15.0459 0x05ec  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

19:10:15.0459 0x05ec  clr_optimization_v2.0.50727_64 - ok

19:10:15.0552 0x05ec  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

19:10:15.0724 0x05ec  clr_optimization_v4.0.30319_32 - ok

19:10:15.0740 0x05ec  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

19:10:15.0818 0x05ec  clr_optimization_v4.0.30319_64 - ok

19:10:15.0833 0x05ec  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys

19:10:15.0833 0x05ec  CmBatt - ok

19:10:15.0849 0x05ec  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys

19:10:15.0864 0x05ec  cmdide - ok

19:10:15.0927 0x05ec  [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG             C:\Windows\system32\Drivers\cng.sys

19:10:15.0927 0x05ec  CNG - ok

19:10:15.0974 0x05ec  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys

19:10:15.0974 0x05ec  Compbatt - ok

19:10:16.0020 0x05ec  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys

19:10:16.0020 0x05ec  CompositeBus - ok

19:10:16.0036 0x05ec  COMSysApp - ok

19:10:16.0052 0x05ec  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys

19:10:16.0052 0x05ec  crcdisk - ok

19:10:16.0098 0x05ec  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll

19:10:16.0098 0x05ec  CryptSvc - ok

19:10:16.0223 0x05ec  [ B4D1D62A09F09CB2DFD55628350CDAFB, 7DD3CE77D88B5AFAC4B6187F4CA6D50B7BD3398207163B2A1E4C76467801FF28 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

19:10:16.0239 0x05ec  cvhsvc - ok

19:10:16.0286 0x05ec  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll

19:10:16.0301 0x05ec  DcomLaunch - ok

19:10:16.0364 0x05ec  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll

19:10:16.0379 0x05ec  defragsvc - ok

19:10:16.0410 0x05ec  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys

19:10:16.0410 0x05ec  DfsC - ok

19:10:16.0473 0x05ec  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll

19:10:16.0488 0x05ec  Dhcp - ok

19:10:16.0582 0x05ec  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll

19:10:16.0613 0x05ec  DiagTrack - ok

19:10:16.0660 0x05ec  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys

19:10:16.0660 0x05ec  discache - ok

19:10:16.0707 0x05ec  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys

19:10:16.0707 0x05ec  Disk - ok

19:10:16.0754 0x05ec  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll

19:10:16.0769 0x05ec  Dnscache - ok

19:10:16.0800 0x05ec  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll

19:10:16.0816 0x05ec  dot3svc - ok

19:10:16.0847 0x05ec  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys

19:10:16.0847 0x05ec  Dot4 - ok

19:10:16.0863 0x05ec  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys

19:10:16.0878 0x05ec  Dot4Print - ok

19:10:16.0910 0x05ec  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys

19:10:16.0910 0x05ec  dot4usb - ok

19:10:16.0941 0x05ec  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll

19:10:16.0941 0x05ec  DPS - ok

19:10:16.0972 0x05ec  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys

19:10:16.0972 0x05ec  drmkaud - ok

19:10:17.0019 0x05ec  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys

19:10:17.0034 0x05ec  DXGKrnl - ok

19:10:17.0066 0x05ec  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll

19:10:17.0066 0x05ec  EapHost - ok

19:10:17.0190 0x05ec  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys

19:10:17.0253 0x05ec  ebdrv - ok

19:10:17.0284 0x05ec  [ 5673794F254FE312AF62D9DA32805A2F, 76400BF26F87303924A4FA9DFE5DD13170D1E4A195CD12548DBAA0E6E8C11B1B ] EFS             C:\Windows\System32\lsass.exe

19:10:17.0284 0x05ec  EFS - ok

19:10:17.0378 0x05ec  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe

19:10:17.0393 0x05ec  ehRecvr - ok

19:10:17.0424 0x05ec  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe

19:10:17.0424 0x05ec  ehSched - ok

19:10:17.0487 0x05ec  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys

19:10:17.0502 0x05ec  elxstor - ok

19:10:17.0534 0x05ec  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys

19:10:17.0534 0x05ec  ErrDev - ok

19:10:17.0549 0x06dc  Object required for P2P: [ 501E11AE85EE28D305D228F5931AC76C ] avast! Antivirus

19:10:17.0612 0x05ec  [ 60281B807AC3F5202D3008F5DA902842, 6E4E91507E29AB865F7DF5A9E667C0853698F55D9C9DBAEB39AA9CE0A9AE885C ] ESProtectionDriver C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys

19:10:17.0627 0x05ec  ESProtectionDriver - ok

19:10:17.0674 0x05ec  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll

19:10:17.0690 0x05ec  EventSystem - ok

19:10:17.0721 0x05ec  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys

19:10:17.0736 0x05ec  exfat - ok

19:10:17.0768 0x05ec  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys

19:10:17.0783 0x05ec  fastfat - ok

19:10:17.0846 0x05ec  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe

19:10:17.0877 0x05ec  Fax - ok

19:10:17.0892 0x05ec  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys

19:10:17.0892 0x05ec  fdc - ok

19:10:17.0924 0x05ec  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll

19:10:17.0939 0x05ec  fdPHost - ok

19:10:17.0955 0x05ec  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll

19:10:17.0955 0x05ec  FDResPub - ok

19:10:18.0002 0x05ec  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys

19:10:18.0002 0x05ec  FileInfo - ok

19:10:18.0064 0x05ec  [ D409D4A4517865131999FAC96D366CBF, 512A80C4B180D5D6DECBAFB831A56C0DC8C5D1CC7E749465C47D29EC4DA45719 ] FileMonitor     C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys

19:10:18.0064 0x05ec  FileMonitor - ok

19:10:18.0080 0x05ec  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys

19:10:18.0080 0x05ec  Filetrace - ok

19:10:18.0111 0x05ec  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys

19:10:18.0111 0x05ec  flpydisk - ok

19:10:18.0158 0x05ec  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys

19:10:18.0158 0x05ec  FltMgr - ok

19:10:18.0251 0x05ec  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\Windows\system32\FntCache.dll

19:10:18.0282 0x05ec  FontCache - ok

19:10:18.0345 0x05ec  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

19:10:18.0345 0x05ec  FontCache3.0.0.0 - ok

19:10:18.0423 0x05ec  [ B60DF5324D7EA0C8017F4C5331962D59, A7491707E933400E4CC475A58AA75C8668848E5CDF05E5CBA2B9650618AEE650 ] ForceWare Intelligent Application Manager (IAM) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe

19:10:18.0454 0x05ec  ForceWare Intelligent Application Manager (IAM) - ok

19:10:18.0485 0x05ec  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys

19:10:18.0485 0x05ec  FsDepends - ok

19:10:18.0516 0x05ec  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys

19:10:18.0516 0x05ec  Fs_Rec - ok

19:10:18.0563 0x05ec  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys

19:10:18.0579 0x05ec  fvevol - ok

19:10:18.0610 0x05ec  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys

19:10:18.0610 0x05ec  gagp30kx - ok

19:10:18.0672 0x05ec  [ D154305DE6090E6E84E525F84BB08A06, 7B235178C3F26043AB7DB9EAD9A2185CEAF3C07BC48D63CA0EB6D56BCFEDF41A ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe

19:10:18.0672 0x05ec  GameConsoleService - ok

19:10:18.0782 0x05ec  [ 5E42BDFF22707E577AD82BE4C43C3BCE, 4C0BBF6AAA7EB30A789D91A4F29726C2A6D941D457B59CF376EF96571F3E1BB4 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe

19:10:18.0828 0x05ec  GfExperienceService - ok

19:10:18.0906 0x05ec  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll

19:10:18.0953 0x05ec  gpsvc - ok

19:10:19.0031 0x05ec  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

19:10:19.0031 0x05ec  gupdate - ok

19:10:19.0062 0x05ec  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

19:10:19.0062 0x05ec  gupdatem - ok

19:10:19.0094 0x05ec  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys

19:10:19.0094 0x05ec  hcw85cir - ok

19:10:19.0140 0x05ec  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

19:10:19.0156 0x05ec  HdAudAddService - ok

19:10:19.0172 0x05ec  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys

19:10:19.0187 0x05ec  HDAudBus - ok

19:10:19.0203 0x05ec  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys

19:10:19.0203 0x05ec  HidBatt - ok

19:10:19.0218 0x05ec  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys

19:10:19.0218 0x05ec  HidBth - ok

19:10:19.0265 0x05ec  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys

19:10:19.0265 0x05ec  HidIr - ok

19:10:19.0296 0x05ec  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll

19:10:19.0312 0x05ec  hidserv - ok

19:10:19.0343 0x05ec  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys

19:10:19.0343 0x05ec  HidUsb - ok

19:10:19.0406 0x05ec  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll

19:10:19.0406 0x05ec  hkmsvc - ok

19:10:19.0437 0x05ec  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll

19:10:19.0452 0x05ec  HomeGroupListener - ok

19:10:19.0499 0x05ec  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

19:10:19.0515 0x05ec  HomeGroupProvider - ok

19:10:19.0562 0x05ec  [ 3DC11A802353401332D49C3CBFBBE5FC, E812E8A4ED64FEC346BE6B175CE651CFC553A23F31B0ABC5D50E6995A7F130DF ] HPClientSvc     C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

19:10:19.0577 0x05ec  HPClientSvc - ok

19:10:19.0686 0x05ec  [ 1DAE5C46D42B02A6D5862E1482EFB390, 90B14E0A8376AE51872D89C141E88AE144B742805F94B4F7948E295322C78B9D ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll

19:10:19.0702 0x05ec  hpqcxs08 - ok

19:10:19.0733 0x05ec  [ 99E8EEF42FE2F4AF29B08C3355DD7685, D57BC2148653DA5596FB49F1086D165B11C9F6C644608202C08305D3C8499CFE ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll

19:10:19.0733 0x05ec  hpqddsvc - ok

19:10:19.0858 0x05ec  [ 7B7DE6B3DC30F3246958F42C67A6F7BB, 4B66B90CFEC2231B905B21DECC4EC7C6500E546F080A452EF67E724EDF37ADD9 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

19:10:19.0889 0x05ec  hpqwmiex - ok

19:10:19.0936 0x05ec  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys

19:10:19.0936 0x05ec  HpSAMD - ok

19:10:20.0014 0x05ec  HPSLPSVC - ok

19:10:20.0076 0x05ec  [ CB5A8B34FA37AE53053F2D3DF05AC1E6, 2C7357079A66AE609F49900181B013E735B4A01C45DA316CD1E8698F93DE6EA8 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe

19:10:20.0092 0x05ec  HPSupportSolutionsFrameworkService - ok

19:10:20.0264 0x05ec  [ E82871D75565219A7E28C6B14572EF63, CDE94165591FC52A2CB0475072F4F6C44065F34B816CCB8F92C5E5F40011DA45 ] HsdService      C:\Program Files (x86)\Windstream\Diagnostic Tools\HsdService.exe

19:10:20.0310 0x05ec  HsdService - ok

19:10:20.0373 0x05ec  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys

19:10:20.0388 0x05ec  HTTP - ok

19:10:20.0560 0x05ec  [ EF558A02D734A1403583E95CCEEC2487, F0D052DAF48A62E4A90D067BFCB5EE9563804DE68D0EA82E0E11C8D16AD19D29 ] HWiNFO32        C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS

19:10:20.0560 0x05ec  HWiNFO32 - ok

19:10:20.0591 0x05ec  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys

19:10:20.0591 0x05ec  hwpolicy - ok

19:10:20.0638 0x05ec  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys

19:10:20.0638 0x05ec  i8042prt - ok

19:10:20.0669 0x05ec  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys

19:10:20.0685 0x05ec  iaStorV - ok

19:10:20.0732 0x06dc  Object send P2P result: true

19:10:20.0747 0x05ec  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

19:10:20.0778 0x05ec  idsvc - ok

19:10:20.0810 0x05ec  IEEtwCollectorService - ok

19:10:20.0841 0x05ec  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys

19:10:20.0841 0x05ec  iirsp - ok

19:10:20.0966 0x05ec  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll

19:10:21.0012 0x05ec  IKEEXT - ok

19:10:21.0231 0x05ec  [ E1C70625416E5E544901AD8B947DAAA8, 97402DAC19C637CB788F17BDF0F563821A00ECFDC08AA262DC17688864F7DBBC ] IMFservice      C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe

19:10:21.0262 0x05ec  IMFservice - ok

19:10:21.0964 0x05ec  [ 93E07E34AC803B37CD196662FDBA38F8, 540DC5C9EA3361C686A78CFCD4CB0AAA15827A00D4D2F7FFA0D6B791D41BC986 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

19:10:22.0058 0x05ec  IntcAzAudAddService - ok

19:10:22.0104 0x05ec  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys

19:10:22.0104 0x05ec  intelide - ok

19:10:22.0167 0x05ec  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys

19:10:22.0167 0x05ec  intelppm - ok

19:10:22.0214 0x05ec  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll

19:10:22.0229 0x05ec  IPBusEnum - ok

19:10:22.0260 0x05ec  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys

19:10:22.0260 0x05ec  IpFilterDriver - ok

19:10:22.0401 0x05ec  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll

19:10:22.0416 0x05ec  iphlpsvc - ok

19:10:22.0448 0x05ec  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys

19:10:22.0448 0x05ec  IPMIDRV - ok

19:10:22.0494 0x05ec  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys

19:10:22.0494 0x05ec  IPNAT - ok

19:10:22.0526 0x05ec  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys

19:10:22.0526 0x05ec  IRENUM - ok

19:10:22.0588 0x05ec  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys

19:10:22.0588 0x05ec  isapnp - ok

19:10:22.0650 0x05ec  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys

19:10:22.0650 0x05ec  iScsiPrt - ok

19:10:22.0697 0x05ec  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys

19:10:22.0697 0x05ec  kbdclass - ok

19:10:22.0728 0x05ec  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys

19:10:22.0728 0x05ec  kbdhid - ok

19:10:22.0791 0x05ec  [ 5673794F254FE312AF62D9DA32805A2F, 76400BF26F87303924A4FA9DFE5DD13170D1E4A195CD12548DBAA0E6E8C11B1B ] KeyIso          C:\Windows\system32\lsass.exe

19:10:22.0806 0x05ec  KeyIso - ok

19:10:22.0853 0x05ec  [ 7BDDD24C5A148534D3737DBFA96B3E69, 06130316A21B1D67B5885AB7030603097EC96F7104F3766D67793ECFC1143158 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys

19:10:22.0853 0x05ec  KSecDD - ok

19:10:22.0869 0x05ec  [ BA500732D160C61E889E8180EE53C86F, 2E9B9FEF4E2F86DBF6778AD0A581CE2F1CA0AC777440BA05AB36B031CE1E8781 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys

19:10:22.0884 0x05ec  KSecPkg - ok

19:10:22.0931 0x05ec  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys

19:10:22.0931 0x05ec  ksthunk - ok

19:10:23.0009 0x05ec  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll

19:10:23.0025 0x05ec  KtmRm - ok

19:10:23.0103 0x05ec  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll

19:10:23.0118 0x05ec  LanmanServer - ok

19:10:23.0181 0x05ec  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

19:10:23.0196 0x05ec  LanmanWorkstation - ok

19:10:23.0290 0x05ec  [ 7550D101BF49FDB1F92666A233EE36C4, 281EE6C9AAE0A3FDA8D0FE7CD6BA55C481B8719799A526601FEA0542345CAF18 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

19:10:23.0306 0x05ec  LightScribeService - ok

19:10:23.0820 0x05ec  [ BB319A6240A810FD09E63CDBB3E6AF30, 8F0C72AFEE19F6CA37770A3893655CDB302A12D179CF0E59E87A6E554ED95C52 ] LiveUpdateSvc   C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe

19:10:23.0930 0x05ec  LiveUpdateSvc - ok

19:10:23.0976 0x05ec  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys

19:10:23.0992 0x05ec  lltdio - ok

19:10:24.0070 0x05ec  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll

19:10:24.0086 0x05ec  lltdsvc - ok

19:10:24.0101 0x05ec  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll

19:10:24.0117 0x05ec  lmhosts - ok

19:10:24.0148 0x05ec  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys

19:10:24.0148 0x05ec  LSI_FC - ok

19:10:24.0179 0x05ec  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys

19:10:24.0195 0x05ec  LSI_SAS - ok

19:10:24.0226 0x05ec  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys

19:10:24.0242 0x05ec  LSI_SAS2 - ok

19:10:24.0288 0x05ec  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys

19:10:24.0288 0x05ec  LSI_SCSI - ok

19:10:24.0320 0x05ec  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys

19:10:24.0320 0x05ec  luafv - ok

19:10:24.0476 0x05ec  [ 6761C5500F6A54BF31BA91F409234426, 28098724C3F7FBA0FAF753353475F034525EF6505048BB4BA2A817E908CB5600 ] MbaeSvc         C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe

19:10:24.0507 0x05ec  MbaeSvc - ok

19:10:24.0585 0x05ec  [ CD51E1D0D638F1E07A6EDC98CD7F5DDA, 360AC29DFE46C96BB41045DE325729397F17912DBAF83D5119EBD2A3A8C9A5FB ] mbamchameleon   C:\Windows\system32\drivers\mbamchameleon.sys

19:10:24.0585 0x05ec  mbamchameleon - ok

19:10:24.0678 0x05ec  [ F24BD06AE917F57408999F79E91FD6BC, 29B92E1F7EE7093B927F55157FC6B0321507E02ABE23F1E4397131465692F738 ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys

19:10:24.0678 0x05ec  MBAMSwissArmy - ok

19:10:24.0959 0x05ec  [ 3763AFE14AAE525812EB1600B1BB2D51, 277D72523C7B7970F24674BB688D1FE916F28378EC39A31C1132EEA6F4C3BD70 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe

19:10:24.0990 0x05ec  McComponentHostService - ok

19:10:25.0037 0x05ec  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll

19:10:25.0053 0x05ec  Mcx2Svc - ok

19:10:25.0084 0x05ec  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys

19:10:25.0084 0x05ec  megasas - ok

19:10:25.0162 0x05ec  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys

19:10:25.0193 0x05ec  MegaSR - ok

19:10:25.0256 0x05ec  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll

19:10:25.0256 0x05ec  MMCSS - ok

19:10:25.0271 0x05ec  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys

19:10:25.0287 0x05ec  Modem - ok

19:10:25.0334 0x05ec  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys

19:10:25.0334 0x05ec  monitor - ok

19:10:25.0396 0x05ec  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys

19:10:25.0396 0x05ec  mouclass - ok

19:10:25.0443 0x05ec  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys

19:10:25.0443 0x05ec  mouhid - ok

19:10:25.0505 0x05ec  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys

19:10:25.0505 0x05ec  mountmgr - ok

19:10:25.0536 0x05ec  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys

19:10:25.0536 0x05ec  mpio - ok

19:10:25.0568 0x05ec  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

19:10:25.0583 0x05ec  mpsdrv - ok

19:10:25.0692 0x05ec  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll

19:10:25.0724 0x05ec  MpsSvc - ok

19:10:25.0848 0x05ec  [ 9BD4DCB5412921864A7AACDEDFBD1923, 46DEE9B9414D26203B62F0D6CAEBF37A3CEFD118556129547B2C5FC7B6FDBA05 ] MREMP50         C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS

19:10:25.0864 0x05ec  MREMP50 - ok

19:10:25.0973 0x05ec  [ C2758DF79C83A0D12A5599A040CA1818, 236641D2AD596CDC53AE8407F7A7AA02719764CCC7E6D5C547F41FE7C1D67BB5 ] MREMP50a64      C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS

19:10:25.0989 0x05ec  MREMP50a64 - ok

19:10:26.0082 0x05ec  [ 07C02C892E8E1A72D6BF35004F0E9C5E, 09ECD59AADF08E2AA0C1BAF5D3D7CBB0948153E531E1F82ECACD43F14F88106B ] MRESP50         C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS

19:10:26.0098 0x05ec  MRESP50 - ok

19:10:26.0129 0x05ec  [ 38BD5B32E0722752BE8465D2A6DA43D9, EE009F141D77A858C84B4294F4FF51ECA400D48B3AD735FAC99EEF4E3E00E9EE ] MRESP50a64      C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS

19:10:26.0145 0x05ec  MRESP50a64 - ok

19:10:26.0192 0x05ec  [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys

19:10:26.0192 0x05ec  MRxDAV - ok

19:10:26.0223 0x05ec  [ 355DF71D1DD1999E8AEDF986534B233C, 4F5B07A3E9F4C5EE259A72353835364BFEAEC792090C178C4EF91B517B1C49D0 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

19:10:26.0238 0x05ec  mrxsmb - ok

19:10:26.0301 0x05ec  [ A16FC9323A85CAEA5804D04646A91CF9, ABC9F1BE4B871EBB5FDED9FC248DABEC4004EBCCF53E6C4D1E54AF69653B00E0 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

19:10:26.0301 0x05ec  mrxsmb10 - ok

19:10:26.0332 0x05ec  [ 2539BE615440BA1EA4CF84A66B6C0AF9, 3369DE38EE49E5507A73036CDF3982AEF2331D61C7EC4F159004EAD14309A933 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

19:10:26.0348 0x05ec  mrxsmb20 - ok

19:10:26.0379 0x05ec  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys

19:10:26.0379 0x05ec  msahci - ok

19:10:26.0410 0x05ec  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys

19:10:26.0410 0x05ec  msdsm - ok

19:10:26.0457 0x05ec  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe

19:10:26.0472 0x05ec  MSDTC - ok

19:10:26.0519 0x05ec  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys

19:10:26.0519 0x05ec  Msfs - ok

19:10:26.0550 0x05ec  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys

19:10:26.0550 0x05ec  mshidkmdf - ok

19:10:26.0582 0x05ec  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys

19:10:26.0582 0x05ec  msisadrv - ok

19:10:26.0644 0x05ec  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll

19:10:26.0660 0x05ec  MSiSCSI - ok

19:10:26.0660 0x05ec  MSIServer - ok

19:10:26.0722 0x05ec  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys

19:10:26.0722 0x05ec  MSKSSRV - ok

19:10:26.0738 0x05ec  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys

19:10:26.0738 0x05ec  MSPCLOCK - ok

19:10:26.0769 0x05ec  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys

19:10:26.0769 0x05ec  MSPQM - ok

19:10:26.0831 0x05ec  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

19:10:26.0831 0x05ec  MsRPC - ok

19:10:26.0878 0x05ec  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys

19:10:26.0878 0x05ec  mssmbios - ok

19:10:26.0909 0x05ec  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys

19:10:26.0909 0x05ec  MSTEE - ok

19:10:26.0940 0x05ec  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys

19:10:26.0956 0x05ec  MTConfig - ok

19:10:26.0972 0x05ec  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys

19:10:26.0972 0x05ec  Mup - ok

19:10:27.0034 0x05ec  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll

19:10:27.0065 0x05ec  napagent - ok

19:10:27.0128 0x05ec  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys

19:10:27.0143 0x05ec  NativeWifiP - ok

19:10:27.0315 0x05ec  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys

19:10:27.0330 0x05ec  NDIS - ok

19:10:27.0377 0x05ec  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys

19:10:27.0377 0x05ec  NdisCap - ok

19:10:27.0440 0x05ec  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

19:10:27.0440 0x05ec  NdisTapi - ok

19:10:27.0471 0x05ec  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys

19:10:27.0471 0x05ec  Ndisuio - ok

19:10:27.0502 0x05ec  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

19:10:27.0518 0x05ec  NdisWan - ok

19:10:27.0533 0x05ec  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

19:10:27.0533 0x05ec  NDProxy - ok

19:10:27.0658 0x05ec  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll

19:10:27.0674 0x05ec  Net Driver HPZ12 - ok

19:10:27.0720 0x05ec  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

19:10:27.0720 0x05ec  NetBIOS - ok

19:10:27.0783 0x05ec  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys

19:10:27.0783 0x05ec  NetBT - ok

19:10:27.0814 0x05ec  [ 5673794F254FE312AF62D9DA32805A2F, 76400BF26F87303924A4FA9DFE5DD13170D1E4A195CD12548DBAA0E6E8C11B1B ] Netlogon        C:\Windows\system32\lsass.exe

19:10:27.0814 0x05ec  Netlogon - ok

19:10:27.0892 0x05ec  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll

19:10:27.0908 0x05ec  Netman - ok

19:10:28.0188 0x05ec  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

19:10:28.0282 0x05ec  NetMsmqActivator - ok

19:10:28.0329 0x05ec  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

19:10:28.0329 0x05ec  NetPipeActivator - ok

19:10:28.0422 0x05ec  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll

19:10:28.0438 0x05ec  netprofm - ok

19:10:28.0454 0x05ec  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

19:10:28.0454 0x05ec  NetTcpActivator - ok

19:10:28.0469 0x05ec  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

19:10:28.0469 0x05ec  NetTcpPortSharing - ok

19:10:28.0516 0x05ec  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys

19:10:28.0516 0x05ec  nfrd960 - ok

19:10:28.0563 0x05ec  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll

19:10:28.0578 0x05ec  NlaSvc - ok

19:10:28.0594 0x05ec  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys

19:10:28.0594 0x05ec  Npfs - ok

19:10:28.0625 0x05ec  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll

19:10:28.0641 0x05ec  nsi - ok

19:10:28.0656 0x05ec  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

19:10:28.0656 0x05ec  nsiproxy - ok

19:10:28.0828 0x05ec  [ 6324EEF641C2B6D1B7EC423850B10F82, F2B3F360585D969CDB8A90901F91F870B0E212E8535ABBFF2BE1FDEB697BAF4C ] nSvcIp          C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe

19:10:28.0844 0x05ec  nSvcIp - ok

19:10:29.0015 0x05ec  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

19:10:29.0046 0x05ec  Ntfs - ok

19:10:29.0078 0x05ec  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys

19:10:29.0078 0x05ec  Null - ok

19:10:29.0686 0x05ec  [ 653C0CDFC66ABD4EFF6DC4D36668E1A6, D0C3B07FA9327322F84688CB1550B8EE0E86368E989B89A878CAB98EF312A5DD ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys

19:10:29.0936 0x05ec  nvlddmkm - ok

19:10:30.0029 0x05ec  [ BD25E03EAD63AC3365F25175B4DBD56A, 503AB5D064672E1F1A56BBF1339909BDE641ADAA05C6FA6794ED7E045C557062 ] NVNET           C:\Windows\system32\DRIVERS\nvmf6264.sys

19:10:30.0029 0x05ec  NVNET - ok

19:10:30.0201 0x05ec  [ 2CCD9A74A0F9C7605EAFA3F3AC8DC476, DEE95B0C0CA4525850E06AD3C1233A6C6E88D97EE874F83801686B87FD23F0BC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

19:10:30.0263 0x05ec  NvNetworkService - ok

19:10:30.0310 0x05ec  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys

19:10:30.0310 0x05ec  nvraid - ok

19:10:30.0341 0x05ec  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys

19:10:30.0341 0x05ec  nvstor - ok

19:10:30.0372 0x05ec  [ 1E45F96342429D63DC30E0D9117DA3D8, 3D6DB9514594377CACFD766F0153B8DCF51DDF4172864DAF589CB1EE480D2027 ] nvstor64        C:\Windows\system32\DRIVERS\nvstor64.sys

19:10:30.0388 0x05ec  nvstor64 - ok

19:10:30.0435 0x05ec  [ 2F61DB46C84CCBB5D9F75065A85D2173, 79049D42F0D82BD3C5A9C8231CF2F412B50C9E6483DB14F41CD48301D85C166C ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys

19:10:30.0435 0x05ec  NvStreamKms - ok

19:10:30.0809 0x05ec  [ 6F5AC1C495DA6D19AF99A59DC44BC13F, 61E8C0C0B9EEEF6ADE86AD4BC8D43256A6B20AEEB43BBC3C44B3B6140544259F ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe

19:10:31.0028 0x05ec  NvStreamNetworkSvc - ok

19:10:31.0262 0x05ec  [ 73FA6B2DF3348AF05E1F98310854BD4F, F0B7CF54495C81EE4C8B44580E399F3B22E190CB553AC7BA8E2DC13A28477566 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe

19:10:31.0418 0x05ec  NvStreamSvc - ok

19:10:31.0511 0x05ec  [ 218BE8301F0F19A60D88D6DED3A738B7, 2B792B50CC1B08225BF711B6A9BC9E99D1212176B15FB74A99F5C81CAC9F75BE ] nvsvc           C:\Windows\system32\nvvsvc.exe

19:10:31.0558 0x05ec  nvsvc - ok

19:10:31.0605 0x05ec  [ 35DFC12FD7E44B7CB8CCD7E5A2B3975A, 36E0E39646636F6E027691E5C3903C51479B3F707BDEA40F460FD27E357DA14E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys

19:10:31.0620 0x05ec  nvvad_WaveExtensible - ok

19:10:31.0652 0x05ec  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys

19:10:31.0652 0x05ec  nv_agp - ok

19:10:31.0683 0x05ec  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys

19:10:31.0683 0x05ec  ohci1394 - ok

19:10:31.0761 0x05ec  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

19:10:31.0761 0x05ec  ose - ok

19:10:32.0073 0x05ec  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

19:10:32.0229 0x05ec  osppsvc - ok

19:10:32.0276 0x05ec  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll

19:10:32.0291 0x05ec  p2pimsvc - ok

19:10:32.0307 0x05ec  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll

19:10:32.0322 0x05ec  p2psvc - ok

19:10:32.0354 0x05ec  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys

19:10:32.0354 0x05ec  Parport - ok

19:10:32.0385 0x05ec  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys

19:10:32.0385 0x05ec  partmgr - ok

19:10:32.0416 0x05ec  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll

19:10:32.0432 0x05ec  PcaSvc - ok

19:10:32.0463 0x05ec  [ 671E4992795AEC98BE354CF730ADD449, 3672C5235A487CDF74CC4BF4A43C2360607873DCC0AB6803D5A256A40EF512EF ] pcCMService     C:\Program Files (x86)\Common Files\Motive\pcCMService.exe

19:10:32.0478 0x05ec  pcCMService - ok

19:10:32.0541 0x05ec  [ 0CA8EC66D00C75BA5009FDE8BD6F45DC, E39BE29DF975FDD6FDFBBA989479CCCAD8E6E63A7CAEA37D63DD511F6B44E1A3 ] pcCMService64   C:\Program Files\Common Files\Motive\pcCMService.exe

19:10:32.0572 0x05ec  pcCMService64 - ok

19:10:32.0619 0x05ec  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys

19:10:32.0619 0x05ec  pci - ok

19:10:32.0634 0x05ec  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys

19:10:32.0634 0x05ec  pciide - ok

19:10:32.0681 0x05ec  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys

19:10:32.0681 0x05ec  pcmcia - ok

19:10:32.0697 0x05ec  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys

19:10:32.0697 0x05ec  pcw - ok

19:10:32.0728 0x05ec  pdfcDispatcher - ok

19:10:32.0822 0x05ec  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

19:10:32.0822 0x05ec  PEAUTH - ok

19:10:32.0993 0x05ec  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe

19:10:33.0071 0x05ec  PerfHost - ok

19:10:33.0149 0x05ec  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll

19:10:33.0196 0x05ec  pla - ok

19:10:33.0243 0x05ec  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

19:10:33.0258 0x05ec  PlugPlay - ok

19:10:33.0305 0x05ec  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll

19:10:33.0321 0x05ec  Pml Driver HPZ12 - ok

19:10:33.0336 0x05ec  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll

19:10:33.0336 0x05ec  PNRPAutoReg - ok

19:10:33.0383 0x05ec  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll

19:10:33.0383 0x05ec  PNRPsvc - ok

19:10:33.0430 0x05ec  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

19:10:33.0461 0x05ec  PolicyAgent - ok

19:10:33.0492 0x05ec  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll

19:10:33.0508 0x05ec  Power - ok

19:10:33.0555 0x05ec  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

19:10:33.0555 0x05ec  PptpMiniport - ok

19:10:33.0570 0x05ec  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys

19:10:33.0570 0x05ec  Processor - ok

19:10:33.0602 0x05ec  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll

19:10:33.0617 0x05ec  ProfSvc - ok

19:10:33.0617 0x05ec  [ 5673794F254FE312AF62D9DA32805A2F, 76400BF26F87303924A4FA9DFE5DD13170D1E4A195CD12548DBAA0E6E8C11B1B ] ProtectedStorage C:\Windows\system32\lsass.exe

19:10:33.0617 0x05ec  ProtectedStorage - ok

19:10:33.0664 0x05ec  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys

19:10:33.0664 0x05ec  Psched - ok

19:10:33.0758 0x05ec  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys

19:10:33.0789 0x05ec  ql2300 - ok

19:10:33.0804 0x05ec  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys

19:10:33.0820 0x05ec  ql40xx - ok

19:10:33.0851 0x05ec  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll

19:10:33.0851 0x05ec  QWAVE - ok

19:10:33.0867 0x05ec  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

19:10:33.0867 0x05ec  QWAVEdrv - ok

19:10:33.0882 0x05ec  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

19:10:33.0882 0x05ec  RasAcd - ok

19:10:33.0914 0x05ec  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys

19:10:33.0929 0x05ec  RasAgileVpn - ok

19:10:33.0945 0x05ec  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll

19:10:33.0945 0x05ec  RasAuto - ok

19:10:33.0992 0x05ec  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

19:10:33.0992 0x05ec  Rasl2tp - ok

19:10:34.0038 0x05ec  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll

19:10:34.0054 0x05ec  RasMan - ok

19:10:34.0070 0x05ec  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

19:10:34.0070 0x05ec  RasPppoe - ok

19:10:34.0101 0x05ec  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

19:10:34.0101 0x05ec  RasSstp - ok

19:10:34.0148 0x05ec  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

19:10:34.0163 0x05ec  rdbss - ok

19:10:34.0163 0x05ec  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys

19:10:34.0163 0x05ec  rdpbus - ok

19:10:34.0194 0x05ec  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys

19:10:34.0194 0x05ec  RDPCDD - ok

19:10:34.0210 0x05ec  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys

19:10:34.0210 0x05ec  RDPENCDD - ok

19:10:34.0226 0x05ec  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys

19:10:34.0226 0x05ec  RDPREFMP - ok

19:10:34.0319 0x05ec  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys

19:10:34.0319 0x05ec  RdpVideoMiniport - ok

19:10:34.0350 0x05ec  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

19:10:34.0366 0x05ec  RDPWD - ok

19:10:34.0413 0x05ec  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys

19:10:34.0413 0x05ec  rdyboost - ok

19:10:34.0506 0x05ec  [ 5623E2CC4F1F6DE24BE9DB3319E42D23, 2EA009F85804BF2757559DC7EBE4BCB637DE3786795891290F8F99580C32C9ED ] RegFilter       C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys

19:10:34.0522 0x05ec  RegFilter - ok

19:10:34.0553 0x05ec  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll

19:10:34.0569 0x05ec  RemoteAccess - ok

19:10:34.0600 0x05ec  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll

19:10:34.0600 0x05ec  RemoteRegistry - ok

19:10:34.0647 0x05ec  [ 7B04C9843921AB1F695FB395422C5360, C9B02BE0384357FD242613C2A12029B45322AF9A795CD69F33500CA7530899A7 ] RimUsb          C:\Windows\system32\Drivers\RimUsb_AMD64.sys

19:10:34.0647 0x05ec  RimUsb - ok

19:10:34.0678 0x05ec  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll

19:10:34.0694 0x05ec  RpcEptMapper - ok

19:10:34.0709 0x05ec  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe

19:10:34.0725 0x05ec  RpcLocator - ok

19:10:34.0756 0x05ec  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll

19:10:34.0772 0x05ec  RpcSs - ok

19:10:34.0818 0x05ec  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

19:10:34.0818 0x05ec  rspndr - ok

19:10:34.0928 0x05ec  [ 23A922B92A854B9846D3D41EFBBF3A4B, 37E80E5D11D79D1F5CE5B19430C455D82DE21A18B84BD03778325C518E321373 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

19:10:34.0928 0x05ec  RtkAudioService - ok

19:10:34.0943 0x05ec  [ 5673794F254FE312AF62D9DA32805A2F, 76400BF26F87303924A4FA9DFE5DD13170D1E4A195CD12548DBAA0E6E8C11B1B ] SamSs           C:\Windows\system32\lsass.exe

19:10:34.0943 0x05ec  SamSs - ok

19:10:34.0974 0x05ec  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys

19:10:34.0974 0x05ec  sbp2port - ok

19:10:35.0037 0x05ec  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll

19:10:35.0068 0x05ec  SCardSvr - ok

19:10:35.0099 0x05ec  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys

19:10:35.0099 0x05ec  scfilter - ok

19:10:35.0193 0x05ec  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll

19:10:35.0224 0x05ec  Schedule - ok

19:10:35.0255 0x05ec  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll

19:10:35.0255 0x05ec  SCPolicySvc - ok

19:10:35.0271 0x05ec  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll

19:10:35.0286 0x05ec  SDRSVC - ok

19:10:35.0396 0x05ec  [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

19:10:35.0458 0x05ec  SDScannerService - ok

19:10:35.0552 0x05ec  [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

19:10:35.0630 0x05ec  SDUpdateService - ok

19:10:35.0676 0x05ec  [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

19:10:35.0676 0x05ec  SDWSCService - ok

19:10:35.0723 0x05ec  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys

19:10:35.0723 0x05ec  secdrv - ok

19:10:35.0754 0x05ec  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll

19:10:35.0754 0x05ec  seclogon - ok

19:10:35.0770 0x05ec  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll

19:10:35.0786 0x05ec  SENS - ok

19:10:35.0801 0x05ec  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll

19:10:35.0801 0x05ec  SensrSvc - ok

19:10:35.0832 0x05ec  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys

19:10:35.0832 0x05ec  Serenum - ok

19:10:35.0864 0x05ec  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys

19:10:35.0864 0x05ec  Serial - ok

19:10:35.0895 0x05ec  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys

19:10:35.0895 0x05ec  sermouse - ok

19:10:36.0363 0x05ec  [ 9910F4097EECBF561B257D614ADEF09A, A0F80F28634DC5709B003CFB4F2F29C032C02D2E3E422A6D916B711E31D18B9B ] ServicepointService C:\Program Files (x86)\Windstream\Service Agent\ServicepointService.exe

19:10:36.0628 0x05ec  ServicepointService - ok

19:10:36.0675 0x05ec  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll

19:10:36.0690 0x05ec  SessionEnv - ok

19:10:36.0722 0x05ec  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys

19:10:36.0722 0x05ec  sffdisk - ok

19:10:36.0737 0x05ec  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys

19:10:36.0737 0x05ec  sffp_mmc - ok

19:10:36.0753 0x05ec  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys

19:10:36.0768 0x05ec  sffp_sd - ok

19:10:36.0800 0x05ec  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys

19:10:36.0815 0x05ec  sfloppy - ok

19:10:36.0862 0x05ec  [ 21AB491BBCC8C1B26FDC402A374AB196, DD973C9963C840200D153A15078152D499639730D065BB8122C6BE65D4372300 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys

19:10:36.0878 0x05ec  Sftfs - ok

19:10:36.0956 0x05ec  [ 4E1BB8A9CCDB4BAF41F7F9A930EB121D, D994B20DACEB187BEB6530309E2185040B58105E4FD5AC1DA435712F9DE027D0 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

19:10:36.0971 0x05ec  sftlist - ok

19:10:37.0002 0x05ec  [ 3B8D43FEEFF7A187534DDDFD675FE123, 9308D5C552FE3AF1121A3F7B7595547C6B892FF500377953F3B623511D84698C ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys

19:10:37.0018 0x05ec  Sftplay - ok

19:10:37.0034 0x05ec  [ F1D1B1DC7A8765A09D7640FBF8D20970, 72E59B04BC44DAFFB88987C16CF3F9DC35438B15879E102FD83013673E0DB66F ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys

19:10:37.0034 0x05ec  Sftredir - ok

19:10:37.0065 0x05ec  [ B3B9ADE7F8C4AF0C20E712E040588543, 9A6BB11DA046BF6F0239952871263E148FAE91FB21065613645114B5FA054EC5 ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys

19:10:37.0065 0x05ec  Sftvol - ok

19:10:37.0096 0x05ec  [ CECFDE5D3701B2D914862F5E6C3DFE18, E7627F90630C306324A39DC3C652B37D255F90636AC19D3302EE5B85BD504BD5 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

19:10:37.0096 0x05ec  sftvsa - ok

19:10:37.0236 0x05ec  [ D5B505FA834D261F4D48DBA9FF2D0FCC, DBA131CA3D81C6055DB7F803B116FD8A868D8143C977B7D7CB91B75EDACDA72E ] sgbupt          C:\Program Files (x86)\SuperBoost\SuperBoost Software Updater\SuperBoostUpdater.exe

19:10:37.0299 0x05ec  sgbupt - ok

19:10:37.0346 0x05ec  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll

19:10:37.0361 0x05ec  SharedAccess - ok

19:10:37.0408 0x05ec  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

19:10:37.0424 0x05ec  ShellHWDetection - ok

19:10:37.0455 0x05ec  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys

19:10:37.0455 0x05ec  SiSRaid2 - ok

19:10:37.0470 0x05ec  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys

19:10:37.0486 0x05ec  SiSRaid4 - ok

19:10:37.0517 0x05ec  [ E77CB3736A702D46A6FB15FB4A9894E3, A341AD51825D4DB8A68ADDABE0FD17693DE387B0DA11800D427B8EA31577626C ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys

19:10:37.0517 0x05ec  SmartDefragDriver - ok

19:10:37.0548 0x05ec  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys

19:10:37.0564 0x05ec  Smb - ok

19:10:37.0611 0x05ec  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

19:10:37.0611 0x05ec  SNMPTRAP - ok

19:10:37.0626 0x05ec  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys

19:10:37.0626 0x05ec  spldr - ok

19:10:37.0673 0x05ec  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe

19:10:37.0689 0x05ec  Spooler - ok

19:10:37.0876 0x05ec  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe

19:10:37.0985 0x05ec  sppsvc - ok

19:10:38.0032 0x05ec  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll

19:10:38.0048 0x05ec  sppuinotify - ok

19:10:38.0110 0x05ec  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys

19:10:38.0126 0x05ec  srv - ok

19:10:38.0172 0x05ec  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

19:10:38.0204 0x05ec  srv2 - ok

19:10:38.0235 0x05ec  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

19:10:38.0235 0x05ec  srvnet - ok

19:10:38.0266 0x05ec  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

19:10:38.0266 0x05ec  SSDPSRV - ok

19:10:38.0297 0x05ec  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll

19:10:38.0313 0x05ec  SstpSvc - ok

19:10:38.0328 0x05ec  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys

19:10:38.0328 0x05ec  stexstor - ok

19:10:38.0391 0x05ec  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll

19:10:38.0422 0x05ec  stisvc - ok

19:10:38.0438 0x05ec  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys

19:10:38.0438 0x05ec  swenum - ok

19:10:38.0484 0x05ec  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll

19:10:38.0500 0x05ec  swprv - ok

19:10:38.0578 0x05ec  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll

19:10:38.0625 0x05ec  SysMain - ok

19:10:38.0656 0x05ec  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll

19:10:38.0672 0x05ec  TabletInputService - ok

19:10:38.0687 0x05ec  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll

19:10:38.0703 0x05ec  TapiSrv - ok

19:10:38.0734 0x05ec  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll

19:10:38.0734 0x05ec  TBS - ok

19:10:38.0796 0x05ec  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

19:10:38.0828 0x05ec  Tcpip - ok

19:10:38.0937 0x05ec  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys

19:10:38.0968 0x05ec  TCPIP6 - ok

19:10:38.0999 0x05ec  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

19:10:38.0999 0x05ec  tcpipreg - ok

19:10:39.0030 0x05ec  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys

19:10:39.0046 0x05ec  TDPIPE - ok

19:10:39.0077 0x05ec  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys

19:10:39.0077 0x05ec  TDTCP - ok

19:10:39.0108 0x05ec  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

19:10:39.0108 0x05ec  tdx - ok

19:10:39.0140 0x05ec  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys

19:10:39.0140 0x05ec  TermDD - ok

19:10:39.0186 0x05ec  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll

19:10:39.0218 0x05ec  TermService - ok

19:10:39.0233 0x05ec  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll

19:10:39.0233 0x05ec  Themes - ok

19:10:39.0264 0x05ec  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll

19:10:39.0264 0x05ec  THREADORDER - ok

19:10:39.0280 0x05ec  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll

19:10:39.0280 0x05ec  TrkWks - ok

19:10:39.0327 0x05ec  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

19:10:39.0327 0x05ec  TrustedInstaller - ok

19:10:39.0358 0x05ec  [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys

19:10:39.0358 0x05ec  tssecsrv - ok

19:10:39.0420 0x05ec  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys

19:10:39.0420 0x05ec  TsUsbFlt - ok

19:10:39.0483 0x05ec  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

19:10:39.0483 0x05ec  tunnel - ok

19:10:39.0498 0x05ec  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys

19:10:39.0514 0x05ec  uagp35 - ok

19:10:39.0545 0x05ec  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

19:10:39.0545 0x05ec  udfs - ok

19:10:39.0576 0x05ec  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe

19:10:39.0576 0x05ec  UI0Detect - ok

19:10:39.0608 0x05ec  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys

19:10:39.0608 0x05ec  uliagpkx - ok

19:10:39.0639 0x05ec  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys

19:10:39.0639 0x05ec  umbus - ok

19:10:39.0686 0x05ec  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys

19:10:39.0686 0x05ec  UmPass - ok

19:10:39.0732 0x05ec  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll

19:10:39.0748 0x05ec  upnphost - ok

19:10:39.0764 0x05ec  [ 893A6B67C8AA502648AD946CF50DDFD1, 9480AD8BF791E5912FC89A9F610D5B2E23FD07DF99A15F6844A8854E4ECB4095 ] UrlFilter       C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys

19:10:39.0764 0x05ec  UrlFilter - ok

19:10:39.0779 0x05ec  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys

19:10:39.0779 0x05ec  USBAAPL64 - ok

19:10:39.0810 0x05ec  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys

19:10:39.0810 0x05ec  usbccgp - ok

19:10:39.0842 0x05ec  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys

19:10:39.0842 0x05ec  usbcir - ok

19:10:39.0873 0x05ec  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys

19:10:39.0873 0x05ec  usbehci - ok

19:10:39.0904 0x05ec  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys

19:10:39.0920 0x05ec  usbhub - ok

19:10:39.0920 0x05ec  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys

19:10:39.0920 0x05ec  usbohci - ok

19:10:39.0966 0x05ec  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys

19:10:39.0966 0x05ec  usbprint - ok

19:10:39.0998 0x05ec  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys

19:10:39.0998 0x05ec  usbscan - ok

19:10:40.0013 0x05ec  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS

19:10:40.0013 0x05ec  USBSTOR - ok

19:10:40.0029 0x05ec  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys

19:10:40.0029 0x05ec  usbuhci - ok

19:10:40.0060 0x05ec  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll

19:10:40.0076 0x05ec  UxSms - ok

19:10:40.0091 0x05ec  [ 5673794F254FE312AF62D9DA32805A2F, 76400BF26F87303924A4FA9DFE5DD13170D1E4A195CD12548DBAA0E6E8C11B1B ] VaultSvc        C:\Windows\system32\lsass.exe

19:10:40.0091 0x05ec  VaultSvc - ok

19:10:40.0185 0x05ec  VBoxAswDrv - ok

19:10:40.0216 0x05ec  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys

19:10:40.0216 0x05ec  vdrvroot - ok

19:10:40.0263 0x05ec  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe

19:10:40.0278 0x05ec  vds - ok

19:10:40.0310 0x05ec  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys

19:10:40.0310 0x05ec  vga - ok

19:10:40.0325 0x05ec  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys

19:10:40.0325 0x05ec  VgaSave - ok

19:10:40.0356 0x05ec  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys

19:10:40.0356 0x05ec  vhdmp - ok

19:10:40.0403 0x05ec  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys

19:10:40.0403 0x05ec  viaide - ok

19:10:40.0434 0x05ec  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys

19:10:40.0434 0x05ec  volmgr - ok

19:10:40.0466 0x05ec  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

19:10:40.0481 0x05ec  volmgrx - ok

19:10:40.0512 0x05ec  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys

19:10:40.0512 0x05ec  volsnap - ok

19:10:40.0559 0x05ec  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys

19:10:40.0559 0x05ec  vsmraid - ok

19:10:40.0668 0x05ec  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe

19:10:40.0715 0x05ec  VSS - ok

19:10:40.0731 0x05ec  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys

19:10:40.0731 0x05ec  vwifibus - ok

19:10:40.0793 0x05ec  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll

19:10:40.0809 0x05ec  W32Time - ok

19:10:40.0809 0x05ec  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys

19:10:40.0809 0x05ec  WacomPen - ok

19:10:40.0840 0x05ec  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys

19:10:40.0840 0x05ec  WANARP - ok

19:10:40.0856 0x05ec  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

19:10:40.0856 0x05ec  Wanarpv6 - ok

19:10:40.0918 0x05ec  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe

19:10:40.0965 0x05ec  WatAdminSvc - ok

19:10:41.0027 0x05ec  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe

19:10:41.0074 0x05ec  wbengine - ok

19:10:41.0105 0x05ec  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll

19:10:41.0105 0x05ec  WbioSrvc - ok

19:10:41.0152 0x05ec  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll

19:10:41.0152 0x05ec  wcncsvc - ok

19:10:41.0199 0x05ec  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

19:10:41.0230 0x05ec  WcsPlugInService - ok

19:10:41.0246 0x05ec  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys

19:10:41.0246 0x05ec  Wd - ok

19:10:41.0308 0x05ec  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

19:10:41.0324 0x05ec  Wdf01000 - ok

19:10:41.0355 0x05ec  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll

19:10:41.0370 0x05ec  WdiServiceHost - ok

19:10:41.0370 0x05ec  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll

19:10:41.0370 0x05ec  WdiSystemHost - ok

19:10:41.0433 0x05ec  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll

19:10:41.0448 0x05ec  WebClient - ok

19:10:41.0480 0x05ec  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll

19:10:41.0495 0x05ec  Wecsvc - ok

19:10:41.0511 0x05ec  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll

19:10:41.0511 0x05ec  wercplsupport - ok

19:10:41.0558 0x05ec  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll

19:10:41.0573 0x05ec  WerSvc - ok

19:10:41.0604 0x05ec  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys

19:10:41.0604 0x05ec  WfpLwf - ok

19:10:41.0620 0x0500  Object required for P2P: [ 6F5AC1C495DA6D19AF99A59DC44BC13F ] NvStreamNetworkSvc

19:10:41.0636 0x05ec  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys

19:10:41.0636 0x05ec  WIMMount - ok

19:10:41.0667 0x05ec  WinDefend - ok

19:10:41.0729 0x05ec  [ 4E8185A861A544800648AF182684A7BC, D9C7AAF71FC6BDA6A03B4C1399A02D6666353A7843390A564F2C839667834847 ] Windstream MAHostService C:\Program Files (x86)\Windstream\8.3.1.7\ma\bin\MAHostService.exe

19:10:41.0745 0x05ec  Windstream MAHostService - ok

19:10:41.0760 0x05ec  WinHttpAutoProxySvc - ok

19:10:41.0885 0x05ec  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

19:10:41.0901 0x05ec  Winmgmt - ok

19:10:42.0072 0x05ec  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll

19:10:42.0150 0x05ec  WinRM - ok

19:10:42.0197 0x05ec  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys

19:10:42.0197 0x05ec  WinUsb - ok

19:10:42.0244 0x05ec  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll

19:10:42.0275 0x05ec  Wlansvc - ok

19:10:42.0416 0x05ec  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

19:10:42.0494 0x05ec  wlidsvc - ok

19:10:42.0540 0x05ec  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys

19:10:42.0540 0x05ec  WmiAcpi - ok

19:10:42.0556 0x05ec  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

19:10:42.0572 0x05ec  wmiApSrv - ok

19:10:42.0587 0x05ec  WMPNetworkSvc - ok

19:10:42.0618 0x05ec  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll

19:10:42.0634 0x05ec  WPCSvc - ok

19:10:42.0650 0x05ec  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

19:10:42.0665 0x05ec  WPDBusEnum - ok

19:10:42.0681 0x05ec  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

19:10:42.0681 0x05ec  ws2ifsl - ok

19:10:42.0712 0x05ec  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll

19:10:42.0712 0x05ec  wscsvc - ok

19:10:42.0712 0x05ec  WSearch - ok

19:10:42.0837 0x05ec  [ 3D4032E6A5885C007AEF4BA816AB4032, 21EB2B5B5A64EED44B5B7743820842205175F52A6F5525BD0F95DCB2733F449C ] wuauserv        C:\Windows\system32\wuaueng.dll

19:10:42.0930 0x05ec  wuauserv - ok

19:10:42.0962 0x05ec  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys

19:10:42.0977 0x05ec  WudfPf - ok

19:10:43.0024 0x05ec  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys

19:10:43.0024 0x05ec  WUDFRd - ok

19:10:43.0055 0x05ec  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll

19:10:43.0071 0x05ec  wudfsvc - ok

19:10:43.0133 0x05ec  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll

19:10:43.0149 0x05ec  WwanSvc - ok

19:10:43.0164 0x05ec  ================ Scan global ===============================

19:10:43.0196 0x05ec  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll

19:10:43.0227 0x05ec  [ 96AEEE466EA56AF34AE4AD5E55DAD164, 467DA5C29E04E02520974163AEBF7FAA3DED8212A765616C0D877E4F36AD173C ] C:\Windows\system32\winsrv.dll

19:10:43.0242 0x05ec  [ 96AEEE466EA56AF34AE4AD5E55DAD164, 467DA5C29E04E02520974163AEBF7FAA3DED8212A765616C0D877E4F36AD173C ] C:\Windows\system32\winsrv.dll

19:10:43.0289 0x05ec  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll

19:10:43.0320 0x05ec  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe

19:10:43.0336 0x05ec  [ Global ] - ok

19:10:43.0336 0x05ec  ================ Scan MBR ==================================

19:10:43.0352 0x05ec  [ 1F691FF5B785D6413BC581CC9565F0D8 ] \Device\Harddisk0\DR0

19:10:44.0069 0x05ec  \Device\Harddisk0\DR0 - ok

19:10:44.0069 0x05ec  ================ Scan VBR ==================================

19:10:44.0069 0x05ec  [ 959C825A3D94D30E1ACC1E53942CD9F4 ] \Device\Harddisk0\DR0\Partition1

19:10:44.0085 0x05ec  \Device\Harddisk0\DR0\Partition1 - ok

19:10:44.0100 0x05ec  [ C9307F05D1216EEDF84E46838771C287 ] \Device\Harddisk0\DR0\Partition2

19:10:44.0116 0x05ec  \Device\Harddisk0\DR0\Partition2 - ok

19:10:44.0147 0x05ec  [ 821A6DB727662E170B27A7CCABF818FF ] \Device\Harddisk0\DR0\Partition3

19:10:44.0147 0x05ec  \Device\Harddisk0\DR0\Partition3 - ok

19:10:44.0147 0x05ec  ================ Scan generic autorun ======================

19:10:44.0584 0x05ec  [ EED665FF8003D08E3A0F16E3EA216BF3, 3E4BEA3FDAFEDE0608682031A638CCE21B96EFDC05EC8AC7688C34AD947367A3 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe

19:10:44.0771 0x05ec  AvastUI.exe - ok

19:10:44.0849 0x0500  Object send P2P result: true

19:10:44.0849 0x0500  Object required for P2P: [ 73FA6B2DF3348AF05E1F98310854BD4F ] NvStreamSvc

19:10:44.0912 0x05ec  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

19:10:44.0943 0x05ec  Sidebar - ok

19:10:44.0990 0x05ec  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe

19:10:44.0990 0x05ec  mctadmin - ok

19:10:45.0036 0x05ec  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

19:10:45.0068 0x05ec  Sidebar - ok

19:10:45.0068 0x05ec  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe

19:10:45.0068 0x05ec  mctadmin - ok

19:10:45.0286 0x05ec  [ 88B052F686DA7B7E1423F0879E68CF41, 97FDFEF5A2E393642BC0136C64C0570668E58A49CA2EAD8ACFF61EF25383B3CB ] C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe

19:10:45.0348 0x05ec  Advanced SystemCare 9 - ok

19:10:45.0707 0x05ec  [ 52F5D651B8E39F258C1C34272FEB1AB2, C13AD8762A4474D8246DE7BC023244BD74456D45348F74F77373CC61C238A0F3 ] C:\Program Files\CCleaner\CCleaner64.exe

19:10:45.0941 0x05ec  CCleaner Monitoring - ok

19:10:45.0941 0x05ec  Waiting for KSN requests completion. In queue: 198

19:10:46.0955 0x05ec  Waiting for KSN requests completion. In queue: 198

19:10:47.0969 0x05ec  Waiting for KSN requests completion. In queue: 198

19:10:48.0094 0x0500  Object send P2P result: true

19:10:49.0295 0x05ec  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 11.1.2253.1653 ), 0x40000 ( disabled : updated )

19:10:49.0326 0x05ec  Win FW state via NFP2: enabled ( trusted )

19:10:52.0337 0x05ec  ============================================================

19:10:52.0337 0x05ec  Scan finished

19:10:52.0337 0x05ec  ============================================================

19:10:52.0337 0x03e4  Detected object count: 0

19:10:52.0337 0x03e4  Actual detected object count: 0

19:11:25.0394 0x0600  Deinitialize success

 

Malwarebytes Anti-Rootkit BETA 1.07.0.1009

www.malwarebytes.org

 

Database version: v2014.06.07.02

 

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)

Internet Explorer 11.0.9600.18204

David :: DAVID-HP [administrator]

 

2/15/2016 7:09:04 PM

mbar-log-2016-02-15 (19-09-04).txt

 

Scan type: Quick scan

Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken

Scan options disabled:

Objects scanned: 345178

Time elapsed: 43 minute(s), 17 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 0

(No malicious items detected)

 

Physical Sectors Detected: 0

(No malicious items detected)

 

(end)


  • 0

#7
DeborahT
Posted 09 March 2016 - 02:14 PM

DeborahT

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

So sorry I just realized I posted the Malwarebytes Log and the TDSSKiller Log together. I am posting the Fixlog.txt Log now.

Fix result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01

Ran by David (2016-03-09 14:08:11) Run:1
Running from C:\Users\David\Desktop\Fix
Loaded Profiles: David (Available Profiles: David & User & Guest)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\MountPoints2: E - E:\eFilmLite\eFilmLt.exe
HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\MountPoints2: {ccff0a48-dd3c-11e4-8a39-7071bcc9a728} - F:\TL_Bootstrap.exe
HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKU\S-1-5-21-585021316-1980500837-2966188906-1000\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\.DEFAULT -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL =
SearchScopes: HKU\.DEFAULT -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL =
SearchScopes: HKU\S-1-5-21-585021316-1980500837-2966188906-1000 -> 51E9250E8F084AF0A67C34BE9EC8E5DD URL =
SearchScopes: HKU\S-1-5-21-585021316-1980500837-2966188906-1000 -> {61D54D14-7B8E-4C3D-8790-0FA769565770} URL =
SearchScopes: HKU\S-1-5-21-585021316-1980500837-2966188906-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
Toolbar: HKU\S-1-5-21-585021316-1980500837-2966188906-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-585021316-1980500837-2966188906-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
S2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [X]
S2 HPSLPSVC; C:\Users\David\AppData\Local\Temp\7zS2866\hpslpsvc64.dll [X]
U0 SR; no ImagePath
U2 srservice; no ImagePath
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
Task: {671904C8-6859-49CF-87DB-DC546FCF04DF} - System32\Tasks\ASC9_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
Task: {6CC3712B-FDB1-4E63-8C1D-E53373A61079} - System32\Tasks\Driver Booster SkipUAC (David) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {8434E7F9-213E-479A-B3A9-F3DAF34C9BA4} - System32\Tasks\Uninstaller_SkipUac_David => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {ACEAAD0D-C910-43AF-82B3-7C3CE94B5E36} - System32\Tasks\ASC9_SkipUac_David => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: {B67FABF6-AD20-467F-AC52-7EBCAD40DA09} - System32\Tasks\SmartDefrag4_Startup => C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe
Task: {C4E9C2A2-C54C-4FB6-89FF-886D178B91D2} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe
Task: C:\Windows\Tasks\SuperFastPC_AutorunOnStartup.job => C:\Program Files (x86)\System Optimizer Pro\SystemOptimizerPro.exe <==== ATTENTION
Task: {B67FABF6-AD20-467F-AC52-7EBCAD40DA09} - System32\Tasks\SmartDefrag4_Startup => C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe
Task: {F1FC7BF4-9B7C-496D-AA61-7205780EE613} - System32\Tasks\SmartDefrag4_Update => C:\Program Files (x86)\IObit\Smart Defrag 4\AutoUpdate.exe
Task: {F3034099-99E4-4BDB-99E0-FA0A7B8103FB} - System32\Tasks\ASC Task (One-Time) => C:\Program Files (x86)\IObit\Advanced SystemCare\PromoteASCAfterInstall.exe
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\ProgramData\Temp:B63300D1
HKU\.DEFAULT\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION
HKU\.DEFAULT\Software\Classes\exefile: "%1" %* <===== ATTENTION
HKU\S-1-5-19\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION
HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION
HKU\S-1-5-20\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION
HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION
2016-02-14 22:10 - 2015-01-10 15:32 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2016-02-14 22:10 - 2014-06-04 15:17 - 00034080 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe
2016-02-14 22:01 - 2016-02-14 22:01 - 00000000 ____D C:\Users\David\AppData\IObit
2016-02-12 16:25 - 2016-02-12 16:25 - 61132800 _____ C:\Windows\system32\config\components.iobit
2016-02-12 16:25 - 2016-02-12 16:25 - 00061440 _____ C:\Windows\system32\config\SAM.iobit
2016-02-12 16:25 - 2016-02-12 16:25 - 00024576 _____ C:\Windows\system32\config\SECURITY.iobit
2016-02-12 16:24 - 2016-02-12 16:25 - 05615616 _____ C:\Windows\system32\config\DEFAULT.iobit
2016-02-12 16:24 - 2016-02-12 16:24 - 127008768 _____ C:\Windows\system32\config\SOFTWARE.iobit
2016-02-12 15:27 - 2016-02-15 20:18 - 00000000 ____D C:\ProgramData\IObit
2016-02-12 15:27 - 2016-02-15 20:16 - 00000000 ____D C:\ProgramData\ProductData
2016-02-12 15:27 - 2016-02-14 22:00 - 00000000 ____D C:\Users\David\AppData\LocalLow\IObit
2016-02-12 15:26 - 2016-02-15 20:12 - 00000000 ____D C:\Users\David\AppData\Roaming\IObit
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state on
CMD: ipconfig /flushdns
Emptytemp:
End
*****************
 
Restore point was successfully created.
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon" => key removed successfully
"HKU\S-1-5-21-585021316-1980500837-2966188906-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E" => key removed successfully
"HKU\S-1-5-21-585021316-1980500837-2966188906-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ccff0a48-dd3c-11e4-8a39-7071bcc9a728}" => key removed successfully
HKCR\CLSID\{ccff0a48-dd3c-11e4-8a39-7071bcc9a728} => key not found. 
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpUninstallDeleteDir => value removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
"HKU\S-1-5-21-585021316-1980500837-2966188906-1000\SOFTWARE\Policies\Google" => key removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}" => key removed successfully
HKCR\CLSID\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9} => key not found. 
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => key removed successfully
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key not found. 
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77}" => key removed successfully
HKCR\CLSID\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} => key not found. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}" => key removed successfully
HKCR\CLSID\{d43b3890-80c7-4010-a95d-1e77b5924dc3} => key not found. 
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{d944bb61-2e34-4dbf-a683-47e505c587dc}" => key removed successfully
HKCR\CLSID\{d944bb61-2e34-4dbf-a683-47e505c587dc} => key not found. 
"HKU\S-1-5-21-585021316-1980500837-2966188906-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\51E9250E8F084AF0A67C34BE9EC8E5DD" => key removed successfully
HKCR\CLSID\51E9250E8F084AF0A67C34BE9EC8E5DD => key not found. 
"HKU\S-1-5-21-585021316-1980500837-2966188906-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{61D54D14-7B8E-4C3D-8790-0FA769565770}" => key removed successfully
HKCR\CLSID\{61D54D14-7B8E-4C3D-8790-0FA769565770} => key not found. 
"HKU\S-1-5-21-585021316-1980500837-2966188906-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => key removed successfully
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key not found. 
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}" => key removed successfully
HKCR\Wow6432Node\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670} => key not found. 
HKU\S-1-5-21-585021316-1980500837-2966188906-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value removed successfully
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => key not found. 
HKU\S-1-5-21-585021316-1980500837-2966188906-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found. 
AdvancedSystemCareService9 => service removed successfully
HPSLPSVC => service removed successfully
SR => service removed successfully
srservice => service removed successfully
VBoxAswDrv => service could not remove
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{671904C8-6859-49CF-87DB-DC546FCF04DF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{671904C8-6859-49CF-87DB-DC546FCF04DF}" => key removed successfully
C:\Windows\System32\Tasks\ASC9_PerformanceMonitor => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC9_PerformanceMonitor" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6CC3712B-FDB1-4E63-8C1D-E53373A61079}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6CC3712B-FDB1-4E63-8C1D-E53373A61079}" => key removed successfully
C:\Windows\System32\Tasks\Driver Booster SkipUAC (David) => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (David)" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8434E7F9-213E-479A-B3A9-F3DAF34C9BA4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8434E7F9-213E-479A-B3A9-F3DAF34C9BA4}" => key removed successfully
C:\Windows\System32\Tasks\Uninstaller_SkipUac_David => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Uninstaller_SkipUac_David" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ACEAAD0D-C910-43AF-82B3-7C3CE94B5E36}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ACEAAD0D-C910-43AF-82B3-7C3CE94B5E36}" => key removed successfully
C:\Windows\System32\Tasks\ASC9_SkipUac_David => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC9_SkipUac_David" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B67FABF6-AD20-467F-AC52-7EBCAD40DA09}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B67FABF6-AD20-467F-AC52-7EBCAD40DA09}" => key removed successfully
C:\Windows\System32\Tasks\SmartDefrag4_Startup => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartDefrag4_Startup" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C4E9C2A2-C54C-4FB6-89FF-886D178B91D2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C4E9C2A2-C54C-4FB6-89FF-886D178B91D2}" => key removed successfully
C:\Windows\System32\Tasks\Driver Booster Scheduler => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler" => key removed successfully
C:\Windows\Tasks\SuperFastPC_AutorunOnStartup.job => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B67FABF6-AD20-467F-AC52-7EBCAD40DA09} => key not found. 
C:\Windows\System32\Tasks\SmartDefrag4_Startup => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartDefrag4_Startup => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F1FC7BF4-9B7C-496D-AA61-7205780EE613}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F1FC7BF4-9B7C-496D-AA61-7205780EE613}" => key removed successfully
C:\Windows\System32\Tasks\SmartDefrag4_Update => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartDefrag4_Update" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F3034099-99E4-4BDB-99E0-FA0A7B8103FB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3034099-99E4-4BDB-99E0-FA0A7B8103FB}" => key removed successfully
C:\Windows\System32\Tasks\ASC Task (One-Time) => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC Task (One-Time)" => key removed successfully
C:\ProgramData\Temp => ":373E1720" ADS removed successfully.
C:\ProgramData\Temp => ":5C321E34" ADS removed successfully.
C:\ProgramData\Temp => ":B63300D1" ADS removed successfully.
"HKU\.DEFAULT\Software\Classes\exefile" => key removed successfully
"HKU\.DEFAULT\Software\Classes\.exe" => key removed successfully
HKU\.DEFAULT\Software\Classes\exefile => key not found. 
"HKU\S-1-5-19\Software\Classes\exefile" => key removed successfully
"HKU\S-1-5-19\Software\Classes\.exe" => key removed successfully
HKU\S-1-5-19\Software\Classes\exefile => key not found. 
"HKU\S-1-5-20\Software\Classes\exefile" => key removed successfully
"HKU\S-1-5-20\Software\Classes\.exe" => key removed successfully
HKU\S-1-5-20\Software\Classes\exefile => key not found. 
C:\Windows\system32\IObitSmartDefragExtension.dll => moved successfully
C:\Windows\system32\SmartDefragBootTime.exe => moved successfully
C:\Users\David\AppData\IObit => moved successfully
C:\Windows\system32\config\components.iobit => moved successfully
C:\Windows\system32\config\SAM.iobit => moved successfully
C:\Windows\system32\config\SECURITY.iobit => moved successfully
C:\Windows\system32\config\DEFAULT.iobit => moved successfully
C:\Windows\system32\config\SOFTWARE.iobit => moved successfully
C:\ProgramData\IObit => moved successfully
C:\ProgramData\ProductData => moved successfully
C:\Users\David\AppData\LocalLow\IObit => moved successfully
C:\Users\David\AppData\Roaming\IObit => moved successfully
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
Unable to cancel {174408E3-4C07-4068-AC47-4EB8DB13589A}.
Unable to cancel {D03E0EE8-8CAB-4739-912F-7FFB6B6E33CC}.
{E9F157B6-A259-4EFC-91A5-8AEC4111B326} canceled.
{9FFBB477-2442-4E87-B173-3A21AE885447} canceled.
{419DFFC5-0671-42B0-B470-B3A9DCB9D9B4} canceled.
{659680A0-1A83-44EC-BFB7-A269EF744B47} canceled.
{497DD178-5A74-494E-A047-35F1422FF3D4} canceled.
{4A82F526-D50E-4662-B96E-5C944FFA3DF3} canceled.
{DD8EB085-C859-40F9-B605-24302E3F61FD} canceled.
{02FA7DAA-6185-4F87-852C-90999E36C9F7} canceled.
{C164CFB8-8CD4-4DEF-B2D0-2F169E4D7A5F} canceled.
{0AB4C323-77C2-425E-BAD6-2D07C797882B} canceled.
{31E03B44-483B-4A3F-B991-A0648D0D8222} canceled.
{E9051474-EB81-4469-B31B-18A7A1FB28B0} canceled.
{8265B688-CCA3-4204-AD56-A39FA3DFF5C1} canceled.
{E629F8F6-7616-4B27-82EA-51E37EBA8363} canceled.
{E474931D-BCEC-4543-BA2D-02442F59CB88} canceled.
15 out of 17 jobs canceled.
 
========= End of CMD: =========
 
 
=========  netsh advfirewall reset =========
 
Ok.
 
 
========= End of CMD: =========
 
 
=========  netsh advfirewall set allprofiles state on =========
 
Ok.
 
 
========= End of CMD: =========
 
 
=========  ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
EmptyTemp: => 572.3 MB temporary data Removed.
 
 
The system needed a reboot.
 
==== End of Fixlog 14:10:12 ====

  • 0

#8
pystryker
Posted 09 March 2016 - 05:46 PM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts

So sorry I just realized I posted the Malwarebytes Log and the TDSSKiller Log together. I am posting the Fixlog.txt Log now.


Hello :)

No worries, they look good. Let's continue. :thumbsup:


Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.


Step 1: Junkware Removal Tool

junkware-removal-tool_zpspjolgpuh.png Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 2: AdwCleaner

Download ADWcleaner by clicking here. Please save it to your Desktop


adwcleanerscreen_zpsm6wq1ei9.jpg
  • Double click (Vista and 7 Users)right click the adwcleaner.exe file and click Run as Adminstrator and accept the UAC prompt to run AdwCleaner
  • Once AdwCleaner's control panel is open and it says "Waiting for Action", click on Options at the top of the control panel.
  • Please Check the following options:
    • Reset Proxy Settings
    • Reset Winsock Settings
    • Reset TCP/IP Settings
    • Reset Firewall Settings
    • Reset IPSec Settings
    • Reset BITS Queue
    • Reset Internet Explorer Policies
    • Reset Chrome Policies
  • Close any open windows or browsers.
  • Pause your Anti-Virus program if it is running.
  • Once it starts, click on the Scan button.
  • Let the scan complete itself. This may take a few minutes.
  • Once the scan has finished, it will say "Pending, uncheck elements you don't want to remove.", don't worry about unchecking anything and then click the Cleaning button. When finished, it will ask to reboot. Please reboot.
  • When the machine has rebooted, a log will be produced. Please copy/paste that in your next reply. Here's how:
    • Click the Logfile button and the log will open. Copy and Paste the contents of the log file into your next reply.
    This report is also saved at C:\Program Files
Step 3: Fresh FRST Scan
  • Start Farbar's Recovery Scan Tool and press the Scan button.
  • FRST will scan your system and produce two logs: FRST.txt and Addition.txt. Please post them in your next reply.
Things I need to see in your next post:

Please post each of these logs as a separate reply in this thread.

Junkware Removal Tool Log

AdwCleaner Log

Fresh FRST.txt Log

Fresh Addition.txt Log
  • 0

#9
DeborahT
Posted 10 March 2016 - 05:25 PM

DeborahT

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.3 (02.09.2016)
Operating System: Windows 7 Home Premium x64 
Ran by David (Administrator) on Thu 03/10/2016 at 18:19:47.55
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 35 
 
Successfully deleted: C:\end (File) 
Successfully deleted: C:\ProgramData\conduit (Folder) 
Successfully deleted: C:\ProgramData\sparktrust (Folder) 
Successfully deleted: C:\ProgramData\Start Menu\Programs\ebay.lnk (Shortcut) 
Successfully deleted: C:\Users\David\AppData\Local\0e5971fa8907c5fa1fa1f90ce7b319dc (File) 
Successfully deleted: C:\Users\David\Appdata\LocalLow\conduit (Folder) 
Successfully deleted: C:\Users\David\Appdata\LocalLow\windstreamtoolbartb (Folder) 
Successfully deleted: C:\Users\David\AppData\Roaming\drivercure (Folder) 
Successfully deleted: C:\Users\David\AppData\Roaming\nosibay (Folder) 
Successfully deleted: C:\Users\David\AppData\Roaming\productdata (Folder) 
Successfully deleted: C:\Users\David\AppData\Roaming\sparktrust (Folder) 
Successfully deleted: C:\Users\David\AppData\Roaming\store (Folder) 
Successfully deleted: C:\Users\David\AppData\Roaming\wtools (Folder) 
Successfully deleted: C:\Windows\wininit.ini (File) 
Successfully deleted: C:\Users\David\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BIZJOCJH (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\David\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G0951OX7 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\David\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LUNZ0Y22 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\David\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OO3M7ET2 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\David\AppData\Roaming\Bubble Dock.boostrap.log (File) 
Successfully deleted: C:\Users\David\AppData\Roaming\Bubble Dock.installation.log (File) 
Successfully deleted: C:\Users\David\AppData\Roaming\Selection Tools.installation.log (File) 
Successfully deleted: C:\Users\David\AppData\Roaming\WindApp.boostrap.log (File) 
Successfully deleted: C:\Users\David\AppData\Roaming\WindApp.installation.log (File) 
Successfully deleted: C:\Windows\system32\REN3FBA.tmp (File) 
Successfully deleted: C:\Windows\system32\REN623C.tmp (File) 
Successfully deleted: C:\Windows\system32\REND062.tmp (File) 
Successfully deleted: C:\Windows\system32\RENE5B6.tmp (File) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BIZJOCJH (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G0951OX7 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LUNZ0Y22 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OO3M7ET2 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\SysWOW64\REN6E87.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\sho2C58.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\sho8828.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\sho9F8F.tmp (File) 
 
 
 
Registry: 6 
 
Successfully deleted: HKLM\Software\Google\Chrome\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole (Registry Key) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EAC25639-A76B-4ED3-AECF-535A7B1AAA79} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 03/10/2016 at 18:24:45.36
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  • 0

#10
DeborahT
Posted 10 March 2016 - 05:38 PM

DeborahT

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
# AdwCleaner v5.101 - Logfile created 10/03/2016 at 18:31:50
# Updated 07/03/2016 by Xplode
# Database : 2016-03-08.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : David - DAVID-HP
# Running from : C:\Users\David\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
[-] Folder Deleted : C:\Users\David\AppData\LocalLow\HPAppData
[-] Folder Deleted : C:\Users\David\AppData\Roaming\RHEng
[-] Folder Deleted : C:\Users\David\AppData\Roaming\SecureSearch
[-] Folder Deleted : C:\Users\David\AppData\Roaming\Yahoo!\Companion
[-] Folder Deleted : C:\Users\Guest\AppData\Local\iMesh
[-] Folder Deleted : C:\Users\Guest\AppData\LocalLow\adawaretb
[-] Folder Deleted : C:\Windows\SysWOW64\SearchProtect
 
***** [ Files ] *****
 
[-] File Deleted : C:\Users\Guest\iMesh.lnk
[-] File Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage
 
\hxxp_www.ask.com_0.localstorage
[-] File Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage
 
\hxxp_www.ask.com_0.localstorage-journal
[-] File Deleted : C:\Windows\SysNative\LavasoftTcpService64.dll
[-] File Deleted : C:\Windows\SysNative\LavasoftTcpServiceOff.ini
[-] File Deleted : C:\Windows\SysWOW64\lavasofttcpservice.dll
[-] File Deleted : C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
 
***** [ DLLs ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl
 
\FEATURE_BROWSER_EMULATION [Selection Tools.exe]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\YMERemote.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D879A501-50A7-BEFC-A4C5-32DC6E0CB208}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-
 
4EFB-9B51-7695ECA05670}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6C97A91E-4524-
 
4019-86AF-2AA2D567BF5C}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-
 
48A0-A43B-0C67731134B9}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-
 
11D2-892F-0090271D4F88}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy
 
\{87934C42-161D-45BC-8CEF-EF18ABE2A30C}
[-] Key Deleted : HKCU\Software\ClickConnect
[-] Key Deleted : HKCU\Software\Imesh
[-] Key Deleted : HKCU\Software\Nosibay
[-] Key Deleted : HKCU\Software\Store
[-] Key Deleted : HKCU\Software\USyndication
[-] Key Deleted : HKCU\Software\usyndication.com
[-] Key Deleted : HKCU\Software\WTools
[-] Key Deleted : HKCU\Software\Yahoo\Companion
[-] Key Deleted : HKCU\Software\Yahoo\YFriendsBar
[-] Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
[-] Key Deleted : HKCU\Software\AppDataLow\Toolbar
[-] Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
[-] Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainer
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Yahoo\Companion
[-] Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
[-] Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
[-] Key Deleted : HKLM\SOFTWARE\SmartPCFixer
[-] Key Deleted : HKLM\SOFTWARE\Yahoo\Companion
[-] Key Deleted : [x64] HKLM\SOFTWARE\SmartPCFixer
[-] Key Deleted : [x64] HKLM\SOFTWARE\WebDiscoverBrowser
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
[-] Key Deleted : HKU\S-1-5-19\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
[-] Key Deleted : HKU\S-1-5-20\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-
 
18\Components\3152E1F19977892449DC968802CE8964
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-
 
18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
 
***** [ Web browsers ] *****
 
[-] [C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] 
 
Deleted : mysearch.avg.com
[-] [C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] 
 
Deleted : aol.com
[-] [C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] 
 
Deleted : ask.com
[-] [C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] 
 
Deleted : aol.com
[-] [C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] 
 
Deleted : ask.com
[-] [C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] 
 
Deleted : start.mysearchdial.com
[-] [C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] 
 
Deleted : mysearchdial.com
[-] [C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] 
 
[Default_Search_Provider_Data] Deleted : hxxp://start.mysearchdial.com/results.php?f=4&q=
 
{searchTerms}
 
&a=irmsd0202ch&cd=2XzuyEtN2Y1L1QzuyBtDyBtC0B0C0Czy0AyBtBzzzz0EyDtAtN0D0Tzu0SyBzzzytN1L2XzutBtFtBt
 
FtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1526165021&ir=
[-] [C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] 
 
Deleted : bopakagnckmlgajfccecajhnimjiiedh
 
*************************
 
:: Proxy settings cleared
:: Winsock settings cleared
:: TCP/IP settings cleared
:: Firewall settings cleared
:: IPSec settings cleared
:: BITS queue cleared
:: IE policies deleted
:: Chrome policies deleted
 
*************************
 
C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [6133 bytes] - [10/03/2016 18:31:50]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S1].txt - [5730 bytes] - [10/03/2016 18:29:00]
 
########## EOF - C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [6319 bytes] ##########

  • 0

Advertisements

#11
DeborahT
Posted 10 March 2016 - 05:52 PM

DeborahT

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by David (administrator) on DAVID-HP (10-03-2016 18:40:20)
Running from C:\Users\David\Desktop\Fix
Loaded Profiles: David (Available Profiles: David & User & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.292\SSScheduler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7137664 2016-03-09] (AVAST Software)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoFile] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\...\Policies\Explorer: [NoDesktop] 0
HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd)
HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-10-30] (Microsoft Corporation)
HKU\S-1-5-18\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-18\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-18\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoStartMenuSubFolders] 0
SecurityProviders: schannel.dll
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll [2015-09-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll [2015-09-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll [2015-09-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-02-16] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll [2015-09-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll [2015-09-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll [2015-09-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-02-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-02-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-02-18] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-02-16]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.292\SSScheduler.exe (McAfee, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{44D24BD7-E7B0-4EF5-B7E1-18C511A9D930}: [DhcpNameServer] 192.168.254.254
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-585021316-1980500837-2966188906-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-585021316-1980500837-2966188906-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-585021316-1980500837-2966188906-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = www.bing.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = hxxp://rover.ebay.com/rover/1/711-111092-2357-0/4?satitle={searchTerms}&mfe=Desktops
SearchScopes: HKLM -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-585021316-1980500837-2966188906-1000 -> 3B4CB17A98734066A3E2C70724C42744 URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-585021316-1980500837-2966188906-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-585021316-1980500837-2966188906-1000 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxps://search.yahoo.com/yhs/search?type=odc179&hspart=avast&hsimp=yhs-001&p={searchTerms}
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_74\bin\jp2ssv.dll [2016-02-12] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-07-27] (Microsoft Corporation)
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-10] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-10] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-09] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-02-16]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-02-16]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2016-01-01] [not signed]
FF HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
 
Chrome: 
=======
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\David\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.823\_platform_specific\win_x64\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\PepperFlash\pepflashplayer.dll ()
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast Online Security) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-02-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-15]
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 2
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-02-16]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-02-16] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2809072 2016-01-20] (Microsoft Corporation)
S3 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [496232 2010-03-04] ()
S3 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-12] (NVIDIA Corporation)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R3 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
S3 HsdService; C:\Program Files (x86)\Windstream\Diagnostic Tools\HsdService.exe [1393976 2011-04-25] (Windstream)
S3 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-05-19] (Hewlett-Packard Company) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.292\McCHSvc.exe [293128 2016-02-05] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [209000 2010-03-04] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-12] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-12] (NVIDIA Corporation)
S3 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-12] (NVIDIA Corporation)
S3 pcCMService; C:\Program Files (x86)\Common Files\Motive\pcCMService.exe [369152 2013-03-02] (Alcatel-Lucent) [File not signed]
S3 pcCMService64; C:\Program Files\Common Files\Motive\pcCMService.exe [460288 2013-03-02] (Alcatel-Lucent) [File not signed]
S3 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1119768 2010-09-28] (PDF Complete Inc)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S2 rsEngineSvc; C:\Program Files\Reason\Security\rsEngineSvc.exe [82680 2015-12-24] (Reason Software Company Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [307456 2016-02-15] (Realtek Semiconductor)
S3 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S3 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
S3 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 ServicepointService; C:\Program Files (x86)\Windstream\Service Agent\ServicepointService.exe [10315064 2011-10-13] (Radialpoint SafeCare Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 Windstream MAHostService; C:\Program Files (x86)\Windstream\8.3.1.7\ma\bin\MAHostService.exe [321024 2014-01-20] (Alcatel-Lucent) [File not signed]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-02-16] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-02-05] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-03-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-02-16] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-02-16] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-03-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-02-23] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-02-16] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287016 2016-02-16] (AVAST Software)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-04] (Microsoft Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-02-14] (REALiX™)
S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MREMP50a64; C:\Program Files\Common Files\Motive\MREMP50a64.SYS [43008 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50a64; C:\Program Files\Common Files\Motive\MRESP50a64.SYS [40960 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA))
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-10] (NVIDIA Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-03-10 18:38 - 2016-03-10 18:38 - 00006438 _____ C:\Users\David\Desktop\AdwCleaner log.txt
2016-03-10 18:27 - 2016-03-10 18:31 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-10 18:26 - 2016-03-10 18:26 - 00004556 _____ C:\Users\David\Desktop\JRT log.txt
2016-03-10 18:17 - 2016-03-10 18:17 - 01609216 _____ (Malwarebytes) C:\Users\David\Desktop\JRT.exe
2016-03-10 18:17 - 2016-03-10 18:17 - 01524224 _____ C:\Users\David\Desktop\AdwCleaner.exe
2016-03-09 14:16 - 2016-02-20 15:01 - 00449907 _____ C:\Windows\system32\Drivers\etc\hosts.20160309-141654.backup
2016-03-09 13:56 - 2016-03-10 18:40 - 00000000 ____D C:\Users\David\Desktop\Fix
2016-03-09 13:43 - 2016-03-09 13:43 - 00002269 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-09 13:43 - 2016-03-09 13:43 - 00002257 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-09 13:42 - 2016-03-10 18:35 - 00000892 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-09 13:42 - 2016-03-10 17:47 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-09 13:42 - 2016-03-09 13:42 - 00003892 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-03-09 13:42 - 2016-03-09 13:42 - 00003640 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-03-09 13:41 - 2016-03-09 13:42 - 00000000 ____D C:\Users\David\AppData\Local\Deployment
2016-03-08 18:38 - 2016-02-12 13:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-08 18:38 - 2016-02-12 13:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-08 18:38 - 2016-02-12 13:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-08 18:38 - 2016-02-12 13:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-03-08 18:38 - 2016-02-12 13:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-08 18:38 - 2016-02-12 13:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-08 18:38 - 2016-02-12 13:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-08 18:38 - 2016-02-12 13:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-08 18:38 - 2016-02-12 13:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-03-08 18:38 - 2016-02-12 13:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-08 18:38 - 2016-02-12 13:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-03-08 18:38 - 2016-02-12 13:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-03-08 18:38 - 2016-02-12 13:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-08 18:38 - 2016-02-12 13:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-08 18:38 - 2016-02-12 13:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-08 18:38 - 2016-02-12 13:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-03-08 18:38 - 2016-02-09 01:53 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-03-08 18:38 - 2016-02-09 01:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-03-08 18:38 - 2016-02-08 16:05 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-03-08 18:38 - 2016-02-08 15:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-03-08 18:38 - 2016-02-08 15:39 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-03-08 18:38 - 2016-02-08 15:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-03-08 18:38 - 2016-02-08 15:38 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-03-08 18:38 - 2016-02-08 15:38 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-03-08 18:38 - 2016-02-08 15:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-03-08 18:38 - 2016-02-08 15:34 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-03-08 18:38 - 2016-02-08 15:32 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-03-08 18:38 - 2016-02-08 15:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-03-08 18:38 - 2016-02-08 15:30 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-03-08 18:38 - 2016-02-08 15:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-03-08 18:38 - 2016-02-08 15:28 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-03-08 18:38 - 2016-02-08 15:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-03-08 18:38 - 2016-02-08 15:20 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-03-08 18:38 - 2016-02-08 15:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-03-08 18:38 - 2016-02-08 15:15 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-03-08 18:38 - 2016-02-08 15:13 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-03-08 18:38 - 2016-02-08 15:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-03-08 18:38 - 2016-02-08 15:11 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-03-08 18:38 - 2016-02-08 15:10 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-03-08 18:38 - 2016-02-08 15:10 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-03-08 18:38 - 2016-02-08 15:05 - 25816576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-08 18:38 - 2016-02-08 15:03 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-03-08 18:38 - 2016-02-08 15:02 - 13012480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-03-08 18:38 - 2016-02-08 15:02 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-03-08 18:38 - 2016-02-08 15:01 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-03-08 18:38 - 2016-02-08 15:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-03-08 18:38 - 2016-02-08 14:43 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-03-08 18:38 - 2016-02-08 14:39 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-03-08 18:38 - 2016-02-08 14:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-03-08 18:38 - 2016-02-08 13:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-03-08 18:38 - 2016-02-08 13:41 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-03-08 18:38 - 2016-02-08 13:27 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-08 18:38 - 2016-02-08 13:27 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-03-08 18:38 - 2016-02-08 13:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-03-08 18:38 - 2016-02-08 13:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-03-08 18:38 - 2016-02-08 13:26 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-03-08 18:38 - 2016-02-08 13:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-03-08 18:38 - 2016-02-08 13:19 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-03-08 18:38 - 2016-02-08 13:18 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-03-08 18:38 - 2016-02-08 13:16 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-03-08 18:38 - 2016-02-08 13:15 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-03-08 18:38 - 2016-02-08 13:14 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-03-08 18:38 - 2016-02-08 13:14 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-03-08 18:38 - 2016-02-08 13:13 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-03-08 18:38 - 2016-02-08 13:13 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-03-08 18:38 - 2016-02-08 13:06 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-03-08 18:38 - 2016-02-08 13:03 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-03-08 18:38 - 2016-02-08 12:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-03-08 18:38 - 2016-02-08 12:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-03-08 18:38 - 2016-02-08 12:52 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-03-08 18:38 - 2016-02-08 12:51 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-03-08 18:38 - 2016-02-08 12:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-03-08 18:38 - 2016-02-08 12:47 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-03-08 18:38 - 2016-02-08 12:37 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-03-08 18:38 - 2016-02-08 12:35 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-03-08 18:38 - 2016-02-08 12:34 - 00798720 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-03-08 18:38 - 2016-02-08 12:33 - 14613504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-08 18:38 - 2016-02-08 12:33 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-03-08 18:38 - 2016-02-08 12:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-03-08 18:38 - 2016-02-08 12:19 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-03-08 18:38 - 2016-02-08 12:07 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-03-08 18:38 - 2016-02-08 11:55 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-03-08 18:38 - 2016-02-04 12:52 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-08 18:38 - 2016-02-03 13:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-03-08 18:38 - 2016-02-03 13:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-08 18:38 - 2016-02-03 13:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-03-08 18:38 - 2016-02-03 13:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-08 18:38 - 2016-02-03 13:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-08 18:38 - 2016-01-11 14:11 - 01684416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-03-08 18:38 - 2015-11-19 09:07 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-03-08 18:38 - 2015-11-19 09:07 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-08 18:38 - 2015-11-19 09:07 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-08 18:38 - 2015-11-19 09:07 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-08 18:38 - 2015-11-19 09:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-08 18:38 - 2015-11-19 09:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-08 18:38 - 2015-11-19 09:07 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-08 18:38 - 2015-11-19 09:07 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-08 18:38 - 2015-11-19 09:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-08 18:38 - 2015-11-19 09:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-08 18:38 - 2015-11-19 09:07 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-08 18:38 - 2015-11-19 09:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-08 18:38 - 2015-11-19 09:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-08 18:38 - 2015-11-19 09:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-08 18:38 - 2015-11-19 09:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-08 18:38 - 2015-11-19 09:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-08 18:38 - 2015-11-19 09:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-08 18:38 - 2015-11-19 09:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-08 18:38 - 2015-11-19 09:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-08 18:38 - 2015-11-19 09:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-08 18:38 - 2015-11-19 09:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-08 18:38 - 2015-11-19 09:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-08 18:38 - 2015-11-19 09:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-08 18:38 - 2015-11-19 09:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-03-08 18:38 - 2015-11-19 09:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-03-08 18:38 - 2015-11-19 09:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-03-08 18:38 - 2015-11-19 09:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-08 18:38 - 2015-11-19 09:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-03-08 18:38 - 2015-11-19 09:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-08 18:38 - 2015-11-19 09:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-08 18:38 - 2015-11-19 09:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-03-08 18:38 - 2015-11-19 09:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-03-08 18:38 - 2015-11-19 09:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-03-08 18:38 - 2015-11-19 09:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-08 18:38 - 2015-11-19 09:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-03-08 18:38 - 2015-11-19 09:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-03-08 18:38 - 2015-11-19 09:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-03-08 18:38 - 2015-11-19 09:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-03-08 18:38 - 2015-11-19 09:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-03-08 18:38 - 2015-11-19 09:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-03-08 18:38 - 2015-11-19 09:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-03-08 18:38 - 2015-11-19 09:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-08 18:38 - 2015-11-19 09:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-03-08 18:38 - 2015-11-19 09:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-03-08 18:38 - 2015-11-19 09:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-03-08 18:38 - 2015-11-19 09:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-03-08 18:35 - 2016-02-11 13:56 - 05572032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-08 18:35 - 2016-02-11 13:56 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-03-08 18:35 - 2016-02-11 13:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-03-08 18:35 - 2016-02-11 13:52 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-08 18:35 - 2016-02-11 13:49 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-03-08 18:35 - 2016-02-11 13:49 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-03-08 18:35 - 2016-02-11 13:49 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-03-08 18:35 - 2016-02-11 13:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-03-08 18:35 - 2016-02-11 13:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-03-08 18:35 - 2016-02-11 13:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-03-08 18:35 - 2016-02-11 13:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-03-08 18:35 - 2016-02-11 13:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-03-08 18:35 - 2016-02-11 13:48 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-03-08 18:35 - 2016-02-11 13:48 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-03-08 18:35 - 2016-02-11 13:48 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-03-08 18:35 - 2016-02-11 13:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-03-08 18:35 - 2016-02-11 13:48 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-03-08 18:35 - 2016-02-11 13:47 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-03-08 18:35 - 2016-02-11 13:45 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-03-08 18:35 - 2016-02-11 13:45 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-03-08 18:35 - 2016-02-11 13:45 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-03-08 18:35 - 2016-02-11 13:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-03-08 18:35 - 2016-02-11 13:44 - 03994560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-03-08 18:35 - 2016-02-11 13:44 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-03-08 18:35 - 2016-02-11 13:44 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-03-08 18:35 - 2016-02-11 13:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-03-08 18:35 - 2016-02-11 13:44 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-08 18:35 - 2016-02-11 13:44 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-03-08 18:35 - 2016-02-11 13:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-03-08 18:35 - 2016-02-11 13:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-03-08 18:35 - 2016-02-11 13:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-03-08 18:35 - 2016-02-11 13:41 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-03-08 18:35 - 2016-02-11 13:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-03-08 18:35 - 2016-02-11 13:41 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-03-08 18:35 - 2016-02-11 13:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-03-08 18:35 - 2016-02-11 13:41 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:41 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:38 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-03-08 18:35 - 2016-02-11 13:38 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-03-08 18:35 - 2016-02-11 13:38 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-03-08 18:35 - 2016-02-11 13:38 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-03-08 18:35 - 2016-02-11 13:38 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-03-08 18:35 - 2016-02-11 13:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-03-08 18:35 - 2016-02-11 13:38 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-03-08 18:35 - 2016-02-11 13:37 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-03-08 18:35 - 2016-02-11 13:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-03-08 18:35 - 2016-02-11 13:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-03-08 18:35 - 2016-02-11 13:35 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-03-08 18:35 - 2016-02-11 13:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-03-08 18:35 - 2016-02-11 13:35 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-03-08 18:35 - 2016-02-11 13:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-03-08 18:35 - 2016-02-11 13:33 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-03-08 18:35 - 2016-02-11 13:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-03-08 18:35 - 2016-02-11 13:30 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-03-08 18:35 - 2016-02-11 13:30 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-03-08 18:35 - 2016-02-11 13:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-03-08 18:35 - 2016-02-11 13:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 13:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 12:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-03-08 18:35 - 2016-02-11 12:43 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-03-08 18:35 - 2016-02-11 12:41 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-03-08 18:35 - 2016-02-11 12:40 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-03-08 18:35 - 2016-02-11 12:34 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-03-08 18:35 - 2016-02-11 12:34 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-03-08 18:35 - 2016-02-11 12:33 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-03-08 18:35 - 2016-02-11 12:32 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-03-08 18:35 - 2016-02-11 12:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-03-08 18:35 - 2016-02-11 12:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-03-08 18:35 - 2016-02-11 12:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-03-08 18:35 - 2016-02-11 12:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-03-08 18:35 - 2016-02-11 12:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-03-08 18:35 - 2016-02-11 12:31 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-03-08 18:35 - 2016-02-11 12:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 12:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 12:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-08 18:35 - 2016-02-11 12:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-08 18:35 - 2016-02-09 04:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-08 18:35 - 2016-02-09 04:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-08 18:35 - 2016-02-05 13:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-03-08 18:35 - 2016-02-05 13:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-03-08 18:35 - 2016-02-05 13:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-08 18:35 - 2016-02-05 13:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-03-08 18:35 - 2016-02-05 13:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-03-08 18:35 - 2016-02-05 13:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-03-08 18:35 - 2016-02-05 13:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-03-08 18:35 - 2016-02-05 12:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-08 18:35 - 2016-02-05 12:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-08 18:35 - 2016-02-05 12:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-08 18:35 - 2016-02-04 20:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-08 18:35 - 2016-02-04 13:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-08 18:34 - 2016-02-19 14:02 - 00038336 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-03-08 18:34 - 2016-02-19 13:54 - 01168896 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-08 18:34 - 2016-02-19 09:07 - 01373184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-08 18:34 - 2016-02-11 09:07 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-03-08 18:34 - 2016-02-09 04:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-03-08 18:34 - 2016-02-09 04:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-03-08 18:34 - 2016-02-09 04:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-03-08 18:34 - 2016-02-09 04:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-03-08 18:34 - 2016-02-09 04:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-03-08 18:34 - 2016-02-09 04:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-08 18:34 - 2016-02-09 04:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-03-08 18:34 - 2016-02-09 04:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-03-08 18:34 - 2016-02-09 04:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-03-08 18:34 - 2016-02-05 09:07 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-03-08 18:34 - 2016-02-05 09:07 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-03-08 18:34 - 2016-02-05 09:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-03-02 14:27 - 2016-03-09 15:10 - 00000000 ____D C:\Users\David\Desktop\Geeks to go
2016-03-02 14:16 - 2016-03-02 14:16 - 00000000 ____D C:\Users\David\Documents\ProcAlyzer Dumps
2016-03-02 14:02 - 2016-03-02 14:04 - 00210326 _____ C:\TDSSKiller.3.1.0.9_02.03.2016_14.02.24_log.txt
2016-02-25 18:41 - 2016-03-10 18:34 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleForDavid.job
2016-02-25 18:41 - 2016-03-10 18:04 - 00003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleForDavid
2016-02-20 17:02 - 2016-03-10 18:40 - 00000000 ____D C:\FRST
2016-02-20 13:39 - 2016-02-20 13:59 - 00057294 _____ C:\Windows\ntbtlog.txt
2016-02-19 16:32 - 2016-02-19 16:34 - 54329568 _____ (Microsoft Corporation) C:\Users\David\Downloads\Windows-KB890830-x64-V5.33.exe
2016-02-19 16:32 - 2016-02-19 16:34 - 38808920 _____ (Microsoft Corporation) C:\Users\David\Downloads\FileFormatConverters.exe
2016-02-18 21:30 - 2016-02-19 16:34 - 00129808 _____ C:\Users\David\AppData\Local\GDIPFONTCACHEV1.DAT
2016-02-18 21:08 - 2016-03-10 03:24 - 00469504 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-18 20:32 - 2016-02-18 20:32 - 00002980 _____ C:\Windows\System32\Tasks\{EDDB7748-A656-4694-B66F-5F2DCA531D8F}
2016-02-18 20:31 - 2016-02-18 20:31 - 00002980 _____ C:\Windows\System32\Tasks\{C66F275F-6A0E-44CD-8F46-24AEDB0C094B}
2016-02-18 20:31 - 2016-02-18 20:31 - 00002980 _____ C:\Windows\System32\Tasks\{431BE851-2D3F-425B-B54E-0F5118333F92}
2016-02-16 18:30 - 2016-02-16 18:19 - 00398152 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-02-16 18:26 - 2016-02-16 01:06 - 00449674 _____ C:\Windows\system32\Drivers\etc\hosts.20160216-182605.backup
2016-02-16 18:22 - 2016-02-16 18:22 - 00000000 ____D C:\Users\David\AppData\Roaming\AVAST Software
2016-02-16 18:20 - 2016-02-16 18:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-02-16 18:16 - 2016-02-16 18:16 - 00000000 ____D C:\Program Files\AVAST Software
2016-02-16 18:15 - 2016-02-16 18:15 - 00000000 ____D C:\ProgramData\AVAST Software
2016-02-16 01:06 - 2016-02-16 01:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2016-02-16 01:06 - 2016-02-16 01:06 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2016-02-16 01:06 - 2016-02-16 01:06 - 00000000 ____D C:\Program Files\McAfee Security Scan
2016-02-16 00:12 - 2016-02-20 15:35 - 00000388 _____ C:\Windows\Tasks\ReasonSecurityScheduledScan.job
2016-02-15 19:19 - 2016-02-15 19:19 - 00000912 _____ C:\Windows\SysWOW64\${LOGFILE}
2016-02-15 19:17 - 2016-02-15 19:17 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2016-02-15 19:14 - 2016-02-15 19:14 - 00000000 ____D C:\Users\David\AppData\Local\Chromium
2016-02-15 19:09 - 2016-02-15 19:11 - 00215318 _____ C:\TDSSKiller.3.1.0.9_15.02.2016_19.09.53_log.txt
2016-02-15 19:08 - 2016-02-18 20:38 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-02-15 19:08 - 2016-02-15 19:08 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-15 18:14 - 2016-02-20 16:28 - 00000000 ____D C:\Users\David\Documents\My Filehippo Downloads
2016-02-15 18:11 - 2016-02-15 18:11 - 00003014 _____ C:\Windows\System32\Tasks\{20D0BC52-F629-48A2-BB13-9EFDE917E1B7}
2016-02-15 18:09 - 2016-02-15 20:22 - 00000000 ____D C:\Program Files (x86)\SuperBoost
2016-02-15 18:09 - 2016-02-15 18:09 - 00003274 _____ C:\Windows\System32\Tasks\SuperbGameBoost
2016-02-15 18:09 - 2016-02-15 18:09 - 00000000 ____D C:\Users\David\AppData\Roaming\SuperBoost
2016-02-15 18:09 - 2016-02-15 18:09 - 00000000 ____D C:\ProgramData\SuperBoost
2016-02-15 13:38 - 2016-02-15 13:38 - 72203792 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2016-02-15 13:38 - 2016-02-15 13:38 - 04686592 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2016-02-15 13:38 - 2016-02-15 13:38 - 04307112 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2016-02-15 13:38 - 2016-02-15 13:38 - 03282032 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 03271912 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 03195648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 03040488 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 02893568 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2016-02-15 13:38 - 2016-02-15 13:38 - 02130584 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 02030208 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 01601952 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 01435144 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 01356512 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 01328496 _____ (DTS, Inc.) C:\Windows\system32\slcnt64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 01020208 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00689888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00574760 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00532384 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00467168 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00387320 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00381416 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00343712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00341160 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00258504 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00221968 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00214840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00209544 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00192984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00166208 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00122320 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00118600 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00110992 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00088352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2016-02-15 13:38 - 2016-02-15 13:38 - 00023704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2016-02-15 13:36 - 2016-02-15 13:36 - 01077248 _____ C:\Windows\system32\AmRdrIco.icl
2016-02-15 13:36 - 2016-02-15 13:36 - 00084480 _____ (Alcor Micro, Corp.) C:\Windows\system32\Drivers\AmUStor.sys
2016-02-15 13:36 - 2016-02-15 13:36 - 00019399 _____ C:\Windows\system32\AmUStor.ini
2016-02-15 13:36 - 2016-02-15 13:36 - 00012800 _____ (Alcor Micro, Corp.) C:\Windows\system32\AmUStor2.dll
2016-02-15 13:36 - 2016-02-15 13:36 - 00000640 _____ C:\Windows\system32\VendorCmd6435.bin
2016-02-15 13:36 - 2016-02-15 13:36 - 00000032 _____ C:\Windows\system32\VendorCmd6485.bin
2016-02-15 13:36 - 2016-02-15 13:36 - 00000032 _____ C:\Windows\system32\VendorCmd6465.bin
2016-02-15 13:36 - 2016-02-15 13:36 - 00000008 _____ C:\Windows\system32\CardDetect6485.bin
2016-02-15 13:36 - 2016-02-15 13:36 - 00000008 _____ C:\Windows\system32\CardDetect.bin
2016-02-15 13:31 - 2016-02-15 13:31 - 26341704 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-02-15 13:31 - 2016-02-15 13:31 - 25255568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2016-02-15 13:31 - 2016-02-15 13:31 - 19916432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-02-15 13:31 - 2016-02-15 13:31 - 17559184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2016-02-15 13:31 - 2016-02-15 13:31 - 15373568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-02-15 13:31 - 2016-02-15 13:31 - 13585736 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-02-15 13:31 - 2016-02-15 13:31 - 09185504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-02-15 13:31 - 2016-02-15 13:31 - 07755632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-02-15 13:31 - 2016-02-15 13:31 - 07639952 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-02-15 13:31 - 2016-02-15 13:31 - 06295288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-02-15 13:31 - 2016-02-15 13:31 - 02748232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-02-15 13:31 - 2016-02-15 13:31 - 02576200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-02-15 13:31 - 2016-02-15 13:31 - 02447000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-02-15 13:31 - 2016-02-15 13:31 - 02220176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2016-02-15 13:31 - 2016-02-15 13:31 - 01868104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2016-02-15 13:31 - 2016-02-15 13:31 - 01801544 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6430908.dll
2016-02-15 13:31 - 2016-02-15 13:31 - 01510728 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6430908.dll
2016-02-15 13:31 - 2016-02-15 13:31 - 00017616 _____ C:\Windows\system32\nvinfo.pb
2016-02-15 13:29 - 2016-02-15 13:29 - 00000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-02-14 22:10 - 2016-02-14 22:10 - 00027552 _____ (REALiX™) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2016-02-14 20:30 - 2016-02-14 20:30 - 00000000 ____D C:\ProgramData\BDLogging
2016-02-14 20:29 - 2016-02-14 20:29 - 00000000 ____D C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2016-02-14 20:29 - 2016-02-14 20:29 - 00000000 ____D C:\ProgramData\{ACBCD40A-42A8-4FF9-BD42-ABCD14998CBA}
2016-02-14 14:17 - 2016-02-14 14:18 - 00000000 _____ C:\Prefs.js
2016-02-13 09:50 - 2016-02-13 09:50 - 00000000 ____D C:\Users\David\AppData\Roaming\Lavasoft
2016-02-12 16:01 - 2016-02-12 16:01 - 00000000 ____D C:\Windows\system32\SRSLabs
2016-02-12 15:27 - 2016-02-12 15:27 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled
2016-02-12 11:26 - 2016-02-16 00:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reason Core Security
2016-02-12 11:26 - 2016-02-12 11:26 - 00000000 ____D C:\Program Files\Reason
2016-02-10 14:14 - 2016-01-06 14:02 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-02-10 14:14 - 2016-01-06 14:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-02-10 14:14 - 2016-01-06 13:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-02-10 14:10 - 2016-01-16 14:01 - 02085888 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-02-10 14:10 - 2016-01-16 13:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-02-10 14:10 - 2016-01-07 12:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-10 14:10 - 2015-12-20 13:50 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-02-10 14:10 - 2015-12-20 13:50 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-02-10 14:10 - 2015-12-20 09:08 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-02-10 14:09 - 2016-01-22 01:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-10 14:09 - 2016-01-22 01:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-10 14:09 - 2016-01-22 01:17 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-10 14:09 - 2016-01-22 01:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-02-10 14:09 - 2016-01-22 01:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-02-10 14:09 - 2016-01-22 01:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-02-10 14:09 - 2016-01-22 01:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-02-10 14:08 - 2016-01-22 01:19 - 14179840 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-02-10 14:08 - 2016-01-22 01:15 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-02-10 14:08 - 2016-01-22 01:12 - 01940992 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-02-10 14:08 - 2016-01-22 01:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-02-10 14:08 - 2016-01-22 01:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-02-10 14:08 - 2016-01-22 00:59 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-02-10 14:08 - 2016-01-22 00:19 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-02-10 14:08 - 2016-01-22 00:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-02-10 08:48 - 2016-02-10 08:48 - 00003258 _____ C:\Windows\System32\Tasks\{66AED39D-C8F9-4D71-9FE3-48533CE8B638}
2016-02-09 17:18 - 2016-02-09 17:18 - 00117350 _____ C:\Users\David\Desktop\SearchSoft - Stephens County School System - Application Frame.pdf
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-03-10 18:41 - 2015-05-12 11:53 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-10 18:40 - 2013-10-28 18:16 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{A0B974DB-CB5C-4689-9CD9-085B2BCAE397}
2016-03-10 18:34 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-10 18:31 - 2016-01-01 13:57 - 00000000 ____D C:\Users\David\AppData\Roaming\Yahoo!
2016-03-10 18:31 - 2013-11-06 10:22 - 00000000 ____D C:\Users\Guest
2016-03-10 18:30 - 2013-12-03 17:14 - 00000000 ____D C:\Users\David\Desktop\DEB
2016-03-10 18:20 - 2013-10-28 17:38 - 00000000 ____D C:\Users\David\AppData\Roaming\SoftGrid Client
2016-03-10 15:44 - 2015-05-12 11:53 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-10 15:44 - 2015-05-12 11:53 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-10 15:44 - 2015-05-12 11:53 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-03-10 15:33 - 2009-07-13 23:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-10 15:33 - 2009-07-13 23:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-09 16:32 - 2009-07-14 00:13 - 00820796 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-09 16:32 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf
2016-03-09 14:13 - 2016-01-01 14:48 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-03-09 14:09 - 2015-12-10 20:27 - 00000000 ____D C:\Users\David\AppData\LocalLow\Temp
2016-03-09 13:43 - 2013-11-09 15:41 - 00000000 ____D C:\Program Files (x86)\Google
2016-03-09 13:41 - 2015-03-21 13:55 - 00000000 ____D C:\Users\David\AppData\Local\Apps\2.0
2016-03-09 13:38 - 2014-03-05 09:59 - 00000000 ____D C:\Users\David\Desktop\PC SCANS
2016-03-09 13:24 - 2014-02-27 18:33 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2016-03-09 13:23 - 2014-02-27 18:33 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2016-03-09 13:14 - 2014-02-27 18:34 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-03-09 05:40 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2016-03-09 03:10 - 2013-10-28 19:38 - 00000000 ____D C:\Windows\system32\MRT
2016-03-09 03:01 - 2014-12-10 10:28 - 00000000 ____D C:\Windows\system32\appraiser
2016-03-09 03:01 - 2013-10-28 19:38 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-26 03:01 - 2015-04-04 15:53 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-02-26 03:01 - 2015-04-04 15:53 - 00000000 ___SD C:\Windows\system32\GWX
2016-02-23 13:01 - 2014-02-27 18:33 - 00463744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-02-23 00:22 - 2016-01-01 14:54 - 00000000 ____D C:\Users\David\Desktop\HP
2016-02-20 22:40 - 2014-03-07 10:32 - 00000000 ____D C:\Users\David\AppData\Local\Microsoft Games
2016-02-19 16:36 - 2010-10-28 15:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-02-19 16:34 - 2015-03-25 15:49 - 00000000 ____D C:\Program Files (x86)\MSECache
2016-02-18 21:18 - 2015-07-23 13:53 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2016-02-18 21:17 - 2015-07-27 15:19 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-02-18 20:53 - 2015-07-27 15:11 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-02-18 20:51 - 2013-10-31 15:29 - 00000000 ____D C:\Users\David\AppData\Local\CrashDumps
2016-02-16 20:23 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2016-02-16 18:20 - 2014-02-27 18:33 - 00287016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-02-16 18:19 - 2014-05-04 11:13 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-02-16 18:19 - 2014-02-27 18:33 - 00165344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-02-16 18:19 - 2014-02-27 18:33 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-02-16 18:19 - 2014-02-27 18:33 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-02-16 18:16 - 2010-10-28 15:45 - 00000000 ____D C:\ProgramData\Temp
2016-02-16 00:38 - 2013-10-28 17:11 - 00000000 ____D C:\Users\David
2016-02-15 20:31 - 2016-01-01 14:45 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2016-02-15 20:08 - 2014-06-05 07:32 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-02-15 18:04 - 2014-03-19 12:54 - 00000000 ____D C:\Program Files\Common Files\Motive
2016-02-15 13:44 - 2014-05-29 11:31 - 00000683 _____ C:\ProgramData\EventStore.xml
2016-02-15 13:44 - 2014-05-29 11:31 - 00000545 _____ C:\ProgramData\CampaignStore.xml
2016-02-15 13:44 - 2014-05-29 11:31 - 00000424 _____ C:\ProgramData\SoftwareVersionStore.xml
2016-02-15 13:44 - 2014-05-29 11:31 - 00000150 _____ C:\ProgramData\SubscriberStatusStore.json
2016-02-15 13:44 - 2014-05-29 11:30 - 00000619 _____ C:\ProgramData\SubscriptionStore.xml
2016-02-15 13:44 - 2014-05-29 11:30 - 00000583 _____ C:\ProgramData\UpgradeStore.xml
2016-02-15 13:44 - 2014-05-29 11:30 - 00000412 _____ C:\ProgramData\ConfigurationStore.xml
2016-02-15 13:44 - 2014-05-29 11:30 - 00000408 _____ C:\ProgramData\FulfillmentStateMachineStores.xml
2016-02-15 13:44 - 2014-05-29 11:30 - 00000066 _____ C:\ProgramData\AaaAuthorizationStore.json
2016-02-15 13:39 - 2010-10-28 15:32 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-02-15 13:35 - 2010-10-28 15:44 - 00000000 ____D C:\ProgramData\NVIDIA
2016-02-15 13:33 - 2010-10-28 15:32 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-02-15 13:31 - 2010-10-28 16:29 - 18320440 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-02-15 13:31 - 2010-10-28 16:29 - 02753952 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-02-14 20:41 - 2014-12-25 13:40 - 00003888 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-02-14 16:40 - 2014-05-29 11:30 - 00000466 _____ C:\ProgramData\SharedProperties.xml
2016-02-14 14:18 - 2013-11-05 20:22 - 00000000 ____D C:\ProgramData\Lavasoft
2016-02-13 01:42 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Windows Defender
2016-02-13 01:42 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\DVD Maker
2016-02-13 01:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\ras
2016-02-13 01:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2016-02-13 01:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\ras
2016-02-13 01:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\oobe
2016-02-13 01:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\migwiz
2016-02-13 01:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\ias
2016-02-13 01:42 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\System
2016-02-13 01:42 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\Services
2016-02-13 01:41 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2016-02-13 01:41 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2016-02-13 01:41 - 2009-07-13 22:20 - 00000000 __RSD C:\Windows\Media
2016-02-13 01:41 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\Setup
2016-02-13 01:41 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\lv-LV
2016-02-13 01:41 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\lt-LT
2016-02-13 01:41 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\et-EE
2016-02-13 01:41 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\Setup
2016-02-13 01:41 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\lv-LV
2016-02-13 01:41 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\lt-LT
2016-02-13 01:41 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\et-EE
2016-02-13 01:41 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2016-02-13 01:41 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\L2Schemas
2016-02-13 01:38 - 2016-01-01 14:45 - 00000000 ____D C:\ProgramData\Licenses
2016-02-13 01:38 - 2015-12-03 08:58 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-02-13 01:38 - 2015-03-01 17:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My Wal-Mart Digital Photo Center
2016-02-13 01:38 - 2014-12-08 13:49 - 00000000 ____D C:\Users\User\AppData\Local\HuluDesktop
2016-02-13 01:38 - 2014-04-02 17:57 - 00000000 ____D C:\Program Files (x86)\null
2016-02-13 01:38 - 2014-02-27 19:57 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-02-13 01:38 - 2013-10-28 21:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-02-13 01:38 - 2013-10-28 21:38 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-02-13 01:38 - 2013-10-28 21:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-02-13 01:38 - 2010-10-28 15:32 - 00000000 ____D C:\Program Files\Realtek
2016-02-13 01:36 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\registration
2016-02-13 01:11 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\security
2016-02-13 01:09 - 2013-11-09 15:42 - 00000000 ____D C:\Users\David\AppData\Local\Google
2016-02-13 01:09 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-02-13 01:07 - 2013-12-04 15:21 - 00000000 __RHD C:\MSOCache
2016-02-12 16:05 - 2009-07-24 14:22 - 00000000 ____D C:\Windows\Panther
2016-02-12 15:27 - 2015-06-23 10:24 - 00000000 ____D C:\Users\David\AppData\Roaming\Apple Computer
2016-02-12 13:25 - 2015-12-03 15:17 - 00000000 ____D C:\Users\David\AppData\Local\NVIDIA Corporation
2016-02-12 11:32 - 2013-11-05 19:51 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2016-02-12 10:52 - 2015-07-18 17:29 - 00000000 ____D C:\log
2016-02-12 09:34 - 2015-08-21 13:41 - 00000000 ____D C:\Users\David\.oracle_jre_usage
2016-02-12 09:34 - 2015-05-02 15:43 - 00110176 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2016-02-12 09:34 - 2015-03-21 15:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-12 09:33 - 2015-05-02 15:41 - 00000000 ____D C:\Program Files\Java
2016-02-12 03:53 - 2014-04-29 20:13 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-02-12 03:53 - 2009-07-14 02:45 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-11 21:39 - 2013-10-29 17:41 - 00000000 ____D C:\Users\David\AppData\Roaming\HpUpdate
2016-02-11 10:12 - 2010-10-28 15:58 - 00000000 ____D C:\ProgramData\PDFC
2016-02-10 21:00 - 2015-01-02 15:37 - 00000000 ____D C:\Users\David\Desktop\DAVID
 
==================== Files in the root of some directories =======
 
2014-02-27 17:41 - 2015-01-02 17:32 - 0000134 _____ () C:\Users\David\AppData\Roaming\WB.CFG
2014-12-30 19:51 - 2014-12-30 21:10 - 0012800 _____ () C:\Users\David\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-02 17:32 - 2015-01-02 17:32 - 0234679 _____ () C:\Users\David\AppData\Local\dsi1.dat
2015-01-02 17:32 - 2015-01-02 17:32 - 0161916 _____ () C:\Users\David\AppData\Local\dsi2.dat
2014-05-29 11:30 - 2016-02-15 13:44 - 0000066 _____ () C:\ProgramData\AaaAuthorizationStore.json
2014-05-29 11:31 - 2016-02-15 13:44 - 0000545 _____ () C:\ProgramData\CampaignStore.xml
2014-05-29 11:30 - 2016-02-15 13:44 - 0000412 _____ () C:\ProgramData\ConfigurationStore.xml
2014-05-29 11:31 - 2016-02-15 13:44 - 0000683 _____ () C:\ProgramData\EventStore.xml
2014-05-29 11:30 - 2016-02-15 13:44 - 0000408 _____ () C:\ProgramData\FulfillmentStateMachineStores.xml
2015-12-31 18:31 - 2016-02-12 10:22 - 0004771 _____ () C:\ProgramData\hpzinstall.log
2014-02-27 19:04 - 2014-02-27 19:28 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2014-05-29 11:30 - 2016-02-14 16:40 - 0000466 _____ () C:\ProgramData\SharedProperties.xml
2014-05-29 11:31 - 2016-02-15 13:44 - 0000424 _____ () C:\ProgramData\SoftwareVersionStore.xml
2014-05-29 11:31 - 2016-02-15 13:44 - 0000150 _____ () C:\ProgramData\SubscriberStatusStore.json
2014-05-29 11:30 - 2016-02-15 13:44 - 0000619 _____ () C:\ProgramData\SubscriptionStore.xml
2014-05-29 11:30 - 2016-02-15 13:44 - 0000583 _____ () C:\ProgramData\UpgradeStore.xml
 
Some files in TEMP:
====================
C:\Users\David\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-03-09 00:33
 
==================== End of FRST.txt ============================

  • 0

#12
DeborahT
Posted 10 March 2016 - 05:53 PM

DeborahT

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by David (2016-03-10 18:44:52)
Running from C:\Users\David\Desktop\Fix
Windows 7 Home Premium Service Pack 1 (X64) (2013-10-28 22:11:10)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-585021316-1980500837-2966188906-500 - Administrator - Disabled)
David (S-1-5-21-585021316-1980500837-2966188906-1000 - Administrator - Enabled) => C:\Users\David
Guest (S-1-5-21-585021316-1980500837-2966188906-501 - Limited - Disabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-585021316-1980500837-2966188906-1002 - Limited - Enabled)
User (S-1-5-21-585021316-1980500837-2966188906-1003 - Limited - Enabled) => C:\Users\User
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
6300 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
6300_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
6300Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2253 - AVAST Software)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3210 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.2.4412 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.2.4521 - Hewlett-Packard)
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.2.4517 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{A40F60B1-F1E1-452E-96A5-FF97F9A2D102}) (Version: 3.1.2.4 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.2.4522 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photo Creations (HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\HP Photo Creations) (Version: 1.0.0.18702 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Power Assistant (HKLM\...\{6888C635-E550-4FA4-958E-CE2880B0443B}) (Version: 1.1.1.6 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{53469506-A37E-4314-A9D9-38724EC23A75}) (Version: 8.4.4400.3525 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.0.12844.3519 - Hewlett-Packard Company)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.1.40.3 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.0.30.219 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.6.0 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Java 8 Update 72 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418072F0}) (Version: 8.0.720.15 - Oracle Corporation)
Java 8 Update 74 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418074F0}) (Version: 8.0.740.2 - Oracle Corporation)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3130 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3130 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}) (Version: 1.18.15.1 - LightScribe)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.292.3 - McAfee, Inc.)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4797.1003 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\OneDriveSetup.exe) (Version: 17.3.5951.0827 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.2.4412 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Wal-Mart Digital Photo Center (HKLM-x32\...\{DAF8B012-D559-4B8D-95C0-D98E1172E5C3}) (Version: 1.4.0.0 - Fujifilm e-Systems)
MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 7.0.0.7137 - MyHeritage.com)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.11.9745 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.61.39 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM-x32\...\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version: 1.00.7330.0 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.7.4.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.7.4.10 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4797.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4797.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4787.1002 - Microsoft Corporation) Hidden
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.9 - PDF Complete, Inc)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4329 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4329 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.4527 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.4527 - CyberLink Corp.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7673 - Realtek Semiconductor Corp.)
Reason Core Security (HKLM-x32\...\Reason Core Security) (Version: 1.1.1.0 - Reason Software Company Inc.)
Recovery Manager (x32 Version: 5.5.3219 - CyberLink Corp.) Hidden
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
SHIELD Streaming (Version: 4.1.0240 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.7.4.10 - NVIDIA Corporation) Hidden
Should I Remove It (HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\Should I Remove It 1.0.4) (Version: 1.0.4 - Reason Software Company Inc.)
Should I Remove It (x32 Version: 1.0.4 - Reason Software Company Inc.) Hidden
SierraHome Print Artist 12.0 (HKLM-x32\...\Print Artist 12.0) (Version:  - )
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SpywareBlaster 5.4 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.4.0 - BrightFort LLC)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Walmart Photo Manager (HKLM-x32\...\{1D601240-1E3C-11DE-8C30-0800200C9A66}) (Version: 2.4.0.570 - Walmart Stores Inc.)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\ZoomUMX) (Version: 3.5 - Zoom Video Communications, Inc.)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {02A0DF7D-DE76-47F4-A241-695307066BB1} - System32\Tasks\{20D0BC52-F629-48A2-BB13-9EFDE917E1B7} => C:\Users\David\Desktop\PC SCANS\Set up for PC scans\asc-ultimate-setup.exe
Task: {053FA89F-569D-4D21-A74A-FBF3DD8FAEC1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation)
Task: {0C9D7BDE-BE09-4507-86D5-C058E7F97800} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-02-17] (Hewlett-Packard)
Task: {21FF8D8B-C79A-4F68-82E6-7587AE86501C} - System32\Tasks\{7DDDFD20-0034-47F0-9EF2-C11CC6B1A1FE} => pcalua.exe -a "C:\Users\David\Desktop\PC SCANS\Set up for PC scans\TweakUiPowertoySetup.exe" -d "C:\Users\David\Desktop\PC SCANS\Set up for PC scans"
Task: {259BD190-4D37-40AE-B129-36C676B06628} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {2D79C023-D8AA-4E86-A2D1-C1601102CF05} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-02-18] (Microsoft Corporation)
Task: {2E9D0A66-76BE-493A-9FAD-8514AFBD77D6} - System32\Tasks\{431BE851-2D3F-425B-B54E-0F5118333F92} => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
Task: {3558D48F-6FB1-4713-B2E3-33D224C80F37} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-10] (Adobe Systems Incorporated)
Task: {362BAD6C-38F8-41CA-89AA-29971A10B6A5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-01-12] (Microsoft Corporation)
Task: {43A58F2A-B171-4CE4-98E8-1CCC62358EE2} - System32\Tasks\HPCeeScheduleForDavid => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {4EE22EC3-1037-4769-87FD-6E60EFD6A1F8} - System32\Tasks\Games\UpdateCheck_S-1-5-21-585021316-1980500837-2966188906-1000
Task: {4F1D03C4-C329-4FE9-9275-88DAEE0193E7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {5BBCDC62-40AC-4BA8-914B-91F64461E4F6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {6879F143-481E-4140-9209-BB7B667CF8B5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {6E9180E1-E038-4B59-A32C-57CF925DD139} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation)
Task: {6EC5B208-C9F1-4D46-B7D5-AE6FB49A8AC9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-02-16] (AVAST Software)
Task: {79B899D5-3F7A-44AB-8534-1E6ADF90D584} - System32\Tasks\{5C3E0562-F14F-46A4-8D0B-79520B28FA94} => pcalua.exe -a "C:\Users\David\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HUN2QOF4\startuplite-setup-1.07.exe" -d C:\Users\David\Desktop
Task: {804E739C-A348-4CAF-A337-E7584E90247C} - System32\Tasks\{C66F275F-6A0E-44CD-8F46-24AEDB0C094B} => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
Task: {85C9E102-CB77-4952-8D6A-0EDA29183A52} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-01-12] (Microsoft Corporation)
Task: {8C1CC126-857D-423E-A660-66D28434B875} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-09] (Google Inc.)
Task: {948E580D-3BE9-43AB-9763-48856EF242D4} - System32\Tasks\{EDDB7748-A656-4694-B66F-5F2DCA531D8F} => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
Task: {9F7EDF11-7951-49FB-A404-84523BA684C8} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {ACF54955-1154-4C54-914A-1C1A06972E4C} - System32\Tasks\{66AED39D-C8F9-4D71-9FE3-48533CE8B638} => pcalua.exe -a "C:\Users\David\Desktop\PC SCANS\Set up for PC scans\Adaware_Installer.exe" -d "C:\Users\David\Desktop\PC SCANS\Set up for PC scans"
Task: {C2605A1E-388D-4193-9C3B-8AA341C3B20D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-02-17] (Hewlett-Packard)
Task: {C603EC81-625C-492D-B720-262722EAB4D9} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-04] (AVAST Software)
Task: {D21C02DA-D847-4887-B831-4FF772540262} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-15] (Piriform Ltd)
Task: {DF009C87-4404-4649-9C31-4E0A17A90B4C} - System32\Tasks\SuperbGameBoost => C:\Program Files (x86)\SuperBoost\Superb Game Boost\SuperbGameBoostMain.exe
Task: {E14F2BA7-3885-45B9-9C65-64780D74BEF4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-09] (Google Inc.)
Task: {E6118FDA-F60A-4008-A18F-81468A425F66} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {E61B2C39-265A-4474-BBB1-C158EED29AB9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-02-18] (Hewlett-Packard)
Task: {F12B30C3-E47F-4998-90D4-D95F0183083A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-01-20] (Hewlett-Packard)
Task: {F8B6555C-7394-4FB4-9BC0-47BC076A7F48} - System32\Tasks\{11BC1C56-1256-4DDE-B93D-817E5D31CBFC} => pcalua.exe -a "C:\Users\David\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LTQASXD5\TweakUiPowertoySetup.exe" -d C:\Users\David\Desktop
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForDavid.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\ReasonSecurityScheduledScan.job => C:\Program Files\Reason\Security\rsUI.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-12-05 03:05 - 2015-01-30 19:57 - 00086160 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-07-27 15:11 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-10-28 09:15 - 2015-09-01 11:04 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2016-02-16 18:19 - 2016-02-16 18:19 - 00113496 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-02-16 18:19 - 2016-02-16 18:19 - 00133768 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-03-10 15:28 - 2016-03-10 15:28 - 02838528 _____ () C:\Program Files\AVAST Software\Avast\defs\16031003\algo.dll
2016-02-16 18:19 - 2016-02-16 18:19 - 00480760 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-12-03 15:17 - 2015-11-12 13:39 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-02-16 18:19 - 2016-02-16 18:19 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-02-27 19:57 - 2014-05-13 11:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-02-27 19:57 - 2014-05-13 11:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-02-27 19:57 - 2014-05-13 11:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-03-09 13:43 - 2016-03-07 21:48 - 01676440 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\libglesv2.dll
2016-03-09 13:43 - 2016-03-07 21:48 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HsdService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ServicepointService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HsdService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\myradioplayer => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ServicepointService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
 
There are 7872 more sites.
 
IE trusted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-585021316-1980500837-2966188906-1000\...\1-2005-search.com -> www.1-2005-search.com
 
There are 12689 more sites.
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2016-03-09 14:16 - 00451251 ____R C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
 
There are 15474 more lines.
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-585021316-1980500837-2966188906-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\David\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.254.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: ) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: 20131224 => C:\Program Files\AVAST Software\Avast\setup\emupdate\f64731f2-28ba-4cb8-a4dd-371a0a74c55a.exe /check
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DiagnosticTools.exe => "C:\Program Files (x86)\Windstream\Diagnostic Tools\DiagnosticTools.exe" /AUTORUN
MSCONFIG\startupreg: Family Tree Builder Update => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
MSCONFIG\startupreg: hpsysdrv => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: NCPluginUpdater => "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: SmartMenu => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TrayStartup => C:\Program Files (x86)\Windstream Online Data Backup\VaultClientTray.exe
MSCONFIG\startupreg: Windstream Service Agent.exe => "C:\Program Files (x86)\Windstream\Service Agent\Windstream Service Agent.exe" /AUTORUN
MSCONFIG\startupreg: Zoom => 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
 
==================== Restore Points =========================
 
12-02-2016 11:31:57 Installed Boost
12-02-2016 13:53:29 Removed service pack backup files
12-02-2016 14:25:26 Windows Update
12-02-2016 15:49:32 Driver Booster : BlackBerry Smartphone
13-02-2016 00:28:39 Driver Booster : BlackBerry Smartphone
13-02-2016 01:03:21 Restore Operation
13-02-2016 03:00:12 Windows Update
14-02-2016 03:00:52 Windows Update
14-02-2016 19:00:12 Windows Backup
15-02-2016 03:00:11 Windows Update
15-02-2016 13:29:08 Driver Booster : BlackBerry Smartphone
15-02-2016 18:23:23 Restore Point before AdAwareInstaller was removed using Program Install and Uninstall troubleshooter
15-02-2016 18:24:07  AdAwareInstaller 
16-02-2016 18:15:38 Windows Update
17-02-2016 03:00:25 Windows Update
18-02-2016 03:00:24 Windows Update
18-02-2016 21:01:37 Windows Update
19-02-2016 16:28:07 Windows Update
19-02-2016 16:34:27 Installed Compatibility Pack for the 2007 Office system
19-02-2016 22:00:11 Windows Update
21-02-2016 03:00:30 Windows Update
21-02-2016 21:47:05 Windows Backup
22-02-2016 10:58:24 Windows Update
23-02-2016 02:19:02 Windows Update
24-02-2016 03:00:28 Windows Update
25-02-2016 03:00:36 Windows Update
25-02-2016 04:05:55 Windows Update
26-02-2016 03:00:26 Windows Update
27-02-2016 03:00:20 Windows Update
28-02-2016 03:00:10 Windows Update
29-02-2016 03:00:22 Windows Update
29-02-2016 03:00:44 Windows Backup
01-03-2016 03:00:10 Windows Update
02-03-2016 03:00:10 Windows Update
03-03-2016 03:00:26 Windows Update
04-03-2016 03:00:20 Windows Update
05-03-2016 03:00:20 Windows Update
06-03-2016 03:00:10 Windows Update
06-03-2016 19:00:09 Windows Backup
07-03-2016 03:00:10 Windows Update
08-03-2016 03:00:10 Windows Update
09-03-2016 03:00:13 Windows Update
09-03-2016 14:08:25 Restore Point Created by FRST
10-03-2016 03:00:26 Windows Update
10-03-2016 18:19:48 JRT Pre-Junkware Removal
 
==================== Faulty Device Manager Devices =============
 
Name: VBoxAsw Support Driver
Description: VBoxAsw Support Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: VBoxAswDrv
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/09/2016 02:08:25 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {9da353b5-bd6e-48c2-92fa-8d5153a5f0f3}
 
Error: (03/09/2016 04:00:23 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: Microsoft.VisualStudio.Tools.Office.AppInfoDocument.v9.0, Version=9.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a . Error code = 0x80070020
 
Error: (03/09/2016 04:00:13 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: Microsoft.PowerShell.GPowerShell, Version=1.0.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=msil . Error code = 0x80070020
 
Error: (03/09/2016 01:31:42 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description: 
 
Error: (03/09/2016 01:31:24 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description: 
 
Error: (03/09/2016 01:27:53 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description: 
 
Error: (03/09/2016 01:27:24 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description: 
 
Error: (03/08/2016 01:27:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AitStatic.exe, version: 10.0.10004.0, time stamp: 0x54c65a8b
Faulting module name: KERNELBASE.dll, version: 6.1.7601.19135, time stamp: 0x56a1c9ac
Exception code: 0xc000000d
Fault offset: 0x000000000000965d
Faulting process id: 0xa00
Faulting application start time: 0xAitStatic.exe0
Faulting application path: AitStatic.exe1
Faulting module path: AitStatic.exe2
Report Id: AitStatic.exe3
 
Error: (03/08/2016 01:26:35 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (03/07/2016 12:42:09 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
 
System errors:
=============
Error: (03/10/2016 06:35:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The VBoxAsw Support Driver service failed to start due to the following error: 
%%3
 
Error: (03/10/2016 06:35:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Reason Core Security Engine Service service failed to start due to the following error: 
%%1053
 
Error: (03/10/2016 06:35:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Reason Core Security Engine Service service to connect.
 
Error: (03/10/2016 06:32:19 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: 
%%1056
 
Error: (03/10/2016 06:31:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The HP Software Framework Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (03/10/2016 06:31:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The HP Support Solutions Framework Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (03/10/2016 06:31:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (03/10/2016 06:31:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Application Virtualization Client service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (03/10/2016 06:31:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Client Virtualization Handler service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (03/10/2016 06:31:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Application Virtualization Service Agent service terminated unexpectedly.  It has done this 1 time(s).
 
 
==================== Memory info =========================== 
 
Processor: AMD Athlon™ II X2 220 Processor
Percentage of memory in use: 47%
Total physical RAM: 3839.3 MB
Available physical RAM: 2022.14 MB
Total Virtual: 7676.82 MB
Available Virtual: 5444.65 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:452.34 GB) (Free:271.78 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:13.32 GB) (Free:1.61 GB) NTFS ==>[system with boot components (obtained from drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: CDDC5E9D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=452.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.3 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

  • 0

#13
pystryker
Posted 10 March 2016 - 07:06 PM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts
Hello :)

Let's run some scans for remnants and orphans. How is the machine running?


Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.

Step 1: Scan with Malwarebytes


Please download Malwarebytes Anti-Malware to your desktop
Install the program and select Update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits

MBAMsettings_zpsb6b9ada0.jpg

Go back to the Dashboard and select Scan Now

mbam21-console_zpslhr5hawa.jpg

If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

MBAMReboot_zps9089ab30.jpg

MBAMLog_zpsade07f42.jpg

On completion of the scan (or after the reboot), start MBAM,

Click History, then Application Logs, then check the Select box by the first Scan Log in the list and then click on the log to highlight it.

Click Export, select text file and save to the desktop as MBAM.txt and post in your next reply.




Step 2: ESET Online Virus Scan

Please note: You can use Internet Explorer or Firefox for this step.

If you use Firefox, you will be prompted to download esetsmartinstaller_enu.exe. Please do so, then double click it to install it.

Please click on this link and then click the ESET Online Scanner bar ---->esetbar_zps93905f48.jpg
  • Select the option YES, I accept the Terms of Use then click on Start
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked.
  • Make sure that the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
  • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology
  • Now click on Start
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • Now click on Finish
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.
Step 3: SecurityCheck Scan


Download Security Checksecuritycheck_zpsb7736812.jpg by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • NOTE: If SecurityCheck aborts and you get the following message: UNSUPPORTED OPERATING SYSTEM! ABORTED! try rebooting the system and then run SecurityCheck again.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Things I need to see in your next post:
  • ESET Scan Log
  • MBAM Log
  • SecurityCheck Log

  • 0

#14
DeborahT
Posted 10 March 2016 - 08:00 PM

DeborahT

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 3/10/2016
Scan Time: 8:26 PM
Logfile: MBAM.txt
Administrator: Yes
 
Version: 2.2.0.1024
Malware Database: v2016.03.10.07
Rootkit Database: v2016.02.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: David
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 454888
Time Elapsed: 25 min, 50 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 6
PUP.Optional.WeatherAlerts, HKLM\SOFTWARE\MICROSOFT\TRACING\WAUpdater_RASAPI32, Quarantined, [8699a6e0a9f0b185a0f09dd1a262d52b], 
PUP.Optional.WeatherAlerts, HKLM\SOFTWARE\MICROSOFT\TRACING\WAUpdater_RASMANCS, Quarantined, [0a15384e2673f2440a8674faa2623bc5], 
PUP.Optional.WeatherAlerts, HKLM\SOFTWARE\MICROSOFT\TRACING\WeatherAlerts_RASAPI32, Quarantined, [3be4374feeab7eb84a4788e6bd4706fa], 
PUP.Optional.WeatherAlerts, HKLM\SOFTWARE\MICROSOFT\TRACING\WeatherAlerts_RASMANCS, Quarantined, [4cd30a7c3b5eb28450414b23bf450af6], 
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{914131ED-6D6D-47EC-94B5-B4DC987AE7B6}, Quarantined, [b16e8df9376225111932629824df857b], 
PUP.Optional.Yontoo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Update Yula, Quarantined, [48d71f67485131058872c3ab32d249b7], 
 
Registry Values: 1
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{914131ED-6D6D-47EC-94B5-B4DC987AE7B6}|AppPath, C:\Users\David\AppData\Local\Conduit\CT3315348, Quarantined, [b16e8df9376225111932629824df857b]
 
Registry Data: 0
(No malicious items detected)
 
Folders: 4
PUP.Optional.SearchAlgo, C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhhikcmleiiookknkemgafeddfpohhaa\1.0.1_0, Quarantined, [f12e394dbcdd9f97785d66d514f17987], 
PUP.Optional.SearchAlgo, C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhhikcmleiiookknkemgafeddfpohhaa\1.0.1_0\icons, Quarantined, [f12e394dbcdd9f97785d66d514f17987], 
PUP.Optional.SearchAlgo, C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhhikcmleiiookknkemgafeddfpohhaa\1.0.1_0\_metadata, Quarantined, [f12e394dbcdd9f97785d66d514f17987], 
PUP.Optional.SearchAlgo, C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhhikcmleiiookknkemgafeddfpohhaa, Quarantined, [f12e394dbcdd9f97785d66d514f17987], 
 
Files: 6
PUP.Optional.SearchAlgo, C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhhikcmleiiookknkemgafeddfpohhaa\1.0.1_0\manifest.json, Quarantined, [f12e394dbcdd9f97785d66d514f17987], 
PUP.Optional.SearchAlgo, C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhhikcmleiiookknkemgafeddfpohhaa\1.0.1_0\background.js, Quarantined, [f12e394dbcdd9f97785d66d514f17987], 
PUP.Optional.SearchAlgo, C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhhikcmleiiookknkemgafeddfpohhaa\1.0.1_0\icons\icon128.png, Quarantined, [f12e394dbcdd9f97785d66d514f17987], 
PUP.Optional.SearchAlgo, C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhhikcmleiiookknkemgafeddfpohhaa\1.0.1_0\icons\icon16.png, Quarantined, [f12e394dbcdd9f97785d66d514f17987], 
PUP.Optional.SearchAlgo, C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhhikcmleiiookknkemgafeddfpohhaa\1.0.1_0\_metadata\computed_hashes.json, Quarantined, [f12e394dbcdd9f97785d66d514f17987], 
PUP.Optional.SearchAlgo, C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhhikcmleiiookknkemgafeddfpohhaa\1.0.1_0\_metadata\verified_contents.json, Quarantined, [f12e394dbcdd9f97785d66d514f17987], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

  • 0

#15
DeborahT
Posted 11 March 2016 - 12:48 AM

DeborahT

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
C:\Program Files (x86)\AdwCleaner\FileQuarantine\C\Users\David\AppData\Roaming\RHEng\D0AD2C2DCA1840429DE2B223B49D9F60\pcmechanicpmUS_p1v1.exe.vir a variant of Win32/UniBlue.F potentially unwanted application
C:\Users\David\AppData\LocalLow\Sun\Java\jre1.7.0_55\java_sp.dll a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application
C:\Users\David\Documents\My Filehippo Downloads\ccsetup514.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics


Also tagged with one or more of these keywords: infected computer

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP