Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-06-2016 01
Ran by Administrator 1 (administrator) on ME-PC (22-06-2016 22:26:57)
Running from C:\Users\Administrator 1\Desktop
Loaded Profiles: Me & Administrator 1 & WOUTempAdmin & Guest & Classic .NET AppPool & DefaultAppPool (Available Profiles: Me & Administrator 1 & WOUTempAdmin & Guest & Classic .NET AppPool & DefaultAppPool)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: [URL="http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/"]FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials[/URL]
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
() C:\Program Files (x86)\Blaze Media Pro\NMSAccess32.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\mqtgsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech, Inc.) C:\Program Files\Logitech\FlowScroll\KhalScroll.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Users\Administrator 1\Downloads\msert.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818800 2014-08-25] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13774040 2015-03-23] (Realtek Semiconductor)
HKLM\...\Run: [LogiScrollApp] => C:\Program Files\Logitech\FlowScroll\KhalScroll.exe [166680 2012-02-08] (Logitech, Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15003256 2015-09-19] (Logitech Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [85600 2013-12-12] (Nullsoft, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1965651932-3507908794-2345626874-1000\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe [30720 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-1965651932-3507908794-2345626874-1003\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-1965651932-3507908794-2345626874-1003\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-1965651932-3507908794-2345626874-1009\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516096 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-1965651932-3507908794-2345626874-1009\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-1965651932-3507908794-2345626874-1009\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe [30720 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-1965651932-3507908794-2345626874-501\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516096 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-1965651932-3507908794-2345626874-501\...\Policies\Explorer: [NoBandCustomize] 0
HKU\S-1-5-21-1965651932-3507908794-2345626874-501\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-1965651932-3507908794-2345626874-501\...\Policies\Explorer: [RestrictRun] 0
HKU\S-1-5-21-1965651932-3507908794-2345626874-501\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe [30720 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-82-1036420768-1044797643-1061213386-2937092688-4282445334\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516096 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-82-1036420768-1044797643-1061213386-2937092688-4282445334\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe [30720 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516096 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe [30720 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-18\...\Policies\system: [NoAdminPage] 0
ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]
ShellExecuteHooks-x32: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2E8CE929-0F8D-41E0-9F1D-F2BB08560D3E}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1965651932-3507908794-2345626874-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1965651932-3507908794-2345626874-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1965651932-3507908794-2345626874-1009\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1965651932-3507908794-2345626874-501\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-82-1036420768-1044797643-1061213386-2937092688-4282445334\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://[URL="http://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA"]www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA[/URL]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://[URL="http://www.google.com"]www.google.com[/URL]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://[URL="http://www.google.com"]www.google.com[/URL]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://[URL="http://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA"]www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA[/URL]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://[URL="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"]www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch[/URL]
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://[URL="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome"]www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome[/URL]
HKU\S-1-5-21-1965651932-3507908794-2345626874-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
HKU\S-1-5-21-1965651932-3507908794-2345626874-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://[URL="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"]www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch[/URL]
HKU\S-1-5-21-1965651932-3507908794-2345626874-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE09&ocid=UE09DHP
HKU\S-1-5-21-1965651932-3507908794-2345626874-1009\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://[URL="http://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA"]www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA[/URL]
HKU\S-1-5-21-1965651932-3507908794-2345626874-501\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://[URL="http://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA"]www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA[/URL]
HKU\S-1-5-21-1965651932-3507908794-2345626874-501\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
HKU\S-1-5-21-1965651932-3507908794-2345626874-501\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1me10IE11ENUS/WOL_WCP
HKU\S-1-5-21-1965651932-3507908794-2345626874-501\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://[URL="http://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA"]www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA[/URL]
SearchScopes: HKLM -> DefaultScope {86EE1317-27B5-4DE0-A8C2-2F505B915BCF} URL = hxxp://[URL="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA"]www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA[/URL]
SearchScopes: HKLM -> {86EE1317-27B5-4DE0-A8C2-2F505B915BCF} URL = hxxp://[URL="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA"]www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA[/URL]
SearchScopes: HKLM-x32 -> DefaultScope {86EE1317-27B5-4DE0-A8C2-2F505B915BCF} URL = hxxp://[URL="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA"]www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA[/URL]
SearchScopes: HKLM-x32 -> {86EE1317-27B5-4DE0-A8C2-2F505B915BCF} URL = hxxp://[URL="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA"]www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA[/URL]
SearchScopes: HKU\S-1-5-21-1965651932-3507908794-2345626874-1000 -> {EF641CB9-A500-480E-ABFC-370E51010B2B} URL = hxxps://search.yahoo.com/search?p={searchTerms}&b={startPage?}&fr=ie8
SearchScopes: HKU\S-1-5-21-1965651932-3507908794-2345626874-1009 -> {01D045E4-EFC1-427C-86D1-25D5F1841A99} URL =
SearchScopes: HKU\S-1-5-21-1965651932-3507908794-2345626874-1009 -> {792B6456-FB40-4F4B-BEAD-8C167F1D40B1} URL =
SearchScopes: HKU\S-1-5-21-1965651932-3507908794-2345626874-1009 -> {EF641CB9-A500-480E-ABFC-370E51010B2B} URL = hxxps://search.yahoo.com/search?p={searchTerms}&b={startPage?}&fr=ie8
SearchScopes: HKU\S-1-5-21-1965651932-3507908794-2345626874-501 -> {EF641CB9-A500-480E-ABFC-370E51010B2B} URL = hxxps://search.yahoo.com/search?p={searchTerms}&b={startPage?}&fr=ie8
SearchScopes: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKU\S-1-5-21-1965651932-3507908794-2345626874-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-1965651932-3507908794-2345626874-501 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2016-01-04] (Belarc, Inc.)
FireFox:
========
FF ProfilePath: C:\Users\Administrator 1\AppData\Roaming\Mozilla\Firefox\Profiles\8faqmhbu.default
FF NewTab: about:home
FF DefaultSearchEngine: Bing
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: user_pref("browser.startup.homepage", "about:home"about:home);
FF Keyword.URL: hxxp://[URL="http://www.bing.com/search?FORM=U270DF&PC=U270&q="]www.bing.com/search?FORM=U270DF&PC=U270&q=[/URL]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-07] (Google Inc.)
FF SearchPlugin: C:\Users\Administrator 1\AppData\Roaming\Mozilla\Firefox\Profiles\8faqmhbu.default\searchplugins\bing-.xml [2015-12-14]
FF Extension: Bing Search - C:\Users\Administrator 1\AppData\Roaming\Mozilla\Firefox\Profiles\8faqmhbu.default\Extensions\bingsearch.full@microsoft.com.xpi [2015-12-14]
FF HKLM-x32\...\Firefox\Extensions: [{5D3F3872-91E9-4d59-AD9F-AA174A3145DD}] - C:\Program Files\Logitech\FlowScroll\LogiSmoothFirefoxExt
FF Extension: Logitech Flow Scroll - C:\Program Files\Logitech\FlowScroll\LogiSmoothFirefoxExt [2015-12-14] [not signed]
Chrome:
=======
CHR Profile: C:\Users\Administrator 1\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Administrator 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-04]
CHR Extension: (Google Docs) - C:\Users\Administrator 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-04]
CHR Extension: (Google Drive) - C:\Users\Administrator 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-04]
CHR Extension: (YouTube) - C:\Users\Administrator 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-04]
CHR Extension: (Google Sheets) - C:\Users\Administrator 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-04]
CHR Extension: (Google Docs Offline) - C:\Users\Administrator 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Administrator 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-04]
CHR Extension: (OneClick Cleaner for Chrome) - C:\Users\Administrator 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\oncckmaelaecccmaniihojgeopkcajfh [2016-06-22]
CHR Extension: (Gmail) - C:\Users\Administrator 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-04]
Opera:
=======
OPR Session Restore: -> is enabled.
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
R2 ftpsvc; C:\Windows\system32\inetsrv\ftpsvc.dll [350720 2012-06-01] (Microsoft Corporation)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-20] (Microsoft Corporation)
S3 InnovativeSolutions_monitor; C:\Program Files (x86)\Common Files\Innovative Solutions\Advanced Uninstaller\InnovativeSolutions_monitor_Svr.exe [1065496 2016-06-17] ()
R2 iprip; C:\Windows\System32\iprip.dll [35328 2009-07-13] (Microsoft Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [192120 2015-09-19] (Logitech Inc.)
R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-13] (Microsoft Corporation)
R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [189440 2010-11-20] (Microsoft Corporation)
R2 NMSAccess; C:\Program Files (x86)\Blaze Media Pro\NMSAccess32.exe [71096 2009-01-12] ()
R2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-20] (Microsoft Corporation)
R2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-20] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [191728 2014-08-25] (Synaptics Incorporated)
S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [81920 2009-07-13] (Microsoft Corporation)
S3 TOSHIBA HDD SSD Alert Service; C:\Program Files (x86)\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [111960 2009-08-03] (TOSHIBA Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 WMSVC; C:\Windows\system32\inetsrv\wmsvc.exe [10752 2009-07-13] (Microsoft Corporation)
S2 Razer Game Scanner Service; no ImagePath
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
S3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S3 libwasys; C:\Windows\System32\DRIVERS\libwasys.sys [28464 2016-06-04] ()
R1 MpKsld8615e31; C:\Windows\Temp\MpKsld8615e31.sys [44928 2016-06-22] (Microsoft Corporation)
S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [19456 2012-08-23] (Microsoft Corporation) [File not signed]
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-09-22] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [130880 2015-12-14] (Razer, Inc.)
S3 S6000KNT; C:\Windows\System32\Drivers\S6000KNT.sys [190232 2015-03-23] (Windows (R) Win 7 DDK provider)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [31472 2014-08-25] (Synaptics Incorporated)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [485512 2016-04-28] (BitDefender S.R.L.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-22 22:22 - 2016-06-22 22:22 - 03703360 _____ C:\Users\Administrator 1\Desktop\adwcleaner_5.200.exe
2016-06-22 22:22 - 2016-06-22 22:22 - 03703360 _____ C:\Users\Administrator 1\Desktop\adwcleaner_5.200 (1).exe
2016-06-22 21:56 - 2016-06-22 22:26 - 00021587 _____ C:\Users\Administrator 1\Desktop\FRST.txt
2016-06-22 21:52 - 2016-06-22 21:53 - 02387456 _____ (Farbar) C:\Users\Administrator 1\Desktop\FRST64.exe
2016-06-22 21:40 - 2016-06-22 21:40 - 04291320 _____ (BrightFort LLC ) C:\Users\Administrator 1\Downloads\spywareblastersetup55.exe
2016-06-22 21:36 - 2016-06-22 21:37 - 139855128 _____ (Microsoft Corporation) C:\Users\Administrator 1\Downloads\msert.exe
2016-06-22 21:32 - 2016-06-22 21:32 - 00000000 ____D C:\Users\Administrator 1\Desktop\backups
2016-06-22 21:29 - 2016-06-22 21:29 - 00023083 _____ C:\Users\Administrator 1\Desktop\dds.txt
2016-06-22 21:27 - 2016-06-22 21:27 - 00688992 ____R (Swearware) C:\Users\Administrator 1\Downloads\dds.com
2016-06-22 21:27 - 2016-06-22 21:27 - 00688992 _____ (Swearware) C:\Users\Administrator 1\Downloads\dds.scr
2016-06-22 21:27 - 2016-06-22 21:27 - 00688992 _____ (Swearware) C:\Users\Administrator 1\Downloads\dds.exe
2016-06-22 20:42 - 2016-06-22 20:43 - 00033546 _____ C:\Users\Administrator 1\Downloads\MTB.txt
2016-06-22 20:41 - 2016-06-22 20:41 - 00892416 _____ (Farbar) C:\Users\Administrator 1\Downloads\MiniToolBox.exe
2016-06-22 18:59 - 2016-06-22 18:59 - 00001787 _____ C:\Users\Administrator 1\Downloads\fixlist.txt
2016-06-22 18:57 - 2016-06-22 20:05 - 00000000 ____D C:\ProgramData\HitmanPro
2016-06-22 18:56 - 2016-06-22 20:39 - 00000000 ____D C:\ProgramData\RogueKiller
2016-06-22 18:22 - 2016-06-22 18:22 - 00001200 _____ C:\Users\Administrator 1\Downloads\Fixlog.txt
2016-06-22 18:20 - 2016-06-22 18:22 - 00001344 _____ C:\Users\Administrator 1\Desktop\fixtext.txt
2016-06-22 18:09 - 2016-06-22 20:31 - 00036268 _____ C:\Users\Administrator 1\Downloads\Addition.txt
2016-06-22 18:08 - 2016-06-22 20:31 - 00064236 _____ C:\Users\Administrator 1\Downloads\FRST.txt
2016-06-22 16:42 - 2011-06-26 01:45 - 00256000 _____ C:\Windows\PEV.exe
2016-06-22 16:42 - 2010-11-07 12:20 - 00208896 _____ C:\Windows\MBR.exe
2016-06-22 16:42 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-06-22 16:42 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-06-22 16:42 - 2000-08-30 19:00 - 00098816 _____ C:\Windows\sed.exe
2016-06-22 16:42 - 2000-08-30 19:00 - 00080412 _____ C:\Windows\grep.exe
2016-06-22 16:42 - 2000-08-30 19:00 - 00068096 _____ C:\Windows\zip.exe
2016-06-22 16:41 - 2016-06-22 16:41 - 00000000 ____D C:\Qoobox
2016-06-22 16:37 - 2016-06-22 16:37 - 02387456 _____ (Farbar) C:\Users\Administrator 1\Downloads\FRST64.exe
2016-06-22 16:36 - 2016-06-22 18:25 - 00001787 _____ C:\Users\Administrator 1\Downloads\fixlist (1).txt
2016-06-22 15:53 - 2016-06-22 15:53 - 00000000 ____D C:\Users\Administrator 1\Downloads\mbrfix
2016-06-22 15:52 - 2016-06-22 15:52 - 00138820 _____ C:\Users\Administrator 1\Downloads\mbrfix.zip
2016-06-22 15:52 - 2016-06-22 15:52 - 00138820 _____ C:\Users\Administrator 1\Downloads\mbrfix (1).zip
2016-06-22 15:52 - 2016-06-22 15:52 - 00000000 ____D C:\Users\Administrator 1\Downloads\mbrfix (1)
2016-06-22 15:46 - 2016-06-22 16:19 - 00001711 _____ C:\Users\Administrator 1\Desktop\firsttext.txt
2016-06-22 14:48 - 2016-06-22 14:48 - 00000000 ____D C:\Users\Administrator 1\AppData\Local\NPE
2016-06-22 14:47 - 2016-06-22 14:47 - 00001676 _____ C:\Users\Administrator 1\Desktop\Fixlog.txt
2016-06-22 12:21 - 2016-06-22 12:21 - 00000000 ____D C:\Users\Administrator 1\AppData\Roaming\Adobe
2016-06-22 12:16 - 2016-06-22 12:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Uninstaller PRO
2016-06-22 12:00 - 2016-06-22 12:16 - 00001700 _____ C:\Users\Administrator 1\Desktop\Advanced Uninstaller PRO 12.lnk
2016-06-22 12:00 - 2016-06-22 12:00 - 00000000 ____D C:\ProgramData\Innovative Solutions
2016-06-22 11:59 - 2016-06-22 12:00 - 00000000 ____D C:\Users\Administrator 1\AppData\Local\Innovative Solutions
2016-06-22 11:59 - 2016-06-22 11:59 - 00000000 ____D C:\Program Files (x86)\Innovative Solutions
2016-06-22 09:56 - 2016-06-22 11:32 - 00541087 _____ C:\Windows\ZAM_Guard.krnl.trace
2016-06-22 09:56 - 2016-06-22 11:01 - 03909974 _____ C:\Windows\ZAM.krnl.trace
2016-06-22 09:42 - 2016-06-22 14:55 - 00035385 _____ C:\Users\Administrator 1\Desktop\Addition.txt
2016-06-22 09:29 - 2016-06-22 22:26 - 00000000 ____D C:\FRST
2016-06-21 22:57 - 2016-06-21 22:57 - 00000000 ____D C:\SpybotBootCD
2016-06-21 22:51 - 2016-06-21 22:51 - 01203312 _____ (Safer Networking Limited ) C:\Users\Administrator 1\Downloads\spybotbootcd-1.0.4.exe
2016-06-21 20:05 - 2016-06-21 20:05 - 22851472 _____ (Malwarebytes ) C:\Users\Administrator 1\Downloads\mbam-setup-cnet.35891-2.2.1.1043.exe
2016-06-21 19:57 - 2016-06-21 19:57 - 00003927 _____ C:\Users\Administrator 1\Desktop\vlk product key 2.txt
2016-06-21 19:43 - 2016-06-21 19:44 - 00388608 _____ (Trend Micro Inc.) C:\Users\Administrator 1\Desktop\HijackThis.exe
2016-06-21 17:00 - 2016-06-21 17:00 - 00000000 ____D C:\Users\Administrator 1\AppData\Local\Alexandre_Miguel_Canotilh
2016-06-21 16:49 - 2016-06-21 16:49 - 00002804 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-06-21 16:48 - 2016-06-21 16:49 - 00000000 ____D C:\Program Files\CCleaner
2016-06-21 16:48 - 2016-06-21 16:48 - 00000877 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-06-21 16:48 - 2016-06-21 16:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-06-21 16:45 - 2016-06-21 16:45 - 00001900 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2016-06-21 16:44 - 2016-06-21 16:45 - 00000000 ____D C:\Program Files (x86)\QuickTime
2016-06-21 16:40 - 2016-06-21 16:52 - 41896256 _____ (Apple Inc.) C:\Users\Administrator 1\Downloads\QuickTimeInstaller.exe
2016-06-21 16:23 - 2016-06-21 16:23 - 00000000 ____D C:\ProgramData\WinZipSE
2016-06-21 16:19 - 2016-06-21 16:19 - 00001039 _____ C:\Users\Public\Desktop\MiniTool Partition Wizard Free.lnk
2016-06-21 16:19 - 2016-06-21 16:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Free 9.1
2016-06-21 16:19 - 2016-06-21 16:19 - 00000000 ____D C:\Program Files\MiniTool Partition Wizard Free 9.1
2016-06-21 16:00 - 2016-06-21 16:02 - 00000000 ____D C:\ProgramData\WRData
2016-06-21 15:56 - 2016-06-22 12:23 - 00000000 ____D C:\Users\Administrator 1\AppData\Roaming\JAM Software
2016-06-21 15:56 - 2016-06-21 15:56 - 00031450 _____ C:\Users\Administrator 1\Documents\cc_20160621_155631.reg
2016-06-21 15:48 - 2016-06-21 15:48 - 02557544 _____ (Microsoft Corporation) C:\Users\Administrator 1\Downloads\NDP46-KB3122661-x86.exe
2016-06-21 15:27 - 2016-06-21 15:27 - 00001038 _____ C:\Users\Public\Desktop\Winamp.lnk
2016-06-21 15:27 - 2016-06-21 15:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2016-06-21 15:26 - 2016-06-22 19:20 - 00000000 ____D C:\Windows_Repair_Toolbox
2016-06-21 15:26 - 2016-06-21 15:53 - 00000000 ____D C:\Users\Administrator 1\AppData\Roaming\Winamp
2016-06-21 15:26 - 2016-06-21 15:30 - 00000000 ____D C:\Program Files (x86)\Winamp
2016-06-21 15:26 - 2016-06-21 15:26 - 00000829 _____ C:\Users\Public\Desktop\Windows Repair Toolbox.lnk
2016-06-21 15:26 - 2016-06-21 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Repair Toolbox
2016-06-21 15:24 - 2016-06-21 15:26 - 10328598 _____ (Nullsoft, Inc.) C:\Users\Administrator 1\Downloads\winamp5666_full_en-us_redux.exe
2016-06-21 15:15 - 2016-06-21 15:16 - 02016668 _____ (Alexandre Miguel Canotilho Coelho ) C:\Users\Administrator 1\Downloads\Windows_Repair_Toolbox_setup.exe
2016-06-21 15:00 - 2016-06-21 15:00 - 00000962 _____ C:\Users\Public\Desktop\Blaze Media Pro.lnk
2016-06-21 14:59 - 2016-06-21 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blaze Media Pro
2016-06-21 14:59 - 2016-06-21 15:00 - 00000000 ____D C:\Program Files (x86)\Blaze Media Pro
2016-06-21 14:57 - 2016-06-21 15:01 - 00000000 __HDC C:\ProgramData\{784E3329-1B2A-421E-9427-596088B766F6}
2016-06-21 14:51 - 2016-06-21 14:51 - 00001153 _____ C:\Users\WOUTempAdmin\Desktop\Command Cubes Viewer.lnk
2016-06-21 14:51 - 2016-06-21 14:51 - 00001153 _____ C:\Users\Me\Desktop\Command Cubes Viewer.lnk
2016-06-21 14:51 - 2016-06-21 14:51 - 00001153 _____ C:\Users\Guest\Desktop\Command Cubes Viewer.lnk
2016-06-21 14:51 - 2016-06-21 14:51 - 00001153 _____ C:\Users\Administrator 1\Desktop\Command Cubes Viewer.lnk
2016-06-21 14:51 - 2016-06-21 14:51 - 00001128 _____ C:\Users\WOUTempAdmin\Desktop\Command Cubes Server.lnk
2016-06-21 14:51 - 2016-06-21 14:51 - 00001128 _____ C:\Users\Me\Desktop\Command Cubes Server.lnk
2016-06-21 14:51 - 2016-06-21 14:51 - 00001128 _____ C:\Users\Guest\Desktop\Command Cubes Server.lnk
2016-06-21 14:51 - 2016-06-21 14:51 - 00001128 _____ C:\Users\Administrator 1\Desktop\Command Cubes Server.lnk
2016-06-21 14:51 - 2016-06-21 14:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Command Cubes
2016-06-21 14:51 - 2016-06-21 14:51 - 00000000 ____D C:\Program Files\winamp
2016-06-21 14:51 - 2016-06-21 14:51 - 00000000 ____D C:\Program Files (x86)\Command Cubes
2016-06-21 08:05 - 2016-06-21 08:05 - 00000274 _____ C:\Users\Public\Desktop\UVKRebootExecLog.txt
2016-06-21 07:55 - 2016-06-21 07:56 - 00002541 _____ C:\DelFix.txt
2016-06-21 07:54 - 2016-06-21 07:54 - 00000000 _____ C:\Users\Administrator 1\Downloads\delfix_1.013.exe.rfva3or.partial
2016-06-21 00:00 - 2016-06-21 00:00 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2016-06-20 23:35 - 2016-06-20 23:35 - 00000582 _____ C:\Users\Administrator 1\Desktop\keys.txt
2016-06-20 23:30 - 2016-06-20 23:33 - 00000000 ____D C:\Users\Administrator 1\Downloads\produkey-x64 (1)
2016-06-20 23:24 - 2016-06-20 23:24 - 00000621 _____ C:\Users\Administrator 1\Desktop\Product key.vbs
2016-06-20 07:50 - 2016-05-23 18:37 - 00394960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-06-20 07:50 - 2016-05-23 17:54 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-06-20 07:50 - 2016-05-21 12:28 - 25802752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-06-20 07:50 - 2016-05-21 11:57 - 20341248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-06-20 07:50 - 2016-05-20 17:27 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-06-20 07:50 - 2016-05-20 17:27 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-06-20 07:50 - 2016-05-20 17:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-06-20 07:50 - 2016-05-20 17:10 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-06-20 07:50 - 2016-05-20 17:09 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-06-20 07:50 - 2016-05-20 17:09 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-06-20 07:50 - 2016-05-20 17:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-06-20 07:50 - 2016-05-20 17:08 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-06-20 07:50 - 2016-05-20 17:08 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-06-20 07:50 - 2016-05-20 17:02 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-06-20 07:50 - 2016-05-20 17:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-06-20 07:50 - 2016-05-20 16:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-06-20 07:50 - 2016-05-20 16:57 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-06-20 07:50 - 2016-05-20 16:57 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-06-20 07:50 - 2016-05-20 16:57 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-06-20 07:50 - 2016-05-20 16:56 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-06-20 07:50 - 2016-05-20 16:56 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-06-20 07:50 - 2016-05-20 16:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-06-20 07:50 - 2016-05-20 16:54 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-06-20 07:50 - 2016-05-20 16:54 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-06-20 07:50 - 2016-05-20 16:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-06-20 07:50 - 2016-05-20 16:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-06-20 07:50 - 2016-05-20 16:50 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-06-20 07:50 - 2016-05-20 16:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-06-20 07:50 - 2016-05-20 16:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-06-20 07:50 - 2016-05-20 16:45 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-06-20 07:50 - 2016-05-20 16:45 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-06-20 07:50 - 2016-05-20 16:44 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-06-20 07:50 - 2016-05-20 16:44 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-06-20 07:50 - 2016-05-20 16:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-06-20 07:50 - 2016-05-20 16:41 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-06-20 07:50 - 2016-05-20 16:33 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-06-20 07:50 - 2016-05-20 16:33 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-06-20 07:50 - 2016-05-20 16:32 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-06-20 07:50 - 2016-05-20 16:29 - 13815808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-06-20 07:50 - 2016-05-20 16:28 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-06-20 07:50 - 2016-05-20 16:27 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-06-20 07:50 - 2016-05-20 16:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-06-20 07:50 - 2016-05-20 16:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-06-20 07:50 - 2016-05-20 16:25 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-06-20 07:50 - 2016-05-20 16:23 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-06-20 07:50 - 2016-05-20 16:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-06-20 07:50 - 2016-05-20 16:22 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-06-20 07:50 - 2016-05-20 16:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-06-20 07:50 - 2016-05-20 16:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-06-20 07:50 - 2016-05-20 16:14 - 04610048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-06-20 07:50 - 2016-05-20 16:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-06-20 07:50 - 2016-05-20 16:11 - 15420928 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-06-20 07:50 - 2016-05-20 16:11 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-06-20 07:50 - 2016-05-20 16:09 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-06-20 07:50 - 2016-05-20 16:09 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-06-20 07:50 - 2016-05-20 16:08 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-06-20 07:50 - 2016-05-20 16:08 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-06-20 07:50 - 2016-05-20 16:07 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-06-20 07:50 - 2016-05-20 16:07 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-06-20 07:50 - 2016-05-20 16:06 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-06-20 07:50 - 2016-05-20 15:46 - 02597888 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-06-20 07:50 - 2016-05-20 15:42 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-06-20 07:50 - 2016-05-20 15:38 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-06-20 07:50 - 2016-05-20 15:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-06-20 07:50 - 2016-05-20 15:34 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-06-20 07:50 - 2016-05-20 15:23 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-06-20 07:49 - 2016-05-18 11:10 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-06-20 07:49 - 2016-05-18 11:09 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-20 07:49 - 2016-05-13 17:15 - 00382184 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-20 07:49 - 2016-05-13 17:09 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-06-20 07:49 - 2016-05-13 17:09 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-20 07:49 - 2016-05-13 17:09 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-06-20 07:49 - 2016-05-13 17:09 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-06-20 07:49 - 2016-05-13 16:54 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-06-20 07:49 - 2016-05-13 16:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-06-20 07:49 - 2016-05-13 16:49 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-06-20 07:49 - 2016-05-13 16:49 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-06-20 07:49 - 2016-05-13 16:27 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-06-20 07:49 - 2016-05-12 12:20 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-20 07:49 - 2016-05-12 12:20 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-06-20 07:49 - 2016-05-12 12:15 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-06-20 07:49 - 2016-05-12 12:15 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-06-20 07:49 - 2016-05-12 12:15 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-06-20 07:49 - 2016-05-12 12:15 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-06-20 07:49 - 2016-05-12 12:15 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-06-20 07:49 - 2016-05-12 12:15 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-06-20 07:49 - 2016-05-12 12:14 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-06-20 07:49 - 2016-05-12 12:14 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-06-20 07:49 - 2016-05-12 12:14 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-20 07:49 - 2016-05-12 12:14 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-06-20 07:49 - 2016-05-12 12:14 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-06-20 07:49 - 2016-05-12 12:14 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-20 07:49 - 2016-05-12 12:14 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-06-20 07:49 - 2016-05-12 12:14 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-20 07:49 - 2016-05-12 12:14 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-06-20 07:49 - 2016-05-12 12:14 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-06-20 07:49 - 2016-05-12 12:14 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-06-20 07:49 - 2016-05-12 12:14 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-06-20 07:49 - 2016-05-12 12:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-06-20 07:49 - 2016-05-12 12:14 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-20 07:49 - 2016-05-12 12:14 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-20 07:49 - 2016-05-12 12:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-06-20 07:49 - 2016-05-12 12:14 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-06-20 07:49 - 2016-05-12 12:14 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-06-20 07:49 - 2016-05-12 12:14 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-06-20 07:49 - 2016-05-12 10:18 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-06-20 07:49 - 2016-05-12 10:18 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-06-20 07:49 - 2016-05-12 10:18 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-06-20 07:49 - 2016-05-12 10:18 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-06-20 07:49 - 2016-05-12 10:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-06-20 07:49 - 2016-05-12 10:18 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-06-20 07:49 - 2016-05-12 10:18 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-06-20 07:49 - 2016-05-12 10:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-06-20 07:49 - 2016-05-12 10:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-06-20 07:49 - 2016-05-12 10:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-06-20 07:49 - 2016-05-12 10:18 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-06-20 07:49 - 2016-05-12 10:18 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-06-20 07:49 - 2016-05-12 10:18 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-06-20 07:49 - 2016-05-12 10:18 - 00070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2016-06-20 07:49 - 2016-05-12 10:18 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-06-20 07:49 - 2016-05-12 10:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-06-20 07:49 - 2016-05-12 10:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-06-20 07:49 - 2016-05-12 10:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-06-20 07:49 - 2016-05-12 10:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-06-20 07:49 - 2016-05-12 10:18 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-06-20 07:49 - 2016-05-12 10:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-06-20 07:49 - 2016-05-12 10:03 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-06-20 07:49 - 2016-05-12 09:58 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-20 07:49 - 2016-05-12 09:58 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-20 07:49 - 2016-05-12 09:58 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-06-20 07:49 - 2016-05-12 09:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-20 07:49 - 2016-05-12 09:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-06-20 07:49 - 2016-05-12 09:58 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-06-20 07:49 - 2016-05-12 09:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-06-20 07:49 - 2016-05-12 09:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-06-20 07:49 - 2016-05-12 09:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-06-20 07:49 - 2016-05-12 08:05 - 00459640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-06-20 07:49 - 2016-05-12 08:05 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-06-20 07:49 - 2016-05-12 08:04 - 00249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-06-20 07:49 - 2016-05-11 12:02 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-06-20 07:49 - 2016-05-11 12:02 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-20 07:49 - 2016-05-11 12:02 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-20 07:49 - 2016-05-11 12:02 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-20 07:49 - 2016-05-11 10:19 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-06-20 07:49 - 2016-05-11 10:19 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-06-20 07:49 - 2016-05-11 10:19 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-06-20 07:49 - 2016-05-11 10:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-06-20 07:49 - 2016-05-11 10:11 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2016-06-20 07:49 - 2016-05-11 10:01 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2016-06-20 07:49 - 2016-05-11 09:58 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-19 20:35 - 2016-06-19 20:35 - 00000000 ____D C:\Users\Administrator 1\Downloads\FixWin
2016-06-19 19:17 - 2016-06-19 19:17 - 00003448 _____ C:\Windows\System32\Tasks\NeoSetup Updater
2016-06-19 19:16 - 2016-06-19 19:16 - 00001377 _____ C:\Users\Administrator 1\Desktop\NeoSetup Updater.lnk
2016-06-19 19:16 - 2016-06-19 19:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeoSetup Updater
2016-06-19 19:01 - 2016-06-22 21:31 - 00003688 _____ C:\Windows\System32\Tasks\AupAvUpdate
2016-06-19 19:01 - 2016-06-22 19:04 - 00000356 _____ C:\Windows\Tasks\Health-Check.job
2016-06-19 19:01 - 2016-06-22 18:02 - 00000364 _____ C:\Windows\Tasks\Health-Check-deep.job
2016-06-19 19:01 - 2016-06-22 12:16 - 00001584 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Uninstaller PRO 12.lnk
2016-06-19 19:01 - 2016-06-19 19:01 - 00002960 _____ C:\Windows\System32\Tasks\Health-Check-deep
2016-06-19 19:01 - 2016-06-19 19:01 - 00002952 _____ C:\Windows\System32\Tasks\Health-Check
2016-06-19 18:53 - 2016-06-19 18:53 - 01742664 _____ (Kaspersky Lab) C:\Users\Administrator 1\Downloads\kts16.0.0.614a bcden_9363.exe
2016-06-19 18:22 - 2016-06-19 18:22 - 93585408 _____ C:\Windows\system32\config\SOFTWARE.dw_backup
2016-06-18 23:07 - 2016-06-18 23:07 - 00000000 ____D C:\.Trash-0
2016-06-06 01:44 - 2016-06-06 01:44 - 00004952 _____ C:\Users\Administrator 1\Desktop\list1.txt
2016-06-06 01:42 - 2016-06-06 01:46 - 00000234 _____ C:\Users\Administrator 1\Desktop\remove all updates.bat
2016-06-05 21:26 - 2016-06-05 21:26 - 00000000 _____ C:\Windows\system32\Drivers\etc\hosts_bak_427
2016-06-05 13:08 - 2016-06-05 23:56 - 00000855 _____ C:\Windows\system32\Drivers\etc\hosts.bak
2016-06-05 11:07 - 2016-06-05 11:07 - 00003106 _____ C:\Windows\System32\Tasks\{39EB8DBB-DEF2-4D95-ABCF-89F3EFBA04E6}
2016-06-05 07:13 - 2016-06-05 07:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2016-06-05 07:04 - 2016-06-05 07:04 - 00000036 _____ C:\Windows\system32\Drivers\etc\hosts_bak_110
2016-06-04 22:31 - 2016-06-04 22:32 - 00010347 _____ C:\uninstall.cmd
2016-06-04 22:26 - 2016-06-04 22:26 - 00005384 _____ C:\list.txt
2016-06-04 14:08 - 2016-06-05 06:50 - 00000000 ____D C:\Windows\SoftwareDistribution.bak
2016-06-04 14:05 - 2016-06-04 14:05 - 00000477 _____ C:\Users\Administrator 1\Desktop\Update files batch to remove windows updates installed.bat
2016-06-04 14:01 - 2016-06-04 14:01 - 00002301 _____ C:\Users\Administrator 1\Desktop\windows updates.txt
2016-06-04 13:59 - 2016-06-04 13:59 - 00052580 _____ C:\Windows\system32\%Path_of_the_text_file%
2016-06-04 13:58 - 2015-12-14 16:24 - 00130880 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpnk.sys
2016-06-04 13:57 - 2016-06-04 13:57 - 00000000 _____ C:\Windows\system32\Drivers\Msft_Kernel_rzudd_01009.Wdf
2016-06-04 13:57 - 2015-09-22 16:36 - 00037184 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpmgrk.sys
2016-06-04 06:11 - 2016-06-04 06:11 - 05753170 _____ C:\Users\Administrator 1\Desktop\FixDotNet20160604110612454.cab
2016-06-04 05:51 - 2016-06-04 05:51 - 00042608 _____ C:\Users\Administrator 1\Documents\cc_20160604_055131.reg
2016-06-04 05:45 - 2016-06-04 05:45 - 00003184 _____ C:\Windows\System32\Tasks\{6FB40337-B808-44A2-AC05-F0990E66C9B3}
2016-06-04 04:19 - 2016-06-04 04:27 - 00028464 _____ C:\Windows\system32\Drivers\libwasys.sys
2016-06-04 04:13 - 2016-06-04 04:13 - 18247680 _____ C:\Users\Administrator 1\Downloads\OPSWAT_GEARS_CLIENT_3445-7c867995737c1853977386e89a5560c5.msi
2016-06-04 04:03 - 2016-06-04 04:03 - 00113814 _____ C:\Users\Administrator 1\Documents\cc_20160604_040303.reg
2016-06-04 03:48 - 2016-06-21 08:07 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-06-04 03:04 - 2016-06-04 03:04 - 00000288 _____ C:\Windows\Tasks\User_Feed_Synchronization-{BC7E3150-8E1F-4737-90CC-2F6DBB090B78}.job
2016-06-04 00:29 - 2016-06-04 00:29 - 06311712 _____ (Carifred) C:\Users\Administrator 1\Downloads\UVKSetup (1).exe
2016-06-03 08:19 - 2015-07-22 23:20 - 00000002 _____ C:\Windows\SysWOW64\config.bak
2016-06-03 08:19 - 2015-07-22 23:20 - 00000002 _____ C:\Windows\SysWOW64\autoexec.bak
2016-06-03 07:03 - 2016-06-03 07:03 - 03719680 _____ (CoolPDF Software, Inc.) C:\Users\Administrator 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CoolPDFReader.exe
2016-06-03 06:44 - 2016-06-21 01:43 - 00000000 ____D C:\Program Files (x86)\Razer
2016-06-03 06:44 - 2016-06-04 13:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2016-06-02 16:28 - 2016-06-02 16:28 - 00000000 ____D C:\ProgramData\MicroWorld
2016-06-02 11:58 - 2016-06-02 11:58 - 09565825 _____ C:\Users\Administrator 1\Downloads\ThePCJukeboxSetup.zip
2016-06-02 11:56 - 2016-06-02 11:56 - 07791349 _____ (Command Cubes ) C:\Users\Administrator 1\Downloads\CommandCubes.exe
2016-06-02 11:54 - 2016-06-02 11:54 - 04772869 _____ ( ) C:\Users\Administrator 1\Downloads\jukebox.exe
2016-06-02 11:53 - 2016-06-02 11:53 - 15634201 _____ (FunVibes Sarl ) C:\Users\Administrator 1\Downloads\VirtuosaTrial.exe
2016-06-02 11:48 - 2016-06-02 11:49 - 22417072 _____ (Mystik Media ) C:\Users\Administrator 1\Downloads\setup_blazemp.exe
2016-06-02 11:45 - 2016-06-02 11:47 - 134727920 _____ (ZenPoint) C:\Users\Administrator 1\Downloads\digitalcenter.exe
2016-06-02 11:40 - 2016-06-02 11:40 - 16016336 _____ (Ventis Media Inc. ) C:\Users\Administrator 1\Downloads\MediaMonkey_4.1.12.1798.exe
2016-06-02 11:39 - 2016-06-02 11:41 - 16657668 _____ C:\Users\Administrator 1\Downloads\jukebox_setup10.exe
2016-06-02 11:38 - 2016-06-02 11:38 - 05256331 _____ (T and K Software ) C:\Users\Administrator 1\Downloads\UJSetup_3_6_2014_913.exe
2016-06-02 11:15 - 2016-06-02 11:15 - 06944960 _____ ( ) C:\Users\Administrator 1\Downloads\Soundbase.exe
2016-06-02 11:15 - 2016-06-02 11:15 - 00754662 _____ C:\Users\Administrator 1\Downloads\Winamp_Essentials_6_7_8_9_10_11_12.exe
2016-06-02 11:13 - 2016-06-02 11:13 - 06635775 _____ C:\Users\Administrator 1\Downloads\zplayer_windows_setup.zip
2016-06-02 11:12 - 2016-06-02 11:12 - 02617177 _____ C:\Users\Administrator 1\Downloads\winyl_setup.zip
2016-06-02 11:11 - 2016-06-02 11:12 - 53493817 _____ C:\Users\Administrator 1\Downloads\MiamPlayer-0.8.0.exe
2016-06-02 11:11 - 2016-06-02 11:11 - 22216771 _____ C:\Users\Administrator 1\Downloads\jajuk-1.10.9-setup.exe
2016-06-02 11:09 - 2016-06-02 11:10 - 87266194 _____ C:\Users\Administrator 1\Downloads\kodi-16.1-Jarvis.exe
2016-06-02 11:09 - 2016-06-02 11:09 - 14601896 _____ (J. River, Inc.) C:\Users\Administrator 1\Downloads\MediaJukebox140166.exe
2016-06-02 11:02 - 2016-06-02 11:02 - 00000000 ____D C:\Users\Administrator 1\Downloads\Remove_MS_Upgrade_To_10_Nag
2016-06-02 08:33 - 2016-06-02 08:33 - 03507007 _____ C:\Users\Administrator 1\Downloads\emdb.zip
2016-06-02 07:04 - 2016-06-21 12:27 - 00000000 ____D C:\ProgramData\UVK
2016-06-02 05:15 - 2016-06-02 12:10 - 00000000 ____D C:\Users\Administrator 1\Downloads\stinger64-epo (1)
2016-05-31 20:07 - 2016-05-31 20:07 - 00025458 _____ C:\Users\Administrator 1\Documents\cc_20160531_200750.reg
2016-05-31 13:37 - 2016-05-31 13:37 - 00073078 _____ C:\Users\Administrator 1\Documents\cc_20160531_133743.reg
2016-05-31 11:24 - 2016-05-31 11:24 - 00003202 _____ C:\Windows\System32\Tasks\{61611F03-EC3F-46FD-B04B-BE87E86D89AF}
2016-05-31 02:42 - 2012-11-19 19:43 - 00688992 _____ (Swearware) C:\Users\Administrator 1\Documents\dds-2.scr
2016-05-31 02:35 - 2012-11-19 19:43 - 00688992 _____ (Swearware) C:\Users\Administrator 1\Documents\dds-1.scr
2016-05-31 02:31 - 2012-11-19 19:43 - 00688992 _____ (Swearware) C:\Users\Administrator 1\Documents\dds.scr
2016-05-31 01:34 - 2016-05-31 01:34 - 93270016 _____ C:\Windows\system32\config\SOFTWARE9131fc1d
2016-05-30 10:03 - 2016-05-30 10:03 - 17408375 _____ C:\Windows\system32\scan.db
2016-05-27 17:07 - 2016-05-27 17:07 - 00020550 _____ C:\Users\Administrator 1\Documents\cc_20160527_170755.reg
2016-05-27 16:46 - 2016-05-27 16:46 - 03536596 _____ C:\Users\Administrator 1\Desktop\system.nfo
2016-05-27 16:27 - 2016-06-05 11:07 - 00000000 ____D C:\Program Files (x86)\TrojanHunter
2016-05-26 23:16 - 2016-05-26 23:16 - 00119146 _____ C:\Users\Administrator 1\Documents\cc_20160526_231628.reg
2016-05-26 23:16 - 2016-05-26 23:16 - 00012380 _____ C:\Users\Administrator 1\Documents\cc_20160526_231652.reg
2016-05-26 22:49 - 2016-06-22 21:31 - 00003468 _____ C:\Windows\System32\Tasks\UninstallMonitor
2016-05-26 22:46 - 2014-03-07 11:25 - 00042496 _____ C:\Windows\SysWOW64\AdvUninstCPL.cpl
2016-05-24 22:59 - 2016-06-04 04:26 - 00000000 ____D C:\Users\Administrator 1\AppData\Roaming\Metadefender-Client
2016-05-24 22:35 - 2016-05-24 22:35 - 95682560 _____ C:\Windows\system32\config\software.bhv
2016-05-24 22:35 - 2016-05-24 22:35 - 22282240 _____ C:\Windows\system32\config\system.bhv
2016-05-24 22:35 - 2016-05-24 22:35 - 00524288 _____ C:\Windows\system32\config\default.bhv
2016-05-24 22:35 - 2016-05-24 22:35 - 00098304 _____ C:\Windows\system32\config\sam.bhv
2016-05-24 22:35 - 2016-05-24 22:35 - 00032768 _____ C:\Windows\system32\config\security.bhv
2016-05-24 21:56 - 2016-05-24 21:57 - 02248504 _____ (Runscanner.net) C:\Users\Administrator 1\Downloads\runscanner.exe
2016-05-24 04:12 - 2016-05-24 04:12 - 00000666 _____ C:\gdbdrem.dat
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-22 22:06 - 2015-09-19 12:43 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-22 22:04 - 2009-07-13 23:45 - 00025088 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-22 22:04 - 2009-07-13 23:45 - 00025088 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-22 21:29 - 2015-11-02 23:02 - 00022509 _____ C:\Users\Administrator 1\Desktop\attach.txt
2016-06-22 20:19 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf
2016-06-22 20:06 - 2015-03-23 23:02 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2016-06-22 19:06 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\inetsrv
2016-06-22 19:04 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-22 12:30 - 2015-03-18 11:28 - 00000000 ____D C:\Users\Administrator 1\AppData\Local\ElevatedDiagnostics
2016-06-22 12:29 - 2015-06-22 19:01 - 00000000 ____D C:\Users\Administrator 1\AppData\Local\Downloaded Installations
2016-06-22 12:23 - 2015-03-23 19:46 - 00000000 ____D C:\Users\Administrator 1\AppData\Roaming\InstallShield
2016-06-22 11:57 - 2015-07-18 21:57 - 00000000 ____D C:\Users\Administrator 1\AppData\Roaming\uTorrent
2016-06-22 11:56 - 2015-03-21 22:33 - 00000000 ____D C:\Users\Administrator 1\AppData\Local\CrashDumps
2016-06-22 09:57 - 2015-12-14 17:14 - 00000000 ____D C:\Users\Administrator 1
2016-06-21 20:01 - 2016-05-21 15:07 - 00000000 ____D C:\Users\Administrator 1\Downloads\backups
2016-06-21 19:56 - 2015-12-07 22:47 - 00003927 _____ C:\Users\Administrator 1\Desktop\vlk product key.txt
2016-06-21 19:32 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2016-06-21 18:26 - 2015-08-18 22:34 - 00000945 _____ C:\Users\Administrator 1\Desktop\Auslogics Duplicate File Finder.lnk
2016-06-21 18:24 - 2009-07-14 00:08 - 00032544 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-06-21 17:02 - 2015-10-20 21:43 - 00000000 ____D C:\Program Files\7-Zip
2016-06-21 16:45 - 2015-06-30 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-06-21 16:20 - 2015-03-24 22:25 - 00000000 ____D C:\Users\Administrator 1\AppData\Local\Apple Computer
2016-06-21 15:07 - 2015-08-30 15:41 - 00002191 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belarc Advisor.lnk
2016-06-21 15:07 - 2015-08-30 15:41 - 00002179 _____ C:\Users\Public\Desktop\Belarc Advisor.lnk
2016-06-21 12:33 - 2015-12-14 17:15 - 00000000 ____D C:\Users\Classic .NET AppPool
2016-06-21 12:33 - 2015-12-14 17:14 - 00000000 ____D C:\Users\DefaultAppPool
2016-06-21 12:16 - 2015-09-21 01:33 - 00000000 ____D C:\Program Files\Java
2016-06-21 12:14 - 2009-11-12 21:45 - 00000000 ____D C:\Program Files (x86)\Java
2016-06-21 12:13 - 2015-12-15 10:02 - 00000000 ____D C:\Windows\Minidump
2016-06-21 08:35 - 2015-12-14 17:15 - 00000000 ____D C:\Users\Guest
2016-06-21 08:35 - 2015-12-14 17:14 - 00000000 ____D C:\Users\WOUTempAdmin
2016-06-21 08:35 - 2015-12-14 17:14 - 00000000 ____D C:\Users\Me
2016-06-21 08:24 - 2015-12-14 17:13 - 00850538 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-06-21 08:24 - 2009-07-14 00:13 - 00880878 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-21 08:13 - 2015-07-17 11:54 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2016-06-21 08:13 - 2015-06-25 17:10 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-06-21 08:11 - 2015-08-18 16:02 - 00000000 ____D C:\Users\Administrator 1\.oracle_jre_usage
2016-06-21 07:51 - 2009-07-13 23:54 - 00000749 ____R C:\Windows\WindowsShell.Manifest
2016-06-21 07:51 - 2009-07-13 22:20 - 00000000 ___RD C:\Users\Public\Libraries
2016-06-21 07:50 - 2009-07-13 21:34 - 00000577 _____ C:\Windows\win.ini
2016-06-21 07:47 - 2015-05-02 02:19 - 00002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-20 23:28 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\registration
2016-06-20 21:59 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2016-06-20 21:25 - 2015-12-14 21:51 - 00112560 _____ C:\Users\Administrator 1\AppData\Local\GDIPFONTCACHEV1.DAT
2016-06-20 21:21 - 2009-07-13 23:45 - 00421312 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-20 10:42 - 2014-07-17 23:20 - 00000000 ____D C:\Windows\system32\MRT
2016-06-20 10:19 - 2016-05-10 01:10 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-06-19 23:39 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\Msdtc
2016-06-19 23:33 - 2015-12-14 17:11 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2016-06-19 18:59 - 2015-09-28 11:02 - 00000000 ____D C:\Users\new
2016-06-19 18:59 - 2015-09-24 16:51 - 00000000 ____D C:\Users\Bree
2016-06-19 18:59 - 2015-07-26 21:27 - 00000000 ____D C:\Users\Administrator
2016-06-07 00:02 - 2015-08-16 20:20 - 00000000 ____D C:\Windows\Microsoft Antimalware
2016-06-06 01:00 - 2015-04-29 21:05 - 00000000 ____D C:\Windows\pss
2016-06-05 20:46 - 2016-05-08 13:52 - 00000000 ____D C:\Users\Administrator 1\Downloads\Apup_1_4_42
2016-05-31 20:05 - 2009-07-13 21:34 - 00000215 _____ C:\Windows\system.ini
2016-05-30 10:31 - 2009-11-12 21:47 - 00000000 ____D C:\Program Files (x86)\TOSHIBA
2016-05-30 10:31 - 2009-11-12 21:46 - 00000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2016-05-30 09:00 - 2013-05-21 14:43 - 00000000 ____D C:\Program Files (x86)\TOSHIBA Corporation
2016-05-27 18:57 - 2015-12-10 14:07 - 00000000 ____D C:\Users\Administrator 1\AppData\Local\2Browse
2016-05-27 18:30 - 2016-05-20 23:19 - 00000000 ___RD C:\Users\Administrator 1\New Briefcase
2016-05-26 19:10 - 2015-08-25 11:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rootkit Unhooker
2016-05-26 18:36 - 2015-03-17 09:51 - 00000000 ____D C:\Windows\erdnt
2016-05-24 22:35 - 2015-12-14 17:21 - 00000000 ____D C:\Users\TEMP
2016-05-24 22:07 - 2016-05-21 20:53 - 00000000 ____D C:\Users\Public\Downloads\Norton
2016-05-24 21:51 - 2015-12-09 00:21 - 00000000 ____D C:\Program Files (x86)\Microsoft Windows 7 Upgrade Advisor
2016-05-24 21:42 - 2016-05-20 20:39 - 00000000 ____D C:\Windows\System32\Tasks\Remediation
Files to move or delete:
====================
C:\Users\Administrator 1\oarpman.exe
Some files in TEMP:
====================
C:\Users\Administrator 1\AppData\Local\Temp\dllnt_dump.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-06-20 21:51
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-06-2016 01
Ran by Administrator 1 (2016-06-22 22:29:31)
Running from C:\Users\Administrator 1\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2015-12-15 00:20:51)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1965651932-3507908794-2345626874-500 - Administrator - Enabled)
Administrator 1 (S-1-5-21-1965651932-3507908794-2345626874-1003 - Administrator - Enabled) => C:\Users\Administrator 1
ASPNET (S-1-5-21-1965651932-3507908794-2345626874-1007 - Limited - Enabled)
Guest (S-1-5-21-1965651932-3507908794-2345626874-501 - Limited - Enabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-1965651932-3507908794-2345626874-1002 - Limited - Enabled)
Me (S-1-5-21-1965651932-3507908794-2345626874-1000 - Administrator - Enabled) => C:\Users\Me
WOUTempAdmin (S-1-5-21-1965651932-3507908794-2345626874-1009 - Administrator - Enabled) => C:\Users\WOUTempAdmin
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1965651932-3507908794-2345626874-1000\...\uTorrent) (Version: 3.4.3.40760 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-1965651932-3507908794-2345626874-1003\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-1965651932-3507908794-2345626874-501\...\uTorrent) (Version: 3.4.3.40760 - BitTorrent Inc.)
3ivx MPEG-4 5.0.4 (remove only) (HKLM-x32\...\3ivx MPEG-4 5.0.4) (Version: 5.0.4 - 3ivx Technologies, Pty. Ltd.)
7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
Advanced Uninstaller PRO - Version 12 (HKLM-x32\...\AU11_is1) (Version: 12.11.0.46 - Innovative Solutions)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Belarc Advisor 8.5c (HKLM-x32\...\Belarc Advisor) (Version: 8.5.3.0 - Belarc Inc.)
Blaze Media Pro (HKLM-x32\...\Blaze Media Pro) (Version: 9.10 - Mystik Media)
Blaze Media Pro (x32 Version: 9.10 - Mystik Media) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite DCP-L2540DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.19 - Piriform)
Command Cubes V1.1 Release 1 (HKLM-x32\...\Command Cubes_is1) (Version: 1.0 - Command Cubes)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Grammarly (HKLM-x32\...\{F8ADEE0D-3143-4E71-8CCD-9423105A6199}_is1) (Version: 4.1.1.85 - Grammarly)
High-Definition Video Playback 10 (x32 Version: 7.0.11400.29.0 - Nero AG) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Label@Once 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)
LightBox Free Image Editor (HKLM-x32\...\LightBox Free Image Editor) (Version: - )
Logitech Flow Scroll 4.0 (HKLM\...\Sn1) (Version: 4.00.33 - Logitech)
Logitech Gaming Software 8.74 (HKLM\...\Logitech Gaming Software) (Version: 8.74.80 - Logitech Inc.)
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
M4a/Flac/Ogg/Ape/Mpc Tag Support Plugin for Media Player v 1.1 (HKLM-x32\...\M4a/Flac/Ogg/Ape/Mpc Tag Support Plugin for Media Player_is1) (Version: 1 - Softpointer Inc)
Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.10.10 - Magical Jelly Bean)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 RC Redistributable (x64) - 14.0.22816 (HKLM-x32\...\{e2495eb6-cca8-47aa-91ea-3410ca44d7b7}) (Version: 14.0.22816.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 RC Redistributable (x86) - 14.0.22816 (HKLM-x32\...\{714692fa-709b-4925-8170-821d51135f42}) (Version: 14.0.22816.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MiniTool Partition Wizard Free 9.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
MP3 Converter V4.9.4 (HKLM-x32\...\MP3 Converter_is1) (Version: - MP3 Converter, Inc.)
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 1.3.2 - MusicBrainz)
NeoSetup Updater (HKLM-x32\...\RPD_is1) (Version: 3.9.0.0 - Innovative Solutions)
Quickbooks Financial Center (HKLM-x32\...\{3B843B38-04B1-4CE6-8888-586273E0F289}) (Version: 2.02 - TOSHIBA Corporation)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0008 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7373 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30101 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{0FB630AB-7BD8-40AE-B223-60397D57C3C9}) (Version: 2.00.0006 - Realtek)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.7.18 - Synaptics Incorporated)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.0 - TOSHIBA)
TOSHIBA Assist (HKLM-x32\...\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}) (Version: 3.00.10 - TOSHIBA)
TOSHIBA ConfigFree (HKLM-x32\...\{F3529665-D75E-4D6D-98F0-745C78C68E9B}) (Version: 8.0.21 - TOSHIBA Corporation)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.1 for x64 - TOSHIBA Corporation)
TOSHIBA DVD PLAYER (HKLM-x32\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 3.01.0.07-A - TOSHIBA Corporation)
TOSHIBA Extended Tiles for Windows Mobility Center (HKLM-x32\...\InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}) (Version: - )
TOSHIBA Hardware Setup (HKLM-x32\...\{D0387727-C89D-4774-B643-B9333EAA09DE}) (Version: 2.00.11 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.0.0 - TOSHIBA Corporation)
TOSHIBA Media Controller (HKLM-x32\...\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}) (Version: 1.0.80.3.64 - TOSHIBA CORPORATION)
Toshiba Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.0.38 - Toshiba)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.4.1.64 - TOSHIBA Corporation)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{5BCC94A1-DEF1-4AB4-8046-BC13048E929A}) (Version: 1.5.07.64 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.9 - TOSHIBA)
TOSHIBA Speech System Applications (HKLM-x32\...\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}) (Version: 1.00.2518 - )
TOSHIBA Speech System SR Engine(U.S.) Version1.0 (HKLM-x32\...\{008D69EB-70FF-46AB-9C75-924620DF191A}) (Version: - )
TOSHIBA Speech System TTS Engine(U.S.) Version1.0 (HKLM-x32\...\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}) (Version: - )
TOSHIBA Upgrade Assistant (HKLM-x32\...\{41773726-92D0-4265-A0F8-DD980CA1AEC4}) (Version: 1.1.9 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.4 - TOSHIBA Corporation)
ToshibaRegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.3 - Toshiba)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Repair Toolbox version 1.3.1.2 (HKLM-x32\...\{A8D7DA31-9E70-437D-97C4-C4887752E029}_is1) (Version: 1.3.1.2 - Alexandre Miguel Canotilho Coelho)
Windows Resource Kit Tools - SubInAcl.exe (HKLM-x32\...\{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}) (Version: 5.2.3790.1164 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0557E08B-1BB3-437B-A874-4C1149D7A97B} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {08607930-9EBC-48D6-8B18-F98BC5529B2F} - System32\Tasks\NeoSetup Updater => C:\Program Files (x86)\Innovative Solutions\NeoSetup Updater\NeoSetup_Updater.exe
Task: {08C6EB6E-2258-461C-858C-3C63EA76607B} - System32\Tasks\{39EB8DBB-DEF2-4D95-ABCF-89F3EFBA04E6} => pcalua.exe -a "C:\Program Files\SUPERAntiSpyware\Uninstall.exe"
Task: {0CF96361-46C7-4DC2-81E7-C60879BFCC74} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {1465BA68-91BE-4F80-8BFC-0368B34B5B71} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {1E532EAE-B7F5-4779-A384-E366EB271B74} - System32\Tasks\UninstallMonitor => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\uninstaller.exe [2016-06-17] (Innovative Solutions GRUP SRL)
Task: {25A52A2A-AFD8-46A2-98CE-568DAA7301C4} - System32\Tasks\Health-Check => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe [2016-06-17] (Innovative Solutions)
Task: {2ADE0FC8-BA6B-44A4-BDCB-628F943A0F02} - \System Cleaner Pro Auto Start -> No File <==== ATTENTION
Task: {30D94A24-739A-4828-AB8F-07C165EA0764} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {35807094-18F3-44B7-934A-AAC32550F23C} - \Test Task -> No File <==== ATTENTION
Task: {3A772E7E-5D85-4507-9C7A-5D7A4E729732} - \{40180B8C-8803-4782-9D3F-ED666E3C2404} -> No File <==== ATTENTION
Task: {3B5AE708-05A5-4971-B2D7-B48EDA701C9D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {461D55DB-DB36-4172-AD87-45927BA3963C} - System32\Tasks\Health-Check-deep => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe [2016-06-17] (Innovative Solutions)
Task: {46442888-E7F4-45CD-9FE1-9C6A32D7D97A} - \Papuir -> No File <==== ATTENTION
Task: {49780261-AFB6-48EB-8F79-6D155095CFE3} - System32\Tasks\Opera scheduled Autoupdate 1439869261 => C:\Program Files (x86)\Opera\launcher.exe
Task: {513E8706-0C05-48B0-9002-A8924CD31D93} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {5F1FA2D8-4241-4B91-880A-BEB4B1D0BEE3} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2009-07-13] (TOSHIBA CORPORATION)
Task: {607B3ED6-DF09-429A-BF92-E325161E871F} - \Notify Helper -> No File <==== ATTENTION
Task: {68AD79B8-E95B-4C72-AB94-95A8DE936362} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks
Task: {77D745FB-6213-4C93-82C2-B95B3B4CE933} - \{730A3329-FF00-4114-AC50-FD0663025A12} -> No File <==== ATTENTION
Task: {866E8A2F-C0D7-4E36-A012-AFDA8E95C914} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {8EF1C0E7-B230-45C4-9749-918444EB7A12} - no filepath
Task: {90D4B127-66EA-4CC2-9365-F3EA80E43099} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {91831711-F2D4-4F86-B0C5-D2EC3F1B869B} - \TunePro360 Updater -> No File <==== ATTENTION
Task: {9FDC86E0-8AAE-4AB5-8946-8A879E337CE1} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {A032EA25-3DEC-488E-BF55-F3D5AD95782A} - System32\Tasks\AupAvUpdate => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\updAvTask.exe [2016-06-01] ()
Task: {A57B3E80-05EE-4BE5-8DDE-ECD24DFC9A85} - \DAHCX1 -> No File <==== ATTENTION
Task: {A5D41AFB-9201-42F2-9F91-AC23A4CCDD70} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-10] (Piriform Ltd)
Task: {B31B028C-D6AF-4605-B2FB-BD28D76F278D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {C3F62C22-9672-4C17-9C35-F3677FCC82B2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {C50C79DB-68D3-426B-AEA4-8487F1449BAF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {C672E131-BCE9-458E-A45F-C78F7B779828} - \{37C0DAF1-5E8F-4076-940E-48E07C1297A2} -> No File <==== ATTENTION
Task: {D13A5E88-FBA6-484F-8355-B521E7FC49FD} - \{C1F8056C-6473-4556-9D01-049B8D8160DF} -> No File <==== ATTENTION
Task: {D41E1650-F5B8-4393-984A-44B4F7F3047E} - System32\Tasks\{6FB40337-B808-44A2-AC05-F0990E66C9B3} => pcalua.exe -a "C:\Program Files\SUPERAntiSpyware\Uninstall.exe" -d "C:\Program Files\SUPERAntiSpyware"
Task: {DC030481-99B8-4D93-91C3-B64086AE674C} - System32\Tasks\{61611F03-EC3F-46FD-B04B-BE87E86D89AF} => pcalua.exe -a "C:\Users\Administrator 1\Downloads\revouninstaller\revouninstaller-portable\Revouninstaller.exe"
Task: {E8A400F0-BAB3-4D8B-8EB7-B4F1A7C56FF4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {FFDCC192-969F-4CB6-AC07-573508B191CD} - \{8AB9242E-6D49-4C74-B250-0BA5F470961B} -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Health-Check-deep.job => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe
Task: C:\Windows\Tasks\Health-Check.job => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{BC7E3150-8E1F-4737-90CC-2F6DBB090B78}.job => C:\Windows\system32\msfeedssync.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2009-01-12 07:15 - 2009-01-12 07:15 - 00071096 _____ () C:\Program Files (x86)\Blaze Media Pro\NMSAccess32.exe
2016-05-14 15:28 - 2005-04-21 23:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:23 - 2010-10-20 16:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2015-03-06 19:07 - 2015-03-06 19:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-09-19 16:20 - 2015-09-19 16:20 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-06 19:07 - 2015-03-06 19:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-09-19 16:20 - 2015-09-19 16:20 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:45 - 2010-10-20 16:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2016-06-20 03:29 - 2016-06-15 04:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-20 03:29 - 2016-06-15 04:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll
2016-06-20 03:29 - 2016-06-15 04:15 - 17599640 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\47924330.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\55553409.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\87815172.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\47924330.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\55553409.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\87815172.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-06-05 21:26 - 2016-06-21 19:18 - 00000835 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1965651932-3507908794-2345626874-1003\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-1965651932-3507908794-2345626874-1009\Control Panel\Desktop\\Wallpaper -> C:\Users\WOUTempAdmin\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-82-1036420768-1044797643-1061213386-2937092688-4282445334\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: ) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) %systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [TelnetServer-Tlntadmn-RPC-In] => (Allow) %systemroot%\system32\tlntsvr.exe
FirewallRules: [TelnetServer-TlntSvr-TCP-In] => (Allow) %systemroot%\system32\tlntsvr.exe
FirewallRules: [TCP Query User{957446FC-E352-478A-A510-1144459FA375}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{979FCCCC-D141-4B14-9191-FBF553C82E51}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
Name: ZAM Helper Driver
Description: ZAM Helper Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ZAM
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: ZAM Guard Driver
Description: ZAM Guard Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ZAM_Guard
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/22/2016 02:52:41 PM) (Source: ESENT) (EventID: 455) (User: )
Description: DllHost (3792) WebCacheLocal: Error -1811 occurred while opening logfile C:\Users\Administrator 1\AppData\Local\Microsoft\Windows\WebCache\V01001D5.log.
Error: (06/22/2016 11:47:27 AM) (Source: MsiInstaller) (EventID: 11606) (User: Me-PC)
Description: Product: AntimalwareEngine -- Error 1606. Could not access network location \Antimalware Engine\3.0.129.0.
Error: (06/22/2016 11:47:27 AM) (Source: MsiInstaller) (EventID: 11606) (User: Me-PC)
Description: Product: AntimalwareEngine -- Error 1606. Could not access network location \Antimalware Engine\3.0.129.0.
Error: (06/22/2016 09:31:19 AM) (Source: MsiInstaller) (EventID: 11606) (User: Me-PC)
Description: Product: AntimalwareEngine -- Error 1606. Could not access network location \Antimalware Engine\3.0.129.0.
Error: (06/22/2016 09:31:19 AM) (Source: MsiInstaller) (EventID: 11606) (User: Me-PC)
Description: Product: AntimalwareEngine -- Error 1606. Could not access network location \Antimalware Engine\3.0.129.0.
Error: (06/22/2016 08:03:31 AM) (Source: MsiInstaller) (EventID: 11606) (User: Me-PC)
Description: Product: AntimalwareEngine -- Error 1606. Could not access network location \Antimalware Engine\3.0.129.0.
Error: (06/22/2016 08:03:31 AM) (Source: MsiInstaller) (EventID: 11606) (User: Me-PC)
Description: Product: AntimalwareEngine -- Error 1606. Could not access network location \Antimalware Engine\3.0.129.0.
Error: (06/22/2016 07:26:03 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (06/22/2016 06:06:23 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (06/22/2016 05:00:46 AM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
Description: Acquisition of genuine ticket failed (hr=0xC004C533) for template Id 66c92734-d682-4d71-983e-d6ec3f16059f
System errors:
=============
Error: (06/22/2016 10:14:21 PM) (Source: DCOM) (EventID: 10016) (User: Me-PC)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Me-PCAdministrator 1S-1-5-21-1965651932-3507908794-2345626874-1003LocalHost (Using LRPC)
Error: (06/22/2016 10:00:34 PM) (Source: LPDSVC) (EventID: 4009) (User: )
Description: \\192.168.1.46\RT-AC87U192.168.1.1
Error: (06/22/2016 09:51:13 PM) (Source: DCOM) (EventID: 10016) (User: Me-PC)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Me-PCAdministrator 1S-1-5-21-1965651932-3507908794-2345626874-1003LocalHost (Using LRPC)
Error: (06/22/2016 09:51:07 PM) (Source: volsnap) (EventID: 14) (User: )
Description: The shadow copies of volume C: were aborted because of an IO failure on volume C:.
Error: (06/22/2016 09:50:19 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.
Error: (06/22/2016 09:50:19 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.
Error: (06/22/2016 09:50:19 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.
Error: (06/22/2016 09:50:19 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.
Error: (06/22/2016 09:50:19 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.
Error: (06/22/2016 09:50:19 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.
CodeIntegrity:
===================================
Date: 2016-06-22 16:55:45.120
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-06-22 16:55:45.089
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-05-26 19:12:09.327
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-05-26 19:12:09.281
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-12-04 19:29:25.319
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\TrueSight.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-12-04 19:29:25.292
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\TrueSight.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-27 13:16:18.962
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-27 13:16:18.915
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-27 13:15:19.994
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\LGBusEnum.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-27 13:15:19.994
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\LGBusEnum.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T6500 @ 2.10GHz
Percentage of memory in use: 75%
Total physical RAM: 2939.99 MB
Available physical RAM: 710.7 MB
Total Virtual: 5878.16 MB
Available Virtual: 2957.71 MB
==================== Drives ================================
Drive c: (TI105736W0B) (Fixed) (Total:224 GB) (Free:148.09 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: E662A431)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=224 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Code:
# AdwCleaner v5.200 - Logfile created 22/06/2016 at 23:02:23
# Updated 14/06/2016 by ToolsLib
# Database : 2016-06-22.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (X64)
# Username : Administrator 1 - ME-PC
# Running from : C:\Users\Administrator 1\Desktop\adwcleaner_5.200.exe
# Option : Scan
# Support : [URL="https://toolslib.net/forum"]ToolsLib[/URL]
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
*************************
C:\AdwCleaner\AdwCleaner[S1].txt - [664 bytes] - [22/06/2016 23:02:23]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [736 bytes] ##########
