Cyber Tech Help Support Forums - View Single Post

luzchurch · #5 April 4th, 2020, 03:32 PM

FireFox:
========
FF ProfilePath: C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\4seut7x1.default-1585692271045 [2020-04-04]
FF Extension: (Hotfix for Firefox bug 1548973 (armagaddon 2.0) mitigation) - C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\4seut7x1.default-1585692271045\features\{77ac282c-2a82-4231-bd5a-628540cecb7d}\hotfix-bug-1548973@mozilla.org.xpi [2020-03-31] [Legacy]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-04-20] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 => not found
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Fi refox\Ext
FF Extension: (RealDownloader) - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Fi refox\Ext [2016-12-10] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Fi refox\Ext
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_ 238.dll [2019-09-02] (Adobe Inc. -> ) [File not signed]
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-04-14] (CANON INC.) [File not signed]
FF Plugin: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [No File]
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @Nero.com/KM -> C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-11-06] (Nero AG -> Nero AG)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2016-12-10] (RealNetworks, Inc. -> RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Mo zillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.) [File not signed]
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Mo zillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.) [File not signed]
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Mo zillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.) [File not signed]
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll [2016-12-10] (RealNetworks, Inc. -> RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\np dlplugin.dll [2013-08-14] (RealNetworks, Inc. -> RealDownloader)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Documents and Settings\owner\Local Settings\Application Data\Google\Chrome\User Data\Default [2020-04-03]
CHR DownloadDir: C:\Documents and Settings\owner\My Documents
CHR Extension: (RealDownloader) - C:\Documents and Settings\owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjb npdiji [2018-05-03]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Ch rome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [edfhabmbbhdcdpnoilchepfojmdeannd]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpda teService.exe [335416 2019-09-02] (Adobe Inc. -> Adobe) [File not signed]
R3 BITS; C:\WINDOWS\system32\qmgr.dll [408576 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
S2 Browser; C:\WINDOWS\System32\browser.dll [78336 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R2 DcomLaunch; C:\WINDOWS\system32\rpcss.dll [401408 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R2 Dhcp; C:\WINDOWS\System32\dhcpcsvc.dll [126976 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R2 Dnscache; C:\WINDOWS\System32\dnsrslvr.dll [45568 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
S3 Dot3svc; C:\WINDOWS\System32\dot3svc.dll [132096 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R2 Eventlog; C:\WINDOWS\system32\services.exe [110592 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R3 EventSystem; C:\WINDOWS\System32\ES.DLL [253952 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R3 FastUserSwitchingCompatibility; C:\WINDOWS\System32\shsvcs.dll [135168 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R2 LanmanServer; C:\WINDOWS\System32\srvsvc.dll [99840 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R2 lanmanworkstation; C:\WINDOWS\System32\wkssvc.dll [134144 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4753104 2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
S2 Microsoft DirectX Configuration Service; C:\WINDOWS\system32\dxconfig.exe [64512 2016-04-06] () [File not signed]
S3 MSIServer; C:\WINDOWS\System32\msiexec.exe /V [96256 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [20456 2013-01-27] (Microsoft Corporation -> Microsoft Corporation)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [785904 2015-07-07] (Nero AG -> Nero AG)
R3 Nla; C:\WINDOWS\System32\mswsock.dll [245248 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [53176 2017-08-16] (Softland SRL -> Microsoft) [File not signed]
R2 NVSvc; C:\WINDOWS\system32\nvsvc32.exe [155716 2008-02-25] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R2 PlugPlay; C:\WINDOWS\system32\services.exe [110592 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
S4 QBCFMonitorService; C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [20480 2009-11-30] (Intuit) [File not signed]
S3 QBFCService; C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS. exe [65536 2006-11-09] (Intuit Inc.) [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc. exe [39056 2013-08-14] (RealNetworks, Inc. -> )
R2 RpcSs; C:\WINDOWS\System32\rpcss.dll [401408 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R2 SharedAccess; C:\WINDOWS\System32\ipnathlp.dll [330752 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R2 ShellHWDetection; C:\WINDOWS\System32\shsvcs.dll [135168 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R2 Spooler; C:\WINDOWS\system32\spoolsv.exe [58880 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
S3 SwPrv; C:\WINDOWS\system32\dllhost.exe /Processid:{C25A8AC1-6F52-40C6-B9AC-E32B14580D4A} [5120 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 TapiSrv; C:\WINDOWS\System32\tapisrv.dll [249856 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R3 TermService; C:\WINDOWS\System32\termsrv.dll [296960 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R2 Themes; C:\WINDOWS\System32\shsvcs.dll [135168 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R2 W32Time; C:\WINDOWS\system32\w32time.dll [175616 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R2 WDBackup; C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe [1049464 2016-04-19] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe [314744 2016-04-19] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)
R2 WebClient; C:\WINDOWS\System32\webclnt.dll [68096 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
S3 WmdmPmSN; C:\WINDOWS\system32\mspmsnsv.dll [27136 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
S3 Wmi; C:\WINDOWS\System32\advapi32.dll [618496 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\WMPNetwk.exe [913408 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R2 WsAppService; C:\Program Files\Wondershare\WAF\2.4.3.242\WsAppService.exe [482304 2018-08-29] (Wondershare) [File not signed]
S2 WudfSvc; C:\WINDOWS\System32\WUDFSvc.dll [64512 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R2 WZCSVC; C:\WINDOWS\System32\wzcsvc.dll [483328 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AFD; C:\WINDOWS\System32\drivers\afd.sys [138496 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [208824 2020-03-02] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
S3 Apowersoft_AudioDevice; C:\WINDOWS\System32\drivers\Apowersoft_AudioDevice .sys [26032 2014-04-09] (APOWERSOFT LIMITED -> Wondershare)
R2 Aspi32; C:\Windows\System32\Drivers\Aspi32.sys [25920 1998-11-12] (Adaptec) [File not signed]
S0 Cdr4vsd; C:\Windows\System32\Drivers\Cdr4vsd.sys [72032 2014-08-26] (Adaptec) [File not signed]
R1 Cdrom; C:\WINDOWS\System32\DRIVERS\cdrom.sys [62976 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R0 Disk; C:\WINDOWS\System32\DRIVERS\disk.sys [36352 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R1 DLADiagN; C:\WINDOWS\System32\Drivers\DLADiagN.SYS [10908 2005-08-25] (Sonic Solutions) [File not signed]
R1 DLAPMonN; C:\WINDOWS\System32\Drivers\DLAPMonN.SYS [22812 2005-08-25] (Sonic Solutions) [File not signed]
R1 DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [22684 2005-08-25] (Sonic Solutions) [File not signed]
S1 DumpDrv; C:\Windows\System32\Drivers\DumpDrv.sys [9472 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R1 ElRawDisk; C:\WINDOWS\system32\drivers\rsdrv.sys [22312 2009-02-12] (EldoS Corporation -> EldoS Corporation)
S3 EsgScanner; C:\WINDOWS\System32\DRIVERS\EsgScanner.sys [19984 2018-04-08] (Enigma Software Group USA, LLC -> )
S4 exFat; C:\Windows\System32\Drivers\exFat.sys [133632 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R4 Fastfat; C:\Windows\System32\Drivers\Fastfat.sys [143744 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
U1 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [9216 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R3 HDAudBus; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [144384 2008-04-14] (Microsoft Windows Component Publisher -> Windows (R) Server 2003 DDK provider)
R3 HTTP; C:\WINDOWS\System32\Drivers\HTTP.sys [265728 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R3 IntcAzAudAddService; C:\WINDOWS\System32\drivers\RtkHDAud.sys [4800000 2008-05-20] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
R0 KSecDD; C:\Windows\System32\Drivers\KSecDD.sys [92928 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [220896 2020-02-29] (Malwarebytes Corporation -> Malwarebytes)
R0 MountMgr; C:\Windows\System32\Drivers\MountMgr.sys [42752 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R0 MpFilter; C:\WINDOWS\System32\DRIVERS\MpFilter.sys [195296 2013-01-20] (Microsoft Corporation -> Microsoft Corporation)
R3 MRxDAV; C:\WINDOWS\System32\DRIVERS\mrxdav.sys [179968 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R1 MRxSmb; C:\WINDOWS\System32\DRIVERS\mrxsmb.sys [457856 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R0 Mup; C:\Windows\System32\Drivers\Mup.sys [105472 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R0 NDIS; C:\Windows\System32\Drivers\NDIS.sys [182912 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R3 NdisTapi; C:\WINDOWS\System32\DRIVERS\ndistapi.sys [10496 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R3 NdisWan; C:\WINDOWS\System32\DRIVERS\ndiswan.sys [91776 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [40960 2013-11-27] (Windows XP SP4 Developer -> Microsoft Corporation)
R4 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [576512 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R3 nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [6867360 2008-02-25] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [54016 2008-01-29] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R0 nvgts; C:\WINDOWS\System32\DRIVERS\nvgts.sys [132096 2008-01-25] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [22016 2008-01-29] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R3 PSched; C:\WINDOWS\System32\DRIVERS\psched.sys [70272 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R3 Ptilink; C:\WINDOWS\System32\DRIVERS\ptilink.sys [17792 2008-04-14] (Microsoft Windows Component Publisher -> Parallel Technologies, Inc.)
R3 RasPppoe; C:\WINDOWS\System32\DRIVERS\raspppoe.sys [41472 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R1 Rdbss; C:\WINDOWS\System32\DRIVERS\rdbss.sys [174848 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R3 rdpdr; C:\WINDOWS\System32\DRIVERS\rdpdr.sys [195712 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
S3 RDPWD; C:\WINDOWS\System32\Drivers\RDPWD.SYS [139784 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R2 rspndr; C:\WINDOWS\System32\DRIVERS\rspndr.sys [62848 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
U5 Sdbus; C:\Windows\System32\Drivers\Sdbus.sys [80384 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
S3 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [20480 2008-04-14] (Microsoft Windows Component Publisher -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
R3 Srv; C:\WINDOWS\System32\DRIVERS\srv.sys [358016 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R2 SSPORT; C:\WINDOWS\system32\Drivers\SSPORT.sys [5120 2012-07-19] (Samsung Electronics) [File not signed]
R2 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [13120 2016-02-21] (Rocket Division Software Ltd -> )
R1 Tcpip; C:\WINDOWS\System32\DRIVERS\tcpip.sys [361600 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
S3 TDTCP; C:\Windows\System32\Drivers\TDTCP.sys [22024 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
U5 TDTDP; C:\WINDOWS\System32\Drivers\TDTCP.SYS [22024 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
S3 usbccgp; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [32384 2013-08-08] (Windows XP SP4 Developer -> Microsoft Corporation)
R3 usbehci; C:\WINDOWS\System32\DRIVERS\usbehci.sys [30464 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R3 usbohci; C:\WINDOWS\System32\DRIVERS\usbohci.sys [17152 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
R3 usbscan; C:\WINDOWS\System32\DRIVERS\usbscan.sys [14976 2013-07-02] (Windows XP SP4 Developer -> Microsoft Corporation)
S3 uti0odgx; C:\WINDOWS\system32\Drivers\uti0odgx.sys [7168 2017-04-11] () [File not signed]
S3 WDC_SAM; C:\WINDOWS\System32\DRIVERS\wdcsam_prewin8.sys [20256 2016-04-19] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
R1 webshieldfilter; C:\WINDOWS\System32\drivers\webshieldfilter.sys [70016 2019-04-02] (Protected Antivirus Limited -> Protected.net)
S3 WudfPf; C:\WINDOWS\System32\DRIVERS\WudfPf.sys [91904 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
S3 WudfRd; C:\WINDOWS\System32\DRIVERS\wudfrd.sys [132224 2016-03-09] (Windows XP SP4 Developer -> Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S2 DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S1 MpKsl353d9e32; \??\C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D016E788-E23A-4BD9-A4A7-76B8E86B8EA5}\MpKsl353d9e32.sys [X]
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]
S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam32.sys [X]
S1 ZAM_Guard; \??\C:\WINDOWS\System32\drivers\zamguard32.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-03 11:01 - 2020-04-03 11:01 - 003619267 _____ C:\Documents and Settings\owner\My Documents\database.txt
2020-04-01 17:34 - 2020-04-01 17:34 - 000000130 _____ C:\Documents and Settings\owner\My Documents\TKG's paperback book for sale .txt
2020-03-25 18:09 - 2020-03-25 18:09 - 000064489 _____ C:\Documents and Settings\owner\My Documents\Erls Stanley Gardner booklist.txt
2020-03-25 16:59 - 2020-03-25 16:59 - 000005786 _____ C:\Documents and Settings\owner\My Documents\Ennapadam.txt
2020-03-25 13:08 - 2020-03-25 13:08 - 000003134 _____ C:\Documents and Settings\owner\My Documents\hindi film son links.txt
2020-03-24 19:07 - 2020-03-24 19:07 - 000000043 _____ C:\Documents and Settings\owner\My Documents\notation for kuhU kuhU bOlE kOyaliyA.txt
2020-03-08 10:40 - 2020-03-08 10:40 - 000000000 ____D C:\Documents and Settings\owner\My Documents\New Folder (2)

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-04 10:18 - 2018-05-03 13:10 - 000000000 ____D C:\Documents and Settings\owner\Local Settings\temp
2020-04-04 10:16 - 2016-03-09 08:26 - 000000000 ____D C:\FRST
2020-04-04 10:15 - 2016-03-14 11:15 - 004927095 _____ C:\WINDOWS\ZAM.krnl.trace
2020-04-04 08:46 - 2016-03-25 11:08 - 057327616 _____ C:\New index.accdb
2020-04-04 08:46 - 2016-03-15 06:57 - 000000000 ____D C:\Documents and Settings\owner\Application Data\vlc
2020-04-04 07:21 - 2013-04-09 06:56 - 000000000 ____D C:\WINDOWS\Network Diagnostic
2020-04-03 15:37 - 2018-05-03 13:20 - 000000000 ____D C:\Documents and Settings\NetworkService\Local Settings\temp
2020-04-03 15:02 - 2008-04-14 05:00 - 000000885 _____ C:\WINDOWS\win.ini
2020-04-02 10:28 - 2013-05-12 10:57 - 000000000 ____D C:\Documents and Settings\owner\Application Data\XnView
2020-04-01 13:20 - 2013-11-22 17:29 - 000000000 ____D C:\Documents and Settings\owner\My Documents\Outlook Files
2020-03-31 07:31 - 2015-01-13 17:52 - 000000000 ____D C:\Documents and Settings\owner\My Documents\Applian
2020-03-28 15:07 - 2013-04-09 11:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-03-28 15:03 - 2016-11-16 15:52 - 000000422 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{F0F3B82B-776E-484E-ADF4-E0E06392C8AE}.job
2020-03-28 14:42 - 2017-10-23 11:26 - 000000486 _____ C:\WINDOWS\Tasks\novaPDF Reactivation.job
2020-03-28 14:42 - 2013-08-30 21:05 - 000001324 _____ C:\WINDOWS\system32\d3d9caps.dat
2020-03-28 14:36 - 2018-04-09 18:40 - 000000880 _____ C:\WINDOWS\Tasks\Adobe Flash Player NPAPI Notifier.job
2020-03-28 14:36 - 2013-04-09 11:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-03-28 14:27 - 2016-02-25 11:07 - 000000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2020-03-28 14:16 - 2016-05-10 18:51 - 000000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2020-03-28 10:08 - 2018-06-29 20:55 - 000000278 _____ C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-507921405-1284227242-1417001333-1003.job
2020-03-28 10:08 - 2013-04-23 18:36 - 000000286 _____ C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTas kS-1-5-21-507921405-1284227242-1417001333-1003.job
2020-03-28 05:27 - 2018-04-09 17:25 - 000000330 ____H C:\WINDOWS\Tasks\CCleaner Update.job
2020-03-27 16:16 - 2016-05-10 18:51 - 000000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2020-03-26 09:11 - 2013-04-27 18:00 - 000000308 _____ C:\WINDOWS\Tasks\RealDownloaderRealUpgradeSchedule dTaskS-1-5-21-507921405-1284227242-1417001333-1003.job
2020-03-25 13:23 - 2016-01-20 16:12 - 000000000 ____D C:\Documents and Settings\owner\Application Data\Soft Solutions
2020-03-22 02:27 - 2020-01-18 19:40 - 000000384 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2020-03-21 17:59 - 2013-04-27 17:59 - 000000326 _____ C:\WINDOWS\Tasks\RealDownloaderDownloaderScheduled TaskS-1-5-21-507921405-1284227242-1417001333-1003.job
2020-03-21 16:05 - 2017-04-09 21:29 - 000025077 _____ C:\Documents and Settings\owner\My Documents\Bibliography.txt
2020-03-18 11:16 - 2013-04-09 14:22 - 000000000 ____D C:\Ragde-D
2020-03-07 17:38 - 2016-07-10 14:03 - 001122304 _____ C:\Documents and Settings\owner\My Documents\Address book database.accdb
2020-03-07 17:35 - 2017-01-19 09:39 - 002007040 _____ C:\Documents and Settings\owner\My Documents\Database1.accdb
2020-03-07 16:23 - 2013-05-12 11:56 - 000000000 ___RD C:\ACCESS
2020-03-07 12:51 - 2013-05-04 09:15 - 000000000 ____D C:\WINDOWS\system32\NtmsData
2020-03-07 12:24 - 2020-03-02 16:40 - 000000000 ____D C:\Documents and Settings\owner\Local Settings\Application Data\AMSDK
2020-03-07 12:19 - 2016-12-11 21:18 - 000000000 ____D C:\Documents and Settings\owner\My Documents\Music related

==================== Files in the root of some directories ========

2018-04-13 11:11 - 2018-05-15 07:58 - 000003774 _____ () C:\Documents and Settings\owner\Application Data\RegistrationLog.log
2018-04-13 11:10 - 2018-05-15 07:58 - 000017371 _____ () C:\Documents and Settings\owner\Application Data\ReplayMusicLog.log
2016-03-14 18:48 - 2016-03-14 18:48 - 000000128 _____ () C:\Documents and Settings\owner\Local Settings\Application Data\fusioncache.dat
2018-04-07 07:00 - 2018-04-07 07:00 - 000000003 _____ () C:\Documents and Settings\owner\Local Settings\Application Data\wbem.ini
2017-10-14 08:38 - 2017-10-14 08:38 - 000000000 _____ () C:\Documents and Settings\owner\Local Settings\Application Data\{0BF9E288-E566-49FE-A583-BB6E955B2DFD}
2014-07-26 17:59 - 2016-01-08 16:35 - 000001750 _____ () C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\svchost.exe
[2008-04-14 05:00] - [2016-03-09 01:00] - 000014848 _____ (Microsoft Corporation) 67E38B4A549833E02D4D1617B5DBC318

C:\WINDOWS\system32\services.exe
[2008-04-14 05:00] - [2016-03-09 01:00] - 000110592 _____ (Microsoft Corporation) C519E15665CD89A91AD383FCE3CB556A

C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\dnsapi.dll => MD5 is legit
==================== End of FRST.txt ========================