|
Windows 10 Problem solving for the Windows 10 Operating System. |
|
Topic Tools |
#1
|
||||
|
||||
Internet Connection Problem (moved from Malware forum)
Hi! I need some help for my other desktop computer. This morning I tried to get on the internet. I got the "can't display this page . I checked to see if I was connected to my server and I was. I ran a couple of security programs and found that when scanning the temporary internet files couldn't be checked. It was listed as "failed" in red. I tried to clear the temp files with Windows 10 Disk Cleaner but the 37 MB temp file couldn't be cleared. I figured that this is where my problem is. Any help would appreciated. Thanks, Don
|
#2
|
||||
|
||||
Hello, DonL
Welcome to the CyberTechHelp Forums. My name is Thomas (Tom is fine), and I will be helping you fixing your problems. Please take note of some guidelines for this fix:
For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to the desktop. For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to the desktop. Please run it and click Scan, post back with the 2 logfiles. |
#3
|
||||
|
||||
Thanks
Thanks for the response. Sorry it took so long to get back. The reason is that this not the computer I'm having a problem with Everything you ask me to download has to be transferred to the affected computer and the results returned to my good computer to send to you. So, I have downloaded what you requested and will get back to you as quickly as I can. Thanks for your patience Don
|
#4
|
||||
|
||||
Files
Files are to large so I had to break them up
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-08-2015 Ran by Don (administrator) on DON-PC (10-08-2015 10:44:26) Running from C:\Users\Don\Desktop Loaded Profiles: Don (Available Profiles: Don & Donald & Administrator & DefaultAppPool) Platform: Windows 10 Home (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Edge) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe (AMD) C:\Windows\System32\atiesrxx.exe (Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (CobianSoft, Luis Cobian) C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Bitdefender) C:\Program Files\Bitdefender\60-Second Virus Scanner\pdscan.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SM SvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SM SvcHost.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\taskhostw.exe (Microsoft Corporation) C:\Windows\System32\sihost.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2t xyewy\ShellExperienceHost.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw 5n1h2txyewy\SearchUI.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe (Logitech, Inc.) C:\Program Files\Common Files\logishrd\KHAL3\KHALMNPR.exe (Logitech Inc.) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwtxapps.exe (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe (Microsoft Corporation) C:\Users\Don\AppData\Local\Microsoft\OneDrive\OneD rive.exe (Bitdefender) C:\Program Files\Bitdefender\60-Second Virus Scanner\pdiface.exe (FUJIFILM Corporation) C:\Program Files (x86)\FinePixViewer\QuickDCF2.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe () C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe (Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\System32\ApplicationFrameHost.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.8.3. 0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe (Microsoft Corporation) C:\Windows\System32\wuapihost.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [RunDLLEntry_THXCfg] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64 HKLM\...\Run: [RunDLLEntry_EptMon] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\EptMon64.dll,RunDLLEntry EptMon64 HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.) HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1603544 2015-06-30] (Bitdefender) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-15] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation) HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe [1807680 2010-02-09] () HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard) HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2368736 2014-06-03] (Microsoft Corp.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.) HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation) HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation) HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [5915480 2010-10-29] (Logitech Inc.) HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\Run: [E70DD2240FE0934D32B1AC60B724F3A5BD5F0669._service_ run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-07-30] (Google Inc.) HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd) HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.) HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-06-18] (Bitdefender) HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7930136 2015-07-31] (SUPERAntiSpyware) HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110160 2015-07-16] (Siber Systems) HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\Run: [NETGEARGenie] => C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [602880 2015-06-01] (NETGEAR Inc.) HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\Run: [OneDrive] => C:\Users\Don\AppData\Local\Microsoft\OneDrive\OneD rive.exe [402632 2015-08-03] (Microsoft Corporation) HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\Run: [pdiface] => C:\Program Files\Bitdefender\60-Second Virus Scanner\pdiface.exe [283608 2013-10-30] (Bitdefender) Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\W indows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2010-12-07] ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ExifLauncher2.lnk [2015-03-18] ShortcutTarget: ExifLauncher2.lnk -> C:\Program Files (x86)\FinePixViewer\QuickDCF2.exe (FUJIFILM Corporation) Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Startup\Dell Dock First Run.lnk [2010-12-01] ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2010-12-01] ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation) Startup: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\ Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2015-08-04] ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation) Startup: C:\Users\Don\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Startup\Monitor Ink Alerts - .lnk [2014-11-11] ShortcutTarget: Monitor Ink Alerts - .lnk -> C:\Program Files\HP\HP Officejet 4630 series\Bin\HPStatusBL.dll (Hewlett-Packard Development Company, LP) Startup: C:\Users\Don\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet 4630 series.lnk [2015-04-03] ShortcutTarget: Monitor Ink Alerts - HP Officejet 4630 series.lnk -> C:\Program Files\HP\HP Officejet 4630 series\Bin\HPStatusBL.dll (Hewlett-Packard Development Company, LP) Startup: C:\Users\Donald\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Startup\Dell Dock.lnk [2010-12-15] ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\amd64\FileSyncShell64.dll [2015-08-03] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\amd64\FileSyncShell64.dll [2015-08-03] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\amd64\FileSyncShell64.dll [2015-08-03] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\amd64\FileSyncShell64.dll [2015-08-03] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\amd64\FileSyncShell64.dll [2015-08-03] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\amd64\FileSyncShell64.dll [2015-08-03] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\amd64\FileSyncShell64.dll [2015-08-03] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\amd64\FileSyncShell64.dll [2015-08-03] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\FileSyncShell.dll [2015-08-03] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\FileSyncShell.dll [2015-08-03] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\FileSyncShell.dll [2015-08-03] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\FileSyncShell.dll [2015-08-03] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\FileSyncShell.dll [2015-08-03] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\FileSyncShell.dll [2015-08-03] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\FileSyncShell.dll [2015-08-03] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\FileSyncShell.dll [2015-08-03] (Microsoft Corporation) CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-583441641-3973240248-463755501-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm HKU\S-1-5-21-583441641-3973240248-463755501-1001\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.micros oft:en-US&ie=utf8&oe=utf8 HKU\S-1-5-21-583441641-3973240248-463755501-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.google.com/ SearchScopes: HKLM -> {9B744838-D0B7-409E-8907-F1471BAB0B3E} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox SearchScopes: HKLM-x32 -> {9B744838-D0B7-409E-8907-F1471BAB0B3E} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-583441641-3973240248-463755501-1001 -> {9B744838-D0B7-409E-8907-F1471BAB0B3E} URL = BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-07-28] (Bitdefender) BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-07-16] (Siber Systems Inc.) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-15] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-15] (Oracle Corporation) BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-07-28] (Bitdefender) BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2015-07-16] (Siber Systems Inc.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-15] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-15] (Oracle Corporation) Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-07-16] (Siber Systems Inc.) Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-07-28] (Bitdefender) Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2015-07-16] (Siber Systems Inc.) Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-07-28] (Bitdefender) Toolbar: HKU\S-1-5-21-583441641-3973240248-463755501-1001 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-07-16] (Siber Systems Inc.) Toolbar: HKU\S-1-5-21-583441641-3973240248-463755501-1001 -> Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-07-28] (Bitdefender) DPF: HKLM-x32 {1851174C-97BD-4217-A0CC-E908F60D5B7A} https://h50203.www5.hp.com/HPISWeb/C...ataManager.CAB DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn...Detection2.cab DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/ge...sh/swflash.cab DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll [2012-11-16] (Belarc, Inc.) Hosts: 127.0.0.1 localhost Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{12a06d99-d1ba-417c-8048-42fd13c7f905}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{f5e9a1c7-0d9c-42d7-a8bf-972dfaafb4fd}: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profi les\gzpr9n2j.default-1375900177010 FF Homepage: hxxp://news.google.com/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_ 209.dll [2015-07-15] () FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1. dll [2015-03-15] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-15] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_ 209.dll [2015-07-15] () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google) FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1. dll [2015-03-15] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-15] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-583441641-3973240248-463755501-1001: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Don\AppData\Roaming\Visan\plugins\npRLSec urePluginLayer.dll [2011-02-02] (RocketLife, LLP) FF Extension: HP Smart Print - C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profi les\gzpr9n2j.default-1375900177010\Extensions\hpwebprint@hpwebprint.com [2013-11-08] FF HKLM\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdwteff FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\bdwteff [2015-08-04] FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2015-08-04] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-12-31] FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox FF Extension: RoboForm Toolbar for Firefox - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2011-01-12] FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2015-08-04] FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext FF HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox Chrome: ======= CHR Profile: C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Chrome Web Store Payments) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2014-07-16] CHR Extension: (RoboForm Password Manager) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapk mbliob [2014-12-10] CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-09-24] CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - https://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-09-24] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com) S3 AJRouter; C:\Windows\System32\AJRouter.dll [23040 2015-07-10] (Microsoft Corporation) S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2015-07-24] (Bitdefender) S2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173792 2014-06-03] (Microsoft Corp.) S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [326144 2015-07-10] (Microsoft Corporation) R2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2013-03-07] (CobianSoft, Luis Cobian) [File not signed] S3 CDPSvc; C:\Windows\System32\CDPSvc.dll [134144 2015-07-10] (Microsoft Corporation) R3 ClipSVC; C:\Windows\System32\ClipSVC.dll [658568 2015-08-03] (Microsoft Corporation) R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [808856 2015-08-03] (Microsoft Corporation) R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [510976 2015-08-03] (Microsoft Corporation) S3 DcpSvc; C:\Windows\system32\dcpsvc.dll [196096 2015-07-10] (Microsoft Corporation) S3 DevQueryBroker; C:\Windows\system32\DevQueryBroker.dll [33280 2015-07-10] (Microsoft Corporation) S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.Standa rdCollector.Service.exe [27136 2015-07-10] (Microsoft Corporation) S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dl l [267776 2015-07-10] (Microsoft Corporation) S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dl l [193024 2015-07-10] (Microsoft Corporation) S2 dmwappushservice; C:\Windows\system32\dmwappushsvc.dll [63488 2015-07-10] (Microsoft Corporation) R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed] S2 DoSvc; C:\Windows\system32\dosvc.dll [1169408 2015-08-03] (Microsoft Corporation) R3 DsSvc; C:\Windows\System32\DsSvc.dll [143872 2015-07-10] (Microsoft Corporation) S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [87040 2015-07-10] (Microsoft Corporation) S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [275456 2015-07-10] (Microsoft Corporation) R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-23] (Hewlett-Packard Co.) [File not signed] R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-23] (Hewlett-Packard Co.) [File not signed] R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company) S3 icssvc; C:\Windows\System32\tetheringservice.dll [148992 2015-08-03] (Microsoft Corporation) R3 lfsvc; C:\Windows\System32\lfsvc.dll [27136 2015-07-10] (Microsoft Corporation) R3 lfsvc; C:\Windows\SysWOW64\lfsvc.dll [22528 2015-07-10] (Microsoft Corporation) R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [21504 2015-07-10] (Microsoft Corporation) S2 MapsBroker; C:\Windows\System32\moshost.dll [62464 2015-07-10] (Microsoft Corporation) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-08-03] (Microsoft Corporation) S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed] S3 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2015-06-01] (NETGEAR) S3 NetSetupSvc; C:\Windows\System32\NetSetupSvc.dll [186368 2015-07-10] (Microsoft Corporation) S3 NgcCtnrSvc; C:\Windows\System32\NgcCtnrSvc.dll [268800 2015-07-10] (Microsoft Corporation) S3 NgcSvc; C:\Windows\system32\ngcsvc.dll [512000 2015-07-10] (Microsoft Corporation) S2 OneSyncSvc; C:\Windows\System32\APHostService.dll [296960 2015-07-10] (Microsoft Corporation) R2 OneSyncSvc_Session2; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation) R2 OneSyncSvc_Session2; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation) R2 pdserv; C:\Program Files\Bitdefender\60-Second Virus Scanner\pdscan.exe [1445424 2013-11-11] (Bitdefender) S3 PimIndexMaintenanceSvc; C:\Windows\System32\PimIndexMaintenance.dll [289280 2015-07-10] (Microsoft Corporation) S3 PimIndexMaintenanceSvc_Session2; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation) S3 PimIndexMaintenanceSvc_Session2; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation) S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed] S3 RetailDemo; C:\Windows\system32\RDXService.dll [988672 2015-07-29] (Microsoft Corporation) S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1031680 2015-08-03] (Microsoft Corporation) S3 SensorService; C:\Windows\system32\SensorService.dll [229376 2015-07-29] (Microsoft Corporation) S3 SmsRouter; C:\Windows\system32\SmsRouterSvc.dll [583680 2015-07-10] (Microsoft Corporation) R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [2674176 2015-07-10] (Microsoft Corporation) R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [2049024 2015-07-10] (Microsoft Corporation) R2 tiledatamodelsvc; C:\Windows\system32\tileobjserver.dll [503808 2015-07-29] (Microsoft Corporation) S3 UnistoreSvc; C:\Windows\System32\unistore.dll [1203200 2015-08-03] (Microsoft Corporation) S3 UnistoreSvc; C:\Windows\SysWOW64\unistore.dll [925696 2015-08-03] (Microsoft Corporation) S3 UnistoreSvc_Session2; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation) S3 UnistoreSvc_Session2; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation) R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2015-04-22] (Bitdefender) S3 UserDataSvc; C:\Windows\System32\userdataservice.dll [1420288 2015-07-29] (Microsoft Corporation) S3 UserDataSvc_Session2; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation) S3 UserDataSvc_Session2; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation) R2 UserManager; C:\Windows\System32\usermgr.dll [717312 2015-07-10] (Microsoft Corporation) S3 UsoSvc; C:\Windows\system32\usocore.dll [343040 2015-08-03] (Microsoft Corporation) S3 vmicvmsession; C:\Windows\System32\ICSvc.dll [506880 2015-07-10] (Microsoft Corporation) R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1540744 2015-07-27] (Bitdefender) S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-08-03] (Microsoft Corporation) R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-08-03] (Microsoft Corporation) S3 WalletService; C:\Windows\system32\WalletService.dll [504320 2015-07-10] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) S3 WpnService; C:\Windows\system32\WpnService.dll [49152 2015-07-10] (Microsoft Corporation) S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [918016 2015-07-10] (Microsoft Corporation) S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1149440 2015-07-10] (Microsoft Corporation) S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1019392 2015-07-10] (Microsoft Corporation) |
#5
|
||||
|
||||
Is there some way that I can just send the files whole????
|
#6
|
||||
|
||||
No, just split it and use serveral posts if needed. That would be great and would it make much easier for me to research them
|
#7
|
||||
|
||||
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-08-2015
Ran by Don (administrator) on DON-PC (10-08-2015 10:44:26) Running from C:\Users\Don\Desktop Loaded Profiles: Don (Available Profiles: Don & Donald & Administrator & DefaultAppPool) Platform: Windows 10 Home (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Edge) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe (AMD) C:\Windows\System32\atiesrxx.exe (Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (CobianSoft, Luis Cobian) C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Bitdefender) C:\Program Files\Bitdefender\60-Second Virus Scanner\pdscan.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SM SvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SM SvcHost.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\taskhostw.exe (Microsoft Corporation) C:\Windows\System32\sihost.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2t xyewy\ShellExperienceHost.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw 5n1h2txyewy\SearchUI.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe (Logitech, Inc.) C:\Program Files\Common Files\logishrd\KHAL3\KHALMNPR.exe (Logitech Inc.) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwtxapps.exe (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe (Microsoft Corporation) C:\Users\Don\AppData\Local\Microsoft\OneDrive\OneD rive.exe (Bitdefender) C:\Program Files\Bitdefender\60-Second Virus Scanner\pdiface.exe (FUJIFILM Corporation) C:\Program Files (x86)\FinePixViewer\QuickDCF2.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe () C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe (Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\System32\ApplicationFrameHost.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.8.3. 0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe (Microsoft Corporation) C:\Windows\System32\wuapihost.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [RunDLLEntry_THXCfg] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64 HKLM\...\Run: [RunDLLEntry_EptMon] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\EptMon64.dll,RunDLLEntry EptMon64 HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.) HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1603544 2015-06-30] (Bitdefender) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-15] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation) HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe [1807680 2010-02-09] () HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard) HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2368736 2014-06-03] (Microsoft Corp.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.) HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation) HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation) HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [5915480 2010-10-29] (Logitech Inc.) HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\Run: [E70DD2240FE0934D32B1AC60B724F3A5BD5F0669._service_ run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-07-30] (Google Inc.) HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd) HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.) HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-06-18] (Bitdefender) HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7930136 2015-07-31] (SUPERAntiSpyware) HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110160 2015-07-16] (Siber Systems) HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\Run: [NETGEARGenie] => C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [602880 2015-06-01] (NETGEAR Inc.) HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\Run: [OneDrive] => C:\Users\Don\AppData\Local\Microsoft\OneDrive\OneD rive.exe [402632 2015-08-03] (Microsoft Corporation) HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\Run: [pdiface] => C:\Program Files\Bitdefender\60-Second Virus Scanner\pdiface.exe [283608 2013-10-30] (Bitdefender) Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\W indows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2010-12-07] ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ExifLauncher2.lnk [2015-03-18] ShortcutTarget: ExifLauncher2.lnk -> C:\Program Files (x86)\FinePixViewer\QuickDCF2.exe (FUJIFILM Corporation) Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Startup\Dell Dock First Run.lnk [2010-12-01] ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2010-12-01] ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation) Startup: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\ Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2015-08-04] ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation) Startup: C:\Users\Don\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Startup\Monitor Ink Alerts - .lnk [2014-11-11] ShortcutTarget: Monitor Ink Alerts - .lnk -> C:\Program Files\HP\HP Officejet 4630 series\Bin\HPStatusBL.dll (Hewlett-Packard Development Company, LP) Startup: C:\Users\Don\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet 4630 series.lnk [2015-04-03] ShortcutTarget: Monitor Ink Alerts - HP Officejet 4630 series.lnk -> C:\Program Files\HP\HP Officejet 4630 series\Bin\HPStatusBL.dll (Hewlett-Packard Development Company, LP) Startup: C:\Users\Donald\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Startup\Dell Dock.lnk [2010-12-15] ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\amd64\FileSyncShell64.dll [2015-08-03] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\amd64\FileSyncShell64.dll [2015-08-03] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\amd64\FileSyncShell64.dll [2015-08-03] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\amd64\FileSyncShell64.dll [2015-08-03] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\amd64\FileSyncShell64.dll [2015-08-03] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\amd64\FileSyncShell64.dll [2015-08-03] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\amd64\FileSyncShell64.dll [2015-08-03] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\amd64\FileSyncShell64.dll [2015-08-03] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\FileSyncShell.dll [2015-08-03] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\FileSyncShell.dll [2015-08-03] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\FileSyncShell.dll [2015-08-03] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\FileSyncShell.dll [2015-08-03] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\FileSyncShell.dll [2015-08-03] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\FileSyncShell.dll [2015-08-03] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\FileSyncShell.dll [2015-08-03] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\FileSyncShell.dll [2015-08-03] (Microsoft Corporation) CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-583441641-3973240248-463755501-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm HKU\S-1-5-21-583441641-3973240248-463755501-1001\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.micros oft:en-US&ie=utf8&oe=utf8 HKU\S-1-5-21-583441641-3973240248-463755501-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.google.com/ SearchScopes: HKLM -> {9B744838-D0B7-409E-8907-F1471BAB0B3E} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox SearchScopes: HKLM-x32 -> {9B744838-D0B7-409E-8907-F1471BAB0B3E} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-583441641-3973240248-463755501-1001 -> {9B744838-D0B7-409E-8907-F1471BAB0B3E} URL = BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-07-28] (Bitdefender) BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-07-16] (Siber Systems Inc.) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-15] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-15] (Oracle Corporation) BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-07-28] (Bitdefender) BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2015-07-16] (Siber Systems Inc.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-15] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-15] (Oracle Corporation) Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-07-16] (Siber Systems Inc.) Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-07-28] (Bitdefender) Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2015-07-16] (Siber Systems Inc.) Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-07-28] (Bitdefender) Toolbar: HKU\S-1-5-21-583441641-3973240248-463755501-1001 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-07-16] (Siber Systems Inc.) Toolbar: HKU\S-1-5-21-583441641-3973240248-463755501-1001 -> Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-07-28] (Bitdefender) DPF: HKLM-x32 {1851174C-97BD-4217-A0CC-E908F60D5B7A} https://h50203.www5.hp.com/HPISWeb/C...ataManager.CAB DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn...Detection2.cab DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/ge...sh/swflash.cab DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll [2012-11-16] (Belarc, Inc.) Hosts: 127.0.0.1 localhost Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{12a06d99-d1ba-417c-8048-42fd13c7f905}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{f5e9a1c7-0d9c-42d7-a8bf-972dfaafb4fd}: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profi les\gzpr9n2j.default-1375900177010 FF Homepage: hxxp://news.google.com/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_ 209.dll [2015-07-15] () FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1. dll [2015-03-15] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-15] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_ 209.dll [2015-07-15] () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google) FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1. dll [2015-03-15] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-15] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-583441641-3973240248-463755501-1001: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Don\AppData\Roaming\Visan\plugins\npRLSec urePluginLayer.dll [2011-02-02] (RocketLife, LLP) FF Extension: HP Smart Print - C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profi les\gzpr9n2j.default-1375900177010\Extensions\hpwebprint@hpwebprint.com [2013-11-08] FF HKLM\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdwteff FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\bdwteff [2015-08-04] FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2015-08-04] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-12-31] FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox FF Extension: RoboForm Toolbar for Firefox - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2011-01-12] FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2015-08-04] FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext FF HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox Chrome: ======= CHR Profile: C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Chrome Web Store Payments) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2014-07-16] CHR Extension: (RoboForm Password Manager) - C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapk mbliob [2014-12-10] CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-09-24] CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - https://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-09-24] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com) S3 AJRouter; C:\Windows\System32\AJRouter.dll [23040 2015-07-10] (Microsoft Corporation) S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2015-07-24] (Bitdefender) S2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173792 2014-06-03] (Microsoft Corp.) S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [326144 2015-07-10] (Microsoft Corporation) R2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2013-03-07] (CobianSoft, Luis Cobian) [File not signed] S3 CDPSvc; C:\Windows\System32\CDPSvc.dll [134144 2015-07-10] (Microsoft Corporation) R3 ClipSVC; C:\Windows\System32\ClipSVC.dll [658568 2015-08-03] (Microsoft Corporation) R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [808856 2015-08-03] (Microsoft Corporation) R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [510976 2015-08-03] (Microsoft Corporation) S3 DcpSvc; C:\Windows\system32\dcpsvc.dll [196096 2015-07-10] (Microsoft Corporation) S3 DevQueryBroker; C:\Windows\system32\DevQueryBroker.dll [33280 2015-07-10] (Microsoft Corporation) S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.Standa rdCollector.Service.exe [27136 2015-07-10] (Microsoft Corporation) S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dl l [267776 2015-07-10] (Microsoft Corporation) S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dl l [193024 2015-07-10] (Microsoft Corporation) S2 dmwappushservice; C:\Windows\system32\dmwappushsvc.dll [63488 2015-07-10] (Microsoft Corporation) R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed] S2 DoSvc; C:\Windows\system32\dosvc.dll [1169408 2015-08-03] (Microsoft Corporation) R3 DsSvc; C:\Windows\System32\DsSvc.dll [143872 2015-07-10] (Microsoft Corporation) S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [87040 2015-07-10] (Microsoft Corporation) S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [275456 2015-07-10] (Microsoft Corporation) R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-23] (Hewlett-Packard Co.) [File not signed] R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-23] (Hewlett-Packard Co.) [File not signed] R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company) S3 icssvc; C:\Windows\System32\tetheringservice.dll [148992 2015-08-03] (Microsoft Corporation) R3 lfsvc; C:\Windows\System32\lfsvc.dll [27136 2015-07-10] (Microsoft Corporation) R3 lfsvc; C:\Windows\SysWOW64\lfsvc.dll [22528 2015-07-10] (Microsoft Corporation) R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [21504 2015-07-10] (Microsoft Corporation) S2 MapsBroker; C:\Windows\System32\moshost.dll [62464 2015-07-10] (Microsoft Corporation) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-08-03] (Microsoft Corporation) S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed] S3 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2015-06-01] (NETGEAR) S3 NetSetupSvc; C:\Windows\System32\NetSetupSvc.dll [186368 2015-07-10] (Microsoft Corporation) S3 NgcCtnrSvc; C:\Windows\System32\NgcCtnrSvc.dll [268800 2015-07-10] (Microsoft Corporation) S3 NgcSvc; C:\Windows\system32\ngcsvc.dll [512000 2015-07-10] (Microsoft Corporation) S2 OneSyncSvc; C:\Windows\System32\APHostService.dll [296960 2015-07-10] (Microsoft Corporation) R2 OneSyncSvc_Session2; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation) R2 OneSyncSvc_Session2; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation) R2 pdserv; C:\Program Files\Bitdefender\60-Second Virus Scanner\pdscan.exe [1445424 2013-11-11] (Bitdefender) S3 PimIndexMaintenanceSvc; C:\Windows\System32\PimIndexMaintenance.dll [289280 2015-07-10] (Microsoft Corporation) S3 PimIndexMaintenanceSvc_Session2; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation) S3 PimIndexMaintenanceSvc_Session2; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation) S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed] S3 RetailDemo; C:\Windows\system32\RDXService.dll [988672 2015-07-29] (Microsoft Corporation) S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1031680 2015-08-03] (Microsoft Corporation) S3 SensorService; C:\Windows\system32\SensorService.dll [229376 2015-07-29] (Microsoft Corporation) S3 SmsRouter; C:\Windows\system32\SmsRouterSvc.dll [583680 2015-07-10] (Microsoft Corporation) R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [2674176 2015-07-10] (Microsoft Corporation) R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [2049024 2015-07-10] (Microsoft Corporation) R2 tiledatamodelsvc; C:\Windows\system32\tileobjserver.dll [503808 2015-07-29] (Microsoft Corporation) S3 UnistoreSvc; C:\Windows\System32\unistore.dll [1203200 2015-08-03] (Microsoft Corporation) S3 UnistoreSvc; C:\Windows\SysWOW64\unistore.dll [925696 2015-08-03] (Microsoft Corporation) S3 UnistoreSvc_Session2; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation) S3 UnistoreSvc_Session2; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation) R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2015-04-22] (Bitdefender) S3 UserDataSvc; C:\Windows\System32\userdataservice.dll [1420288 2015-07-29] (Microsoft Corporation) S3 UserDataSvc_Session2; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation) S3 UserDataSvc_Session2; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation) R2 UserManager; C:\Windows\System32\usermgr.dll [717312 2015-07-10] (Microsoft Corporation) S3 UsoSvc; C:\Windows\system32\usocore.dll [343040 2015-08-03] (Microsoft Corporation) S3 vmicvmsession; C:\Windows\System32\ICSvc.dll [506880 2015-07-10] (Microsoft Corporation) R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1540744 2015-07-27] (Bitdefender) S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-08-03] (Microsoft Corporation) R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-08-03] (Microsoft Corporation) S3 WalletService; C:\Windows\system32\WalletService.dll [504320 2015-07-10] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) S3 WpnService; C:\Windows\system32\WpnService.dll [49152 2015-07-10] (Microsoft Corporation) S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [918016 2015-07-10] (Microsoft Corporation) S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1149440 2015-07-10] (Microsoft Corporation) S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1019392 2015-07-10] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices) R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1369288 2015-05-28] (BitDefender) R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [271272 2015-05-29] (BitDefender) R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [747120 2015-05-28] (BitDefender) U5 bdelam; C:\Windows\System32\Drivers\bdelam.sys [23568 2013-09-08] (Bitdefender) R1 BdfNdisf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [98768 2014-12-15] (BitDefender LLC) R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [115800 2015-05-21] (BitDefender LLC) S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL) S3 buttonconverter; C:\Windows\System32\drivers\buttonconverter.sys [32256 2015-07-10] (Microsoft Corporation) S3 CapImg; C:\Windows\System32\drivers\capimg.sys [116736 2015-07-10] (Microsoft Corporation) S4 cnghwassist; C:\Windows\System32\DRIVERS\cnghwassist.sys [39264 2015-07-10] (Microsoft Corporation) R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\com positebus.inf_amd64_98334ba6e76853ba\CompositeBus. sys [39936 2015-07-10] (Microsoft Corporation) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3436896 2015-07-10] (QLogic Corporation) S3 fcvsc; C:\Windows\System32\drivers\fcvsc.sys [31232 2015-07-10] (Microsoft Corporation) R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [83968 2015-07-10] (Microsoft Corporation) S3 genericusbfn; C:\Windows\System32\drivers\genericusbfn.sys [20992 2015-07-10] (Microsoft Corporation) R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2015-07-10] (Microsoft Corporation) R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160544 2015-02-24] (BitDefender LLC) S3 hidinterrupt; C:\Windows\System32\drivers\hidinterrupt.sys [50016 2015-07-10] (Microsoft Corporation) S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [424800 2015-07-10] (Mellanox) S3 IoQos; C:\Windows\System32\drivers\ioqos.sys [26624 2015-07-10] (Microsoft Corporation) S0 LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [104800 2015-07-10] (LSI Corporation) S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [99168 2015-07-10] (Avago Technologies) S3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] () S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] () R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [109272 2015-06-18] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-10] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation) S0 megasas; C:\Windows\System32\drivers\megasas.sys [59744 2015-07-10] (Avago Technologies) S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [705376 2015-07-10] (Mellanox) R2 MMCSS; C:\Windows\system32\drivers\mmcss.sys [48128 2015-07-10] (Microsoft Corporation) R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-08-03] (Microsoft Corporation) S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [76128 2015-07-10] (Mellanox) S3 netvsc; C:\Windows\System32\drivers\netvsc.sys [94720 2015-07-10] (Microsoft Corporation) R2 NPF; C:\Windows\system32\drivers\npf.sys [35344 2015-07-19] (CACE Technologies, Inc.) S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58208 2015-07-10] (LSI Corporation) S0 percsas3i; C:\Windows\System32\drivers\percsas3i.sys [58720 2015-07-10] (Avago Technologies) S3 ReFSv1; C:\Windows\System32\Drivers\ReFSv1.sys [934752 2015-08-03] (Microsoft Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek ) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [61952 2015-07-10] (Microsoft Corporation) S0 storufs; C:\Windows\System32\drivers\storufs.sys [40288 2015-07-10] (Microsoft Corporation) R3 swenum; C:\Windows\System32\DriverStore\FileRepository\swe num.inf_amd64_2a699e44676b7781\swenum.sys [17760 2015-07-10] (Microsoft Corporation) R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-15] (BitDefender S.R.L.) S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [61952 2015-07-10] (Microsoft Corporation) S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [46080 2015-08-03] (Microsoft Corporation) S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () S3 Ufx01000; C:\Windows\System32\drivers\ufx01000.sys [245088 2015-07-10] (Microsoft Corporation) S3 UfxChipidea; C:\Windows\System32\drivers\UfxChipidea.sys [94048 2015-07-10] (Microsoft Corporation) S3 ufxsynopsys; C:\Windows\System32\drivers\ufxsynopsys.sys [127840 2015-07-10] (Microsoft Corporation) S3 UrsChipidea; C:\Windows\System32\drivers\urschipidea.sys [28512 2015-07-10] (Microsoft Corporation) S3 UrsCx01000; C:\Windows\System32\drivers\urscx01000.sys [57696 2015-07-10] (Microsoft Corporation) S3 UrsSynopsys; C:\Windows\System32\drivers\urssynopsys.sys [27488 2015-07-10] (Microsoft Corporation) S3 vhf; C:\Windows\System32\drivers\vhf.sys [31744 2015-07-10] (Microsoft Corporation) S3 wdiwifi; C:\Windows\System32\DRIVERS\wdiwifi.sys [685056 2015-07-10] (Microsoft Corporation) R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation) R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [106520 2015-07-10] (Microsoft Corporation) R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy. sys [17944 2015-07-10] (Microsoft Corporation) S3 WinMad; C:\Windows\System32\drivers\winmad.sys [26976 2015-07-10] (Mellanox) S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [59232 2015-07-10] (Mellanox) S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [222720 2015-07-10] (Microsoft Corporation) S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [25600 2015-07-10] (Microsoft Corporation) U3 idsvc; no ImagePath S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] U3 wpcsvc; no ImagePath |
#8
|
||||
|
||||
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) NETSVC: dosvc -> C:\Windows\system32\dosvc.dll (Microsoft Corporation) NETSVC: DcpSvc -> C:\Windows\system32\dcpsvc.dll (Microsoft Corporation) NETSVC: NetSetupSvc -> C:\Windows\System32\NetSetupSvc.dll (Microsoft Corporation) NETSVC: dmwappushservice -> C:\Windows\system32\dmwappushsvc.dll (Microsoft Corporation) NETSVC: XblGameSave -> C:\Windows\System32\XblGameSave.dll (Microsoft Corporation) NETSVC: XboxNetApiSvc -> C:\Windows\system32\XboxNetApiSvc.dll (Microsoft Corporation) NETSVC: UsoSvc -> C:\Windows\system32\usocore.dll (Microsoft Corporation) NETSVC: UserManager -> C:\Windows\System32\usermgr.dll (Microsoft Corporation) NETSVC: DmEnrollmentSvc -> C:\Windows\system32\Windows.Internal.Management.dl l (Microsoft Corporation) NETSVC: XblAuthManager -> C:\Windows\System32\XblAuthManager.dll (Microsoft Corporation) NETSVC: RetailDemo -> C:\Windows\system32\RDXService.dll (Microsoft Corporation) NETSVCx32: NetSetupSvc -> C:\Windows\SysWOW64\NetSetupSvc.dll ==> No File NETSVCx32: UserManager -> C:\Windows\SysWOW64\usermgr.dll ==> No File ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-08-10 10:44 - 2015-08-10 10:44 - 00041519 _____ C:\Users\Don\Desktop\FRST.txt 2015-08-10 10:37 - 2015-08-10 10:44 - 00000000 ____D C:\FRST 2015-08-10 10:36 - 2015-08-10 10:36 - 00016148 _____ C:\WINDOWS\system32\DON-PC_Don_HistoryPrediction.bin 2015-08-10 10:36 - 2015-08-10 07:08 - 02171392 _____ (Farbar) C:\Users\Don\Desktop\FRST64.exe 2015-08-10 08:54 - 2015-08-10 10:16 - 00001588 _____ C:\WINDOWS\setupact.log 2015-08-10 08:54 - 2015-08-10 08:54 - 00000000 _____ C:\WINDOWS\setuperr.log 2015-08-09 13:10 - 2015-08-09 13:10 - 00000000 ____H C:\Users\Don\BITD412.tmp 2015-08-07 09:43 - 2015-08-07 09:43 - 00001519 _____ C:\Users\Don\Desktop\Classic Solitaire (Free).lnk 2015-08-07 03:46 - 2015-08-07 03:46 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2015-08-05 13:53 - 2015-07-29 23:22 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-08-05 13:53 - 2015-07-29 23:05 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2015-08-05 13:53 - 2015-07-29 23:03 - 02116448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2015-08-05 13:53 - 2015-07-29 23:03 - 01983328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2015-08-05 13:53 - 2015-07-29 21:17 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2015-08-05 13:53 - 2015-07-29 20:54 - 24591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-08-05 13:53 - 2015-07-29 20:54 - 02415616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2015-08-05 13:53 - 2015-07-29 20:52 - 00521216 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll 2015-08-05 13:53 - 2015-07-29 20:40 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2015-08-05 13:53 - 2015-07-29 20:32 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2015-08-05 13:52 - 2015-07-29 23:24 - 01561872 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2015-08-05 13:52 - 2015-07-29 23:23 - 00527952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2015-08-05 13:52 - 2015-07-29 23:21 - 00816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2015-08-05 13:52 - 2015-07-29 23:17 - 01200400 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2015-08-05 13:52 - 2015-07-29 23:17 - 01025840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll 2015-08-05 13:52 - 2015-07-29 23:17 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2015-08-05 13:52 - 2015-07-29 23:16 - 02147080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll 2015-08-05 13:52 - 2015-07-29 23:16 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2015-08-05 13:52 - 2015-07-29 23:15 - 00632168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2015-08-05 13:52 - 2015-07-29 23:14 - 00333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll 2015-08-05 13:52 - 2015-07-29 23:09 - 01562968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll 2015-08-05 13:52 - 2015-07-29 23:06 - 01043872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2015-08-05 13:52 - 2015-07-29 23:05 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2015-08-05 13:52 - 2015-07-29 23:04 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2015-08-05 13:52 - 2015-07-29 22:30 - 22319520 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2015-08-05 13:52 - 2015-07-29 22:24 - 00252768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utiliti es.dll 2015-08-05 13:52 - 2015-07-29 21:42 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2015-08-05 13:52 - 2015-07-29 21:29 - 00705520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2015-08-05 13:52 - 2015-07-29 21:26 - 01867160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll 2015-08-05 13:52 - 2015-07-29 21:26 - 00877016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2015-08-05 13:52 - 2015-07-29 21:25 - 01356368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2015-08-05 13:52 - 2015-07-29 21:25 - 00713312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2015-08-05 13:52 - 2015-07-29 21:24 - 01769056 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2015-08-05 13:52 - 2015-07-29 21:24 - 00445240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2015-08-05 13:52 - 2015-07-29 21:24 - 00407616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2015-08-05 13:52 - 2015-07-29 21:24 - 00285632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll 2015-08-05 13:52 - 2015-07-29 21:22 - 00896144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll 2015-08-05 13:52 - 2015-07-29 21:22 - 00507696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2015-08-05 13:52 - 2015-07-29 21:21 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2015-08-05 13:52 - 2015-07-29 21:12 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll 2015-08-05 13:52 - 2015-07-29 21:12 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2015-08-05 13:52 - 2015-07-29 21:09 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe 2015-08-05 13:52 - 2015-07-29 21:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2015-08-05 13:52 - 2015-07-29 21:08 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2015-08-05 13:52 - 2015-07-29 21:08 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2015-08-05 13:52 - 2015-07-29 21:07 - 20854776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2015-08-05 13:52 - 2015-07-29 21:02 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.d ll 2015-08-05 13:52 - 2015-07-29 20:59 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll 2015-08-05 13:52 - 2015-07-29 20:56 - 16707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2015-08-05 13:52 - 2015-07-29 20:53 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll 2015-08-05 13:52 - 2015-07-29 20:53 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll 2015-08-05 13:52 - 2015-07-29 20:53 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll 2015-08-05 13:52 - 2015-07-29 20:52 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2015-08-05 13:52 - 2015-07-29 20:52 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll 2015-08-05 13:52 - 2015-07-29 20:49 - 11557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2015-08-05 13:52 - 2015-07-29 20:49 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store .dll 2015-08-05 13:52 - 2015-07-29 20:49 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store .TestingFramework.dll 2015-08-05 13:52 - 2015-07-29 20:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2015-08-05 13:52 - 2015-07-29 20:46 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2015-08-05 13:52 - 2015-07-29 20:46 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll 2015-08-05 13:52 - 2015-07-29 20:46 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll 2015-08-05 13:52 - 2015-07-29 20:45 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll 2015-08-05 13:52 - 2015-07-29 20:45 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys 2015-08-05 13:52 - 2015-07-29 20:44 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2015-08-05 13:52 - 2015-07-29 20:44 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2015-08-05 13:52 - 2015-07-29 20:44 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll 2015-08-05 13:52 - 2015-07-29 20:44 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll 2015-08-05 13:52 - 2015-07-29 20:44 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys 2015-08-05 13:52 - 2015-07-29 20:44 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoiceActivationManager.dll 2015-08-05 13:52 - 2015-07-29 20:42 - 00596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2015-08-05 13:52 - 2015-07-29 20:42 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll 2015-08-05 13:52 - 2015-07-29 20:41 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2015-08-05 13:52 - 2015-07-29 20:41 - 00407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll 2015-08-05 13:52 - 2015-07-29 20:41 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll 2015-08-05 13:52 - 2015-07-29 20:40 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2015-08-05 13:52 - 2015-07-29 20:38 - 01420288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll 2015-08-05 13:52 - 2015-07-29 20:38 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll 2015-08-05 13:52 - 2015-07-29 20:34 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll 2015-08-05 13:52 - 2015-07-29 20:32 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll 2015-08-05 13:52 - 2015-07-29 20:29 - 00654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll 2015-08-05 13:52 - 2015-07-29 20:23 - 13024256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2015-08-05 13:52 - 2015-07-29 20:15 - 09889792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2015-08-05 13:52 - 2015-07-29 20:14 - 19333632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-08-05 13:52 - 2015-07-29 20:13 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll 2015-08-05 13:52 - 2015-07-29 20:13 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll 2015-08-05 13:52 - 2015-07-29 20:12 - 01914880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2015-08-05 13:52 - 2015-07-29 20:11 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2015-08-05 13:52 - 2015-07-29 20:10 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store .dll 2015-08-05 13:52 - 2015-07-29 20:10 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store .TestingFramework.dll 2015-08-05 13:52 - 2015-07-29 20:07 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll 2015-08-05 13:52 - 2015-07-29 20:06 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2015-08-05 13:52 - 2015-07-29 20:06 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll 2015-08-05 13:52 - 2015-07-29 20:06 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll 2015-08-05 13:52 - 2015-07-29 20:06 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoiceActivationManager.dll 2015-08-05 13:52 - 2015-07-29 20:04 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2015-08-05 13:52 - 2015-07-29 20:04 - 00495616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll 2015-08-05 13:52 - 2015-07-29 20:04 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2015-08-05 13:52 - 2015-07-29 19:59 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll 2015-08-05 13:52 - 2015-07-29 19:58 - 00898560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll 2015-08-05 13:52 - 2015-07-29 19:58 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll 2015-08-04 14:33 - 2015-08-04 14:33 - 00773303 _____ C:\ProgramData\1438722939.bdinstall.bin 2015-08-04 14:31 - 2015-08-04 14:31 - 00002272 _____ C:\Users\Public\Desktop\Bitdefender Internet Security 2015.lnk 2015-08-04 14:31 - 2015-08-04 14:31 - 00000684 ____H C:\bdr-cf01 2015-08-04 14:31 - 2015-08-04 14:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015 2015-08-04 14:31 - 2015-05-29 09:50 - 00271272 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avchv.sys 2015-08-04 14:31 - 2015-05-28 14:21 - 00747120 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys 2015-08-04 14:31 - 2015-05-28 13:37 - 01369288 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys 2015-08-04 14:31 - 2014-12-15 18:04 - 00098768 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\bdfndisf6.sys 2015-08-04 14:31 - 2013-09-08 20:04 - 00023568 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys 2015-08-04 14:19 - 2015-08-04 14:37 - 00000000 ____D C:\Users\Don\AppData\Roaming\Bitdefender 2015-08-04 14:19 - 2015-08-04 14:31 - 00253404 ____H C:\bdr-ld01 2015-08-04 14:19 - 2015-08-04 14:31 - 00009216 ____H C:\bdr-ld01.mbr 2015-08-04 14:19 - 2015-05-27 17:02 - 49626058 ____H C:\bdr-im01.gz 2015-08-04 14:19 - 2013-08-13 13:38 - 03271472 ____H C:\bdr-bz01 2015-08-04 14:15 - 2015-02-24 16:52 - 00160544 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys 2015-08-04 14:15 - 2014-10-15 17:14 - 00452040 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys 2015-08-04 14:09 - 2015-08-04 14:10 - 00000000 ____D C:\Program Files\Bitdefender 2015-08-04 14:09 - 2015-08-04 14:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 60-Second Virus Scanner 2015-08-04 14:07 - 2015-08-10 09:08 - 00004142 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronizatio n-{BA65A8E4-A8B7-4DA2-A726-A6C288265F2A} 2015-08-04 13:25 - 2015-08-04 13:25 - 00000000 ____D C:\ProgramData\Dumps 2015-08-04 11:17 - 2015-08-04 11:17 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini 2015-08-04 11:17 - 2015-08-04 11:17 - 00000000 ____D C:\Users\DefaultAppPool 2015-08-04 11:17 - 2015-08-03 12:42 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\ Windows\Start Menu\Programs\Accessories 2015-08-04 11:17 - 2015-08-03 12:42 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Macromedia 2015-08-04 11:17 - 2015-08-03 12:42 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Local\SoftThinks 2015-08-04 11:17 - 2015-07-10 04:04 - 00000000 __RSD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\ Windows\Start Menu\Programs\Windows PowerShell 2015-08-04 11:17 - 2015-07-10 04:04 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\ Windows\Start Menu\Programs\System Tools 2015-08-04 11:17 - 2015-07-10 04:04 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\ Windows\Start Menu\Programs\Accessibility 2015-08-04 11:17 - 2015-07-10 04:04 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\ Windows\Start Menu\Programs\Maintenance 2015-08-04 11:17 - 2014-04-10 08:48 - 00002102 _____ C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\ Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2015-08-03 14:37 - 2015-08-09 13:10 - 00003222 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForDon 2015-08-03 14:37 - 2015-08-09 13:10 - 00000338 _____ C:\WINDOWS\Tasks\HPCeeScheduleForDon.job 2015-08-03 14:30 - 2015-08-04 13:10 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log 2015-08-03 14:24 - 2015-08-03 14:37 - 00000000 ____D C:\Users\Don\AppData\Local\Hewlett-Packard 2015-08-03 14:24 - 2015-08-03 14:24 - 00000000 ____D C:\Users\Don\AppData\Roaming\Hewlett-Packard 2015-08-03 14:18 - 2015-08-03 14:18 - 00002302 _____ C:\Users\Don\Desktop\HP Support Assistant.lnk 2015-08-03 14:18 - 2015-08-03 14:18 - 00000000 ____D C:\Users\Don\AppData\Roaming\hpqLog 2015-08-03 14:18 - 2015-08-03 14:18 - 00000000 ____D C:\System.sav 2015-08-03 14:18 - 2015-08-03 14:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support 2015-08-03 14:17 - 2015-08-03 14:17 - 00000000 ____D C:\ProgramData\{ECA9D0D4-7782-4B7F-96E2-FDB0CF0A57D5} 2015-08-03 14:09 - 2015-08-03 14:09 - 00000000 ____D C:\Users\Don\AppData\Local\MicrosoftEdge 2015-08-03 14:01 - 2015-08-03 14:37 - 00000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard 2015-08-03 13:55 - 2015-08-03 13:55 - 00000000 ____D C:\Users\Don\AppData\Local\Comms 2015-08-03 13:45 - 2015-07-05 03:08 - 00300704 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2015-08-03 13:30 - 2015-08-03 13:30 - 00000000 ____D C:\Users\Don\AppData\Local\speech 2015-08-03 13:26 - 2015-08-03 13:26 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 12502016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 11260928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 07051264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 06488312 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 06305792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 05118024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 05076480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 04760576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 04611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2015-08-03 13:26 - 2015-08-03 13:26 - 04398080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 04350464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 04169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2015-08-03 13:26 - 2015-08-03 13:26 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 03687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 03589632 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2015-08-03 13:26 - 2015-08-03 13:26 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 03443200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 03362816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 02878000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 02741760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 02606080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 02462136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 02446336 _____ C:\WINDOWS\system32\InputService.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 02224128 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 02207744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 02150696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 02112512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 01890304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 01773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 01680896 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 01611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 01601024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 01593856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 01591856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 01521664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe 2015-08-03 13:26 - 2015-08-03 13:26 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 01411072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2015-08-03 13:26 - 2015-08-03 13:26 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 01365072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2015-08-03 13:26 - 2015-08-03 13:26 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 01274880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 01177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2015-08-03 13:26 - 2015-08-03 13:26 - 01161728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 01135312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe 2015-08-03 13:26 - 2015-08-03 13:26 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2015-08-03 13:26 - 2015-08-03 13:26 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 01101792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 01085776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe 2015-08-03 13:26 - 2015-08-03 13:26 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2015-08-03 13:26 - 2015-08-03 13:26 - 00991584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2015-08-03 13:26 - 2015-08-03 13:26 - 00966424 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00934752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys 2015-08-03 13:26 - 2015-08-03 13:26 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00916800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2015-08-03 13:26 - 2015-08-03 13:26 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2015-08-03 13:26 - 2015-08-03 13:26 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00823336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00808856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2015-08-03 13:26 - 2015-08-03 13:26 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00783112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00762896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00750592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2015-08-03 13:26 - 2015-08-03 13:26 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2015-08-03 13:26 - 2015-08-03 13:26 - 00695136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivit y.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00643616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00630160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00607008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00606392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2015-08-03 13:26 - 2015-08-03 13:26 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2015-08-03 13:26 - 2015-08-03 13:26 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker. dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efscore.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2015-08-03 13:26 - 2015-08-03 13:26 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00569344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys 2015-08-03 13:26 - 2015-08-03 13:26 - 00562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2015-08-03 13:26 - 2015-08-03 13:26 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00539216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2015-08-03 13:26 - 2015-08-03 13:26 - 00521568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe 2015-08-03 13:26 - 2015-08-03 13:26 - 00516960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2015-08-03 13:26 - 2015-08-03 13:26 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00505344 _____ C:\WINDOWS\system32\EditionUpgradeManagerObj.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivit y.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys 2015-08-03 13:26 - 2015-08-03 13:26 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00425824 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe 2015-08-03 13:26 - 2015-08-03 13:26 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe 2015-08-03 13:26 - 2015-08-03 13:26 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00412672 _____ C:\WINDOWS\system32\diagtrack_win.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00403968 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00365056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2015-08-03 13:26 - 2015-08-03 13:26 - 00335248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00325984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2015-08-03 13:26 - 2015-08-03 13:26 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll |
#9
|
||||
|
||||
dll
2015-08-03 13:26 - 2015-08-03 13:26 - 00290312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe 2015-08-03 13:26 - 2015-08-03 13:26 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe 2015-08-03 13:26 - 2015-08-03 13:26 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe 2015-08-03 13:26 - 2015-08-03 13:26 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00265480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00242264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe 2015-08-03 13:26 - 2015-08-03 13:26 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications .dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00208736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OmaDmAgent.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00181088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions .dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe 2015-08-03 13:26 - 2015-08-03 13:26 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2015-08-03 13:26 - 2015-08-03 13:26 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe 2015-08-03 13:26 - 2015-08-03 13:26 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00082616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys 2015-08-03 13:26 - 2015-08-03 13:26 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe 2015-08-03 13:26 - 2015-08-03 13:26 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00061280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys 2015-08-03 13:26 - 2015-08-03 13:26 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe 2015-08-03 13:26 - 2015-08-03 13:26 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dl l 2015-08-03 13:26 - 2015-08-03 13:26 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmprc.exe 2015-08-03 13:26 - 2015-08-03 13:26 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys 2015-08-03 13:26 - 2015-08-03 13:26 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00032768 _____ C:\WINDOWS\system32\LicenseManagerApi.dll 2015-08-03 13:26 - 2015-08-03 13:26 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe 2015-08-03 13:26 - 2015-08-03 13:26 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe 2015-08-03 13:24 - 2015-08-03 13:24 - 00008192 _____ C:\WINDOWS\system32\config\userdiff 2015-08-03 13:21 - 2015-08-03 13:21 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices 2015-08-03 13:21 - 2015-08-03 13:21 - 00000000 ____D C:\WINDOWS\system32\msmq 2015-08-03 13:21 - 2015-08-03 13:21 - 00000000 ____D C:\WINDOWS\system32\BestPractices 2015-08-03 13:21 - 2015-08-03 13:21 - 00000000 ____D C:\Program Files\Reference Assemblies 2015-08-03 13:21 - 2015-08-03 13:21 - 00000000 ____D C:\Program Files\MSBuild 2015-08-03 13:21 - 2015-08-03 13:21 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2015-08-03 13:21 - 2015-08-03 13:21 - 00000000 ____D C:\Program Files (x86)\MSBuild 2015-08-03 13:21 - 2015-08-03 13:21 - 00000000 ____D C:\inetpub 2015-08-03 13:21 - 2015-06-17 19:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2015-08-03 13:21 - 2015-06-17 19:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNativ e_v0300.dll 2015-08-03 13:21 - 2015-06-17 19:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2015-08-03 13:21 - 2015-05-29 22:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2015-08-03 13:21 - 2015-05-29 22:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNativ e_v0300.dll 2015-08-03 13:21 - 2015-05-29 22:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2015-08-03 13:18 - 2015-08-03 13:19 - 00002368 _____ C:\Users\Don\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\OneDrive.lnk 2015-08-03 13:18 - 2015-08-03 13:18 - 00000000 ____D C:\Users\Don\AppData\Local\NetworkTiles 2015-08-03 13:18 - 2015-08-03 13:18 - 00000000 ____D C:\ProgramData\ATI 2015-08-03 13:16 - 2015-08-04 10:58 - 00000000 ____D C:\Users\Don\AppData\Local\Packages 2015-08-03 13:16 - 2015-08-03 13:16 - 00000020 ___SH C:\Users\Don\ntuser.ini 2015-08-03 13:16 - 2015-08-03 13:16 - 00000000 ____D C:\Users\Don\AppData\Local\TileDataLayer 2015-08-03 13:16 - 2015-08-03 13:16 - 00000000 ____D C:\Users\Don\AppData\Local\Publishers 2015-08-03 12:54 - 2015-08-03 12:54 - 00000000 __SHD C:\Recovery 2015-08-03 12:46 - 2015-07-10 03:59 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2015-08-03 12:42 - 2015-08-03 12:42 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-08-03 12:42 - 2015-08-03 12:42 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia 2015-08-03 12:42 - 2015-08-03 12:42 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks 2015-08-03 12:42 - 2015-08-03 12:42 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia 2015-08-03 12:42 - 2015-08-03 12:42 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks 2015-08-03 12:38 - 2015-08-03 12:38 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines 2015-08-03 12:37 - 2015-08-09 13:10 - 00000000 ____D C:\Users\Don 2015-08-03 12:37 - 2015-08-03 13:16 - 00000000 ___RD C:\Users\Don\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Accessories 2015-08-03 12:37 - 2015-08-03 12:49 - 00000000 ____D C:\Users\Donald 2015-08-03 12:37 - 2015-08-03 12:48 - 00000000 ____D C:\Users\Administrator 2015-08-03 12:37 - 2015-08-03 12:37 - 00000000 ___RD C:\Users\Donald\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Accessories 2015-08-03 12:37 - 2015-08-03 12:37 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\W indows\Start Menu\Programs\Accessories 2015-08-03 12:37 - 2015-07-10 04:04 - 00000000 __RSD C:\Users\Donald\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Windows PowerShell 2015-08-03 12:37 - 2015-07-10 04:04 - 00000000 __RSD C:\Users\Don\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Windows PowerShell 2015-08-03 12:37 - 2015-07-10 04:04 - 00000000 __RSD C:\Users\Administrator\AppData\Roaming\Microsoft\W indows\Start Menu\Programs\Windows PowerShell 2015-08-03 12:37 - 2015-07-10 04:04 - 00000000 ___RD C:\Users\Donald\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\System Tools 2015-08-03 12:37 - 2015-07-10 04:04 - 00000000 ___RD C:\Users\Donald\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Accessibility 2015-08-03 12:37 - 2015-07-10 04:04 - 00000000 ___RD C:\Users\Don\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\System Tools 2015-08-03 12:37 - 2015-07-10 04:04 - 00000000 ___RD C:\Users\Don\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Accessibility 2015-08-03 12:37 - 2015-07-10 04:04 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\W indows\Start Menu\Programs\System Tools 2015-08-03 12:37 - 2015-07-10 04:04 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\W indows\Start Menu\Programs\Accessibility 2015-08-03 12:37 - 2015-07-10 04:04 - 00000000 ____D C:\Users\Donald\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Maintenance 2015-08-03 12:37 - 2015-07-10 04:04 - 00000000 ____D C:\Users\Don\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Maintenance 2015-08-03 12:37 - 2015-07-10 04:04 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\W indows\Start Menu\Programs\Maintenance 2015-08-03 12:36 - 2015-08-10 10:18 - 01006464 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-08-03 12:36 - 2015-08-03 12:36 - 00961296 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI 2015-08-03 12:35 - 2015-08-03 12:38 - 00000000 ____D C:\Program Files (x86)\ATI Technologies 2015-08-03 12:35 - 2015-08-03 12:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2015-08-03 12:35 - 2015-08-03 12:35 - 00000000 ____D C:\Program Files\ATI Technologies 2015-08-03 12:34 - 2015-08-10 10:16 - 00000000 _____ C:\WINDOWS\system32\Drivers\lvuvc.hs 2015-08-03 12:34 - 2015-08-03 12:34 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys 2015-08-03 12:34 - 2015-08-03 12:34 - 00000000 ____D C:\ProgramData\Package Cache 2015-08-03 12:34 - 2015-08-03 12:34 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies 2015-08-03 12:34 - 2015-08-03 12:34 - 00000000 ____D C:\Program Files\AMD 2015-08-03 12:34 - 2015-08-03 12:34 - 00000000 ____D C:\AMD 2015-08-03 12:34 - 2015-08-03 12:34 - 00000000 _____ C:\WINDOWS\ativpsrm.bin 2015-08-03 12:33 - 2015-08-03 13:56 - 00008862 _____ C:\WINDOWS\system32\lvcoinst.log 2015-08-03 12:33 - 2015-08-03 12:43 - 00000000 ____D C:\Program Files\Common Files\logishrd 2015-08-03 12:33 - 2015-08-03 12:33 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_ 00.Wdf 2015-08-03 12:33 - 2015-08-03 12:33 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avchv_0100 9.Wdf 2015-08-03 12:33 - 2015-08-03 12:33 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2015-08-03 12:33 - 2015-08-03 12:33 - 00000000 ____D C:\Program Files\Realtek 2015-08-03 12:32 - 2015-08-03 12:32 - 00027980 _____ C:\WINDOWS\system32\NetSetupMig.log 2015-08-03 11:58 - 2015-08-03 12:53 - 00018069 _____ C:\WINDOWS\diagerr.xml 2015-08-03 11:58 - 2015-08-03 12:53 - 00017148 _____ C:\WINDOWS\diagwrn.xml 2015-07-19 10:16 - 2015-07-19 10:16 - 00281104 _____ (CACE Technologies, Inc.) C:\WINDOWS\SysWOW64\wpcap.dll 2015-07-19 10:16 - 2015-07-19 10:16 - 00096784 _____ (CACE Technologies, Inc.) C:\WINDOWS\SysWOW64\packet.dll 2015-07-19 10:16 - 2015-07-19 10:16 - 00035344 _____ (CACE Technologies, Inc.) C:\WINDOWS\system32\Drivers\npf.sys 2015-07-16 02:12 - 2015-07-16 02:12 - 00458472 _____ C:\WINDOWS\system32\amdmiracast.dll 2015-07-16 02:12 - 2015-07-16 02:12 - 00152056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll 2015-07-16 02:12 - 2015-07-16 02:12 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll 2015-07-16 02:12 - 2015-07-16 02:12 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll 2015-07-16 02:12 - 2015-07-16 02:12 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll 2015-07-16 02:12 - 2015-07-16 02:12 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll 2015-07-16 02:11 - 2015-07-16 02:11 - 11948704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll 2015-07-16 02:11 - 2015-07-16 02:11 - 10094152 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll 2015-07-16 02:11 - 2015-07-16 02:11 - 08893160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll 2015-07-16 02:11 - 2015-07-16 02:11 - 08779872 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll 2015-07-16 02:11 - 2015-07-16 02:11 - 07929616 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll 2015-07-16 02:11 - 2015-07-16 02:11 - 07408936 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll 2015-07-16 02:11 - 2015-07-16 02:11 - 01445224 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll 2015-07-16 02:11 - 2015-07-16 02:11 - 01193904 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll 2015-07-16 02:11 - 2015-07-16 02:11 - 00133016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll 2015-07-16 02:11 - 2015-07-16 02:11 - 00120144 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll 2015-07-16 02:11 - 2015-07-16 02:11 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll 2015-07-16 02:06 - 2015-07-16 02:06 - 21622272 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys 2015-07-16 02:01 - 2015-07-16 02:01 - 47785472 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll 2015-07-16 02:01 - 2015-07-16 02:01 - 01187342 _____ C:\WINDOWS\system32\amdocl_as64.exe 2015-07-16 02:01 - 2015-07-16 02:01 - 01061902 _____ C:\WINDOWS\system32\amdocl_ld64.exe 2015-07-16 02:01 - 2015-07-16 02:01 - 00995342 _____ C:\WINDOWS\SysWOW64\amdocl_as32.exe 2015-07-16 02:01 - 2015-07-16 02:01 - 00798734 _____ C:\WINDOWS\SysWOW64\amdocl_ld32.exe 2015-07-16 02:01 - 2015-07-16 02:01 - 00235008 _____ C:\WINDOWS\system32\clinfo.exe 2015-07-16 02:00 - 2015-07-16 02:00 - 39714816 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll 2015-07-16 01:59 - 2015-07-16 01:59 - 00065024 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2015-07-16 01:59 - 2015-07-16 01:59 - 00059392 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2015-07-16 01:58 - 2015-07-16 01:58 - 27535872 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll 2015-07-16 01:57 - 2015-07-16 01:57 - 22318592 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll 2015-07-16 01:35 - 2015-07-16 01:35 - 06477312 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll 2015-07-16 01:35 - 2015-07-16 01:35 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll 2015-07-16 01:35 - 2015-07-16 01:35 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll 2015-07-16 01:30 - 2015-07-16 01:30 - 05068288 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll 2015-07-16 01:29 - 2015-07-16 01:29 - 00134656 _____ C:\WINDOWS\system32\amdhdl64.dll 2015-07-16 01:29 - 2015-07-16 01:29 - 00123392 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll 2015-07-16 01:28 - 2015-07-16 01:28 - 30752256 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll 2015-07-16 01:27 - 2015-07-16 01:27 - 00093184 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll 2015-07-16 01:26 - 2015-07-16 01:26 - 07500800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll 2015-07-16 01:26 - 2015-07-16 01:26 - 00086528 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll 2015-07-16 01:25 - 2015-07-16 01:25 - 00050688 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll 2015-07-16 01:25 - 2015-07-16 01:25 - 00039424 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll 2015-07-16 01:24 - 2015-07-16 01:24 - 09102336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll 2015-07-16 01:23 - 2015-07-16 01:23 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap 2015-07-16 01:22 - 2015-07-16 01:22 - 25299968 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll 2015-07-16 01:22 - 2015-07-16 01:22 - 00204952 _____ C:\WINDOWS\SysWOW64\ativvsvl.dat 2015-07-16 01:22 - 2015-07-16 01:22 - 00204952 _____ C:\WINDOWS\system32\ativvsvl.dat 2015-07-16 01:22 - 2015-07-16 01:22 - 00157144 _____ C:\WINDOWS\SysWOW64\ativvsva.dat 2015-07-16 01:22 - 2015-07-16 01:22 - 00157144 _____ C:\WINDOWS\system32\ativvsva.dat 2015-07-16 01:21 - 2015-07-16 01:21 - 15716864 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll 2015-07-16 01:21 - 2015-07-16 01:21 - 00660912 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb 2015-07-16 01:21 - 2015-07-16 01:21 - 00660912 _____ C:\WINDOWS\system32\atiapfxx.blb 2015-07-16 01:21 - 2015-07-16 01:21 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe 2015-07-16 01:21 - 2015-07-16 01:21 - 00062464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll 2015-07-16 01:21 - 2015-07-16 01:21 - 00055808 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll 2015-07-16 01:21 - 2015-07-16 01:21 - 00052224 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll 2015-07-16 01:21 - 2015-07-16 01:21 - 00049152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll 2015-07-16 01:20 - 2015-07-16 01:20 - 14302208 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll 2015-07-16 01:18 - 2015-07-16 01:18 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap 2015-07-16 01:17 - 2015-07-16 01:17 - 00672768 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe 2015-07-16 01:17 - 2015-07-16 01:17 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll 2015-07-16 01:17 - 2015-07-16 01:17 - 00246784 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe 2015-07-16 01:17 - 2015-07-16 01:17 - 00204800 _____ C:\WINDOWS\system32\amdgfxinfo64.dll 2015-07-16 01:17 - 2015-07-16 01:17 - 00190976 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll 2015-07-16 01:17 - 2015-07-16 01:17 - 00189952 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll 2015-07-16 01:17 - 2015-07-16 01:17 - 00160256 _____ C:\WINDOWS\system32\atieah64.exe 2015-07-16 01:17 - 2015-07-16 01:17 - 00143872 _____ C:\WINDOWS\SysWOW64\atieah32.exe 2015-07-16 01:17 - 2015-07-16 01:17 - 00029696 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll 2015-07-16 01:14 - 2015-07-16 01:14 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll 2015-07-16 01:13 - 2015-07-16 01:13 - 01247744 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll 2015-07-16 01:13 - 2015-07-16 01:13 - 00926720 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll 2015-07-16 01:13 - 2015-07-16 01:13 - 00926720 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll 2015-07-16 01:13 - 2015-07-16 01:13 - 00665088 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys 2015-07-16 01:13 - 2015-07-16 01:13 - 00156672 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll 2015-07-16 01:13 - 2015-07-16 01:13 - 00141824 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll 2015-07-16 01:13 - 2015-07-16 01:13 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll 2015-07-16 01:13 - 2015-07-16 01:13 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll 2015-07-16 01:13 - 2015-07-16 01:13 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll 2015-07-16 01:12 - 2015-07-16 01:12 - 00865792 _____ (AMD) C:\WINDOWS\system32\coinst_15.20.dll 2015-07-16 01:12 - 2015-07-16 01:12 - 00102912 _____ C:\WINDOWS\system32\hsa-thunk64.dll 2015-07-16 01:12 - 2015-07-16 01:12 - 00102400 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll 2015-07-15 07:18 - 2015-07-09 10:58 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll 2015-07-15 07:18 - 2015-06-09 11:03 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpGroupPolicyExtension.dll 2015-07-15 07:16 - 2015-06-20 12:25 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.exe 2015-07-15 07:16 - 2015-06-20 11:46 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmlmedia.dll 2015-07-15 07:16 - 2015-06-19 10:39 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmlmedia.dll 2015-07-13 15:19 - 2015-07-13 15:19 - 00169152 _____ C:\WINDOWS\system32\ativce03.dat 2015-07-13 15:19 - 2015-07-13 15:19 - 00167456 _____ C:\WINDOWS\system32\amde31a.dat ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-08-10 10:31 - 2013-10-12 07:58 - 00000898 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-08-10 10:17 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\sru 2015-08-10 09:04 - 2012-05-29 13:35 - 00000000 ____D C:\Users\Don\AppData\Roaming\Skype 2015-08-10 08:59 - 2012-04-05 13:28 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-08-10 08:47 - 2014-05-26 12:47 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-08-10 08:47 - 2013-10-12 07:58 - 00000894 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-08-09 13:52 - 2010-12-06 16:21 - 00000000 ____D C:\Users\Don\AppData\Roaming\SoftGrid Client 2015-08-09 12:16 - 2015-07-10 04:04 - 00000000 ___RD C:\WINDOWS\Offline Web Pages 2015-08-09 09:10 - 2015-07-10 05:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-08-09 09:10 - 2015-07-10 02:05 - 00131072 ___SH C:\WINDOWS\system32\config\BBI 2015-08-09 08:40 - 2015-05-16 10:28 - 00002334 _____ C:\Users\Don\Desktop\Google Chrome.lnk 2015-08-09 03:45 - 2015-07-10 02:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM 2015-08-09 03:43 - 2015-07-10 05:20 - 00241128 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-08-09 03:41 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-08-09 03:41 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\Provisioning 2015-08-08 09:08 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-08-07 09:28 - 2013-02-23 11:26 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-08-07 03:47 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\rescache 2015-08-06 11:28 - 2015-07-10 03:55 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-08-05 13:02 - 2013-08-21 09:27 - 00000000 ____D C:\AdwCleaner 2015-08-05 12:16 - 2013-12-28 11:48 - 00000000 ____D C:\Users\Don\AppData\Local\CrashDumps 2015-08-04 14:32 - 2014-03-06 14:18 - 00000000 ____D C:\ProgramData\Bitdefender 2015-08-04 14:15 - 2014-03-06 14:08 - 00000000 ____D C:\Program Files\Common Files\Bitdefender 2015-08-04 14:07 - 2014-04-11 09:24 - 00000000 __SHD C:\Users\Don\AppData\Local\EmieUserList 2015-08-04 14:07 - 2014-04-11 09:24 - 00000000 __SHD C:\Users\Don\AppData\Local\EmieSiteList 2015-08-04 13:31 - 2014-03-06 14:37 - 00000000 ____D C:\ProgramData\BDLogging 2015-08-04 05:03 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\appcompat 2015-08-03 14:37 - 2010-12-06 16:11 - 00000000 ____D C:\ProgramData\Hewlett-Packard 2015-08-03 14:18 - 2013-11-08 14:00 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard 2015-08-03 14:18 - 2010-12-01 11:58 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-08-03 14:17 - 2015-03-15 13:47 - 142641112 _____ C:\Users\Don\Desktop\weekly.exe 2015-08-03 13:44 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\restore 2015-08-03 13:30 - 2015-07-10 04:04 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template 2015-08-03 13:27 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe 2015-08-03 13:27 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2015-08-03 13:27 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2015-08-03 13:27 - 2015-07-10 02:05 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2015-08-03 13:27 - 2015-07-10 02:05 - 00000000 ____D C:\WINDOWS\system32\Dism 2015-08-03 13:26 - 2015-07-10 04:06 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-08-03 13:26 - 2015-07-10 04:06 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-08-03 13:24 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase 2015-08-03 13:21 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv 2015-08-03 13:21 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\inetsrv 2015-08-03 13:21 - 2015-07-10 04:01 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll 2015-08-03 13:21 - 2015-07-10 04:01 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll 2015-08-03 13:21 - 2015-07-10 04:01 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll 2015-08-03 13:21 - 2015-07-10 04:01 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll 2015-08-03 13:21 - 2015-07-10 04:01 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll 2015-08-03 13:21 - 2015-07-10 04:01 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb 2015-08-03 13:21 - 2015-07-10 04:01 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb 2015-08-03 13:21 - 2015-07-10 04:01 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb 2015-08-03 13:21 - 2015-07-10 04:01 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll 2015-08-03 13:21 - 2015-07-10 04:01 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb 2015-08-03 13:21 - 2015-07-10 04:01 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll 2015-08-03 13:21 - 2015-07-10 04:01 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe 2015-08-03 13:21 - 2015-07-10 04:01 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll 2015-08-03 13:21 - 2015-07-10 04:01 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll 2015-08-03 13:21 - 2015-07-10 04:01 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll 2015-08-03 13:21 - 2015-07-10 04:01 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof 2015-08-03 13:21 - 2015-07-10 04:00 - 01417728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll 2015-08-03 13:21 - 2015-07-10 04:00 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll 2015-08-03 13:21 - 2015-07-10 04:00 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll 2015-08-03 13:21 - 2015-07-10 04:00 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll 2015-08-03 13:21 - 2015-07-10 04:00 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll 2015-08-03 13:21 - 2015-07-10 04:00 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll 2015-08-03 13:21 - 2015-07-10 04:00 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys 2015-08-03 13:21 - 2015-07-10 04:00 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll 2015-08-03 13:21 - 2015-07-10 04:00 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb 2015-08-03 13:21 - 2015-07-10 04:00 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb 2015-08-03 13:21 - 2015-07-10 04:00 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb 2015-08-03 13:21 - 2015-07-10 04:00 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll 2015-08-03 13:21 - 2015-07-10 04:00 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll 2015-08-03 13:21 - 2015-07-10 04:00 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe 2015-08-03 13:21 - 2015-07-10 04:00 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb 2015-08-03 13:21 - 2015-07-10 04:00 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe 2015-08-03 13:21 - 2015-07-10 04:00 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll 2015-08-03 13:21 - 2015-07-10 04:00 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe 2015-08-03 13:21 - 2015-07-10 04:00 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll 2015-08-03 13:21 - 2015-07-10 04:00 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll 2015-08-03 13:21 - 2015-07-10 04:00 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof 2015-08-03 13:19 - 2014-04-10 08:48 - 00000000 ___RD C:\Users\Don\OneDrive 2015-08-03 13:16 - 2015-07-10 04:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog 2015-08-03 13:16 - 2015-07-10 04:04 - 00000000 ___RD C:\WINDOWS\PrintDialog 2015-08-03 13:16 - 2015-07-10 04:04 - 00000000 ___RD C:\WINDOWS\MiracastView 2015-08-03 13:16 - 2015-07-10 04:04 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2015-08-03 12:53 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\Registration 2015-08-03 12:52 - 2015-07-10 04:04 - 00000000 __RSD C:\WINDOWS\Media 2015-08-03 12:52 - 2015-07-10 04:04 - 00000000 __RHD C:\Users\Public\Libraries 2015-08-03 12:52 - 2015-06-23 08:48 - 00003628 _____ C:\WINDOWS\System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 2015-08-03 12:52 - 2015-01-02 08:05 - 00003996 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2015-08-03 12:52 - 2014-11-26 09:50 - 00003276 _____ C:\WINDOWS\System32\Tasks\{42260660-8CEC-4709-9C83-FC04B564B74F} 2015-08-03 12:52 - 2014-11-11 13:26 - 00003716 _____ C:\WINDOWS\System32\Tasks\HPCustParticipation HP Officejet 4630 series 2015-08-03 12:52 - 2014-10-10 11:47 - 00003302 _____ C:\WINDOWS\System32\Tasks\{1DDB1A5A-D3F6-4478-923D-32A34B89EBF9} 2015-08-03 12:52 - 2013-12-28 13:13 - 00003246 _____ C:\WINDOWS\System32\Tasks\{E8B76825-5C46-47F1-8F03-4FAE28711725} 2015-08-03 12:52 - 2013-12-28 13:06 - 00003246 _____ C:\WINDOWS\System32\Tasks\{B97E3EC7-D5D9-4BC9-B5DD-D503F38F33E9} 2015-08-03 12:52 - 2013-10-12 07:58 - 00004004 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineU A 2015-08-03 12:52 - 2013-10-12 07:58 - 00003752 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineC ore 2015-08-03 12:52 - 2013-09-26 10:22 - 00002878 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2015-08-03 12:52 - 2012-10-05 12:07 - 00004370 _____ C:\WINDOWS\System32\Tasks\Open URL by RoboForm 2015-08-03 12:52 - 2012-04-05 13:28 - 00003878 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2015-08-03 12:52 - 2010-12-30 16:34 - 00003176 _____ C:\WINDOWS\System32\Tasks\{A23E7899-71F0-4AEC-A04B-CB60BBD97F26} 2015-08-03 12:52 - 2010-12-10 13:37 - 00003176 _____ C:\WINDOWS\System32\Tasks\{5F721927-5D13-4042-9957-9C51A7D0ACB3} 2015-08-03 12:52 - 2010-12-08 10:20 - 00004218 _____ C:\WINDOWS\System32\Tasks\Go to RoboForm Install page 2015-08-03 12:52 - 2010-12-08 10:17 - 00003594 _____ C:\WINDOWS\System32\Tasks\Run RoboForm TaskBar Icon 2015-08-03 12:52 - 2010-12-07 16:21 - 00032220 _____ C:\WINDOWS\system32\emptyregdb.dat 2015-08-03 12:50 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\spool 2015-08-03 12:44 - 2010-12-09 10:36 - 00000000 ____D C:\WINDOWS\SysWOW64\logishrd 2015-08-03 12:43 - 2015-07-10 04:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2015-08-03 12:43 - 2015-03-18 12:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinePixViewer 2015-08-03 12:43 - 2015-03-10 14:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware 2015-08-03 12:43 - 2014-12-17 12:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cobian Backup 11 2015-08-03 12:43 - 2014-12-17 11:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Runtime Software 2015-08-03 12:43 - 2014-06-25 08:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2015-08-03 12:43 - 2014-05-26 12:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-08-03 12:43 - 2014-04-10 08:51 - 00000000 ____D C:\WINDOWS\en 2015-08-03 12:43 - 2014-03-11 14:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-08-03 12:43 - 2013-03-12 10:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm 2015-08-03 12:43 - 2013-02-23 11:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-08-03 12:43 - 2012-11-11 13:20 - 00000000 ____D C:\Users\Don\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\GoldWave 2015-08-03 12:43 - 2012-05-18 09:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-08-03 12:43 - 2012-03-24 12:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magellan 2015-08-03 12:43 - 2010-12-31 12:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2015-08-03 12:43 - 2010-12-10 12:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasyWeather 2015-08-03 12:43 - 2010-12-09 10:36 - 00000000 ____D C:\WINDOWS\system32\logishrd 2015-08-03 12:43 - 2010-12-09 09:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech 2015-08-03 12:43 - 2010-12-01 12:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell 2015-08-03 12:43 - 2010-12-01 12:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Easy CD & DVD Burning 2015-08-03 12:43 - 2010-12-01 12:08 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live 2015-08-03 12:43 - 2010-12-01 12:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell DataSafe 2015-08-03 12:43 - 2010-12-01 12:01 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2015-08-03 12:42 - 2015-07-10 04:04 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Accessories 2015-08-03 12:42 - 2015-07-10 04:04 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-08-03 12:42 - 2009-07-13 20:20 - 00000000 ____D C:\Users\Default.migrated 2015-08-03 12:39 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\SysWOW64\zh-HK 2015-08-03 12:39 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\SysWOW64\tr-TR 2015-08-03 12:39 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz 2015-08-03 12:39 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\SysWOW64\IME 2015-08-03 12:39 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\zh-HK 2015-08-03 12:39 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\tr-TR 2015-08-03 12:39 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\oobe 2015-08-03 12:39 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\NDF 2015-08-03 12:39 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\IME 2015-08-03 12:39 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\schemas 2015-08-03 12:39 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\Resources 2015-08-03 12:39 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2015-08-03 12:39 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2015-08-03 12:39 - 2011-08-13 11:57 - 00000000 ____D C:\WINDOWS\system32\SPReview 2015-08-03 12:39 - 2011-08-13 11:56 - 00000000 ____D C:\WINDOWS\system32\EventProviders 2015-08-03 12:39 - 2011-08-11 03:01 - 00000000 __SHD C:\WINDOWS\system32\%APPDATA% 2015-08-03 12:39 - 2011-03-11 03:00 - 00000000 __SHD C:\WINDOWS\SysWOW64\%APPDATA% 2015-08-03 12:39 - 2010-12-31 12:37 - 00000000 ____D C:\WINDOWS\SysWOW64\spool 2015-08-03 12:38 - 2015-07-10 04:04 - 00000000 __SHD C:\Program Files\Windows Sidebar 2015-08-03 12:38 - 2015-07-10 04:04 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar 2015-08-03 12:38 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\Recovery 2015-08-03 12:38 - 2015-07-10 04:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2015-08-03 12:38 - 2014-11-26 09:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-08-03 12:38 - 2010-12-07 13:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English) 2015-08-03 12:38 - 2010-12-01 12:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative 2015-08-03 12:38 - 2009-07-14 00:44 - 00000000 ___RD C:\Users\Public\Recorded TV 2015-08-03 12:38 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files\Microsoft Games 2015-08-03 12:38 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files\DVD Maker 2015-08-03 12:37 - 2015-03-06 14:14 - 00000000 ____D C:\Users\Don\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\HP 2015-08-03 12:37 - 2012-10-10 14:18 - 00000000 ____D C:\Users\Don\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Amazon 2015-08-03 12:36 - 2015-07-10 02:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2015-08-03 12:31 - 2015-07-10 02:05 - 00000000 __RHD C:\Users\Default 2015-08-03 12:09 - 2009-07-13 21:45 - 00022464 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-08-03 12:09 - 2009-07-13 21:45 - 00022464 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-07-31 08:28 - 2015-03-10 14:24 - 00000000 ____D C:\Program Files\SUPERAntiSpyware 2015-07-29 09:47 - 2007-06-25 11:15 - 00000000 ____D C:\Users\Don\Desktop\Security 2015-07-29 09:46 - 2010-12-09 12:58 - 00000000 ____D C:\Program Files\CCleaner 2015-07-28 20:50 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\ELAMBKUP 2015-07-28 09:03 - 2012-09-26 13:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-07-22 11:15 - 2013-11-15 16:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-07-22 11:15 - 2012-09-26 13:09 - 00001161 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-07-22 11:15 - 2012-09-26 13:09 - 00001149 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-07-19 12:29 - 2013-02-20 20:06 - 00000000 ____D C:\Users\Don\AppData\Local\NETGEARGenie 2015-07-19 10:16 - 2013-02-20 20:05 - 00369168 _____ (CACE Technologies, Inc.) C:\WINDOWS\system32\wpcap.dll 2015-07-19 10:16 - 2013-02-20 20:05 - 00106000 _____ (CACE Technologies, Inc.) C:\WINDOWS\system32\packet.dll 2015-07-19 10:16 - 2013-02-20 20:05 - 00002064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR Genie.lnk 2015-07-19 10:16 - 2013-02-20 20:05 - 00002052 _____ C:\Users\Public\Desktop\NETGEAR Genie.lnk 2015-07-19 10:16 - 2013-02-20 20:05 - 00000000 ____D C:\Program Files (x86)\NETGEAR Genie 2015-07-15 16:35 - 2013-07-21 10:09 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-07-14 09:38 - 2013-08-06 08:45 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2015-07-12 09:17 - 2012-04-27 08:07 - 00000000 ____D C:\Users\Don\AppData\Roaming\HpUpdate ==================== Files in the root of some directories ======= 2013-08-01 10:46 - 2013-08-01 10:46 - 0000054 _____ () C:\Users\Don\AppData\Roaming\WB.CFG 2013-08-01 10:46 - 2013-08-01 10:46 - 0000005 _____ () C:\Users\Don\AppData\Roaming\WBPU-TTL.DAT 2013-04-11 15:00 - 2014-05-07 09:40 - 0116700 _____ () C:\Users\Don\AppData\Local\ars.cache 2013-04-11 15:00 - 2014-05-07 09:40 - 1000482 _____ () C:\Users\Don\AppData\Local\census.cache 2013-04-11 14:50 - 2013-04-11 14:50 - 0000036 _____ () C:\Users\Don\AppData\Local\housecall.guid.cache 2011-12-07 12:09 - 2011-12-07 12:47 - 0139920 _____ () C:\Users\Don\AppData\Local\rx_audio.Cache 2011-12-07 12:08 - 2011-12-07 12:47 - 0004752 _____ () C:\Users\Don\AppData\Local\rx_image32.Cache 2013-02-14 14:00 - 2013-02-14 14:00 - 0339334 _____ () C:\Users\Don\AppData\Local\speeddial.crx 2015-08-04 14:33 - 2015-08-04 14:33 - 0773303 _____ () C:\ProgramData\1438722939.bdinstall.bin 2014-11-11 13:25 - 2014-11-11 13:25 - 0000057 _____ () C:\ProgramData\Ament.ini 2010-12-08 12:21 - 2014-02-26 14:33 - 0024442 _____ () C:\ProgramData\hpzinstall.log ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-08-04 05:18 ==================== End of log ============================ |
#10
|
||||
|
||||
Additional scan result of Farbar Recovery Scan Tool (x64) Version:09-08-2015
Ran by Don (2015-08-10 10:45:03) Running from C:\Users\Don\Desktop Boot Mode: Normal ================================================== ======== ==================== Accounts: ============================= Administrator (S-1-5-21-583441641-3973240248-463755501-500 - Administrator - Disabled) => C:\Users\Administrator DefaultAccount (S-1-5-21-583441641-3973240248-463755501-503 - Limited - Disabled) Don (S-1-5-21-583441641-3973240248-463755501-1001 - Administrator - Enabled) => C:\Users\Don Donald (S-1-5-21-583441641-3973240248-463755501-1003 - Administrator - Enabled) => C:\Users\Donald Guest (S-1-5-21-583441641-3973240248-463755501-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-583441641-3973240248-463755501-1005 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D} AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Bitdefender Antispyware (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 4500_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated) Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated) AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD) ATI Catalyst Control Center (HKLM-x32\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.010.0517.1741 - ) Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation) Bing Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.470.0 - Microsoft Corporation) Bitdefender 60-Second Virus Scanner (HKLM\...\{CCEA2053-D975-4E38-AC09-4D5E6DAC6B6F}) (Version: 1.0.3.76 - Bitdefender) Bitdefender Internet Security 2015 (HKLM\...\Bitdefender) (Version: 19.2.0.142 - Bitdefender) bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden BPDSoftware (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden CameraHelperMsi (x32 Version: 13.31.1038.0 - Logitech) Hidden ccc-core-static (x32 Version: 2010.0517.1742.29870 - ATI) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform) Cobian Backup 11 Gravity (HKLM-x32\...\CobBackup11) (Version: - ) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Defraggler (HKLM\...\Defraggler) (Version: 2.15 - Piriform) Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: - Dell) Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.48 - Dell) Dell DataSafe Online (HKLM-x32\...\{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}) (Version: 1.2.0011 - Dell, Inc.) Dell Dock (HKLM-x32\...\Dell Dock) (Version: - Stardock Corporation) Dell Dock (Version: 2.0 - Stardock Corporation) Hidden Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc) Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.) Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden DirectXInstallService (x32 Version: 9.0.2 - Roxio) Hidden DocMgr (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden DriveImage XML (Private Edition) (HKLM-x32\...\{F7E1CA14-B39D-452A-960B-39423DDDD933}) (Version: 2.50.000 - Runtime Software) EasyWeather (HKLM-x32\...\{CE1B03BC-3C99-4580-A2AC-A41DB9B83378}) (Version: - 1.0) EMC 10 Content (x32 Version: 1.0.035 - Roxo, Inc.) Hidden EMCGadgets64 (Version: 1.0.302 - Sonic) Hidden erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden FinePixViewer Resource (HKLM-x32\...\{B44529FF-501E-47CD-A06D-223C161BE058}) (Version: 1.2 - FUJIFILM Corporation) FinePixViewer Ver.5.5 (HKLM-x32\...\{24ED4D80-8294-11D5-96CD-0040266301AD}) (Version: 5.5 - FUJIFILM Corporation) FinePixViewer YTUPL (HKLM-x32\...\{65EB09A3-993B-401E-8936-C9708CBFAB26}) (Version: 1.0 - FUJIFILM Corporation) GoldWave v5.67 (HKLM-x32\...\GoldWave v5.67) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.130 - Google Inc.) Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP) HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP) HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP) HP Officejet 4630 series Basic Device Software (HKLM\...\{38037A50-E9F1-41E4-9AA3-2E0A5A2FC4C5}) (Version: 32.3.198.49673 - Hewlett-Packard Co.) HP Officejet 4630 series Help (HKLM-x32\...\{9F79230F-EE1C-407E-94E1-D69021954C9B}) (Version: 31.0.0 - Hewlett Packard) HP Photo Creations (HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\HP Photo Creations) (Version: 1.0.0.17422 - HP) HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP) HP Smart Print 2.1 (HKLM-x32\...\{8046B41C-FB30-4614-898F-57D44D0C66EB}) (Version: 2.1.0.235 - Hewlett-Packard) HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP) HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP) HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.0.29.6 - Hewlett-Packard Company) HP Support Solutions Framework (HKLM-x32\...\{F6A11738-3EE4-4573-AEA5-6CD5D491C167}) (Version: 12.0.30.81 - Hewlett-Packard Company) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation) Internet Explorer (x32 Version: 8 - Microsoft Corporation) Hidden J4500 (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden Java 8 Update 40 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418040F0}) (Version: 8.0.400 - Oracle Corporation) Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation) Junk Mail filter update (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Logitech SetPoint 6.32 (HKLM\...\sp6) (Version: 6.32.20 - Logitech) Logitech Vid HD (HKLM-x32\...\Logitech Vid) (Version: 7.2 (7240) - Logitech Inc..) Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.0 - Logitech Inc.) LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden Magellan Device Driver (HKLM-x32\...\InstallShield_{C5A59C33-1E39-4083-B50B-47C983BF5E21}) (Version: 1.05.0010 - Magellan Navigation, Inc.) Magellan Device Driver (x32 Version: 1.05.0010 - Magellan Navigation, Inc.) Hidden Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Mozilla Firefox 39.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 39.0 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.4.12.00 - NETGEAR Inc.) OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP) Officejet J4500 Series (HKLM\...\{E11448F2-0B44-4239-B04E-D88FE743E929}) (Version: 13.0 - HP) Product Improvement Study for HP Officejet 4630 series (HKLM\...\{EE629820-EACD-4AAE-966D-DF1560A0ED2D}) (Version: 32.3.198.49673 - Hewlett-Packard Co.) ProductContext (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.) RoboForm 7-9-14-4 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-14-4 - Siber Systems) Roxio Easy CD and DVD Burning (HKLM-x32\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3 - Roxio) Roxio File Backup (Version: 1.3.0 - Roxio) Hidden Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP) Skins (x32 Version: 2010.0517.1742.29870 - ATI) Hidden Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.) SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1170 - SUPERAntiSpyware.com) THX TruStudio PC (HKLM-x32\...\{010A785B-F920-4350-821B-6309909C20BB}) (Version: 1.0 - Creative Technology Limited) Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden VantagePoint (HKLM-x32\...\InstallShield_{1D21ED4F-3C5E-45C3-9795-8C8CB2AB31DC}) (Version: 2.26.0000 - Magellan Navigation, Inc.) VantagePoint (x32 Version: 2.26.0000 - Magellan Navigation, Inc.) Hidden VD64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation) Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-583441641-3973240248-463755501-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-583441641-3973240248-463755501-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-583441641-3973240248-463755501-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-583441641-3973240248-463755501-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-583441641-3973240248-463755501-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-583441641-3973240248-463755501-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-583441641-3973240248-463755501-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-583441641-3973240248-463755501-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-583441641-3973240248-463755501-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-583441641-3973240248-463755501-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-583441641-3973240248-463755501-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Don\AppData\Local\Microsoft\OneDrive\17.3 .5907.0716\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 03-08-2015 13:44:00 Windows Update 03-08-2015 13:44:27 Windows Update 10-08-2015 08:50:15 Windows Backup ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 19:34 - 2014-03-19 19:36 - 00000741 ___RA C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\D sSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation) Task: {05B0A67C-865B-463D-A876-8BF3A8981342} - System32\Tasks\Microsoft\Windows\RetailDemo\Cleanu pOfflineContent Task: {06A5D197-CBC5-4797-94D1-844B1CD3A2CB} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {0ADF221C-21E1-4681-B64D-B97279FC3027} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe [2015-07-15] (Adobe Systems Incorporated) Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation) Task: {1029A7BD-54F8-4C7C-9571-1637D5FBC319} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd) Task: {135D2F16-8202-49D6-854F-D9CA30B8D2D4} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {14A4B203-397A-49D5-B086-5ABC5618BABA} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {1641F54C-1E57-4902-AB65-EE2B65E5629D} - System32\Tasks\Microsoft\Windows\UpdateOrchestrato r\Schedule Scan => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation) Task: {1847341E-78B7-4FB8-BFD1-1BD36375EBE6} - System32\Tasks\{E8B76825-5C46-47F1-8F03-4FAE28711725} => Iexplore.exe http://ui.skype.com/ui/0/6.11.0.102/...page=tsInstall Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih boot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation) Task: {1AE0C9FD-60F8-4C93-B6EE-163CD02DBA34} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {1D3D099E-EE1E-4907-8BA2-BA8F12D11AA6} - System32\Tasks\Microsoft\Windows\Location\Notifica tions => C:\Windows\System32\LocationNotificationWindows.ex e [2015-07-10] (Microsoft Corporation) Task: {2C97A00A-1C5C-4318-B5CC-8A1A126B77F9} - System32\Tasks\Microsoft\Windows\CertificateServic esClient\KeyPreGenTask Task: {2FB91F46-DE5D-4B08-8463-B7D59B317E96} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe Task: {340D965C-CC8D-4EBD-882C-0D7509547526} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html?aaa=KICMOMOJLJOMKJPMOJMMCNKMHMNJIMCNLMOJ OJNJCNGMLJLMIMCNKJHMLMNMNMLMOMLJIMOMOJKMJNJICMIMCN GMCNOMLMFMOMOMCNPMCNGMJMPMPMFMJMCNOMCNIMJMPMOMCNNM JNPICMOMFMEKMICNJJCKFMOMJMHMPMJNHICMOMPMKJIJMIJNBJ CMCLGIMIKJDJJJJNKJCMLJAJBJFJAJOMPMPMPLHJAJLICJOJGJ DJBNMJAJCJJNNICMCLGIMIKJDJJJPNMIGJBJMJKJPNNMPMPMPM JNDJCMKJBJJNMJCMOMFMNMLMMMFMPMJNFICMGJLJKJBJLIGJLI GJKJMIBNKJHIKJ" Task: {3824D981-AB83-49A5-BD70-1B0693093D80} - System32\Tasks\Games\UpdateCheck_S-1-5-21-583441641-3973240248-463755501-1001 Task: {39DD70C0-8DCA-4CB6-B5FD-0BD2D4EDCB27} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2015-07-10] (Microsoft Corporation) Task: {3C4261CA-7AA3-43F9-9C07-E40D55794C99} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated) Task: {3E52D55F-3928-4B97-94B3-C8A323B54BF8} - System32\Tasks\{5F721927-5D13-4042-9957-9C51A7D0ACB3} => pcalua.exe -a D:\Setup.exe -d D:\ Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmC lient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation) Task: {430B4183-BB5C-4F42-9A0F-3568ED45DB68} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: {43B4CD70-9961-431E-AEC8-2A62BBE66534} - System32\Tasks\{A23E7899-71F0-4AEC-A04B-CB60BBD97F26} => pcalua.exe -a D:\setup.exe -d D:\ Task: {4454A8D0-2E4E-4A02-BF67-48DF6A7BFAB4} - System32\Tasks\Microsoft\Windows\Maps\MapsUpdateTa sk Task: {463D66B9-5855-440A-85D2-1058FE7C13F9} - System32\Tasks\HPCeeScheduleForDon => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard) Task: {477DEC69-021E-451B-8F10-2DF47B30286A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-26] (Google Inc.) Task: {4A1BCD18-F16A-42BD-BD02-EE4F4CE7C80F} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {4CEF156E-FC31-4D45-81F5-1D4FD7C88656} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {4CF22331-AE9A-4E90-88C9-1159A1330566} - System32\Tasks\{42260660-8CEC-4709-9C83-FC04B564B74F} => Chrome.exe http://www.skype.com/go/downloading?...astError=12002 Task: {4F09B8E7-2785-43FB-B072-1763A54E99C5} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {58A98FD9-D9FF-49E9-9524-E5D02EE75765} - System32\Tasks\HPCustParticipation HP Officejet 4630 series => C:\Program Files\HP\HP Officejet 4630 series\Bin\HPCustPartic.exe [2014-07-21] (Hewlett-Packard Development Company, LP) Task: {59417E29-55A6-4AF1-8058-739A1EC2BF3F} - System32\Tasks\{1DDB1A5A-D3F6-4478-923D-32A34B89EBF9} => pcalua.exe -a "C:\Users\Don\Desktop\MagellanDeviceDriver_105 001 (2).exe" -d C:\Users\Don\Desktop Task: {5B10E945-89DB-462C-B49B-D1F02F75DBFF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxcon fig-B -> No File <==== ATTENTION Task: {5E5515C1-7D87-4904-B9CE-FD29EB2ADB72} - System32\Tasks\Microsoft\Windows\Sysmain\ResPriSta ticDbSync Task: {60BC531B-E75B-4703-B2B8-DE20D4FE324E} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {611C823C-437B-46E7-9683-5312DFFCFD7B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrato r\Policy Install => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation) Task: {62C59357-2BC1-4C8D-8D3D-35C29BB597A5} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {711EE2F9-A611-4773-AF8E-D4B278A6718D} - System32\Tasks\Microsoft\Windows\CertificateServic esClient\AikCertEnrollTask Task: {724D6321-4E50-422D-B2E9-3599AB19F358} - System32\Tasks\{B97E3EC7-D5D9-4BC9-B5DD-D503F38F33E9} => Iexplore.exe http://ui.skype.com/ui/0/6.11.0.102/...page=tsInstall Task: {733B75F4-7039-465C-847F-5F1D8409F599} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2015-07-16] (Siber Systems) Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTas k Task: {744C9FEA-08B7-43E1-A729-0F94647D655C} - System32\Tasks\Microsoft\Windows\UpdateOrchestrato r\Resume On Boot => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation) Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance Task: {79C65C8E-594B-4938-ABEF-F12DFF61B9D6} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {7A003965-A297-4DC6-B15B-852D798391E0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrato r\Reboot => C:\WINDOWS\system32\MusNotification.exe [2015-08-03] (Microsoft Corporation) Task: {7AFDE0FC-6FC7-40AD-9056-A806053C14BC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandco ntent -> No File <==== ATTENTION Task: {7D38C117-9B5B-43F7-ABAD-2890F84A72B2} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe Task: {7DE4C07A-E515-47B1-B469-DDAF4335AA27} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe Task: {820DD3F3-E878-41AD-B0D4-E4690CDDAAF6} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe Task: {83BF9C45-186F-49FA-9BB1-3ACCA26E9BA6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.ex e [2015-06-19] (Hewlett-Packard) Task: {848DCC36-520C-4946-BF68-C7EFFEFA2F84} - System32\Tasks\Microsoft\Windows\UpdateOrchestrato r\USO_UxBroker_ReadyToReboot => C:\windows\system32\MusNotification.exe [2015-08-03] (Microsoft Corporation) Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows |
#11
|
||||
|
||||
Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-08-03] (Microsoft Corporation)
Task: {951C8DA0-32A3-4641-89E5-D7BAC0C50471} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe Task: {95B036C1-A727-45D4-ACB5-FC2036DBB32F} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {96A7DA7B-AA3C-4AD1-B0D1-FD52E566E114} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-06-24] (Hewlett-Packard) Task: {9D32DCD9-56E2-418A-ABD1-A276AF5ED4D0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {A05430D6-2E0F-4FA6-A3D6-2E31EB5091DD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {A364E297-00AD-490D-900E-22AC34598C71} - System32\Tasks\Microsoft\Windows\UpdateOrchestrato r\Maintenance Install => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation) Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager Task: {A5F97A5A-BD92-4D0C-A72B-A7191A4E4973} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe Task: {AC29E64E-3271-47BA-B8F1-914523CF379B} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Aut omatic App Update Task: {B9A43ED4-7027-410C-AC58-023F52EA22F8} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {B9B36D41-C776-424E-9A13-5387E17A2CEB} - System32\Tasks\Microsoft\Windows\WCM\WiFiTask => C:\Windows\System32\WiFiTask.exe [2015-07-10] (Microsoft Corporation) Task: {C2162702-FFEB-48C0-AA5F-2DA3A8887D61} - System32\Tasks\Microsoft\Windows\LanguageComponent sInstaller\Installation Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation) Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsA ctionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation) Task: {C9F0009A-2527-4A90-A2E1-CEA812FD2B4F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {CDF58855-52F0-44B0-97AB-EE7FCF0952EF} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {CE2E7612-B623-43C8-8BDA-31D7530BF076} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-26] (Google Inc.) Task: {D198CE42-ABBD-4D68-A4D3-4CEF3AA2A8A7} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {D2401052-A382-42DE-9C79-D1CF3563F654} - System32\Tasks\Microsoft\Windows\LanguageComponent sInstaller\Uninstallation Task: {DAF2BAE3-1C5B-4CB5-9F62-0911C031A15A} - System32\Tasks\Microsoft\Windows\DiskFootprint\Dia gnostics => C:\Windows\system32\disksnapshot.exe [2015-07-10] (Microsoft Corporation) Task: {DE451E62-BDD9-48DB-AB29-38AAB3DFE9FF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {DFF6A9A3-99FC-48F2-A0CD-D42114CC62DA} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe Task: {E020494F-E319-41E7-96DA-877C4F22FD87} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe Task: {E059D6EE-9B18-4221-B725-A0848E94A3A4} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {E5A0D9A4-0FD9-4589-BF9E-D96F21222605} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {E7FE5424-9932-4A1A-B289-B6E770DEF4DE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {EA3F661E-B31C-44A9-B40C-E3D5D56149D4} - System32\Tasks\Microsoft\Windows\UpdateOrchestrato r\USO_UxBroker_Display => C:\windows\system32\MusNotification.exe [2015-08-03] (Microsoft Corporation) Task: {EB5DAEDB-82BA-4A30-BC34-987171602C14} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.ex e [2015-06-19] (Hewlett-Packard) Task: {EDC3401F-E505-4FDE-B67A-0136D6929254} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company) Task: {EDD1A5B6-14E0-44ED-96C7-45E1F9151799} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company) Task: {EEC1CE26-7625-4791-9A76-F242C318B9CB} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {F8BAAFAE-7705-47B1-803D-D6B73A81D01D} - System32\Tasks\Go to RoboForm Install page => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html?aaa=KICMOMOJLJOMKJPMOJMMCNKMHMNJIMCNLMOJ OJNJCNGMLJLMIMCNKJHMLMNMNMLMOMLJIMOMOJKMJNJICMJMCN OMPMCNNMFMGMCNPMCNHMOMOMNMFMJMCNOMCNIMJMPMOMCNNMJN PICMPMFMEKMICNJJCKFMHMNMLMJNHICMOMPMKJIJMIJNBJCMLL AJBJOJDJLJPNDLGJPIGJBJMIEJGJJNKJCMLJAJBJFJAJPLMJAJ CJCJMIPIKJKJLJBNBJKJLIJNNICMJNDJCMKJBJ" Task: {FD644142-FF3E-47DA-BADF-4A31F679883E} - System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 => C:\Program Files\Bitdefender\Bitdefender 2015\bdproductdata.exe Task: {FD79E94B-475E-4329-8A2F-F78C31EA92F2} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\HPCeeScheduleForDon.job => 0x000A01002FA2CECB5B56F54ABD8CCE9BCA77BCF246002001 000000003C000A00200000000014730F000000000013040002 208021DF070800000009000D000A0000007A0000003C004300 3A005C00500072006F006700720061006D002000460069006C 00650073002000280078003800360029005C00480065007700 6C006500740074002D005000610063006B006100720064005C 004800500020004300650065006D0065006E0074005C004800 50004300450045002E0065007800650000001B004800500043 00650065005300630068006500640075006C00650046006F00 720044006F006E00200028006E0075006C006C002900000000 000B0044006F006E002D00500043005C0044006F006E000000 0000000008000000000000000000010030000000DF0708000D 000000000000000D000A00C0A8000068010000000000000000 0000010000000000000000000000 ==================== Loaded Modules (Whitelisted) ============== 2015-08-03 13:26 - 2015-08-03 13:26 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll 2015-08-04 14:31 - 2015-04-22 16:55 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll 2015-08-04 14:31 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll 2015-08-04 14:31 - 2015-07-28 19:06 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui 2015-08-04 14:31 - 2012-10-29 14:22 - 00152816 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdfwcore.dll 2015-08-04 14:31 - 2015-07-21 15:39 - 00876888 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpbr.mdl 2015-08-04 14:31 - 2015-07-21 15:39 - 00743000 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpdsp.mdl 2015-08-04 14:31 - 2015-07-21 15:39 - 02795272 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpph.mdl 2015-08-04 14:31 - 2015-07-21 15:39 - 01414048 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttprbl.mdl 2015-08-03 13:26 - 2015-08-03 13:26 - 00403968 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll 2015-08-05 13:53 - 2015-07-29 23:05 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-08-05 13:53 - 2015-07-29 23:05 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-07-10 03:59 - 2015-07-10 03:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2t xyewy\QuickActions.dll 2015-08-05 13:52 - 2015-08-01 18:37 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw 5n1h2txyewy\CortanaApi.dll 2015-07-10 04:00 - 2015-07-10 06:14 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw 5n1h2txyewy\Cortana.Core.dll 2015-08-05 13:52 - 2015-08-01 18:34 - 01806848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw 5n1h2txyewy\Cortana.BackgroundTask.dll 2015-08-05 13:52 - 2015-08-01 18:35 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw 5n1h2txyewy\RemindersUI.dll 2011-10-07 02:39 - 2011-10-07 02:39 - 01304856 _____ () C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll 2010-02-09 12:34 - 2010-02-09 12:34 - 01807680 _____ () C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe 2015-08-04 13:10 - 2015-08-04 13:11 - 07824896 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.8.3. 0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile .dll 2015-08-04 13:10 - 2015-08-04 13:11 - 02062336 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.8.3. 0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobil e.dll 2010-12-01 12:05 - 2010-07-21 08:33 - 00058688 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STCoreXml.dll 2010-12-01 12:05 - 2010-07-21 08:33 - 00128320 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll 2010-12-01 12:05 - 2010-07-21 08:33 - 00116032 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\PSTVdsDisk.dll 2015-08-07 03:40 - 2015-08-07 03:40 - 00170496 _____ () C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Isd iInterop\13711a764aa1f017ffa9f306e149169e\IsdiInte rop.ni.dll 2010-12-01 11:58 - 2010-03-03 19:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2009-04-09 16:04 - 2009-04-09 16:04 - 02141008 _____ () C:\Program Files (x86)\Logitech\Vid HD\QtCore4.dll 2009-03-03 15:17 - 2009-03-03 15:17 - 07704400 _____ () C:\Program Files (x86)\Logitech\Vid HD\QtGui4.dll 2009-04-22 14:53 - 2009-04-22 14:53 - 00969040 _____ () C:\Program Files (x86)\Logitech\Vid HD\QtNetwork4.dll 2009-03-03 15:17 - 2009-03-03 15:17 - 00475472 _____ () C:\Program Files (x86)\Logitech\Vid HD\QtOpenGL4.dll 2009-03-03 15:17 - 2009-03-03 15:17 - 00363856 _____ () C:\Program Files (x86)\Logitech\Vid HD\QtXml4.dll 2009-03-03 15:17 - 2009-03-03 15:17 - 00200016 _____ () C:\Program Files (x86)\Logitech\Vid HD\QtSql4.dll 2010-10-29 13:01 - 2010-10-29 13:01 - 00027472 _____ () C:\Program Files (x86)\Logitech\Vid HD\SDL.dll 2009-03-03 15:17 - 2009-03-03 15:17 - 11311952 _____ () C:\Program Files (x86)\Logitech\Vid HD\QtWebKit4.dll 2010-10-29 13:02 - 2010-10-29 13:02 - 00751616 _____ () C:\Program Files (x86)\Logitech\Vid HD\vpxmd.dll 2009-03-03 15:17 - 2009-03-03 15:17 - 00291664 _____ () C:\Program Files (x86)\Logitech\Vid HD\phonon4.dll 2009-03-03 15:18 - 2009-03-03 15:18 - 00029008 _____ () C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qgif4.dll 2009-03-03 15:18 - 2009-03-03 15:18 - 00035152 _____ () C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qico4.dll 2009-03-03 15:18 - 2009-03-03 15:18 - 00138064 _____ () C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qjpeg4.dll 2012-01-17 23:43 - 2012-01-17 23:43 - 00183320 _____ () C:\Program Files (x86)\Common Files\logishrd\SharedBin\LVAPI11.dll 2015-03-18 12:33 - 2007-02-16 20:01 - 00081920 _____ () C:\Program Files (x86)\FinePixViewer\wia_register_event.dll 2010-02-09 12:34 - 2010-02-09 12:34 - 00275776 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll 2010-02-09 12:34 - 2010-02-09 12:34 - 00058688 _____ () C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll 2010-02-09 12:34 - 2010-02-09 12:34 - 00095552 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll 2010-02-09 12:34 - 2010-02-09 12:34 - 00152896 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll 2010-02-09 12:34 - 2010-02-09 12:34 - 00017728 _____ () C:\Program Files (x86)\Dell DataSafe Online\cpputils.dll 2010-05-07 18:35 - 2010-05-07 18:35 - 02143576 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll 2010-05-07 18:35 - 2010-05-07 18:35 - 07954776 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll 2010-05-07 18:36 - 2010-05-07 18:36 - 00340824 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll 2010-05-07 18:37 - 2010-05-07 18:37 - 00027480 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll 2010-05-07 18:37 - 2010-05-07 18:37 - 00126808 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\VantagePoint.exe:AGC AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 AlternateDataStreams: C:\Users\Don\Desktop\Silverlight_x64.exe:BDU AlternateDataStreams: C:\Users\Don\Desktop\weekly.exe:BDU AlternateDataStreams: C:\Users\Don\Downloads\adwcleaner_3.213.exe:BDU AlternateDataStreams: C:\Users\Don\Downloads\adwcleaner_3.215.exe:BDU AlternateDataStreams: C:\Users\Don\Downloads\adwcleaner_4.203.exe:BDU AlternateDataStreams: C:\Users\Don\Downloads\jre-7u51-windows-x64.exe:BDU AlternateDataStreams: C:\Users\Don\Documents\exel spread sheet.eml:OECustomProperty ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\Ahcache.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\CoreMessagingRegistrar => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\StateRepository => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\TileDataModelSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\UserManager => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\Ahcache.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\CoreMessagingRegistrar => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\StateRepository => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\TileDataModelSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\UserManager => ""="Service" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\internet -> internet IE trusted site: HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\mcafee.com -> hxxp://mcafee.com IE trusted site: HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\mcafee.com -> hxxps://mcafee.com IE restricted site: HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-583441641-3973240248-463755501-1001\...\1-se.com -> 1-se.com There are 12532 more restricted sites. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-583441641-3973240248-463755501-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Don\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Photo Gallery Wallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is disabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^Users^Don^AppData^Roaming^Microsoft^Windows^Sta rt Menu^Programs^Startup^Dell Dock.lnk => C:\Windows\pss\Dell Dock.lnk.Startup MSCONFIG\startupreg: SDTray => MSCONFIG\startupreg: Spybot-S&D Cleaning => ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [{422AE72A-2312-45EC-BCB7-60B8DA1E8D5E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{8C8E4890-9075-4334-ABD3-481FFE97F5D4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{1763EECC-42F8-4C5C-9B37-E00200CFD101}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{1D34B3A0-E2B2-41A6-A025-1AEC0ADDC619}] => (Allow) LPort=5357 FirewallRules: [{1CD5D92A-ECE1-4903-BDD7-22938CD495E8}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\Bin\DeviceSetup.exe FirewallRules: [{46EAC1F4-462B-405F-BC44-E6854D7F1604}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\SendAFax.exe FirewallRules: [{76F565B3-C182-4540-BA46-72A2C2CF103C}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\DigitalWizards.exe FirewallRules: [{3AF5A967-0D1B-4D25-8240-A4078C48FDE2}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\FaxApplications.exe FirewallRules: [{4E3B2139-924E-48A8-A9F3-547FEAD8768A}] => (Allow) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe FirewallRules: [{580128DC-BCAB-46EA-8C24-E253C7BC3254}] => (Allow) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe FirewallRules: [UDP Query User{44823339-CF28-4006-8630-458A16074A94}E:\programmation\qtchat\release\qtcha t.exe] => (Allow) E:\programmation\qtchat\release\qtchat.exe FirewallRules: [TCP Query User{E37493F8-C5FE-44CF-BE19-A6D716132D7A}E:\programmation\qtchat\release\qtcha t.exe] => (Allow) E:\programmation\qtchat\release\qtchat.exe FirewallRules: [{740197B5-9B91-43DC-9448-5F2FAA99E4ED}] => (Allow) LPort=48113 FirewallRules: [{3733C92E-EC05-4014-B40F-9E9C9CEC76FE}] => (Allow) LPort=48113 FirewallRules: [{37E3F20F-DE20-4516-B208-CC46191BDD72}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{BC78E5A8-B111-4495-841E-1C21EF794D1A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{7C7EA60C-E8BB-4F59-9BD3-10E84C726DC0}] => (Block) C:\program files (x86)\netgear genie\bin\netgeargenie.exe FirewallRules: [{3B2E4062-6B08-465F-9029-58623D3C74A7}] => (Block) C:\program files (x86)\netgear genie\bin\netgeargenie.exe FirewallRules: [UDP Query User{AA9A2A52-4612-4496-9EAC-22DE510AA404}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe FirewallRules: [TCP Query User{3D82EBD8-B1A9-4BD8-A6DB-808E17F757EA}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe FirewallRules: [{AC028640-2CAE-418E-8F2A-970F7F6DAB35}] => (Allow) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe FirewallRules: [{E2486F18-2BF2-4A91-86CE-42EB6B8B875F}] => (Allow) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe FirewallRules: [{7B193622-5CF8-434F-86A4-DE7D89A51CB3}] => (Allow) LPort=1900 FirewallRules: [{AB699537-9E8D-4096-9C44-F673F3A71B22}] => (Allow) LPort=2869 FirewallRules: [{01B2C2E7-46AB-4773-ACEF-0B32CE2E1D4B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{52F494B0-6B00-483D-AA0D-A6B87B605A53}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe FirewallRules: [{28D55FD9-AEA0-4315-BA23-5E6741C8920C}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe FirewallRules: [{9B4EDB7B-CFC9-4D4C-BA67-9F910644EEBE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe FirewallRules: [{E0C4A7F8-F0AB-4591-A230-C3F5F8E9DDA3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe FirewallRules: [{6E311527-EEDE-4E9A-A340-FA387AFBB5A9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{39CB7F92-7BDD-4181-8DB0-D01F35A0DCF5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{EE52F6BA-8133-4E41-9C07-FAB6B62383F1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe FirewallRules: [{CBFC24C2-9867-4EC0-99A9-259F6193EDF3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe FirewallRules: [{648E49D5-34CC-42C8-8200-819B1A5A7EF0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe FirewallRules: [{74381A79-9189-4073-A8E0-88219BF9A77F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe FirewallRules: [{96108B2A-99FC-4BFA-8515-5AE45A701786}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe FirewallRules: [{83D303B9-8EEC-4919-A774-4988A387A16D}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe FirewallRules: [{8137F4CE-D595-4FD3-AD75-718343BD17DC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe |
#12
|
||||
|
||||
4FD3-AD75-718343BD17DC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{F8B97F15-C7E4-42C6-837E-A31D350A3EEF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe FirewallRules: [{E9150EEA-B160-4E8A-B06A-773B6B06D7BB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe FirewallRules: [{78AABA71-F240-4423-84C9-37A07247515B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{EAB61DC0-0F8C-464A-948D-29C325B0FD3F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{CC3078AE-A3A9-4A10-A5FE-898E52DE9869}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{F5881B40-8B48-42A6-BE8E-940549747099}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe FirewallRules: [{B795FEBA-B45D-4E8E-ADFC-579D7BEED293}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe FirewallRules: [{F2CE381D-C377-4834-B112-DE6A7616413D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe FirewallRules: [{9FC01689-C001-4FEF-939F-2A7DD97D1963}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe FirewallRules: [{02895E84-5A8D-4F72-B7FB-E83B84F19714}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe FirewallRules: [{26D8C11C-3C44-4F86-BB15-4B1FA901A12F}] => (Allow) svchost.exe FirewallRules: [{46678ECB-48F7-4FA4-B949-70A051450D9E}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{A66253D3-AF69-466B-8247-76A3065547D0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (08/10/2015 09:10:12 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: backgroundTaskHost.exe, version: 10.0.10240.16384, time stamp: 0x559f38c5 Faulting module name: twinapi.appcore.dll, version: 10.0.10240.16397, time stamp: 0x55af1390 Exception code: 0xc000027b Fault offset: 0x000000000006687f Faulting process id: 0x2038 Faulting application start time: 0xbackgroundTaskHost.exe0 Faulting application path: backgroundTaskHost.exe1 Faulting module path: backgroundTaskHost.exe2 Report Id: backgroundTaskHost.exe3 Faulting package full name: backgroundTaskHost.exe4 Faulting package-relative application ID: backgroundTaskHost.exe5 Error: (08/10/2015 08:50:27 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (08/10/2015 08:49:20 AM) (Source: Swapdrive Backup) (EventID: 0) (User: ) Description: Swapdrive Backup: Web Service Error: System.Net.WebException: Unable to connect to the remote server ---> System.Net.Sockets.SocketException: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 63.245.197.212:443 at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress) at System.Net.Sockets.Socket.InternalConnect(EndPoint remoteEP) at System.Net.ServicePoint.ConnectSocketInternal(Bool ean connectFailure, Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult asyncResult, Int32 timeout, Exception& exception) --- End of inner exception stack trace --- at System.Net.HttpWebRequest.GetRequestStream(Transpo rtContext& context) at System.Net.HttpWebRequest.GetRequestStream() at System.Web.Services.Protocols.SoapHttpClientProtoc ol.Invoke(String methodName, Object[] parameters) at Swapdrive.Shared.com.backup.uswsvcdell.Service.Get Info(GetInfoRequest req) at Swapdrive.Shared.ActivationWsvcs.GetInfo() Error: (08/09/2015 01:52:40 PM) (Source: ATIeRecord) (EventID: 16396) (User: ) Description: ATI EEU PnP start/stop failed Error: (08/09/2015 01:52:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Don-PC) Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (08/09/2015 01:52:35 PM) (Source: ATIeRecord) (EventID: 16396) (User: ) Description: ATI EEU PnP start/stop failed Error: (08/09/2015 01:10:52 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: backgroundTaskHost.exe, version: 10.0.10240.16384, time stamp: 0x559f38c5 Faulting module name: twinapi.appcore.dll, version: 10.0.10240.16397, time stamp: 0x55af1390 Exception code: 0xc000027b Fault offset: 0x000000000006687f Faulting process id: 0x22fc Faulting application start time: 0xbackgroundTaskHost.exe0 Faulting application path: backgroundTaskHost.exe1 Faulting module path: backgroundTaskHost.exe2 Report Id: backgroundTaskHost.exe3 Faulting package full name: backgroundTaskHost.exe4 Faulting package-relative application ID: backgroundTaskHost.exe5 Error: (08/09/2015 09:22:03 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: backgroundTaskHost.exe, version: 10.0.10240.16384, time stamp: 0x559f38c5 Faulting module name: twinapi.appcore.dll, version: 10.0.10240.16397, time stamp: 0x55af1390 Exception code: 0xc000027b Fault offset: 0x000000000006687f Faulting process id: 0x2620 Faulting application start time: 0xbackgroundTaskHost.exe0 Faulting application path: backgroundTaskHost.exe1 Faulting module path: backgroundTaskHost.exe2 Report Id: backgroundTaskHost.exe3 Faulting package full name: backgroundTaskHost.exe4 Faulting package-relative application ID: backgroundTaskHost.exe5 Error: (08/09/2015 09:22:01 AM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: The operation timed out Error: (08/09/2015 09:21:49 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: OHub.exe, version: 16.0.6106.2350, time stamp: 0x55c40ea1 Faulting module name: Mso30Imm.dll, version: 16.0.6014.1000, time stamp: 0x55a5783f Exception code: 0xc0000005 Fault offset: 0x0000000000012b70 Faulting process id: 0x1f8c Faulting application start time: 0xOHub.exe0 Faulting application path: OHub.exe1 Faulting module path: OHub.exe2 Report Id: OHub.exe3 Faulting package full name: OHub.exe4 Faulting package-relative application ID: OHub.exe5 System errors: ============= Error: (08/09/2015 01:52:37 PM) (Source: DCOM) (EventID: 10010) (User: Don-PC) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (08/09/2015 01:52:37 PM) (Source: DCOM) (EventID: 10010) (User: Don-PC) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (08/09/2015 01:52:37 PM) (Source: DCOM) (EventID: 10010) (User: Don-PC) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (08/09/2015 01:52:36 PM) (Source: DCOM) (EventID: 10010) (User: Don-PC) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (08/09/2015 01:52:36 PM) (Source: DCOM) (EventID: 10010) (User: Don-PC) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (08/09/2015 01:52:36 PM) (Source: DCOM) (EventID: 10010) (User: Don-PC) Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca Error: (08/09/2015 01:52:36 PM) (Source: DCOM) (EventID: 10010) (User: Don-PC) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (08/09/2015 01:52:36 PM) (Source: DCOM) (EventID: 10010) (User: Don-PC) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (08/09/2015 01:52:36 PM) (Source: DCOM) (EventID: 10010) (User: Don-PC) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (08/09/2015 01:52:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Access_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Microsoft Office: ========================= Error: (08/10/2015 09:10:12 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: backgroundTaskHost.exe10.0.10240.16384559f38c5twin api.appcore.dll10.0.10240.1639755af1390c000027b000 000000006687f203801d0d38706ab4b86C:\WINDOWS\system 32\backgroundTaskHost.exeC:\Windows\System32\twina pi.appcore.dlle323c8cb-b622-4e6e-9a93-207f01acaa10Microsoft.Windows.Photos_15.803.16240. 0_x64__8wekyb3d8bbweApp Error: (08/10/2015 08:50:27 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. Error: (08/10/2015 08:49:20 AM) (Source: Swapdrive Backup) (EventID: 0) (User: ) Description: Swapdrive Backup: Web Service Error: System.Net.WebException: Unable to connect to the remote server ---> System.Net.Sockets.SocketException: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 63.245.197.212:443 at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress) at System.Net.Sockets.Socket.InternalConnect(EndPoint remoteEP) at System.Net.ServicePoint.ConnectSocketInternal(Bool ean connectFailure, Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult asyncResult, Int32 timeout, Exception& exception) --- End of inner exception stack trace --- at System.Net.HttpWebRequest.GetRequestStream(Transpo rtContext& context) at System.Net.HttpWebRequest.GetRequestStream() at System.Web.Services.Protocols.SoapHttpClientProtoc ol.Invoke(String methodName, Object[] parameters) at Swapdrive.Shared.com.backup.uswsvcdell.Service.Get Info(GetInfoRequest req) at Swapdrive.Shared.ActivationWsvcs.GetInfo() Error: (08/09/2015 01:52:40 PM) (Source: ATIeRecord) (EventID: 16396) (User: ) Description: Error: (08/09/2015 01:52:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Don-PC) Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2144927141 Error: (08/09/2015 01:52:35 PM) (Source: ATIeRecord) (EventID: 16396) (User: ) Description: Error: (08/09/2015 01:10:52 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: backgroundTaskHost.exe10.0.10240.16384559f38c5twin api.appcore.dll10.0.10240.1639755af1390c000027b000 000000006687f22fc01d0d2df7b36d068C:\WINDOWS\system 32\backgroundTaskHost.exeC:\Windows\System32\twina pi.appcore.dll0ac212e7-a2c1-4149-892f-cc46e0bd0ed2Microsoft.Windows.Photos_15.803.16240. 0_x64__8wekyb3d8bbweApp Error: (08/09/2015 09:22:03 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: backgroundTaskHost.exe10.0.10240.16384559f38c5twin api.appcore.dll10.0.10240.1639755af1390c000027b000 000000006687f262001d0d2bf786fc199C:\WINDOWS\system 32\backgroundTaskHost.exeC:\Windows\System32\twina pi.appcore.dllda8ce4a4-19f6-4bf6-886d-dc0c5a29a5cbMicrosoft.Windows.Photos_15.803.16240. 0_x64__8wekyb3d8bbweApp Error: (08/09/2015 09:22:01 AM) (Source: CVHSVC) (EventID: 100) (User: ) Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: The operation timed out Error: (08/09/2015 09:21:49 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: OHub.exe16.0.6106.235055c40ea1Mso30Imm.dll16.0.601 4.100055a5783fc00000050000000000012b701f8c01d0d2bf 786fb5e2C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17. 6106.23501.0_x64__8wekyb3d8bbwe\OHub.exeC:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17. 6106.23501.0_x64__8wekyb3d8bbwe\Mso30Imm.dllc4f85d 66-5982-4034-9cea-ff5459f19181Microsoft.MicrosoftOfficeHub_17.6106.2 3501.0_x64__8wekyb3d8bbweMicrosoft.MicrosoftOffice Hub CodeIntegrity: =================================== Date: 2015-08-10 10:36:19.961 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-10 10:36:19.923 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-10 10:36:19.856 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-10 10:36:19.836 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-10 10:36:19.814 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-10 10:36:19.793 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-10 10:36:19.771 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-10 10:36:19.750 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-10 10:36:19.729 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-10 10:36:19.709 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7 CPU 930 @ 2.80GHz Percentage of memory in use: 24% Total physical RAM: 12278.92 MB Available physical RAM: 9244.36 MB Total Virtual: 24566.92 MB Available Virtual: 20632.31 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:920.59 GB) (Free:831.1 GB) NTFS Drive e: () (Removable) (Total:29.44 GB) (Free:29.44 GB) FAT32 ==================== MBR & Partition Table ================== ================================================== ====== Disk: 0 (Size: 931.5 GB) (Disk ID: 0FAA21D8) Partition 1: (Not Active) - (Size=39 MB) - (Type=DE) Partition 2: (Active) - (Size=10.9 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=920.6 GB) - (Type=07 NTFS) ================================================== ====== Disk: 1 (MBR Code: Windows XP) (Size: 29.5 GB) (Disk ID: 9EED5ABB) Partition 1: (Not Active) - (Size=29.4 GB) - (Type=0C) ==================== End of log ============================ |
#13
|
||||
|
||||
Please download AdwCleaner by Xplode onto your desktop.
|
#14
|
||||
|
||||
I already had AdwCleaner on the infected computer but because there isn't any internet connection updated files couldn't be downloaded before the scan.
# AdwCleaner v4.208 - Logfile created 12/08/2015 at 08:55:24 # Updated 09/07/2015 by Xplode # Database : 2015-07-09.2 [Local] # Operating system : Windows 10 Home (x64) # Username : Don - DON-PC # Running from : C:\Users\Don\Desktop\adwcleaner_4.208.exe # Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** File Found : C:\Users\Don\AppData\Roaming\WBPU-TTL.DAT ***** [ Scheduled tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Web browsers ] ***** -\\ Internet Explorer v11.0.10240.16412 -\\ Mozilla Firefox v39.0 (x86 en-US) -\\ Google Chrome v44.0.2403.130 ************************* AdwCleaner[R100].txt - [7879 bytes] - [18/06/2015 11:56:06] AdwCleaner[R101].txt - [7997 bytes] - [19/06/2015 09:55:22] AdwCleaner[R102].txt - [8179 bytes] - [24/06/2015 15:17:17] AdwCleaner[R103].txt - [8329 bytes] - [01/07/2015 10:51:04] AdwCleaner[R104].txt - [8304 bytes] - [09/07/2015 10:27:05] AdwCleaner[R105].txt - [8365 bytes] - [15/07/2015 16:26:57] AdwCleaner[R106].txt - [8427 bytes] - [22/07/2015 09:56:42] AdwCleaner[R107].txt - [8489 bytes] - [29/07/2015 11:27:37] AdwCleaner[R108].txt - [8616 bytes] - [05/08/2015 12:59:30] AdwCleaner[R109].txt - [8651 bytes] - [12/08/2015 08:40:12] AdwCleaner[R110].txt - [8712 bytes] - [12/08/2015 08:42:29] AdwCleaner[R111].txt - [8862 bytes] - [12/08/2015 08:54:16] AdwCleaner[R112].txt - [1420 bytes] - [12/08/2015 08:55:24] AdwCleaner[R31].txt - [912 bytes] - [06/01/2014 10:57:06] AdwCleaner[R32].txt - [1032 bytes] - [08/01/2014 16:00:30] AdwCleaner[R33].txt - [1155 bytes] - [09/01/2014 09:46:31] AdwCleaner[R34].txt - [1277 bytes] - [22/01/2014 12:45:21] AdwCleaner[R35].txt - [1401 bytes] - [29/01/2014 14:18:18] AdwCleaner[R36].txt - [1523 bytes] - [06/02/2014 11:44:03] AdwCleaner[R37].txt - [1645 bytes] - [12/02/2014 12:22:07] AdwCleaner[R38].txt - [1767 bytes] - [14/02/2014 14:00:50] AdwCleaner[R39].txt - [1889 bytes] - [26/02/2014 19:57:47] AdwCleaner[R40].txt - [2011 bytes] - [06/03/2014 13:04:01] AdwCleaner[R41].txt - [2133 bytes] - [15/03/2014 14:44:40] AdwCleaner[R42].txt - [2194 bytes] - [19/03/2014 19:47:53] AdwCleaner[R43].txt - [2255 bytes] - [27/03/2014 13:48:46] AdwCleaner[R44].txt - [2316 bytes] - [02/04/2014 14:23:41] AdwCleaner[R45].txt - [2457 bytes] - [10/04/2014 13:51:48] AdwCleaner[R46].txt - [2499 bytes] - [19/04/2014 10:51:17] AdwCleaner[R47].txt - [3720 bytes] - [01/05/2014 11:53:33] AdwCleaner[R48].txt - [2682 bytes] - [01/05/2014 11:58:44] AdwCleaner[R49].txt - [2889 bytes] - [07/05/2014 09:41:54] AdwCleaner[R50].txt - [3017 bytes] - [14/05/2014 10:54:35] AdwCleaner[R51].txt - [3133 bytes] - [21/05/2014 13:56:52] AdwCleaner[R52].txt - [3028 bytes] - [10/06/2014 10:22:11] AdwCleaner[R53].txt - [3322 bytes] - [18/06/2014 09:58:43] AdwCleaner[R54].txt - [3383 bytes] - [25/06/2014 09:10:18] AdwCleaner[R55].txt - [3505 bytes] - [02/07/2014 10:38:23] AdwCleaner[R56].txt - [3627 bytes] - [16/07/2014 09:15:21] AdwCleaner[R57].txt - [3745 bytes] - [23/07/2014 10:51:50] AdwCleaner[R58].txt - [4022 bytes] - [15/08/2014 15:15:02] AdwCleaner[R59].txt - [4164 bytes] - [04/09/2014 13:25:04] AdwCleaner[R60].txt - [4235 bytes] - [10/09/2014 10:52:32] AdwCleaner[R61].txt - [4413 bytes] - [17/09/2014 11:27:37] AdwCleaner[R62].txt - [4479 bytes] - [01/10/2014 10:33:01] AdwCleaner[R63].txt - [4514 bytes] - [10/10/2014 11:01:03] AdwCleaner[R64].txt - [4779 bytes] - [26/11/2014 10:46:59] AdwCleaner[R65].txt - [4987 bytes] - [02/12/2014 08:58:24] AdwCleaner[R66].txt - [5023 bytes] - [02/12/2014 09:28:30] AdwCleaner[R67].txt - [4700 bytes] - [02/12/2014 09:36:09] AdwCleaner[R68].txt - [4761 bytes] - [02/12/2014 09:42:22] AdwCleaner[R69].txt - [5328 bytes] - [04/12/2014 14:30:01] AdwCleaner[R70].txt - [5451 bytes] - [06/12/2014 12:11:39] AdwCleaner[R71].txt - [6975 bytes] - [17/12/2014 09:46:44] AdwCleaner[R72].txt - [5475 bytes] - [17/12/2014 09:52:39] AdwCleaner[R73].txt - [5470 bytes] - [17/12/2014 10:08:00] AdwCleaner[R74].txt - [5719 bytes] - [17/12/2014 10:12:02] AdwCleaner[R75].txt - [5841 bytes] - [17/12/2014 10:16:58] AdwCleaner[R76].txt - [5963 bytes] - [24/12/2014 10:06:30] AdwCleaner[R77].txt - [5798 bytes] - [24/12/2014 10:12:21] AdwCleaner[R78].txt - [6502 bytes] - [02/01/2015 10:58:36] AdwCleaner[R79].txt - [6267 bytes] - [07/01/2015 10:34:25] AdwCleaner[R80].txt - [6389 bytes] - [25/01/2015 12:20:20] AdwCleaner[R81].txt - [6511 bytes] - [04/02/2015 13:39:18] AdwCleaner[R82].txt - [6542 bytes] - [11/02/2015 10:28:12] AdwCleaner[R83].txt - [6662 bytes] - [19/02/2015 08:48:04] AdwCleaner[R84].txt - [6782 bytes] - [05/03/2015 09:18:59] AdwCleaner[R85].txt - [6842 bytes] - [10/03/2015 14:14:48] AdwCleaner[R86].txt - [7070 bytes] - [17/03/2015 12:34:00] AdwCleaner[R87].txt - [7082 bytes] - [26/03/2015 16:03:48] AdwCleaner[R88].txt - [18328 bytes] - [03/04/2015 13:35:00] AdwCleaner[R89].txt - [7039 bytes] - [08/04/2015 10:09:46] AdwCleaner[R90].txt - [7833 bytes] - [30/04/2015 14:26:15] AdwCleaner[R91].txt - [7219 bytes] - [30/04/2015 14:31:16] AdwCleaner[R92].txt - [7338 bytes] - [07/05/2015 15:58:00] AdwCleaner[R93].txt - [7338 bytes] - [07/05/2015 15:59:21] AdwCleaner[R94].txt - [7399 bytes] - [15/05/2015 13:23:38] AdwCleaner[R95].txt - [7459 bytes] - [20/05/2015 13:19:08] AdwCleaner[R96].txt - [7518 bytes] - [28/05/2015 15:31:32] AdwCleaner[R97].txt - [7578 bytes] - [04/06/2015 10:33:32] AdwCleaner[R98].txt - [7755 bytes] - [18/06/2015 10:36:49] AdwCleaner[R99].txt - [7819 bytes] - [18/06/2015 11:31:33] AdwCleaner[S27].txt - [973 bytes] - [06/01/2014 10:58:26] AdwCleaner[S28].txt - [1095 bytes] - [08/01/2014 16:01:33] AdwCleaner[S29].txt - [1218 bytes] - [09/01/2014 09:47:37] AdwCleaner[S30].txt - [1340 bytes] - [22/01/2014 12:46:46] AdwCleaner[S31].txt - [1463 bytes] - [29/01/2014 14:19:42] AdwCleaner[S32].txt - [1585 bytes] - [06/02/2014 11:45:18] AdwCleaner[S33].txt - [1707 bytes] - [12/02/2014 12:23:50] AdwCleaner[S34].txt - [1829 bytes] - [14/02/2014 14:02:09] AdwCleaner[S35].txt - [1951 bytes] - [26/02/2014 19:58:40] AdwCleaner[S36].txt - [2073 bytes] - [06/03/2014 13:04:46] AdwCleaner[S37].txt - [2521 bytes] - [10/04/2014 13:53:02] AdwCleaner[S38].txt - [3812 bytes] - [01/05/2014 11:54:50] AdwCleaner[S39].txt - [2955 bytes] - [07/05/2014 09:42:55] AdwCleaner[S40].txt - [3083 bytes] - [14/05/2014 10:55:35] AdwCleaner[S41].txt - [3199 bytes] - [21/05/2014 13:57:43] AdwCleaner[S42].txt - [3449 bytes] - [25/06/2014 09:11:15] AdwCleaner[S43].txt - [3571 bytes] - [02/07/2014 10:39:20] AdwCleaner[S44].txt - [3693 bytes] - [16/07/2014 09:16:11] AdwCleaner[S45].txt - [3811 bytes] - [23/07/2014 10:53:07] AdwCleaner[S46].txt - [4090 bytes] - [15/08/2014 15:15:54] AdwCleaner[S47].txt - [4232 bytes] - [04/09/2014 13:26:28] AdwCleaner[S48].txt - [4303 bytes] - [10/09/2014 10:53:52] AdwCleaner[S49].txt - [4483 bytes] - [17/09/2014 11:28:49] AdwCleaner[S50].txt - [4547 bytes] - [01/10/2014 10:33:45] AdwCleaner[S51].txt - [4580 bytes] - [10/10/2014 11:02:14] AdwCleaner[S52].txt - [4847 bytes] - [26/11/2014 10:48:25] AdwCleaner[S53].txt - [5059 bytes] - [02/12/2014 09:00:05] AdwCleaner[S54].txt - [5091 bytes] - [02/12/2014 09:31:57] AdwCleaner[S55].txt - [4823 bytes] - [02/12/2014 09:43:54] AdwCleaner[S56].txt - [5396 bytes] - [04/12/2014 14:31:23] AdwCleaner[S57].txt - [5519 bytes] - [06/12/2014 12:13:04] AdwCleaner[S58].txt - [7069 bytes] - [17/12/2014 09:48:47] AdwCleaner[S59].txt - [5541 bytes] - [17/12/2014 09:54:15] AdwCleaner[S60].txt - [5482 bytes] - [17/12/2014 10:09:42] AdwCleaner[S61].txt - [5785 bytes] - [17/12/2014 10:14:02] AdwCleaner[S62].txt - [6029 bytes] - [24/12/2014 10:08:09] AdwCleaner[S63].txt - [6572 bytes] - [02/01/2015 11:00:07] AdwCleaner[S64].txt - [6333 bytes] - [07/01/2015 10:36:00] AdwCleaner[S65].txt - [6455 bytes] - [25/01/2015 12:21:45] AdwCleaner[S66].txt - [6577 bytes] - [04/02/2015 13:41:29] AdwCleaner[S67].txt - [6613 bytes] - [11/02/2015 10:29:47] AdwCleaner[S68].txt - [6733 bytes] - [19/02/2015 14:17:00] AdwCleaner[S69].txt - [6913 bytes] - [10/03/2015 14:19:18] AdwCleaner[S70].txt - [7143 bytes] - [17/03/2015 12:35:30] AdwCleaner[S71].txt - [7153 bytes] - [26/03/2015 16:05:48] AdwCleaner[S72].txt - [7399 bytes] - [03/04/2015 13:36:37] AdwCleaner[S73].txt - [7838 bytes] - [30/04/2015 14:27:53] AdwCleaner[S74].txt - [7643 bytes] - [04/06/2015 10:34:13] AdwCleaner[S75].txt - [7822 bytes] - [18/06/2015 10:38:57] AdwCleaner[S76].txt - [8064 bytes] - [19/06/2015 09:56:48] AdwCleaner[S77].txt - [8246 bytes] - [24/06/2015 15:19:09] AdwCleaner[S78].txt - [8402 bytes] - [01/07/2015 10:53:21] AdwCleaner[S79].txt - [8682 bytes] - [05/08/2015 13:02:04] ########## EOF - C:\AdwCleaner\AdwCleaner[R112].txt - [8800 bytes] ########## |
#15
|
||||
|
||||
After cleaning and rebooting a txt file never showed. I checked program files and it showed it "roaming" and I couldn't access it I ran Adwcleaner again and it showed that it had been cleaned. After activating "show hidden files", temporary internet folder shows a "container.dat" file that is 0 kb in size. When I ran "disk cleaner" it showed the folder as 38 MB in size???? Here's the second AdwCleaner txt file. Thanks, Don
# AdwCleaner v4.208 - Logfile created 12/08/2015 at 09:31:58 # Updated 09/07/2015 by Xplode # Database : 2015-07-09.2 [Local] # Operating system : Windows 10 Home (x64) # Username : Don - DON-PC # Running from : C:\Users\Don\Desktop\adwcleaner_4.208.exe # Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Scheduled tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Web browsers ] ***** -\\ Internet Explorer v11.0.10240.16412 -\\ Mozilla Firefox v39.0 (x86 en-US) -\\ Google Chrome v44.0.2403.130 ************************* AdwCleaner[R100].txt - [7879 bytes] - [18/06/2015 11:56:06] AdwCleaner[R101].txt - [7997 bytes] - [19/06/2015 09:55:22] AdwCleaner[R102].txt - [8179 bytes] - [24/06/2015 15:17:17] AdwCleaner[R103].txt - [8329 bytes] - [01/07/2015 10:51:04] AdwCleaner[R104].txt - [8304 bytes] - [09/07/2015 10:27:05] AdwCleaner[R105].txt - [8365 bytes] - [15/07/2015 16:26:57] AdwCleaner[R106].txt - [8427 bytes] - [22/07/2015 09:56:42] AdwCleaner[R107].txt - [8489 bytes] - [29/07/2015 11:27:37] AdwCleaner[R108].txt - [8616 bytes] - [05/08/2015 12:59:30] AdwCleaner[R109].txt - [8651 bytes] - [12/08/2015 08:40:12] AdwCleaner[R110].txt - [8712 bytes] - [12/08/2015 08:42:29] AdwCleaner[R111].txt - [8862 bytes] - [12/08/2015 08:54:16] AdwCleaner[R112].txt - [8881 bytes] - [12/08/2015 08:55:24] AdwCleaner[R113].txt - [8942 bytes] - [12/08/2015 09:18:20] AdwCleaner[R114].txt - [1486 bytes] - [12/08/2015 09:31:58] AdwCleaner[R31].txt - [912 bytes] - [06/01/2014 10:57:06] AdwCleaner[R32].txt - [1032 bytes] - [08/01/2014 16:00:30] AdwCleaner[R33].txt - [1155 bytes] - [09/01/2014 09:46:31] AdwCleaner[R34].txt - [1277 bytes] - [22/01/2014 12:45:21] AdwCleaner[R35].txt - [1401 bytes] - [29/01/2014 14:18:18] AdwCleaner[R36].txt - [1523 bytes] - [06/02/2014 11:44:03] AdwCleaner[R37].txt - [1645 bytes] - [12/02/2014 12:22:07] AdwCleaner[R38].txt - [1767 bytes] - [14/02/2014 14:00:50] AdwCleaner[R39].txt - [1889 bytes] - [26/02/2014 19:57:47] AdwCleaner[R40].txt - [2011 bytes] - [06/03/2014 13:04:01] AdwCleaner[R41].txt - [2133 bytes] - [15/03/2014 14:44:40] AdwCleaner[R42].txt - [2194 bytes] - [19/03/2014 19:47:53] AdwCleaner[R43].txt - [2255 bytes] - [27/03/2014 13:48:46] AdwCleaner[R44].txt - [2316 bytes] - [02/04/2014 14:23:41] AdwCleaner[R45].txt - [2457 bytes] - [10/04/2014 13:51:48] AdwCleaner[R46].txt - [2499 bytes] - [19/04/2014 10:51:17] AdwCleaner[R47].txt - [3720 bytes] - [01/05/2014 11:53:33] AdwCleaner[R48].txt - [2682 bytes] - [01/05/2014 11:58:44] AdwCleaner[R49].txt - [2889 bytes] - [07/05/2014 09:41:54] AdwCleaner[R50].txt - [3017 bytes] - [14/05/2014 10:54:35] AdwCleaner[R51].txt - [3133 bytes] - [21/05/2014 13:56:52] AdwCleaner[R52].txt - [3028 bytes] - [10/06/2014 10:22:11] AdwCleaner[R53].txt - [3322 bytes] - [18/06/2014 09:58:43] AdwCleaner[R54].txt - [3383 bytes] - [25/06/2014 09:10:18] AdwCleaner[R55].txt - [3505 bytes] - [02/07/2014 10:38:23] AdwCleaner[R56].txt - [3627 bytes] - [16/07/2014 09:15:21] AdwCleaner[R57].txt - [3745 bytes] - [23/07/2014 10:51:50] AdwCleaner[R58].txt - [4022 bytes] - [15/08/2014 15:15:02] AdwCleaner[R59].txt - [4164 bytes] - [04/09/2014 13:25:04] AdwCleaner[R60].txt - [4235 bytes] - [10/09/2014 10:52:32] AdwCleaner[R61].txt - [4413 bytes] - [17/09/2014 11:27:37] AdwCleaner[R62].txt - [4479 bytes] - [01/10/2014 10:33:01] AdwCleaner[R63].txt - [4514 bytes] - [10/10/2014 11:01:03] AdwCleaner[R64].txt - [4779 bytes] - [26/11/2014 10:46:59] AdwCleaner[R65].txt - [4987 bytes] - [02/12/2014 08:58:24] AdwCleaner[R66].txt - [5023 bytes] - [02/12/2014 09:28:30] AdwCleaner[R67].txt - [4700 bytes] - [02/12/2014 09:36:09] AdwCleaner[R68].txt - [4761 bytes] - [02/12/2014 09:42:22] AdwCleaner[R69].txt - [5328 bytes] - [04/12/2014 14:30:01] AdwCleaner[R70].txt - [5451 bytes] - [06/12/2014 12:11:39] AdwCleaner[R71].txt - [6975 bytes] - [17/12/2014 09:46:44] AdwCleaner[R72].txt - [5475 bytes] - [17/12/2014 09:52:39] AdwCleaner[R73].txt - [5470 bytes] - [17/12/2014 10:08:00] AdwCleaner[R74].txt - [5719 bytes] - [17/12/2014 10:12:02] AdwCleaner[R75].txt - [5841 bytes] - [17/12/2014 10:16:58] AdwCleaner[R76].txt - [5963 bytes] - [24/12/2014 10:06:30] AdwCleaner[R77].txt - [5798 bytes] - [24/12/2014 10:12:21] AdwCleaner[R78].txt - [6502 bytes] - [02/01/2015 10:58:36] AdwCleaner[R79].txt - [6267 bytes] - [07/01/2015 10:34:25] AdwCleaner[R80].txt - [6389 bytes] - [25/01/2015 12:20:20] AdwCleaner[R81].txt - [6511 bytes] - [04/02/2015 13:39:18] AdwCleaner[R82].txt - [6542 bytes] - [11/02/2015 10:28:12] AdwCleaner[R83].txt - [6662 bytes] - [19/02/2015 08:48:04] AdwCleaner[R84].txt - [6782 bytes] - [05/03/2015 09:18:59] AdwCleaner[R85].txt - [6842 bytes] - [10/03/2015 14:14:48] AdwCleaner[R86].txt - [7070 bytes] - [17/03/2015 12:34:00] AdwCleaner[R87].txt - [7082 bytes] - [26/03/2015 16:03:48] AdwCleaner[R88].txt - [18328 bytes] - [03/04/2015 13:35:00] AdwCleaner[R89].txt - [7039 bytes] - [08/04/2015 10:09:46] AdwCleaner[R90].txt - [7833 bytes] - [30/04/2015 14:26:15] AdwCleaner[R91].txt - [7219 bytes] - [30/04/2015 14:31:16] AdwCleaner[R92].txt - [7338 bytes] - [07/05/2015 15:58:00] AdwCleaner[R93].txt - [7338 bytes] - [07/05/2015 15:59:21] AdwCleaner[R94].txt - [7399 bytes] - [15/05/2015 13:23:38] AdwCleaner[R95].txt - [7459 bytes] - [20/05/2015 13:19:08] AdwCleaner[R96].txt - [7518 bytes] - [28/05/2015 15:31:32] AdwCleaner[R97].txt - [7578 bytes] - [04/06/2015 10:33:32] AdwCleaner[R98].txt - [7755 bytes] - [18/06/2015 10:36:49] AdwCleaner[R99].txt - [7819 bytes] - [18/06/2015 11:31:33] AdwCleaner[S27].txt - [973 bytes] - [06/01/2014 10:58:26] AdwCleaner[S28].txt - [1095 bytes] - [08/01/2014 16:01:33] AdwCleaner[S29].txt - [1218 bytes] - [09/01/2014 09:47:37] AdwCleaner[S30].txt - [1340 bytes] - [22/01/2014 12:46:46] AdwCleaner[S31].txt - [1463 bytes] - [29/01/2014 14:19:42] AdwCleaner[S32].txt - [1585 bytes] - [06/02/2014 11:45:18] AdwCleaner[S33].txt - [1707 bytes] - [12/02/2014 12:23:50] AdwCleaner[S34].txt - [1829 bytes] - [14/02/2014 14:02:09] AdwCleaner[S35].txt - [1951 bytes] - [26/02/2014 19:58:40] AdwCleaner[S36].txt - [2073 bytes] - [06/03/2014 13:04:46] AdwCleaner[S37].txt - [2521 bytes] - [10/04/2014 13:53:02] AdwCleaner[S38].txt - [3812 bytes] - [01/05/2014 11:54:50] AdwCleaner[S39].txt - [2955 bytes] - [07/05/2014 09:42:55] AdwCleaner[S40].txt - [3083 bytes] - [14/05/2014 10:55:35] AdwCleaner[S41].txt - [3199 bytes] - [21/05/2014 13:57:43] AdwCleaner[S42].txt - [3449 bytes] - [25/06/2014 09:11:15] AdwCleaner[S43].txt - [3571 bytes] - [02/07/2014 10:39:20] AdwCleaner[S44].txt - [3693 bytes] - [16/07/2014 09:16:11] AdwCleaner[S45].txt - [3811 bytes] - [23/07/2014 10:53:07] AdwCleaner[S46].txt - [4090 bytes] - [15/08/2014 15:15:54] AdwCleaner[S47].txt - [4232 bytes] - [04/09/2014 13:26:28] AdwCleaner[S48].txt - [4303 bytes] - [10/09/2014 10:53:52] AdwCleaner[S49].txt - [4483 bytes] - [17/09/2014 11:28:49] AdwCleaner[S50].txt - [4547 bytes] - [01/10/2014 10:33:45] AdwCleaner[S51].txt - [4580 bytes] - [10/10/2014 11:02:14] AdwCleaner[S52].txt - [4847 bytes] - [26/11/2014 10:48:25] AdwCleaner[S53].txt - [5059 bytes] - [02/12/2014 09:00:05] AdwCleaner[S54].txt - [5091 bytes] - [02/12/2014 09:31:57] AdwCleaner[S55].txt - [4823 bytes] - [02/12/2014 09:43:54] AdwCleaner[S56].txt - [5396 bytes] - [04/12/2014 14:31:23] AdwCleaner[S57].txt - [5519 bytes] - [06/12/2014 12:13:04] AdwCleaner[S58].txt - [7069 bytes] - [17/12/2014 09:48:47] AdwCleaner[S59].txt - [5541 bytes] - [17/12/2014 09:54:15] AdwCleaner[S60].txt - [5482 bytes] - [17/12/2014 10:09:42] AdwCleaner[S61].txt - [5785 bytes] - [17/12/2014 10:14:02] AdwCleaner[S62].txt - [6029 bytes] - [24/12/2014 10:08:09] AdwCleaner[S63].txt - [6572 bytes] - [02/01/2015 11:00:07] AdwCleaner[S64].txt - [6333 bytes] - [07/01/2015 10:36:00] AdwCleaner[S65].txt - [6455 bytes] - [25/01/2015 12:21:45] AdwCleaner[S66].txt - [6577 bytes] - [04/02/2015 13:41:29] AdwCleaner[S67].txt - [6613 bytes] - [11/02/2015 10:29:47] AdwCleaner[S68].txt - [6733 bytes] - [19/02/2015 14:17:00] AdwCleaner[S69].txt - [6913 bytes] - [10/03/2015 14:19:18] AdwCleaner[S70].txt - [7143 bytes] - [17/03/2015 12:35:30] AdwCleaner[S71].txt - [7153 bytes] - [26/03/2015 16:05:48] AdwCleaner[S72].txt - [7399 bytes] - [03/04/2015 13:36:37] AdwCleaner[S73].txt - [7838 bytes] - [30/04/2015 14:27:53] AdwCleaner[S74].txt - [7643 bytes] - [04/06/2015 10:34:13] AdwCleaner[S75].txt - [7822 bytes] - [18/06/2015 10:38:57] AdwCleaner[S76].txt - [8064 bytes] - [19/06/2015 09:56:48] AdwCleaner[S77].txt - [8246 bytes] - [24/06/2015 15:19:09] AdwCleaner[S78].txt - [8402 bytes] - [01/07/2015 10:53:21] AdwCleaner[S79].txt - [8682 bytes] - [05/08/2015 13:02:04] AdwCleaner[S80].txt - [663 bytes] - [12/08/2015 09:20:32] ########## EOF - C:\AdwCleaner\AdwCleaner[R114].txt - [8925 bytes] ########## |
Bookmarks |
«
Previous Topic
|
Next Topic
»
Topic Tools | |
|
|
Similar Topics | ||||
Topic | Topic Starter | Forum | Replies | Last Post |
duplicates files (Moved from malware forum) | icsd71 | Applications | 0 | June 27th, 2016 09:38 PM |
Which Is The Best AntiVirus (moved from Malware Removal Forum) | MEGA14 | Applications | 3 | November 14th, 2009 08:28 AM |
FRUSTRATING Internet Problem [moved from Cyber Safety Forum] | WaterHealer | Networking | 54 | January 7th, 2009 12:41 AM |
Wireless Internet Connection Setup? (moved from Internet Forum) | adnan.sharif | Networking | 0 | December 17th, 2008 08:20 AM |
Malware (Moved from Cyber Safety Forum) | bit | Applications | 3 | October 13th, 2008 05:48 AM |
All times are GMT +1. The time now is 03:02 AM.