Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

COM Surrogate (32bit) - Using all my CPU and Memory


  • This topic is locked This topic is locked
15 replies to this topic

#1 brygar

brygar

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:35 PM

Posted 28 October 2014 - 04:35 PM

I keep getting High Usage warnings for Com Surrogate (32 bit)

I ran the scan feature on OTL by OldTimer - Version 3.2.69.0 and here is the report it came up with.

Does anyone have a "fix" for this?

Thanks,

 

OTL logfile created on: 10/28/2014 1:40:26 PM - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\bryga_000\AppData\Local\Microsoft\Windows\INetCache\IE\NFI592N4
64bit- Professional  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17351)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
4.00 Gb Total Physical Memory | 2.14 Gb Available Physical Memory | 53.47% Memory free
8.00 Gb Paging File | 5.88 Gb Available in Paging File | 73.51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 185.97 Gb Total Space | 39.55 Gb Free Space | 21.27% Space Free | Partition Type: NTFS
 
Computer Name: GARRETT-XPS | User Name: GAdmin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/10/28 13:39:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\bryga_000\AppData\Local\Microsoft\Windows\INetCache\IE\NFI592N4\OTL.exe
PRC - [2014/10/27 11:01:55 | 005,223,016 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/10/27 11:01:54 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/10/23 13:30:29 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe
PRC - [2014/10/20 14:39:18 | 000,810,640 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2014/10/02 13:14:56 | 000,265,040 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\n360.exe
PRC - [2014/05/08 10:26:34 | 003,145,536 | ---- | M] () -- C:\Users\bryga_000\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/10/27 11:02:00 | 038,561,576 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/05/08 10:26:34 | 003,145,536 | ---- | M] () -- C:\Users\bryga_000\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/10/27 11:01:54 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014/10/27 11:01:19 | 004,012,248 | ---- | M] (Avast Software) [On_Demand | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
SRV:64bit: - [2014/09/25 03:10:24 | 002,436,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:64bit: - [2014/09/24 01:42:34 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/09/24 01:19:36 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/09/24 01:19:35 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/09/24 01:06:06 | 000,347,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/09/24 01:06:06 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/09/24 00:52:52 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/09/24 00:52:49 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/09/24 00:35:26 | 001,600,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/09/24 00:25:48 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/09/24 00:25:47 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2014/09/24 00:25:41 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/09/24 00:25:39 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/09/24 00:25:38 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014/09/24 00:25:34 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/09/23 23:53:31 | 000,183,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2014/09/23 23:53:30 | 000,090,464 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\KeyboardFilterSvc.dll -- (MsKeyboardFilter)
SRV:64bit: - [2014/08/15 20:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2014/08/15 17:58:35 | 000,287,744 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2014/08/15 17:45:51 | 000,267,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/10/28 18:02:18 | 002,255,064 | ---- | M] (Broadcom Corporation.) [Disabled | Stopped] -- C:\Windows\SysNative\BtwRSupportService.exe -- (BcmBtRSupport)
SRV:64bit: - [2013/08/22 04:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 04:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 04:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 04:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 04:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 03:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 03:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 03:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 03:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 03:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 03:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 03:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 03:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 03:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 02:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 02:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 02:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 02:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 02:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 02:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 02:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 02:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/12/05 18:32:42 | 000,959,768 | ---- | M] (Broadcom Corporation.) [Disabled | Stopped] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2012/08/02 18:30:50 | 000,204,288 | ---- | M] (Broadcom Corporation) [Disabled | Stopped] -- C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe -- (BrcmMgmtAgent)
SRV:64bit: - [2011/12/01 10:04:56 | 000,289,952 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV:64bit: - [2006/10/11 17:36:58 | 000,561,152 | ---- | M] ( ) [Disabled | Stopped] -- C:\Windows\SysNative\dlcxcoms.exe -- (dlcx_device)
SRV - [2014/10/02 13:14:56 | 000,265,040 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\N360.exe -- (N360)
SRV - [2014/09/24 01:19:34 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/09/22 13:30:25 | 000,040,240 | ---- | M] (White Sky, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe -- (IDVaultSvc)
SRV - [2014/08/15 20:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/08/11 14:34:22 | 001,820,184 | ---- | M] (AVG Secure Search) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe -- (vToolbarUpdater18.1.9)
SRV - [2014/05/14 12:07:08 | 000,067,584 | ---- | M] (PasswordBox, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\PasswordBox\pbbtnService.exe -- (PasswordBox)
SRV - [2014/04/23 17:33:38 | 000,481,816 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2014/01/16 10:34:08 | 000,495,248 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2013/12/03 10:56:50 | 000,079,000 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2013/08/21 20:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/21 19:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2006/10/11 16:48:50 | 000,532,480 | ---- | M] ( ) [Disabled | Stopped] -- C:\Windows\SysWOW64\dlcxcoms.exe -- (dlcx_device)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/10/27 22:43:23 | 000,016,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SWDUMon.sys -- (SWDUMon)
DRV:64bit: - [2014/10/27 11:02:05 | 000,436,624 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2014/10/27 11:02:05 | 000,267,632 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014/10/27 11:02:05 | 000,116,728 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2014/10/27 11:02:05 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014/10/27 11:02:05 | 000,082,768 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014/10/27 11:02:05 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014/10/27 11:02:05 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2014/10/27 11:01:27 | 001,049,920 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014/10/27 11:01:20 | 000,270,728 | ---- | M] (Avast Software) [Kernel | Auto | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
DRV:64bit: - [2014/09/24 01:51:20 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/09/24 01:06:06 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/09/24 01:06:06 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/09/24 01:06:06 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/09/24 00:53:02 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/09/24 00:52:53 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/09/24 00:52:51 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/09/24 00:35:14 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2014/09/24 00:35:09 | 000,468,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/09/24 00:35:09 | 000,412,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/09/24 00:25:40 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/09/24 00:25:35 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2014/09/24 00:25:19 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2014/09/24 00:25:18 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/09/24 00:25:18 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/09/24 00:25:18 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/09/24 00:25:18 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014/09/24 00:25:18 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/09/24 00:25:18 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2014/09/24 00:25:18 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2014/09/24 00:25:18 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/09/23 23:53:33 | 000,022,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kbldfltr.sys -- (kbldfltr)
DRV:64bit: - [2014/09/23 23:53:31 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2014/09/23 23:53:21 | 000,220,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Vid.sys -- (Vid)
DRV:64bit: - [2014/09/23 23:53:21 | 000,129,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbusr.sys -- (vmbusr)
DRV:64bit: - [2014/09/23 23:53:21 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsp.sys -- (storvsp)
DRV:64bit: - [2014/09/23 23:53:21 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcivsp.sys -- (vpcivsp)
DRV:64bit: - [2014/09/23 23:53:21 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2014/08/25 19:26:58 | 000,593,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1506000.020\symnets.sys -- (SymNetS)
DRV:64bit: - [2014/08/25 19:26:57 | 001,148,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1506000.020\symefa64.sys -- (SymEFA)
DRV:64bit: - [2014/08/25 19:20:22 | 000,876,248 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\N360x64\1506000.020\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2014/08/25 19:20:22 | 000,037,592 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1506000.020\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2014/08/14 17:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/08/06 12:48:16 | 000,266,968 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1506000.020\ironx64.sys -- (SymIRON)
DRV:64bit: - [2014/03/19 15:23:14 | 000,076,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2014/03/19 15:23:14 | 000,050,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2014/03/19 15:23:14 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:64bit: - [2014/03/19 10:54:34 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:64bit: - [2013/12/29 22:17:28 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2013/10/28 18:02:18 | 000,166,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2013/10/28 18:02:16 | 000,170,712 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcbtums.sys -- (bcbtums)
DRV:64bit: - [2013/09/25 19:50:25 | 000,162,392 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1506000.020\ccsetx64.sys -- (ccSet_N360)
DRV:64bit: - [2013/09/09 19:47:38 | 000,023,568 | R--- | M] (Symantec Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\N360x64\1506000.020\symelam.sys -- (SymELAM)
DRV:64bit: - [2013/09/09 19:47:26 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1506000.020\symds64.sys -- (SymDS)
DRV:64bit: - [2013/08/22 06:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 06:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 05:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 05:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 05:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 05:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 05:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 05:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 05:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 05:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 05:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 05:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 05:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 05:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 05:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 05:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 05:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 05:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 05:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 05:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 05:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 05:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 05:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 05:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 05:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 05:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 05:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 05:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 05:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 04:39:58 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2013/08/22 04:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 04:39:50 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2013/08/22 04:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 04:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 04:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 04:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 04:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 04:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 04:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 04:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 04:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 04:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 04:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 04:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 04:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 04:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 04:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 04:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 04:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 04:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 04:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 04:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 03:27:46 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2013/08/22 01:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/12 16:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/09 17:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 11:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 12:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/06/18 07:45:47 | 007,530,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netwlv64.sys -- (netwlv64)
DRV:64bit: - [2013/06/18 07:45:08 | 000,425,984 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2012/07/11 23:04:30 | 000,445,304 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2012/06/06 10:53:56 | 000,132,096 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\basp.sys -- (Blfp)
DRV:64bit: - [2007/10/10 17:03:00 | 000,266,624 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV:64bit: - [2007/03/05 10:55:48 | 000,012,288 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\OEM02Vfx.sys -- (OEM02Vfx)
DRV:64bit: - [2006/11/18 13:07:48 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2006/11/17 17:49:52 | 000,052,224 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2005/09/23 22:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV - [2014/10/22 04:47:55 | 002,137,304 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20141027.032\ex64.sys -- (NAVEX15)
DRV - [2014/10/22 04:47:55 | 000,129,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20141027.032\eng64.sys -- (NAVENG)
DRV - [2014/10/03 12:19:31 | 001,587,416 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20141016.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2014/09/09 08:47:24 | 000,142,640 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2014/09/09 08:47:23 | 000,487,216 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2014/08/29 12:30:44 | 000,633,560 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20141027.001\IDSviA64.sys -- (IDSVia64)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}: "URL" = http://www.default-search.net/search?sid=476&aid=100&itype=a&ver=12692&tm=314&src=ds&p={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}: "URL" = http://www.default-search.net/search?sid=476&aid=100&itype=a&ver=12692&tm=314&src=ds&p={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.default-search.net?sid=476&aid=100&itype=n&ver=12302&tm=314&src=hmp
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\..\SearchScopes\{20B4A0B5-10F8-42B8-8DCF-0962BDA93C52}: "URL" = http://www.search.ask.com/web?tpid=OVO2V7C&o=APN11381&pf=V7&p2=%5EBAO%5EYYYYYY%5EYY%5EUS&gct=&itbv=12.10.6.5033&apn_uid=14250F2E-33C6-4FDA-BC27-EEF94FCF7C77&apn_ptnrs=%5EBAO&apn_dtid=%5EYYYYYY%5EYY%5EUS&apn_dbr=iexplore.exe_6_10.0.9200.16843&doi=2014-04-09&trgb=IE&q={searchTerms}&psv=
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}: "URL" = http://www.default-search.net/search?sid=476&aid=100&itype=a&ver=12521&tm=314&src=ds&p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.3.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.1.204 [2014/02/05 19:35:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013/12/29 22:20:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ [2014/10/27 15:16:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/10/27 11:02:13 | 000,000,000 | ---D | M]
 
 
========== Chrome  ==========
 
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\GAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\GAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.0.2204.148_0\
CHR - Extension: No name found = C:\Users\GAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif\1.0.5_0\
CHR - Extension: No name found = C:\Users\GAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.7.9.12_0\
CHR - Extension: No name found = C:\Users\GAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
 
O1 HOSTS File: ([2013/08/22 06:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (no name) - {4F564F32-5637-4300-76A7-7A786E7484D7} - No CLSID value found.
O2:64bit: - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coieplg.dll (Symantec Corporation)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll (Microsoft Corporation)
O2:64bit: - BHO: (no name) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No CLSID value found.
O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll (Microsoft Corporation)
O2 - BHO: (PasswordBox Helper) - {5DB69B97-934B-451D-94DB-32EF802A01CD} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll (PasswordBox, Inc.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O2 - BHO: (Constant Guard Protection Suite) - {B84CDBE7-1B46-494B-A188-01D4C52DEB61} - C:\ProgramData\White Sky, Inc\ID Vault\IEBHO1.14.922.1\NativeBHO.dll (WhiteSky)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - \bin\jp2ssv.dll File not found
O3:64bit: - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4F564F32-5637-4300-76A7-7A786E7484D7} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [dlcxmon.exe] C:\Program Files (x86)\Dell Photo AIO Printer 926\dlcxmon.exe ()
O4:64bit: - HKLM..\Run: [MemoryCardManager] C:\Program Files (x86)\Dell Photo AIO Printer 926\memcard.exe ()
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [fst_us_170] "C:\Program Files (x86)\fst_us_170\fst_us_170.exe" File not found
O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe ()
O4 - HKCU..\Run: [Tango] C:\Program Files (x86)\Tango\Tango.exe (Tango Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O9:64bit: - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{781318B8-AB05-469F-992B-B100ACC1F831}: NameServer = 208.69.150.250,208.69.150.252
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AAFE70EE-C607-46A6-A259-8B628BE8A989}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AAFE70EE-C607-46A6-A259-8B628BE8A989}: NameServer = 75.75.75.75,75.75.76.76
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\bitguard.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\bprotect.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\bpsvc.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\browserdefender.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\browserprotect.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\browsersafeguard.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\dprotectsvc.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\jumpflip: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\protectedsearch.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\searchinstaller.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\searchprotection.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\searchprotector.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\searchsettings.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\searchsettings64.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\snapdo.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\stinst32.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\stinst64.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\umbrella.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\utiljumpflip.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\volaro: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\vonteera: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\websteroids.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27:64bit: - HKLM IFEO\websteroidsservice.exe: Debugger - C:\WINDOWS\SysNative\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bitguard.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bprotect.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bpsvc.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browserdefender.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browserprotect.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browsersafeguard.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\dprotectsvc.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\jumpflip: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\protectedsearch.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchinstaller.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchprotection.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchprotector.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchsettings.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchsettings64.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\snapdo.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\stinst32.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\stinst64.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\umbrella.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\utiljumpflip.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\volaro: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\vonteera: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\websteroids.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\websteroidsservice.exe: Debugger - C:\WINDOWS\SysWow64\tasklist.exe (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/10/28 11:23:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Webcam
[2014/10/28 10:39:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\appmgmt
[2014/10/28 10:36:11 | 000,000,000 | ---D | C] -- C:\Sun
[2014/10/27 16:03:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Dell
[2014/10/27 15:06:55 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/10/27 14:30:56 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\GAdmin\Desktop\OTL.exe
[2014/10/27 12:47:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\vbox
[2014/10/27 12:47:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\vbox
[2014/10/27 12:35:50 | 000,000,000 | -HSD | C] -- C:\Users\GAdmin\AppData\Local\EmieUserList
[2014/10/27 12:35:50 | 000,000,000 | -HSD | C] -- C:\Users\GAdmin\AppData\Local\EmieSiteList
[2014/10/27 11:58:53 | 000,000,000 | ---D | C] -- C:\Users\GAdmin\AppData\Roaming\AVAST Software
[2014/10/27 11:08:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
[2014/10/27 11:03:05 | 000,116,728 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswStm.sys
[2014/10/27 11:02:57 | 000,436,624 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSP.sys
[2014/10/27 11:02:47 | 000,082,768 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys
[2014/10/27 11:02:40 | 000,093,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys
[2014/10/27 11:02:34 | 001,049,920 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSnx.sys
[2014/10/27 11:02:27 | 000,364,512 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe
[2014/10/27 11:02:04 | 000,043,152 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014/10/27 10:59:59 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/10/27 10:56:48 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014/10/20 16:41:28 | 000,146,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\msgpioclx.sys
[2014/10/20 16:38:20 | 013,423,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2014/10/20 16:38:20 | 011,818,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2014/10/20 16:38:19 | 002,860,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2014/10/20 16:38:19 | 002,374,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2014/10/20 16:38:18 | 002,084,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2014/10/20 16:38:18 | 000,796,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uDWM.dll
[2014/10/20 16:38:18 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UXInit.dll
[2014/10/20 16:38:18 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UXInit.dll
[2014/10/20 16:35:43 | 003,118,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Wpc.dll
[2014/10/20 16:35:43 | 003,048,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcMon.exe
[2014/10/20 16:35:43 | 002,861,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcWebSync.dll
[2014/10/20 16:35:43 | 002,344,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Wpc.dll
[2014/10/20 16:35:24 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TsWpfWrp.exe
[2014/10/20 16:35:24 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TsWpfWrp.exe
[2014/10/20 16:35:06 | 002,125,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d9.dll
[2014/10/20 16:35:04 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll
[2014/10/20 16:35:04 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vpnike.dll
[2014/10/20 16:35:04 | 000,301,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\framedynos.dll
[2014/10/20 16:35:04 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpcore6.dll
[2014/10/20 16:35:04 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\framedynos.dll
[2014/10/20 16:35:03 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\framedyn.dll
[2014/10/20 16:35:03 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dhcpcore6.dll
[2014/10/20 16:35:03 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Robocopy.exe
[2014/10/20 16:35:03 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncobjapi.dll
[2014/10/20 16:35:03 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncobjapi.dll
[2014/10/20 16:35:02 | 000,997,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll
[2014/10/20 16:35:02 | 000,794,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fvewiz.dll
[2014/10/20 16:35:02 | 000,311,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fvecpl.dll
[2014/10/20 16:35:02 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\framedyn.dll
[2014/10/20 16:35:02 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BdeHdCfg.exe
[2014/10/20 16:35:02 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Robocopy.exe
[2014/10/20 16:35:02 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpcsvc6.dll
[2014/10/20 16:35:01 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BdeHdCfgLib.dll
[2014/10/20 16:34:52 | 008,757,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Search.dll
[2014/10/20 16:34:47 | 006,649,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2014/10/20 16:34:47 | 005,902,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Search.dll
[2014/10/20 16:34:46 | 005,777,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2014/10/20 16:34:46 | 004,758,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll
[2014/10/20 16:34:45 | 001,710,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2014/10/20 16:34:45 | 001,507,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\propsys.dll
[2014/10/20 16:34:45 | 001,112,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2014/10/20 16:34:45 | 001,106,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFolder.dll
[2014/10/20 16:34:44 | 000,920,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2014/10/20 16:34:44 | 000,756,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2014/10/20 16:34:44 | 000,359,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Wldap32.dll
[2014/10/20 16:34:43 | 000,287,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll
[2014/10/20 16:34:42 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDrive.exe
[2014/10/20 16:34:42 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveTelemetry.dll
[2014/10/20 16:34:42 | 000,428,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2014/10/20 16:34:42 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ProximityService.dll
[2014/10/20 16:34:42 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveShell.dll
[2014/10/20 16:34:42 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcsvDevice.dll
[2014/10/20 16:34:42 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2014/10/20 16:34:42 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SkyDriveShell.dll
[2014/10/20 16:34:42 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\httpprxm.dll
[2014/10/20 16:34:42 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adhsvc.dll
[2014/10/20 16:34:41 | 000,249,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/10/20 16:34:41 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/10/20 16:34:31 | 000,875,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvcr120_clr0400.dll
[2014/10/20 16:34:31 | 000,869,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvcr120_clr0400.dll
[2014/10/20 16:34:06 | 000,668,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpprefcl.dll
[2014/10/20 16:34:06 | 000,655,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cscui.dll
[2014/10/20 16:34:06 | 000,590,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gpprefcl.dll
[2014/10/20 16:34:06 | 000,423,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hal.dll
[2014/10/20 16:34:06 | 000,323,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DaOtpCredentialProvider.dll
[2014/10/20 16:34:06 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUDFHost.exe
[2014/10/20 16:34:06 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DaOtpCredentialProvider.dll
[2014/10/20 16:34:06 | 000,209,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUDFPlatform.dll
[2014/10/20 16:33:57 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepdu.dll
[2014/10/20 16:33:57 | 000,527,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2014/10/20 16:33:57 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2014/10/20 16:33:57 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll
[2014/10/20 16:33:54 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lockscreencn.dll
[2014/10/20 16:33:47 | 000,623,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAgent.exe
[2014/10/20 15:12:24 | 000,000,000 | ---D | C] -- C:\Users\GAdmin\AppData\Roaming\Identities
[2014/10/20 14:41:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther
[2014/10/20 14:40:15 | 001,702,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2014/10/20 14:40:15 | 000,839,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2014/10/20 14:40:15 | 000,672,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2014/10/20 14:40:15 | 000,388,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2014/10/20 14:40:15 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll
[2014/10/20 14:40:15 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll
[2014/10/20 14:40:15 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2014/10/20 14:40:15 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2014/10/20 14:40:15 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2014/10/20 14:40:15 | 000,054,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2014/10/20 14:40:15 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2014/10/20 14:40:15 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe
[2014/10/20 14:40:15 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe
[2014/10/20 14:40:02 | 000,921,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll
[2014/10/20 14:40:02 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll
[2014/10/20 14:40:02 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbici.dll
[2014/10/20 14:40:02 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BulkOperationHost.exe
[2014/10/20 14:39:49 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\packager.dll
[2014/10/20 14:39:49 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\packager.dll
[2014/10/20 14:39:37 | 002,779,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll
[2014/10/20 14:39:37 | 002,646,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2014/10/20 14:39:37 | 002,321,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2014/10/20 14:39:18 | 005,829,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014/10/20 14:39:18 | 002,108,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2014/10/20 14:39:18 | 002,017,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2014/10/20 14:39:18 | 000,775,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2014/10/20 14:39:18 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2014/10/20 14:39:18 | 000,731,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2014/10/20 14:39:18 | 000,710,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014/10/20 14:39:18 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2014/10/20 14:39:18 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2014/10/20 14:39:18 | 000,547,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2014/10/20 14:39:18 | 000,446,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll
[2014/10/20 14:39:18 | 000,289,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll
[2014/10/20 14:39:18 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2014/10/20 14:39:18 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MshtmlDac.dll
[2014/10/20 14:39:18 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JavaScriptCollectionAgent.dll
[2014/10/20 14:39:18 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2014/10/20 14:39:18 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MshtmlDac.dll
[2014/10/20 14:39:18 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JavaScriptCollectionAgent.dll
[2014/10/20 14:38:40 | 000,590,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastls.dll
[2014/10/20 14:38:40 | 000,514,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastls.dll
[2014/10/20 14:28:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2014/10/20 14:28:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2014/10/20 14:28:15 | 000,000,000 | ---D | C] -- C:\Program Files\Hyper-V
[2014/10/20 14:28:14 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hyper-V Management Tools
[2014/10/20 14:28:14 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2014/10/20 14:28:14 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2014/10/20 14:27:31 | 000,778,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll
[2014/10/20 14:27:31 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2014/10/20 14:27:30 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2014/10/20 14:27:28 | 001,166,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationNative_v0300.dll
[2014/10/20 13:56:57 | 000,000,000 | --SD | C] -- C:\Users\GAdmin\AppData\Roaming\Microsoft
[2014/10/20 13:56:57 | 000,000,000 | R--D | C] -- C:\Users\GAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2014/10/20 13:56:57 | 000,000,000 | R--D | C] -- C:\Users\GAdmin\Favorites
[2014/10/20 13:56:57 | 000,000,000 | R--D | C] -- C:\Users\GAdmin\Documents
[2014/10/20 13:56:57 | 000,000,000 | R--D | C] -- C:\Users\GAdmin\Desktop
[2014/10/20 13:56:57 | 000,000,000 | R--D | C] -- C:\Users\GAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/10/20 13:56:57 | 000,000,000 | R--D | C] -- C:\Users\GAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2014/10/20 13:56:57 | 000,000,000 | -HSD | C] -- C:\Users\GAdmin\AppData\Local\Temporary Internet Files
[2014/10/20 13:56:57 | 000,000,000 | -HSD | C] -- C:\Users\GAdmin\Templates
[2014/10/20 13:56:57 | 000,000,000 | -HSD | C] -- C:\Users\GAdmin\Start Menu
[2014/10/20 13:56:57 | 000,000,000 | -HSD | C] -- C:\Users\GAdmin\SendTo
[2014/10/20 13:56:57 | 000,000,000 | -HSD | C] -- C:\Users\GAdmin\Recent
[2014/10/20 13:56:57 | 000,000,000 | -HSD | C] -- C:\Users\GAdmin\PrintHood
[2014/10/20 13:56:57 | 000,000,000 | -HSD | C] -- C:\Users\GAdmin\NetHood
[2014/10/20 13:56:57 | 000,000,000 | -HSD | C] -- C:\Users\GAdmin\Documents\My Videos
[2014/10/20 13:56:57 | 000,000,000 | -HSD | C] -- C:\Users\GAdmin\Documents\My Pictures
[2014/10/20 13:56:57 | 000,000,000 | -HSD | C] -- C:\Users\GAdmin\Documents\My Music
[2014/10/20 13:56:57 | 000,000,000 | -HSD | C] -- C:\Users\GAdmin\My Documents
[2014/10/20 13:56:57 | 000,000,000 | -HSD | C] -- C:\Users\GAdmin\Local Settings
[2014/10/20 13:56:57 | 000,000,000 | -HSD | C] -- C:\Users\GAdmin\AppData\Local\History
[2014/10/20 13:56:57 | 000,000,000 | -HSD | C] -- C:\Users\GAdmin\Cookies
[2014/10/20 13:56:57 | 000,000,000 | -HSD | C] -- C:\Users\GAdmin\Application Data
[2014/10/20 13:56:57 | 000,000,000 | -HSD | C] -- C:\Users\GAdmin\AppData\Local\Application Data
[2014/10/20 13:56:57 | 000,000,000 | -H-D | C] -- C:\Users\GAdmin\AppData
[2014/10/20 13:56:57 | 000,000,000 | ---D | C] -- C:\Users\GAdmin\AppData\Local\Temp
[2014/10/20 13:56:57 | 000,000,000 | ---D | C] -- C:\Users\GAdmin\AppData\Local\Microsoft
[2014/10/20 13:56:57 | 000,000,000 | ---D | C] -- C:\Users\GAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/10/20 13:45:49 | 000,000,000 | ---D | C] -- C:\Program Files\DellTPad
[2014/10/20 13:45:30 | 006,599,968 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcpl.dll
[2014/10/20 13:45:30 | 003,452,192 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvc64.dll
[2014/10/20 13:45:30 | 002,559,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvcr.dll
[2014/10/20 13:45:30 | 000,219,424 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvmctray.dll
[2014/10/20 13:45:30 | 000,063,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvshext.dll
[2014/10/20 13:44:53 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2014/10/20 13:44:43 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2014/10/20 13:42:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2014/10/20 10:54:25 | 000,000,000 | ---D | C] -- C:\Users\GAdmin\AppData\Roaming\Motorola Mobility
[2014/10/19 21:43:30 | 000,000,000 | ---D | C] -- C:\Users\GAdmin\AppData\Roaming\DivX
[2014/10/19 21:43:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
[2014/10/19 19:42:45 | 001,890,080 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6434052.dll
[2014/10/19 19:42:45 | 001,539,928 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6434052.dll
[2014/10/19 19:38:03 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2014/10/19 19:31:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
[2014/10/19 19:30:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Mouse and Keyboard Center
[2014/10/19 19:27:44 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2014/10/19 19:26:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2014/10/19 19:19:56 | 000,000,000 | ---D | C] -- C:\ProgramData\SlimWare Utilities, Inc
[2014/10/19 19:16:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverUpdate
[2014/10/19 19:16:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DriverUpdate
[1 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/10/28 13:46:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/10/28 13:45:07 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3749778937-3158879764-3578227263-1004Core.job
[2014/10/28 13:45:05 | 000,000,948 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3749778937-3158879764-3578227263-1004UA.job
[2014/10/28 11:29:31 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/10/28 11:28:25 | 000,000,444 | ---- | M] () -- C:\WINDOWS\tasks\DriverUpdate Startup.job
[2014/10/28 11:27:08 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/10/28 11:27:06 | 3434,344,448 | -HS- | M] () -- C:\hiberfil.sys
[2014/10/28 08:43:16 | 812,162,359 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2014/10/27 22:48:51 | 000,002,203 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/10/27 22:43:23 | 000,016,152 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\SWDUMon.sys
[2014/10/27 16:04:56 | 000,863,592 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/10/27 16:04:56 | 000,731,650 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/10/27 16:04:56 | 000,135,726 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/10/27 16:03:27 | 005,525,602 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\N360x64\1506000.020\Cat.DB
[2014/10/27 14:30:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\GAdmin\Desktop\OTL.exe
[2014/10/27 11:45:00 | 000,002,303 | ---- | M] () -- C:\Users\GAdmin\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/10/27 11:08:04 | 000,001,980 | ---- | M] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2014/10/27 11:02:05 | 000,436,624 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSP.sys
[2014/10/27 11:02:05 | 000,364,512 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe
[2014/10/27 11:02:05 | 000,267,632 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\aswVmm.sys
[2014/10/27 11:02:05 | 000,116,728 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswStm.sys
[2014/10/27 11:02:05 | 000,093,568 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys
[2014/10/27 11:02:05 | 000,082,768 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys
[2014/10/27 11:02:05 | 000,065,776 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys
[2014/10/27 11:02:05 | 000,029,208 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\aswHwid.sys
[2014/10/27 11:02:04 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014/10/27 11:01:27 | 001,049,920 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSnx.sys
[2014/10/23 13:41:24 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/10/20 14:42:24 | 000,030,483 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2014/10/20 14:42:24 | 000,030,483 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2014/10/20 14:40:15 | 001,702,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2014/10/20 14:40:15 | 000,839,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2014/10/20 14:40:15 | 000,672,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2014/10/20 14:40:15 | 000,388,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2014/10/20 14:40:15 | 000,137,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll
[2014/10/20 14:40:15 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll
[2014/10/20 14:40:15 | 000,093,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2014/10/20 14:40:15 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2014/10/20 14:40:15 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2014/10/20 14:40:15 | 000,054,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2014/10/20 14:40:15 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2014/10/20 14:40:15 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe
[2014/10/20 14:40:15 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe
[2014/10/20 14:40:02 | 000,921,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll
[2014/10/20 14:40:02 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll
[2014/10/20 14:40:02 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbici.dll
[2014/10/20 14:40:02 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BulkOperationHost.exe
[2014/10/20 14:39:49 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\packager.dll
[2014/10/20 14:39:49 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\packager.dll
[2014/10/20 14:39:37 | 002,779,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll
[2014/10/20 14:39:37 | 002,646,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2014/10/20 14:39:37 | 002,321,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2014/10/20 14:39:18 | 005,829,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014/10/20 14:39:18 | 002,108,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2014/10/20 14:39:18 | 002,017,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2014/10/20 14:39:18 | 000,775,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2014/10/20 14:39:18 | 000,758,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2014/10/20 14:39:18 | 000,731,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2014/10/20 14:39:18 | 000,710,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014/10/20 14:39:18 | 000,678,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2014/10/20 14:39:18 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2014/10/20 14:39:18 | 000,547,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2014/10/20 14:39:18 | 000,446,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll
[2014/10/20 14:39:18 | 000,289,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll
[2014/10/20 14:39:18 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2014/10/20 14:39:18 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MshtmlDac.dll
[2014/10/20 14:39:18 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JavaScriptCollectionAgent.dll
[2014/10/20 14:39:18 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2014/10/20 14:39:18 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MshtmlDac.dll
[2014/10/20 14:39:18 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JavaScriptCollectionAgent.dll
[2014/10/20 14:38:40 | 000,590,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastls.dll
[2014/10/20 14:38:40 | 000,514,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastls.dll
[2014/10/20 14:33:48 | 000,022,744 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2014/10/20 14:28:10 | 000,533,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vmconnect.exe
[2014/10/20 14:28:08 | 000,144,967 | ---- | M] () -- C:\WINDOWS\SysNative\virtmgmt.msc
[2014/10/20 14:28:07 | 000,220,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RemoteFileBrowse.dll
[2014/10/20 14:12:57 | 000,555,152 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/10/20 13:45:51 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_Apfiltr_01009.Wdf
[2014/10/19 21:44:18 | 000,001,617 | ---- | M] () -- C:\Users\GAdmin\Desktop\DivX Movies.lnk
[2014/10/19 21:44:07 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\DivX Player.lnk
[2014/10/19 21:43:33 | 000,001,131 | ---- | M] () -- C:\Users\Public\Desktop\DivX Converter.lnk
[2014/10/19 19:16:53 | 000,002,469 | ---- | M] () -- C:\Users\Public\Desktop\DriverUpdate.lnk
[2014/10/17 10:27:14 | 000,002,207 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Constant Guard.lnk
[2014/10/17 10:27:14 | 000,002,189 | ---- | M] () -- C:\Users\Public\Desktop\Constant Guard.lnk
[2014/10/17 10:20:45 | 000,002,440 | ---- | M] () -- C:\Users\Public\Desktop\Norton Security Suite.lnk
[2014/10/17 10:19:18 | 000,048,844 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\N360x64\1506000.020\VT20141014.006
[2014/10/09 15:16:51 | 000,678,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepdu.dll
[2014/10/08 20:10:33 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2014/10/08 15:09:34 | 000,275,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2014/10/02 13:14:26 | 000,000,172 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\N360x64\1506000.020\isolate.ini
[2014/09/29 15:45:58 | 000,706,016 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014/09/29 15:45:58 | 000,105,440 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[1 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/10/27 11:08:03 | 000,001,980 | ---- | C] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2014/10/27 11:03:00 | 000,267,632 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\aswVmm.sys
[2014/10/27 11:02:56 | 000,065,776 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys
[2014/10/27 11:02:43 | 000,029,208 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\aswHwid.sys
[2014/10/20 16:35:01 | 000,050,745 | ---- | C] () -- C:\WINDOWS\SysNative\srms.dat
[2014/10/20 16:34:41 | 000,388,729 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/10/20 15:12:33 | 000,001,446 | ---- | C] () -- C:\Users\GAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/10/20 14:33:48 | 000,022,744 | ---- | C] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2014/10/20 14:07:16 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2014/10/20 13:57:25 | 000,030,483 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2014/10/20 13:57:25 | 000,030,483 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2014/10/20 13:56:57 | 000,000,369 | ---- | C] () -- C:\Users\GAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
[2014/10/20 13:56:57 | 000,000,369 | ---- | C] () -- C:\Users\GAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
[2014/10/20 13:56:57 | 000,000,352 | ---- | C] () -- C:\Users\GAdmin\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/10/20 13:56:57 | 000,000,334 | ---- | C] () -- C:\Users\GAdmin\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2014/10/20 13:45:51 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_Apfiltr_01009.Wdf
[2014/10/19 21:44:07 | 000,001,066 | ---- | C] () -- C:\Users\Public\Desktop\DivX Player.lnk
[2014/10/19 21:43:33 | 000,001,131 | ---- | C] () -- C:\Users\Public\Desktop\DivX Converter.lnk
[2014/09/24 00:25:52 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/09/24 00:25:21 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/08/04 14:22:40 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2014/03/17 09:38:03 | 001,224,704 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\dlcxserv.dll
[2014/03/17 09:38:03 | 000,991,232 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\dlcxusb1.dll
[2014/03/17 09:38:03 | 000,696,320 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\dlcxhbn3.dll
[2014/03/17 09:38:03 | 000,684,032 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\dlcxcomc.dll
[2014/03/17 09:38:03 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\dlcxpmui.dll
[2014/03/17 09:38:03 | 000,585,728 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\dlcxlmpm.dll
[2014/03/17 09:38:03 | 000,532,480 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\dlcxcoms.exe
[2014/03/17 09:38:03 | 000,454,656 | ---- | C] () -- C:\WINDOWS\SysWow64\dlcxutil.dll
[2014/03/17 09:38:03 | 000,421,888 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\dlcxcomm.dll
[2014/03/17 09:38:03 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\dlcxinpa.dll
[2014/03/17 09:38:03 | 000,397,312 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\dlcxiesc.dll
[2014/03/17 09:38:03 | 000,381,832 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\dlcxcfg.exe
[2014/03/17 09:38:03 | 000,380,928 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\dlcxih.exe
[2014/03/17 09:38:03 | 000,274,432 | ---- | C] () -- C:\WINDOWS\SysWow64\dlcxinst.dll
[2014/03/17 09:38:03 | 000,176,128 | ---- | C] () -- C:\WINDOWS\SysWow64\dlcxinsb.dll
[2014/03/17 09:38:03 | 000,176,128 | ---- | C] () -- C:\WINDOWS\SysWow64\dlcxins.dll
[2014/03/17 09:38:03 | 000,176,128 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\dlcxppls.exe
[2014/03/17 09:38:03 | 000,163,840 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\dlcxprox.dll
[2014/03/17 09:38:03 | 000,139,264 | ---- | C] () -- C:\WINDOWS\SysWow64\dlcxjswr.dll
[2014/03/17 09:38:03 | 000,106,496 | ---- | C] () -- C:\WINDOWS\SysWow64\dlcxinsr.dll
[2014/03/17 09:38:03 | 000,094,208 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\dlcxpplc.dll
[2014/03/17 09:38:03 | 000,086,016 | ---- | C] () -- C:\WINDOWS\SysWow64\dlcxcub.dll
[2014/03/17 09:38:03 | 000,073,728 | ---- | C] () -- C:\WINDOWS\SysWow64\dlcxcu.dll
[2014/03/17 09:38:03 | 000,073,728 | ---- | C] () -- C:\WINDOWS\SysWow64\DLCXcfg.dll
[2014/03/17 09:38:03 | 000,036,864 | ---- | C] () -- C:\WINDOWS\SysWow64\dlcxcur.dll
[2013/08/22 08:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 08:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 07:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 00:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 20:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 16:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 16:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
 
========== ZeroAccess Check ==========
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/08/15 21:08:41 | 021,195,616 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/08/15 20:16:40 | 018,722,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 02:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 19:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 02:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:373E1720

< End of report >



BC AdBot (Login to Remove)

 


#2 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:35 AM

Posted 31 October 2014 - 12:43 PM

Hi & :welcome: to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully: :exclame:
  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
  • If I don't reply within 24 hours please PM me!
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
Step 1

Please run a FRST scan. This will help us diagnose your problem.

frst.pngfrstscan.png
Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#3 brygar

brygar
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:35 PM

Posted 31 October 2014 - 01:09 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-10-2014 01
Ran by bryga_000 (ATTENTION: The logged in user is not administrator) on GARRETT-XPS on 31-10-2014 11:05:04
Running from C:\Users\bryga_000\Downloads
Loaded Profiles: GAdmin & bryga_000 (Available profiles: GAdmin & bryga_000)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
() C:\Users\bryga_000\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\18.1.9\ScriptHelper.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coNatHst.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [678296 2012-07-09] (Alps Electric Co., Ltd.)
HKLM\...\Run: [dlcxmon.exe] => C:\Program Files (x86)\Dell Photo AIO Printer 926\dlcxmon.exe [292336 2007-01-12] ()
HKLM\...\Run: [MemoryCardManager] => C:\Program Files (x86)\Dell Photo AIO Printer 926\memcard.exe [304008 2006-11-03] ()
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2548248 2014-04-23] (Sony Corporation)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2640408 2014-08-27] ()
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-08-18] (DivX, LLC)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH)
HKLM-x32\...\Run: [fst_us_170] => "C:\Program Files (x86)\fst_us_170\fst_us_170.exe"
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-09] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2014-10-27] (AVAST Software)
HKLM-x32\...\Run: [OEM02Mon.exe] => C:\WINDOWS\OEM02Mon.exe [36864 2007-05-09] (Creative Technology Ltd.)
HKLM\...\RunOnce: [*WerKernelReporting] => C:\Windows\SYSTEM32\WerFault.exe [461176 2014-09-24] (Microsoft Corporation)
HKU\S-1-5-21-3749778937-3158879764-3578227263-1004\...\Run: [Google Update] => C:\Users\bryga_000\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-04-28] (Google Inc.)
HKU\S-1-5-21-3749778937-3158879764-3578227263-1004\...\Run: [Amazon Cloud Player] => C:\Users\bryga_000\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2014-05-08] ()
HKU\S-1-5-21-3749778937-3158879764-3578227263-1004\...\Run: [HP ENVY 4500 series (NET)] => C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [3487240 2014-03-06] (Hewlett-Packard Co.)
HKU\S-1-5-21-3749778937-3158879764-3578227263-1004\...A8F59079A8D5}\localserver32:  <==== ATTENTION!
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Constant Guard.lnk
ShortcutTarget: Constant Guard.lnk -> C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe (White Sky, Inc.)
Startup: C:\Users\bryga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verizon Wireless Software Utility Application for Android – Samsung.lnk
ShortcutTarget: Verizon Wireless Software Utility Application for Android – Samsung.lnk -> C:\Users\bryga_000\AppData\Roaming\Verizon\UA_ar\UA.exe (No File)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://t.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x852B8048DA9BCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-search.net/search?sid=476&aid=100&itype=a&ver=12692&tm=314&src=ds&p={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={BFBC07F5-3650-4D0A-9453-3133588AE27E}&mid=9d55ccde3ce247d39dd6d1549f0ead4b-6559d7742a211c3db94411700f2ab2de597a2c65&lang=en&ds=dn011&coid=avgtbdisdn&cmpid=&pr=sa&d=2014-02-05 18:35:49&v=18.1.9.799&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: No Name -> {4F564F32-5637-4300-76A7-7A786E7484D7} ->  No File
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: No Name -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} ->  No File
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: PasswordBox Helper -> {5DB69B97-934B-451D-94DB-32EF802A01CD} -> C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll (PasswordBox, Inc.)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} ->  No File
BHO-x32: Constant Guard Protection Suite -> {B84CDBE7-1B46-494B-A188-01D4C52DEB61} -> C:\ProgramData\White Sky, Inc\ID Vault\IEBHO1.14.922.1\NativeBHO.dll (WhiteSky)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> \bin\jp2ssv.dll No File
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {4F564F32-5637-4300-76A7-7A786E7484D7} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{781318B8-AB05-469F-992B-B100ACC1F831}: [NameServer] 208.69.150.250,208.69.150.252
Tcpip\..\Interfaces\{AAFE70EE-C607-46A6-A259-8B628BE8A989}: [NameServer] 75.75.75.75,75.75.76.76
 
FireFox:
========
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.3.1 -> C:\WINDOWS\system32\npDeployJava1.dll No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\bryga_000\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\bryga_000\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.1.204
FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.1.204 [2014-02-05]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013-12-29]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2014-10-27]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-27]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.default-search.net?sid=476&aid=100&itype=n&ver=12302&tm=314&src=hmp
CHR StartupUrls: Default -> "https://www.google.com/?gws_rd=ssl"
CHR DefaultSearchKeyword: Default -> default-search.net
CHR DefaultSuggestURL: Default -> 
CHR Profile: C:\Users\bryga_000\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\bryga_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-30]
CHR Extension: (Google Cast) - C:\Users\bryga_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-10-30]
CHR Extension: (MSN Homepage) - C:\Users\bryga_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkcgfbgohboipdhliafmacjnhjbhmim [2014-10-31]
CHR Extension: (Avast Online Security) - C:\Users\bryga_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-30]
CHR Extension: (Norton Identity Safe) - C:\Users\bryga_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-10-30]
CHR Extension: (Norton Security Toolbar) - C:\Users\bryga_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-10-30]
CHR Extension: (AVG Secure Search) - C:\Users\bryga_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2014-10-30]
CHR Extension: (Google Wallet) - C:\Users\bryga_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-30]
CHR Extension: (ArcadeFrontier) - C:\Users\bryga_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\peglehonblabfemopkgmfcpofbchegcl [2014-10-30]
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-16]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-27]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-16]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-27] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-10-27] (Avast Software)
S4 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2255064 2013-10-28] (Broadcom Corporation.)
S4 BrcmMgmtAgent; C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [204288 2012-08-02] (Broadcom Corporation) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2436280 2014-09-25] (Microsoft Corporation)
S4 dlcx_device; C:\Windows\system32\dlcxcoms.exe [561152 2006-10-11] ( )
S4 dlcx_device; C:\Windows\SysWOW64\dlcxcoms.exe [532480 2006-10-11] ( ) [File not signed]
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-09-24] (Microsoft Corporation)
R2 lmhosts; C:\Windows\system32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
R2 lmhosts; C:\Windows\SysWOW64\svchost.exe [31552 2013-08-21] (Microsoft Corporation)
R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\N360.exe [265040 2014-10-02] (Symantec Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-09-24] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [31552 2013-08-21] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
R2 nsi; C:\Windows\SysWOW64\svchost.exe [31552 2013-08-21] (Microsoft Corporation)
S4 PasswordBox; C:\Program Files (x86)\PasswordBox\pbbtnService.exe [67584 2014-05-14] (PasswordBox, Inc.) [File not signed]
S4 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481816 2014-04-23] (Sony Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-21] (Microsoft Corporation)
S4 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-11] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-09-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-09-24] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-10-27] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [82768 2014-10-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-10-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-10-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1049920 2014-10-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-10-27] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-10-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-10-27] ()
S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-10-28] (Broadcom Corporation.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20141016.001\BHDrvx64.sys [1587416 2014-10-03] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-09] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-09] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20141030.001\IDSvia64.sys [633560 2014-08-29] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20141030.036\ENG64.SYS [129752 2014-10-22] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20141030.036\EX64.SYS [2137304 2014-10-22] (Symantec Corporation)
R3 OEM02Dev; C:\Windows\system32\DRIVERS\OEM02Dev.sys [266624 2007-10-10] (Creative Technology Ltd.)
R3 OEM02Vfx; C:\Windows\system32\DRIVERS\OEM02Vfx.sys [12288 2007-03-05] (EyePower Games Pte. Ltd.)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1506000.020\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2014-10-27] ()
R0 SymDS; C:\Windows\System32\drivers\N360x64\1506000.020\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1506000.020\SYMEFA64.SYS [1148120 2014-08-25] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1506000.020\SymELAM.sys [23568 2013-09-09] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-12-29] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1506000.020\SYMNETS.SYS [593112 2014-08-25] (Symantec Corporation)
S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2014-03-19] (Anchorfree Inc.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [270728 2014-10-27] (Avast Software)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [71680 2014-04-29] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-09-24] (Microsoft Corporation)
S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog64.sys [X]
S3 dcdbas; \SystemRoot\System32\drivers\dcdbas64.sys [X]
S3 SWVNIC; \SystemRoot\system32\DRIVERS\swvnic.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-31 11:05 - 2014-10-31 11:06 - 00025920 _____ () C:\Users\bryga_000\Downloads\FRST.txt
2014-10-31 11:03 - 2014-10-31 11:05 - 00000000 ____D () C:\FRST
2014-10-31 11:03 - 2014-10-31 11:03 - 02113536 _____ (Farbar) C:\Users\bryga_000\Downloads\FRST64.exe
2014-10-31 11:01 - 2014-10-31 11:01 - 01105408 _____ (Farbar) C:\Users\bryga_000\Downloads\FRST.exe
2014-10-30 20:40 - 2014-10-30 20:40 - 02194064 _____ (Microsoft Corporation) C:\Users\bryga_000\Downloads\DefaultPack.EXE
2014-10-30 14:56 - 2014-10-30 14:56 - 40034856 ____T () C:\WINDOWS\SysWOW64\00023589.tmp
2014-10-30 14:56 - 2014-10-30 14:56 - 40034856 ____T () C:\WINDOWS\SysWOW64\00005896.tmp
2014-10-30 14:56 - 2014-10-30 14:56 - 40034856 ____T () C:\WINDOWS\SysWOW64\00005765.tmp
2014-10-30 13:57 - 2014-10-31 10:39 - 00000000 ____D () C:\WINDOWS\Minidump
2014-10-28 11:24 - 2014-10-28 13:59 - 00010479 _____ () C:\Users\bryga_000\Desktop\Laundry Soap.xlsx
2014-10-28 10:42 - 2014-10-28 10:42 - 00000005 _____ () C:\WINDOWS\SysWOW64\lMMLDeleteUserData42107612FX.tmp
2014-10-28 10:39 - 2014-10-28 10:44 - 00000000 ____D () C:\WINDOWS\system32\appmgmt
2014-10-28 10:36 - 2014-10-28 10:36 - 00000000 ____D () C:\Sun
2014-10-28 06:19 - 2014-10-28 08:09 - 00000247 _____ () C:\WINDOWS\system32\2014-10-28-13-19-53.024-aswFe.exe-14536.log
2014-10-28 04:25 - 2014-10-28 04:25 - 00000197 _____ () C:\WINDOWS\system32\2014-10-28-11-25-00.011-AvastVBoxSVC.exe-9440.log
2014-10-28 03:47 - 2014-10-28 03:48 - 00000197 _____ () C:\WINDOWS\system32\2014-10-28-10-47-02.078-AvastVBoxSVC.exe-7540.log
2014-10-28 02:29 - 2014-10-28 03:46 - 00000247 _____ () C:\WINDOWS\system32\2014-10-28-09-29-44.041-aswFe.exe-4088.log
2014-10-27 22:47 - 2014-10-27 22:47 - 00000197 _____ () C:\WINDOWS\system32\2014-10-28-05-47-15.003-AvastVBoxSVC.exe-5056.log
2014-10-27 16:03 - 2014-10-27 16:04 - 00000000 ____D () C:\ProgramData\Dell
2014-10-27 15:17 - 2014-10-27 15:20 - 00000197 _____ () C:\WINDOWS\system32\2014-10-27-22-17-30.006-AvastVBoxSVC.exe-2524.log
2014-10-27 15:06 - 2014-10-27 15:06 - 00000000 ____D () C:\_OTL
2014-10-27 13:11 - 2014-10-27 13:11 - 00000000 ____D () C:\Users\bryga_000\AppData\Roaming\AVAST Software
2014-10-27 13:00 - 2014-10-27 13:00 - 00000247 _____ () C:\WINDOWS\system32\2014-10-27-20-00-42.025-aswFe.exe-3952.log
2014-10-27 12:55 - 2014-10-27 13:00 - 00000247 _____ () C:\WINDOWS\system32\2014-10-27-19-55-33.093-aswFe.exe-3760.log
2014-10-27 12:55 - 2014-10-27 12:55 - 00000197 _____ () C:\WINDOWS\system32\2014-10-27-19-55-31.012-AvastVBoxSVC.exe-4936.log
2014-10-27 12:47 - 2014-10-27 12:48 - 00000000 ____D () C:\WINDOWS\SysWOW64\vbox
2014-10-27 12:47 - 2014-10-27 12:48 - 00000000 ____D () C:\WINDOWS\system32\vbox
2014-10-27 11:58 - 2014-10-27 11:58 - 00000000 ____D () C:\Users\GAdmin\AppData\Roaming\AVAST Software
2014-10-27 11:12 - 2014-10-27 11:12 - 00000000 ____D () C:\Users\bryga_000\Desktop\GPUCache
2014-10-27 11:08 - 2014-10-27 11:08 - 00001980 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-10-27 11:08 - 2014-10-27 11:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-10-27 11:03 - 2014-10-27 11:02 - 00267632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-10-27 11:03 - 2014-10-27 11:02 - 00116728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-10-27 11:02 - 2014-10-27 11:02 - 00436624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-10-27 11:02 - 2014-10-27 11:02 - 00364512 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-10-27 11:02 - 2014-10-27 11:02 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-10-27 11:02 - 2014-10-27 11:02 - 00082768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-10-27 11:02 - 2014-10-27 11:02 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-10-27 11:02 - 2014-10-27 11:02 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-10-27 11:02 - 2014-10-27 11:02 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-10-27 11:02 - 2014-10-27 11:01 - 01049920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-10-27 10:59 - 2014-10-27 10:59 - 00000000 ____D () C:\Program Files\AVAST Software
2014-10-27 10:56 - 2014-10-27 11:00 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-10-20 16:41 - 2014-08-14 17:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-10-20 16:38 - 2014-08-23 00:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-10-20 16:38 - 2014-08-23 00:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-10-20 16:38 - 2014-08-22 23:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-10-20 16:38 - 2014-08-22 22:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-10-20 16:38 - 2014-08-22 21:44 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-10-20 16:38 - 2014-08-22 21:34 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-10-20 16:38 - 2014-08-22 21:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-10-20 16:38 - 2014-08-22 21:31 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-10-20 16:38 - 2014-08-22 21:20 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-10-20 16:35 - 2014-08-01 17:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-10-20 16:35 - 2014-07-15 11:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-10-20 16:35 - 2014-07-15 01:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-10-20 16:35 - 2014-07-15 01:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-10-20 16:35 - 2014-07-15 01:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-10-20 16:35 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-10-20 16:35 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-10-20 16:35 - 2014-05-02 22:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-10-20 16:35 - 2014-05-02 22:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-10-20 16:35 - 2014-05-02 22:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-10-20 16:35 - 2014-05-02 22:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-10-20 16:35 - 2014-05-02 21:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-10-20 16:35 - 2014-05-02 21:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-10-20 16:35 - 2014-05-02 21:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-10-20 16:35 - 2014-05-02 16:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-10-20 16:35 - 2014-04-29 23:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-10-20 16:35 - 2014-04-29 23:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-10-20 16:35 - 2014-04-29 23:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-10-20 16:35 - 2014-04-29 23:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-10-20 16:35 - 2014-04-29 22:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-10-20 16:35 - 2014-04-29 21:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-10-20 16:35 - 2014-04-29 21:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-10-20 16:35 - 2014-04-29 21:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-10-20 16:35 - 2014-04-29 21:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-10-20 16:35 - 2014-04-29 21:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-10-20 16:35 - 2014-04-29 21:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-10-20 16:35 - 2014-04-29 20:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-10-20 16:35 - 2014-04-29 20:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-10-20 16:35 - 2014-04-29 20:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-10-20 16:35 - 2014-04-29 20:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-10-20 16:35 - 2014-04-29 20:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-10-20 16:35 - 2014-04-29 20:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-10-20 16:35 - 2014-04-28 15:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-10-20 16:35 - 2014-04-26 11:41 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfg.exe
2014-10-20 16:35 - 2014-04-26 11:22 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2014-10-20 16:35 - 2014-04-26 11:04 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2014-10-20 16:35 - 2014-04-26 10:36 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2014-10-20 16:35 - 2014-04-26 09:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-10-20 16:35 - 2014-04-14 02:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-10-20 16:35 - 2014-04-14 01:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-10-20 16:35 - 2014-04-13 22:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-10-20 16:34 - 2014-08-15 21:08 - 21195616 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-10-20 16:34 - 2014-08-15 21:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-10-20 16:34 - 2014-08-15 21:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-10-20 16:34 - 2014-08-15 20:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-10-20 16:34 - 2014-08-15 20:57 - 02498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-10-20 16:34 - 2014-08-15 20:57 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-10-20 16:34 - 2014-08-15 20:16 - 18722600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-10-20 16:34 - 2014-08-15 20:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-10-20 16:34 - 2014-08-15 20:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-10-20 16:34 - 2014-08-15 18:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-10-20 16:34 - 2014-08-15 18:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2014-10-20 16:34 - 2014-08-15 17:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-10-20 16:34 - 2014-08-15 17:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-10-20 16:34 - 2014-08-15 17:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2014-10-20 16:34 - 2014-08-15 17:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-10-20 16:34 - 2014-08-15 17:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2014-10-20 16:34 - 2014-08-15 17:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-10-20 16:34 - 2014-08-15 17:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-10-20 16:34 - 2014-08-15 17:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-10-20 16:34 - 2014-08-15 17:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-20 16:34 - 2014-08-15 17:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-10-20 16:34 - 2014-08-15 17:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-10-20 16:34 - 2014-08-15 17:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-10-20 16:34 - 2014-08-15 17:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-20 16:34 - 2014-08-15 17:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-10-20 16:34 - 2014-08-15 17:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-10-20 16:34 - 2014-08-15 17:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-10-20 16:34 - 2014-08-15 17:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-10-20 16:34 - 2014-08-15 17:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-10-20 16:34 - 2014-08-15 17:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-10-20 16:34 - 2014-08-15 17:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-10-20 16:34 - 2014-08-15 17:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-10-20 16:34 - 2014-08-15 17:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-10-20 16:34 - 2014-08-15 17:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-10-20 16:34 - 2014-07-31 16:22 - 00388729 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-10-20 16:34 - 2014-07-23 20:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2014-10-20 16:34 - 2014-07-23 20:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2014-10-20 16:34 - 2014-06-01 19:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-10-20 16:34 - 2014-05-30 23:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-10-20 16:34 - 2014-05-30 23:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-10-20 16:34 - 2014-05-30 21:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-10-20 16:34 - 2014-05-30 21:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-10-20 16:34 - 2014-05-30 21:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-10-20 16:34 - 2014-05-28 23:21 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2014-10-20 16:34 - 2014-05-27 02:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-10-20 16:34 - 2014-05-27 02:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-10-20 16:34 - 2014-04-29 21:30 - 00668160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2014-10-20 16:34 - 2014-04-29 20:52 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2014-10-20 16:33 - 2014-10-09 15:16 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-10-20 16:33 - 2014-10-08 15:09 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-10-20 16:33 - 2014-09-18 18:24 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-10-20 16:33 - 2014-09-04 19:36 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-10-20 16:33 - 2014-07-11 21:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-10-20 16:33 - 2014-07-09 21:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lockscreencn.dll
2014-10-20 15:33 - 2014-10-20 15:33 - 00000000 __SHD () C:\Users\bryga_000\AppData\Local\EmieUserList
2014-10-20 15:33 - 2014-10-20 15:33 - 00000000 __SHD () C:\Users\bryga_000\AppData\Local\EmieSiteList
2014-10-20 15:31 - 2014-10-31 10:46 - 00000000 ___DO () C:\Users\bryga_000\OneDrive
2014-10-20 15:27 - 2014-10-20 15:27 - 00001446 _____ () C:\Users\bryga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-20 15:27 - 2014-10-20 15:27 - 00000020 ___SH () C:\Users\bryga_000\ntuser.ini
2014-10-20 15:11 - 2014-10-20 15:11 - 00000020 ___SH () C:\Users\GAdmin\ntuser.ini
2014-10-20 14:41 - 2014-10-21 00:00 - 00000000 ___DC () C:\WINDOWS\Panther
2014-10-20 14:40 - 2014-10-20 14:40 - 03448320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 01702400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-10-20 14:40 - 2014-10-20 14:40 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-10-20 14:40 - 2014-10-20 14:40 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-10-20 14:40 - 2014-10-20 14:40 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-10-20 14:39 - 2014-10-20 14:39 - 23631360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 17484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 13619200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 11807232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 05829632 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 04201472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 04183040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-10-20 14:39 - 2014-10-20 14:39 - 03117568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 02779648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 02321920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 02309632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 02187264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 02108416 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-10-20 14:39 - 2014-10-20 14:39 - 02017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-10-20 14:39 - 2014-10-20 14:39 - 01810944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 01447936 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-10-20 14:39 - 2014-10-20 14:39 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-20 14:38 - 2014-10-20 14:38 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-10-20 14:38 - 2014-10-20 14:38 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-10-20 14:33 - 2014-10-20 14:33 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-10-20 14:28 - 2014-10-20 14:28 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hyper-V Management Tools
2014-10-20 14:28 - 2014-10-20 14:28 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-10-20 14:28 - 2014-10-20 14:28 - 00000000 ____D () C:\Program Files\MSBuild
2014-10-20 14:28 - 2014-10-20 14:28 - 00000000 ____D () C:\Program Files\Hyper-V
2014-10-20 14:28 - 2014-10-20 14:28 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-10-20 14:28 - 2014-10-20 14:28 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-10-20 14:27 - 2013-08-02 21:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2014-10-20 14:27 - 2013-08-02 21:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-10-20 14:27 - 2013-08-02 21:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2014-10-20 14:27 - 2013-08-02 21:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-10-20 14:07 - 2014-10-20 14:07 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-10-20 13:57 - 2014-10-20 14:42 - 00030483 _____ () C:\WINDOWS\diagwrn.xml
2014-10-20 13:57 - 2014-10-20 14:42 - 00030483 _____ () C:\WINDOWS\diagerr.xml
2014-10-20 13:56 - 2014-10-30 15:00 - 00000000 ____D () C:\Users\GAdmin
2014-10-20 13:56 - 2014-10-30 13:58 - 00000000 ____D () C:\Users\bryga_000
2014-10-20 13:56 - 2014-10-20 13:58 - 00000000 ___RD () C:\Users\bryga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-10-20 13:56 - 2014-10-20 13:58 - 00000000 ___RD () C:\Users\bryga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-20 13:56 - 2014-09-24 00:25 - 00000369 _____ () C:\Users\bryga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-10-20 13:56 - 2014-09-24 00:25 - 00000369 _____ () C:\Users\bryga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-10-20 13:56 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\bryga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-20 13:56 - 2013-08-22 08:36 - 00000000 ____D () C:\Users\bryga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-10-20 13:45 - 2014-10-31 10:49 - 01770134 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-20 13:45 - 2014-10-20 13:45 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_Apfiltr_01009.Wdf
2014-10-20 13:45 - 2014-10-20 13:45 - 00000000 ____D () C:\Program Files\DellTPad
2014-10-20 13:45 - 2013-08-29 15:43 - 06599968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-10-20 13:45 - 2013-08-29 15:43 - 03452192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2014-10-20 13:45 - 2013-08-29 15:43 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2014-10-20 13:45 - 2013-08-29 15:43 - 00920864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2014-10-20 13:45 - 2013-08-29 15:43 - 00219424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-10-20 13:45 - 2013-08-29 15:43 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2014-10-20 13:44 - 2014-10-20 13:45 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-10-20 13:44 - 2014-10-20 13:44 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-10-20 12:45 - 2014-10-20 14:42 - 00006629 _____ () C:\WINDOWS\comsetup.log
2014-10-20 10:54 - 2014-10-20 10:54 - 00000000 ____D () C:\Users\GAdmin\AppData\Roaming\Motorola Mobility
2014-10-19 21:44 - 2014-10-19 21:44 - 00001066 _____ () C:\Users\Public\Desktop\DivX Player.lnk
2014-10-19 21:43 - 2014-10-20 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2014-10-19 21:43 - 2014-10-19 21:43 - 00001131 _____ () C:\Users\Public\Desktop\DivX Converter.lnk
2014-10-19 21:43 - 2014-10-19 21:43 - 00000000 ____D () C:\Users\GAdmin\AppData\Roaming\DivX
2014-10-19 19:42 - 2014-07-02 13:48 - 01890080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434052.dll
2014-10-19 19:42 - 2014-07-02 13:48 - 01539928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434052.dll
2014-10-19 19:38 - 2014-10-19 19:38 - 00000000 ____D () C:\NVIDIA
2014-10-19 19:31 - 2014-10-20 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-10-19 19:30 - 2014-10-19 19:31 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-10-19 19:27 - 2014-10-19 19:27 - 00000000 ____D () C:\Program Files\Intel
2014-10-19 19:26 - 2014-10-19 19:26 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-19 19:19 - 2014-10-19 19:19 - 00000000 ____D () C:\ProgramData\SlimWare Utilities, Inc
2014-10-19 19:16 - 2014-10-20 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverUpdate
2014-10-19 19:16 - 2014-10-19 19:16 - 00000000 ____D () C:\Program Files (x86)\DriverUpdate
2014-10-08 09:31 - 2014-10-20 14:08 - 00000000 ____D () C:\Users\bryga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-31 11:00 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-10-31 10:45 - 2014-04-28 14:08 - 00000948 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3749778937-3158879764-3578227263-1004UA.job
2014-10-31 10:41 - 2014-03-01 18:02 - 00000926 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-31 10:41 - 2013-09-10 23:48 - 00000444 _____ () C:\WINDOWS\Tasks\DriverUpdate Startup.job
2014-10-31 10:40 - 2013-08-22 07:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-31 10:38 - 2014-06-06 23:59 - 699223909 _____ () C:\WINDOWS\MEMORY.DMP
2014-10-30 20:56 - 2014-03-19 13:25 - 00000000 ____D () C:\Users\bryga_000\AppData\Local\CrashDumps
2014-10-30 11:29 - 2013-09-16 15:42 - 00000000 ____D () C:\Users\bryga_000\Documents\Outlook Files
2014-10-30 11:29 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-10-30 11:23 - 2014-09-24 00:17 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-30 11:20 - 2014-03-11 16:38 - 00000000 ____D () C:\Users\bryga_000\Desktop\The Hunt
2014-10-29 22:07 - 2013-08-22 07:46 - 00338535 _____ () C:\WINDOWS\setupact.log
2014-10-29 13:45 - 2014-04-28 14:08 - 00000896 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3749778937-3158879764-3578227263-1004Core.job
2014-10-28 16:35 - 2013-07-16 13:27 - 00000000 ____D () C:\Users\bryga_000\AppData\Local\Packages
2014-10-28 11:27 - 2014-09-24 00:03 - 00005270 _____ () C:\WINDOWS\PFRO.log
2014-10-28 10:50 - 2014-08-05 20:05 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-28 10:43 - 2014-08-05 20:08 - 00000000 ____D () C:\ProgramData\Nero
2014-10-28 10:43 - 2014-08-05 20:05 - 00000000 ____D () C:\Users\GAdmin\AppData\Roaming\Motorola
2014-10-28 10:43 - 2014-08-05 20:05 - 00000000 ____D () C:\Program Files (x86)\Motorola
2014-10-27 22:48 - 2014-03-01 18:03 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-27 22:43 - 2013-09-10 23:48 - 00016152 _____ () C:\WINDOWS\system32\Drivers\SWDUMon.sys
2014-10-27 12:49 - 2013-12-29 22:06 - 00000000 ____D () C:\Users\GAdmin\AppData\Roaming\ID Vault
2014-10-27 12:35 - 2013-08-21 20:59 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-10-27 11:38 - 2013-09-16 15:18 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-10-23 16:16 - 2014-02-21 15:26 - 00052440 _____ () C:\Users\bryga_000\Desktop\Book3.xlsx
2014-10-23 15:03 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-10-23 13:41 - 2014-03-01 18:03 - 00000930 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-22 10:21 - 2012-07-26 00:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-10-22 10:08 - 2013-07-16 09:59 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-10-22 10:08 - 2013-07-16 09:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-10-22 09:59 - 2013-08-22 08:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-10-22 09:58 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-10-22 09:57 - 2014-09-24 02:57 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-10-22 09:57 - 2013-12-29 22:05 - 00000000 ____D () C:\Program Files (x86)\Constant Guard Protection Suite
2014-10-22 09:57 - 2013-11-21 09:23 - 00000000 ____D () C:\Program Files (x86)\PasswordBox
2014-10-22 09:08 - 2013-12-29 22:06 - 00000000 ____D () C:\Users\bryga_000\AppData\Roaming\ID Vault
2014-10-21 18:05 - 2014-08-11 14:33 - 00000000 ____D () C:\Users\bryga_000\AppData\Roaming\HpUpdate
2014-10-21 04:15 - 2013-07-16 09:27 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-10-21 03:39 - 2013-07-16 09:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-10-21 03:22 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-10-20 17:34 - 2013-10-07 15:35 - 00117248 ___SH () C:\Users\bryga_000\Desktop\Thumbs.db
2014-10-20 15:57 - 2013-08-22 07:46 - 00000766 _____ () C:\WINDOWS\setuperr.log
2014-10-20 15:55 - 2013-12-29 22:07 - 00000000 ____D () C:\Users\bryga_000\AppData\Local\ID Vault
2014-10-20 15:51 - 2014-08-05 20:08 - 00000000 ____D () C:\Temp
2014-10-20 15:50 - 2012-07-26 01:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-10-20 15:31 - 2014-04-24 20:45 - 00000000 ___RD () C:\Users\bryga_000\OneDrive.old
2014-10-20 15:19 - 2014-08-05 20:10 - 00000000 ____D () C:\Users\GAdmin\.gstreamer-0.10
2014-10-20 14:42 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Registration
2014-10-20 14:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-10-20 14:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-10-20 14:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-10-20 14:39 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-10-20 14:28 - 2013-08-22 08:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-10-20 14:28 - 2013-08-22 08:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-10-20 14:28 - 2013-08-22 03:35 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteFileBrowse.dll
2014-10-20 14:28 - 2013-08-22 01:25 - 00533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmconnect.exe
2014-10-20 14:28 - 2013-08-22 00:35 - 00144967 _____ () C:\WINDOWS\system32\virtmgmt.msc
2014-10-20 14:12 - 2013-08-22 07:44 - 00555152 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-20 14:08 - 2014-08-11 16:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2014-10-20 14:08 - 2014-08-04 14:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-10-20 14:08 - 2014-07-21 20:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
2014-10-20 14:08 - 2014-07-21 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREESOFTTODAY
2014-10-20 14:08 - 2014-05-29 08:43 - 00000000 ____D () C:\Users\bryga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Cloud Player
2014-10-20 14:08 - 2014-05-28 12:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 16
2014-10-20 14:08 - 2014-04-28 14:15 - 00000000 ____D () C:\Users\bryga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromecast
2014-10-20 14:08 - 2014-04-24 20:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-10-20 14:08 - 2014-04-10 20:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tango
2014-10-20 14:08 - 2014-04-09 14:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Broadcom
2014-10-20 14:08 - 2014-03-03 21:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2014-10-20 14:08 - 2014-03-01 18:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-20 14:08 - 2013-12-29 22:16 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Suite
2014-10-20 14:08 - 2013-10-19 23:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon
2014-10-20 14:08 - 2013-10-19 23:03 - 00000000 ____D () C:\Users\bryga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Verizon
2014-10-20 14:08 - 2013-08-21 21:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCare Data Recovery Free
2014-10-20 14:08 - 2013-08-07 23:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home
2014-10-20 14:07 - 2013-08-22 08:37 - 00004893 _____ () C:\WINDOWS\DtcInstall.log
2014-10-20 14:07 - 2012-07-25 22:37 - 00000000 ____D () C:\Users\Default.migrated
2014-10-20 14:06 - 2014-09-23 23:33 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2014-10-20 14:06 - 2014-09-23 23:33 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2014-10-20 14:06 - 2014-09-23 23:33 - 00000000 ____D () C:\WINDOWS\system32\WCN
2014-10-20 14:06 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2014-10-20 14:06 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-10-20 14:06 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2014-10-20 14:06 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2014-10-20 14:06 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-10-20 14:06 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-10-20 14:06 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2014-10-20 14:06 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2014-10-20 14:05 - 2013-08-22 08:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2014-10-20 14:05 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Resources
2014-10-20 14:05 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Help
2014-10-20 14:03 - 2014-03-17 09:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Printers
2014-10-20 14:03 - 2013-08-07 21:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disney
2014-10-20 14:03 - 2013-07-16 08:15 - 00000000 ____D () C:\ProgramData\PRICache
2014-10-20 14:02 - 2013-08-22 08:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2014-10-20 14:02 - 2013-08-22 08:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2014-10-20 14:02 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-10-20 13:59 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-10-20 13:49 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-10-20 13:43 - 2013-08-22 06:36 - 00000000 __RHD () C:\Users\Default
2014-10-20 13:15 - 2013-07-16 08:15 - 01451384 _____ () C:\WINDOWS\WindowsUpdate (1).log
2014-10-19 21:44 - 2013-08-31 16:50 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-10-19 21:44 - 2013-08-31 16:48 - 00000000 ____D () C:\ProgramData\DivX
2014-10-19 21:43 - 2013-08-31 17:00 - 00000000 ____D () C:\Program Files\DivX
2014-10-19 20:54 - 2013-12-15 20:34 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-19 19:16 - 2013-09-10 23:47 - 00002469 _____ () C:\Users\Public\Desktop\DriverUpdate.lnk
2014-10-19 19:16 - 2013-09-10 23:47 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2014-10-17 17:37 - 2014-05-29 08:43 - 00000000 ____D () C:\Users\bryga_000\AppData\Local\Amazon Cloud Player
2014-10-17 10:27 - 2013-12-29 22:05 - 00002201 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Constant Guard.lnk
2014-10-17 10:27 - 2013-12-29 22:05 - 00002189 _____ () C:\Users\Public\Desktop\Constant Guard.lnk
2014-10-17 10:21 - 2013-12-29 22:16 - 00000000 ____D () C:\WINDOWS\system32\Drivers\N360x64
2014-10-17 10:20 - 2013-12-29 22:17 - 00002440 _____ () C:\Users\Public\Desktop\Norton Security Suite.lnk
2014-10-10 09:04 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-10-08 21:21 - 2014-05-28 12:52 - 00000956 _____ () C:\Users\bryga_000\AppData\Roaming\__AvidCloudManager.log
2014-10-08 21:20 - 2014-05-28 12:52 - 00000000 ____D () C:\Users\bryga_000\temp
2014-10-08 20:10 - 2014-05-28 12:51 - 00000000 ____D () C:\Users\bryga_000\AppData\Local\Avid
2014-10-08 20:10 - 2014-05-28 12:34 - 00000349 _____ () C:\Users\Public\Documents\PCLECHAL.INI
2014-10-08 20:09 - 2014-05-28 12:52 - 00000763 _____ () C:\Users\bryga_000\AppData\Roaming\GARRETT-XPS.MTBF.txt
2014-10-06 09:40 - 2013-12-19 23:17 - 00036864 ___SH () C:\Users\bryga_000\Downloads\Thumbs.db
2014-10-03 10:02 - 2013-07-16 09:27 - 103265616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
ATTENTION: ==> Could not access BCD, see Addition.txt for additional information.
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-10-2014 01
Ran by bryga_000 at 2014-10-31 11:07:04
Running from C:\Users\bryga_000\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security Suite (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Norton Security Suite (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: Norton Security Suite (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.4.0.33 - Amazon Services LLC)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2206 - AVAST Software)
Broadcom NetXtreme-I Netlink Driver and Management Installer (HKLM\...\{0AEF4677-C1BE-489C-A5BA-85382F8DA38B}) (Version: 15.4.13.2 - Broadcom Corporation)
ChromecastApp (HKCU\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.316.0 - Google Inc.)
Constant Guard Protection Suite (HKLM-x32\...\ID Vault) (Version: 1.14.922.1 - Comcast)
Dell Photo AIO Printer 926 (HKLM\...\Dell Photo AIO Printer 926) (Version:  - Dell, Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.209 - ALPS ELECTRIC CO., LTD.)
Disney Pix 3.2 (HKLM-x32\...\{B78ACFBD-A0AD-4A37-B8EB-B01745793E67}) (Version: 3.2.0.4 - Disney©)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.88 - DivX, LLC)
DriverUpdate (HKLM-x32\...\{CF516344-84E1-4420-BDAD-52E13F32D07E}) (Version: 2.2.41149 - SlimWare Utilities, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
HP ENVY 4500 series Basic Device Software (HKLM\...\{38A08516-1847-43E4-8076-9540B60EC43B}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP ENVY 4500 series Help (HKLM-x32\...\{95BECC50-22B4-4FCA-8A2E-BF77713E6D3A}) (Version: 30.0.0 - Hewlett Packard)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
iCare Data Recovery Free 5.0 (HKLM-x32\...\iCare Data Recovery Free_is1) (Version:  - iCare Software)
InstallVC90Support (x32 Version: 1.01.0000 - Novatel Wireless) Hidden
Intel® Chipset Device Software (x32 Version: 10.0.13 - Intel® Corporation) Hidden
Laptop Integrated Webcam Driver (1.04.01.1011)   (HKLM\...\Creative OEM002) (Version:  - )
MergeModule_x64 (Version: 8.0.00 - Sony Corporation) Hidden
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4659.1001 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4659.1001 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Windows Media Video 9 VCM (HKLM-x32\...\WMV9_VCM) (Version:  - )
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Norton Security Suite (HKLM-x32\...\N360) (Version: 21.6.0.32 - Symantec Corporation)
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
PDF24 Creator 6.3.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Pinnacle Studio 16 - Install Manager (HKLM-x32\...\{F1886CD7-9F73-417A-92E9-7E0AB0F0E099}) (Version: 16.0.75 - Avid Technology, Inc.)
Pinnacle Studio 16 (HKLM-x32\...\{284BFDBC-DAC6-43EC-85A8-E1CEC0D3A114}) (Version: 16.0.0.75 - Avid Technology, Inc.)
Pinnacle Video Driver (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
PlayMemories Home (HKLM-x32\...\{7EA1A4E8-A5CE-4626-87DC-6DEF99BAE931}) (Version: 3.1.11.04230 - Sony Corporation)
Product Improvement Study for HP ENVY 4500 series (HKLM\...\{3A5F6684-5FD8-4660-A4DA-BF60A20FCCFC}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.22.0 - SAMSUNG Electronics Co., Ltd.)
SOHLib for PlayMemories Home (Version: 1.0.3.02170 - Sony Corporation) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Verizon Wireless Software Upgrade Assistant - Samsung(ar) (HKLM-x32\...\{7D75F678-4499-436C-B219-9E6DC24EE82D}) (Version: 2.13.0903 - Samsung Electronics Co., Ltd.)
Verizon Wireless Software Utility Application for Android - Samsung (HKLM-x32\...\{2FFBFBA6-8191-45A5-B952-226DB651268E}) (Version: 2.13.0806 - Samsung Electronics Co., Ltd.)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.4700 - Broadcom Corporation)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
Could not list Restore Points. Check "winmgmt" service or repair WMI.
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 06:25 - 2013-08-22 06:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: C:\WINDOWS\Tasks\DriverUpdate Startup.job => ?
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => ?
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3749778937-3158879764-3578227263-1004Core.job => C:\Users\bryga_000\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3749778937-3158879764-3578227263-1004UA.job => C:\Users\bryga_000\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-10-27 11:21 - 2014-09-09 07:59 - 08896160 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-05-29 08:43 - 2014-05-08 10:26 - 03145536 _____ () C:\Users\bryga_000\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\WINDOWS\system32\dlcxcomm.dll:Microsoft_Appcompat_ReinstallUpgrade
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\Users\bryga_000\OneDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: APNMCP => 2
MSCONFIG\Services: BcmBtRSupport => 2
MSCONFIG\Services: BrcmMgmtAgent => 2
MSCONFIG\Services: btwdins => 2
MSCONFIG\Services: DeviceMonitorService => 2
MSCONFIG\Services: dlcx_device => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IDVaultSvc => 2
MSCONFIG\Services: Motorola Device Manager => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: PasswordBox => 2
MSCONFIG\Services: PMBDeviceInfoProvider => 2
MSCONFIG\Services: PST Service => 2
MSCONFIG\Services: SOHDms => 2
MSCONFIG\Services: SOHDs => 3
MSCONFIG\Services: SpfService => 3
MSCONFIG\Services: SWGVCSvc => 2
MSCONFIG\Services: vToolbarUpdater18.1.9 => 2
HKLM\...\StartupApproved\StartupFolder: => "Bluetooth.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Constant Guard.lnk"
HKLM\...\StartupApproved\Run: => "dlcxmon.exe"
HKLM\...\StartupApproved\Run: => "MemoryCardManager"
HKLM\...\StartupApproved\Run32: => "ApnTBMon"
HKLM\...\StartupApproved\Run32: => "DivXMediaServer"
HKLM\...\StartupApproved\Run32: => "DivXUpdate"
HKLM\...\StartupApproved\Run32: => "fst_us_170"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "PMBVolumeWatcher"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "vProt"
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-3749778937-3158879764-3578227263-500 - Administrator - Disabled)
bryga_000 (S-1-5-21-3749778937-3158879764-3578227263-1004 - Limited - Enabled) => C:\Users\bryga_000
GAdmin (S-1-5-21-3749778937-3158879764-3578227263-1001 - Administrator - Enabled) => C:\Users\GAdmin
Guest (S-1-5-21-3749778937-3158879764-3578227263-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3749778937-3158879764-3578227263-1008 - Limited - Enabled)
 
==================== Faulty Device Manager Devices =============
 
Name: Data Interface
Description: Data Interface
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: PCI Device
Description: PCI Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Base System Device
Description: Base System Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Data Interface
Description: Data Interface
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/30/2014 08:56:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dllhost.exe, version: 6.3.9600.16384, time stamp: 0x52157bbc
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00f201e2
Faulting process id: 0x1c48
Faulting application start time: 0xdllhost.exe0
Faulting application path: dllhost.exe1
Faulting module path: dllhost.exe2
Report Id: dllhost.exe3
Faulting package full name: dllhost.exe4
Faulting package-relative application ID: dllhost.exe5
 
Error: (10/30/2014 08:51:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dllhost.exe, version: 6.3.9600.16384, time stamp: 0x52157bbc
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x003001e2
Faulting process id: 0x19f4
Faulting application start time: 0xdllhost.exe0
Faulting application path: dllhost.exe1
Faulting module path: dllhost.exe2
Report Id: dllhost.exe3
Faulting package full name: dllhost.exe4
Faulting package-relative application ID: dllhost.exe5
 
Error: (10/30/2014 08:46:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dllhost.exe, version: 6.3.9600.16384, time stamp: 0x52157bbc
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x008601e2
Faulting process id: 0x1354
Faulting application start time: 0xdllhost.exe0
Faulting application path: dllhost.exe1
Faulting module path: dllhost.exe2
Report Id: dllhost.exe3
Faulting package full name: dllhost.exe4
Faulting package-relative application ID: dllhost.exe5
 
Error: (10/30/2014 08:41:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dllhost.exe, version: 6.3.9600.16384, time stamp: 0x52157bbc
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x007601e2
Faulting process id: 0x154c
Faulting application start time: 0xdllhost.exe0
Faulting application path: dllhost.exe1
Faulting module path: dllhost.exe2
Report Id: dllhost.exe3
Faulting package full name: dllhost.exe4
Faulting package-relative application ID: dllhost.exe5
 
Error: (10/30/2014 08:37:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20605 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: e6c
 
Start Time: 01cff4bb5d824a30
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe
 
Report Id: 4d8c086a-60af-11e4-beb5-0015c582a03d
 
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
 
Error: (10/30/2014 08:36:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dllhost.exe, version: 6.3.9600.16384, time stamp: 0x52157bbc
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00e501e2
Faulting process id: 0x1440
Faulting application start time: 0xdllhost.exe0
Faulting application path: dllhost.exe1
Faulting module path: dllhost.exe2
Report Id: dllhost.exe3
Faulting package full name: dllhost.exe4
Faulting package-relative application ID: dllhost.exe5
 
Error: (10/30/2014 05:54:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x52157bbc
Faulting module name: ntdll.dll, version: 6.3.9600.17278, time stamp: 0x53eeb4a3
Exception code: 0xc0000374
Fault offset: 0x000debd8
Faulting process id: 0x1570
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
Faulting package full name: iexplore.exe4
Faulting package-relative application ID: iexplore.exe5
 
Error: (10/30/2014 05:54:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x52157bbc
Faulting module name: ntdll.dll, version: 6.3.9600.17278, time stamp: 0x53eeb4a3
Exception code: 0xc0000374
Fault offset: 0x000debd8
Faulting process id: 0x1dd8
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
Faulting package full name: iexplore.exe4
Faulting package-relative application ID: iexplore.exe5
 
Error: (10/30/2014 05:40:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x52157bbc
Faulting module name: ntdll.dll, version: 6.3.9600.17278, time stamp: 0x53eeb4a3
Exception code: 0xc0000374
Fault offset: 0x000debd8
Faulting process id: 0x19c0
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
Faulting package full name: iexplore.exe4
Faulting package-relative application ID: iexplore.exe5
 
Error: (10/30/2014 05:34:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x52157bbc
Faulting module name: ntdll.dll, version: 6.3.9600.17278, time stamp: 0x53eeb4a3
Exception code: 0xc0000374
Fault offset: 0x000debd8
Faulting process id: 0x10f4
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
Faulting package full name: iexplore.exe4
Faulting package-relative application ID: iexplore.exe5
 
 
System errors:
=============
Error: (10/31/2014 11:05:35 AM) (Source: DCOM) (EventID: 10010) (User: GARRETT-XPS)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
Error: (10/31/2014 11:05:03 AM) (Source: DCOM) (EventID: 10010) (User: GARRETT-XPS)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
Error: (10/31/2014 11:04:31 AM) (Source: DCOM) (EventID: 10010) (User: GARRETT-XPS)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
Error: (10/31/2014 11:04:00 AM) (Source: DCOM) (EventID: 10010) (User: GARRETT-XPS)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
Error: (10/31/2014 11:03:25 AM) (Source: DCOM) (EventID: 10010) (User: GARRETT-XPS)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
Error: (10/31/2014 11:02:54 AM) (Source: DCOM) (EventID: 10010) (User: GARRETT-XPS)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
Error: (10/31/2014 11:02:21 AM) (Source: DCOM) (EventID: 10010) (User: GARRETT-XPS)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
Error: (10/31/2014 11:01:50 AM) (Source: DCOM) (EventID: 10010) (User: GARRETT-XPS)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
Error: (10/31/2014 11:01:18 AM) (Source: DCOM) (EventID: 10010) (User: GARRETT-XPS)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
Error: (10/31/2014 11:00:46 AM) (Source: DCOM) (EventID: 10010) (User: GARRETT-XPS)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
 
Microsoft Office Sessions:
=========================
Error: (10/30/2014 08:56:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: dllhost.exe6.3.9600.1638452157bbcunknown0.0.0.000000000c000000500f201e21c4801cff4beb08c6d7fC:\WINDOWS\syswow64\dllhost.exeunknownee49a84a-60b1-11e4-beb5-0015c582a03d
 
Error: (10/30/2014 08:51:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: dllhost.exe6.3.9600.1638452157bbcunknown0.0.0.000000000c0000005003001e219f401cff4bdfd4de2ecC:\WINDOWS\syswow64\dllhost.exeunknown3b0b18cd-60b1-11e4-beb5-0015c582a03d
 
Error: (10/30/2014 08:46:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: dllhost.exe6.3.9600.1638452157bbcunknown0.0.0.000000000c0000005008601e2135401cff4bd4a0f8542C:\WINDOWS\syswow64\dllhost.exeunknown87ccc0ae-60b0-11e4-beb5-0015c582a03d
 
Error: (10/30/2014 08:41:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: dllhost.exe6.3.9600.1638452157bbcunknown0.0.0.000000000c0000005007601e2154c01cff4bc96d39074C:\WINDOWS\syswow64\dllhost.exeunknownd48e6a23-60af-11e4-beb5-0015c582a03d
 
Error: (10/30/2014 08:37:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20605e6c01cff4bb5d824a304294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe4d8c086a-60af-11e4-beb5-0015c582a03dmicrosoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
 
Error: (10/30/2014 08:36:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: dllhost.exe6.3.9600.1638452157bbcunknown0.0.0.000000000c000000500e501e2144001cff4bbd5604193C:\WINDOWS\syswow64\dllhost.exeunknown153ef7c0-60af-11e4-beb5-0015c582a03d
 
Error: (10/30/2014 05:54:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.1734452157bbcntdll.dll6.3.9600.1727853eeb4a3c0000374000debd8157001cff4a544f0ff2aC:\Program Files\Internet Explorer\iexplore.exeC:\WINDOWS\SYSTEM32\ntdll.dll83686657-6098-11e4-beb4-0015c582a03d
 
Error: (10/30/2014 05:54:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.1734452157bbcntdll.dll6.3.9600.1727853eeb4a3c0000374000debd81dd801cff4a53abff79bC:\Program Files\Internet Explorer\iexplore.exeC:\WINDOWS\SYSTEM32\ntdll.dll79e17a87-6098-11e4-beb4-0015c582a03d
 
Error: (10/30/2014 05:40:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.1734452157bbcntdll.dll6.3.9600.1727853eeb4a3c0000374000debd819c001cff4a33b8f1d65C:\Program Files\Internet Explorer\iexplore.exeC:\WINDOWS\SYSTEM32\ntdll.dll7eb0d26e-6096-11e4-beb4-0015c582a03d
 
Error: (10/30/2014 05:34:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.1734452157bbcntdll.dll6.3.9600.1727853eeb4a3c0000374000debd810f401cff4a26be1d3c6C:\Program Files\Internet Explorer\iexplore.exeC:\WINDOWS\SYSTEM32\ntdll.dllaa79b732-6095-11e4-beb4-0015c582a03d
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™2 Extreme CPU X7900 @ 2.80GHz
Percentage of memory in use: 52%
Total physical RAM: 4094.06 MB
Available physical RAM: 1930.18 MB
Total Pagefile: 8190.06 MB
Available Pagefile: 5365.91 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:185.97 GB) (Free:30.44 GB) NTFS
 
==================== MBR & Partition Table ==================
 
==================== End Of Log ============================


#4 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:35 AM

Posted 31 October 2014 - 01:48 PM

Please repeat the FRST-Scan with administator privileges.

Ran by bryga_000 (ATTENTION: The logged in user is not administrator) 

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#5 brygar

brygar
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:35 PM

Posted 31 October 2014 - 02:20 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-10-2014 01
Ran by GAdmin (administrator) on GARRETT-XPS on 31-10-2014 12:16:25
Running from C:\Users\GAdmin\Downloads
Loaded Profiles: GAdmin & bryga_000 (Available profiles: GAdmin & bryga_000)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\n360.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\n360.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Users\bryga_000\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\18.1.9\ScriptHelper.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coNatHst.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\n360.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [678296 2012-07-09] (Alps Electric Co., Ltd.)
HKLM\...\Run: [dlcxmon.exe] => C:\Program Files (x86)\Dell Photo AIO Printer 926\dlcxmon.exe [292336 2007-01-12] ()
HKLM\...\Run: [MemoryCardManager] => C:\Program Files (x86)\Dell Photo AIO Printer 926\memcard.exe [304008 2006-11-03] ()
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2548248 2014-04-23] (Sony Corporation)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2640408 2014-08-27] ()
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-08-18] (DivX, LLC)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH)
HKLM-x32\...\Run: [fst_us_170] => "C:\Program Files (x86)\fst_us_170\fst_us_170.exe"
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-09] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2014-10-27] (AVAST Software)
HKLM-x32\...\Run: [OEM02Mon.exe] => C:\WINDOWS\OEM02Mon.exe [36864 2007-05-09] (Creative Technology Ltd.)
HKU\S-1-5-21-3749778937-3158879764-3578227263-1001\...\Run: [Tango] => C:\Program Files (x86)\Tango\Tango.exe [13489992 2011-11-04] (Tango Inc.)
HKU\S-1-5-21-3749778937-3158879764-3578227263-1004\...\Run: [Google Update] => C:\Users\bryga_000\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-04-28] (Google Inc.)
HKU\S-1-5-21-3749778937-3158879764-3578227263-1004\...\Run: [Amazon Cloud Player] => C:\Users\bryga_000\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2014-05-08] ()
HKU\S-1-5-21-3749778937-3158879764-3578227263-1004\...\Run: [HP ENVY 4500 series (NET)] => C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [3487240 2014-03-06] (Hewlett-Packard Co.)
HKU\S-1-5-21-3749778937-3158879764-3578227263-1004\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 239 more characters). <==== Poweliks!
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Constant Guard.lnk
ShortcutTarget: Constant Guard.lnk -> C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe (White Sky, Inc.)
Startup: C:\Users\bryga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verizon Wireless Software Utility Application for Android – Samsung.lnk
ShortcutTarget: Verizon Wireless Software Utility Application for Android – Samsung.lnk -> C:\Users\GAdmin\AppData\Roaming\Verizon\UA_ar\UA.exe (No File)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.default-search.net?sid=476&aid=100&itype=n&ver=12302&tm=314&src=hmp
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-search.net/search?sid=476&aid=100&itype=a&ver=12692&tm=314&src=ds&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: No Name -> {4F564F32-5637-4300-76A7-7A786E7484D7} ->  No File
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: No Name -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} ->  No File
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: PasswordBox Helper -> {5DB69B97-934B-451D-94DB-32EF802A01CD} -> C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll (PasswordBox, Inc.)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} ->  No File
BHO-x32: Constant Guard Protection Suite -> {B84CDBE7-1B46-494B-A188-01D4C52DEB61} -> C:\ProgramData\White Sky, Inc\ID Vault\IEBHO1.14.922.1\NativeBHO.dll (WhiteSky)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> \bin\jp2ssv.dll No File
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {4F564F32-5637-4300-76A7-7A786E7484D7} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{781318B8-AB05-469F-992B-B100ACC1F831}: [NameServer] 208.69.150.250,208.69.150.252
Tcpip\..\Interfaces\{AAFE70EE-C607-46A6-A259-8B628BE8A989}: [NameServer] 75.75.75.75,75.75.76.76
 
FireFox:
========
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.3.1 -> C:\WINDOWS\system32\npDeployJava1.dll No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.1.204
FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.1.204 [2014-02-05]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013-12-29]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2014-10-27]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-27]
 
Chrome: 
=======
CHR Profile: C:\Users\GAdmin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\GAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-28]
CHR Extension: (Avast Online Security) - C:\Users\GAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-28]
CHR Extension: (Norton Identity Safe) - C:\Users\GAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-10-28]
CHR Extension: (Norton Security Toolbar) - C:\Users\GAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-10-28]
CHR Extension: (Google Wallet) - C:\Users\GAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-28]
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-16]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-27]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-16]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-27] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-10-27] (Avast Software)
S4 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2255064 2013-10-28] (Broadcom Corporation.)
S4 BrcmMgmtAgent; C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [204288 2012-08-02] (Broadcom Corporation) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2436280 2014-09-25] (Microsoft Corporation)
S4 dlcx_device; C:\Windows\system32\dlcxcoms.exe [561152 2006-10-11] ( )
S4 dlcx_device; C:\Windows\SysWOW64\dlcxcoms.exe [532480 2006-10-11] ( ) [File not signed]
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-09-24] (Microsoft Corporation)
R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\N360.exe [265040 2014-10-02] (Symantec Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-09-24] (Microsoft Corporation)
S4 PasswordBox; C:\Program Files (x86)\PasswordBox\pbbtnService.exe [67584 2014-05-14] (PasswordBox, Inc.) [File not signed]
S4 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481816 2014-04-23] (Sony Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-21] (Microsoft Corporation)
S4 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-11] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-09-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-09-24] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-10-27] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-10-31] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-10-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-10-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-10-31] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-10-27] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-10-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-10-27] ()
S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-10-28] (Broadcom Corporation.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20141016.001\BHDrvx64.sys [1587416 2014-10-03] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-09] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-09] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20141030.001\IDSvia64.sys [633560 2014-08-29] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20141030.036\ENG64.SYS [129752 2014-10-22] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20141030.036\EX64.SYS [2137304 2014-10-22] (Symantec Corporation)
R3 OEM02Dev; C:\Windows\system32\DRIVERS\OEM02Dev.sys [266624 2007-10-10] (Creative Technology Ltd.)
R3 OEM02Vfx; C:\Windows\system32\DRIVERS\OEM02Vfx.sys [12288 2007-03-05] (EyePower Games Pte. Ltd.)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1506000.020\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2014-10-31] ()
R0 SymDS; C:\Windows\System32\drivers\N360x64\1506000.020\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1506000.020\SYMEFA64.SYS [1148120 2014-08-25] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1506000.020\SymELAM.sys [23568 2013-09-09] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-12-29] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1506000.020\SYMNETS.SYS [593112 2014-08-25] (Symantec Corporation)
S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2014-03-19] (Anchorfree Inc.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [270728 2014-10-27] (Avast Software)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [71680 2014-04-29] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-09-24] (Microsoft Corporation)
S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog64.sys [X]
S3 dcdbas; \SystemRoot\System32\drivers\dcdbas64.sys [X]
S3 SWVNIC; \SystemRoot\system32\DRIVERS\swvnic.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-31 12:16 - 2014-10-31 12:17 - 00025908 _____ () C:\Users\GAdmin\Downloads\FRST.txt
2014-10-31 12:13 - 2014-10-31 12:13 - 02113536 _____ (Farbar) C:\Users\GAdmin\Downloads\FRST64.exe
2014-10-31 11:25 - 2014-10-31 11:25 - 40034856 ____T () C:\WINDOWS\SysWOW64\00010332.tmp
2014-10-31 11:25 - 2014-10-31 11:25 - 40034856 ____T () C:\WINDOWS\SysWOW64\00000181.tmp
2014-10-31 11:07 - 2014-10-31 11:07 - 00023849 _____ () C:\Users\bryga_000\Downloads\Addition.txt
2014-10-31 11:05 - 2014-10-31 11:07 - 00068199 _____ () C:\Users\bryga_000\Downloads\FRST.txt
2014-10-31 11:03 - 2014-10-31 12:16 - 00000000 ____D () C:\FRST
2014-10-31 11:03 - 2014-10-31 11:03 - 02113536 _____ (Farbar) C:\Users\bryga_000\Downloads\FRST64.exe
2014-10-31 11:01 - 2014-10-31 11:01 - 01105408 _____ (Farbar) C:\Users\bryga_000\Downloads\FRST.exe
2014-10-31 10:39 - 2014-10-31 10:40 - 00297080 _____ () C:\WINDOWS\Minidump\103114-68859-01.dmp
2014-10-30 20:40 - 2014-10-30 20:40 - 02194064 _____ (Microsoft Corporation) C:\Users\bryga_000\Downloads\DefaultPack.EXE
2014-10-30 20:29 - 2014-10-30 20:30 - 00298032 _____ () C:\WINDOWS\Minidump\103014-64437-01.dmp
2014-10-30 16:29 - 2014-10-30 16:30 - 00297144 _____ () C:\WINDOWS\Minidump\103014-63328-01.dmp
2014-10-30 14:56 - 2014-10-30 14:56 - 40034856 ____T () C:\WINDOWS\SysWOW64\00023589.tmp
2014-10-30 14:56 - 2014-10-30 14:56 - 40034856 ____T () C:\WINDOWS\SysWOW64\00005896.tmp
2014-10-30 14:56 - 2014-10-30 14:56 - 40034856 ____T () C:\WINDOWS\SysWOW64\00005765.tmp
2014-10-30 13:57 - 2014-10-31 10:39 - 00000000 ____D () C:\WINDOWS\Minidump
2014-10-30 13:57 - 2014-10-30 13:58 - 00301584 _____ () C:\WINDOWS\Minidump\103014-67703-01.dmp
2014-10-28 11:24 - 2014-10-28 13:59 - 00010479 _____ () C:\Users\bryga_000\Desktop\Laundry Soap.xlsx
2014-10-28 10:42 - 2014-10-28 10:42 - 00000005 _____ () C:\WINDOWS\SysWOW64\lMMLDeleteUserData42107612FX.tmp
2014-10-28 10:39 - 2014-10-28 10:44 - 00000000 ____D () C:\WINDOWS\system32\appmgmt
2014-10-28 10:36 - 2014-10-28 10:36 - 00000000 ____D () C:\Sun
2014-10-28 06:19 - 2014-10-28 08:09 - 00000247 _____ () C:\WINDOWS\system32\2014-10-28-13-19-53.024-aswFe.exe-14536.log
2014-10-28 04:25 - 2014-10-28 04:25 - 00000197 _____ () C:\WINDOWS\system32\2014-10-28-11-25-00.011-AvastVBoxSVC.exe-9440.log
2014-10-28 03:47 - 2014-10-28 03:48 - 00000197 _____ () C:\WINDOWS\system32\2014-10-28-10-47-02.078-AvastVBoxSVC.exe-7540.log
2014-10-28 02:29 - 2014-10-28 03:46 - 00000247 _____ () C:\WINDOWS\system32\2014-10-28-09-29-44.041-aswFe.exe-4088.log
2014-10-27 22:47 - 2014-10-27 22:47 - 00000197 _____ () C:\WINDOWS\system32\2014-10-28-05-47-15.003-AvastVBoxSVC.exe-5056.log
2014-10-27 16:03 - 2014-10-27 16:04 - 00000000 ____D () C:\ProgramData\Dell
2014-10-27 15:44 - 2014-10-27 15:44 - 00089328 _____ () C:\Users\GAdmin\Desktop\Extras.Txt
2014-10-27 15:41 - 2014-10-27 15:41 - 00158150 _____ () C:\Users\GAdmin\Desktop\OTL.Txt
2014-10-27 15:17 - 2014-10-27 15:20 - 00000197 _____ () C:\WINDOWS\system32\2014-10-27-22-17-30.006-AvastVBoxSVC.exe-2524.log
2014-10-27 15:06 - 2014-10-27 15:06 - 00000000 ____D () C:\_OTL
2014-10-27 14:30 - 2014-10-27 14:30 - 00602112 _____ (OldTimer Tools) C:\Users\GAdmin\Desktop\OTL.exe
2014-10-27 13:11 - 2014-10-27 13:11 - 00000000 ____D () C:\Users\bryga_000\AppData\Roaming\AVAST Software
2014-10-27 13:00 - 2014-10-27 13:00 - 00000247 _____ () C:\WINDOWS\system32\2014-10-27-20-00-42.025-aswFe.exe-3952.log
2014-10-27 12:55 - 2014-10-27 13:00 - 00000247 _____ () C:\WINDOWS\system32\2014-10-27-19-55-33.093-aswFe.exe-3760.log
2014-10-27 12:55 - 2014-10-27 12:55 - 00000197 _____ () C:\WINDOWS\system32\2014-10-27-19-55-31.012-AvastVBoxSVC.exe-4936.log
2014-10-27 12:47 - 2014-10-27 12:48 - 00000000 ____D () C:\WINDOWS\SysWOW64\vbox
2014-10-27 12:47 - 2014-10-27 12:48 - 00000000 ____D () C:\WINDOWS\system32\vbox
2014-10-27 12:35 - 2014-10-28 07:19 - 00003942 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9C5D0419-E574-4B64-80B9-129FE35C7203}
2014-10-27 12:35 - 2014-10-27 12:35 - 00000000 __SHD () C:\Users\GAdmin\AppData\Local\EmieUserList
2014-10-27 12:35 - 2014-10-27 12:35 - 00000000 __SHD () C:\Users\GAdmin\AppData\Local\EmieSiteList
2014-10-27 11:58 - 2014-10-27 11:58 - 00000000 ____D () C:\Users\GAdmin\AppData\Roaming\AVAST Software
2014-10-27 11:12 - 2014-10-27 11:12 - 00000000 ____D () C:\Users\bryga_000\Desktop\GPUCache
2014-10-27 11:08 - 2014-10-27 11:08 - 00001980 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-10-27 11:08 - 2014-10-27 11:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-10-27 11:04 - 2014-10-30 20:34 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-10-27 11:03 - 2014-10-27 11:02 - 00267632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-10-27 11:03 - 2014-10-27 11:02 - 00116728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-10-27 11:02 - 2014-10-31 12:12 - 01050432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2014-10-27 11:02 - 2014-10-31 12:12 - 00083280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
2014-10-27 11:02 - 2014-10-27 11:02 - 00436624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-10-27 11:02 - 2014-10-27 11:02 - 00364512 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-10-27 11:02 - 2014-10-27 11:02 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-10-27 11:02 - 2014-10-27 11:02 - 00082768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys.1414782711078
2014-10-27 11:02 - 2014-10-27 11:02 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-10-27 11:02 - 2014-10-27 11:02 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-10-27 11:02 - 2014-10-27 11:02 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-10-27 11:02 - 2014-10-27 11:01 - 01049920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys.1414782711078
2014-10-27 10:59 - 2014-10-27 10:59 - 00000000 ____D () C:\Program Files\AVAST Software
2014-10-27 10:56 - 2014-10-27 11:00 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-10-20 16:41 - 2014-08-14 17:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-10-20 16:38 - 2014-08-23 00:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-10-20 16:38 - 2014-08-23 00:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-10-20 16:38 - 2014-08-22 23:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-10-20 16:38 - 2014-08-22 22:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-10-20 16:38 - 2014-08-22 21:44 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-10-20 16:38 - 2014-08-22 21:34 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-10-20 16:38 - 2014-08-22 21:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-10-20 16:38 - 2014-08-22 21:31 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-10-20 16:38 - 2014-08-22 21:20 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-10-20 16:35 - 2014-08-01 17:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-10-20 16:35 - 2014-07-15 11:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-10-20 16:35 - 2014-07-15 01:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-10-20 16:35 - 2014-07-15 01:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-10-20 16:35 - 2014-07-15 01:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-10-20 16:35 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-10-20 16:35 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-10-20 16:35 - 2014-05-02 22:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-10-20 16:35 - 2014-05-02 22:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-10-20 16:35 - 2014-05-02 22:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-10-20 16:35 - 2014-05-02 22:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-10-20 16:35 - 2014-05-02 21:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-10-20 16:35 - 2014-05-02 21:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-10-20 16:35 - 2014-05-02 21:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-10-20 16:35 - 2014-05-02 16:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-10-20 16:35 - 2014-04-29 23:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-10-20 16:35 - 2014-04-29 23:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-10-20 16:35 - 2014-04-29 23:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-10-20 16:35 - 2014-04-29 23:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-10-20 16:35 - 2014-04-29 22:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-10-20 16:35 - 2014-04-29 21:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-10-20 16:35 - 2014-04-29 21:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-10-20 16:35 - 2014-04-29 21:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-10-20 16:35 - 2014-04-29 21:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-10-20 16:35 - 2014-04-29 21:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-10-20 16:35 - 2014-04-29 21:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-10-20 16:35 - 2014-04-29 20:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-10-20 16:35 - 2014-04-29 20:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-10-20 16:35 - 2014-04-29 20:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-10-20 16:35 - 2014-04-29 20:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-10-20 16:35 - 2014-04-29 20:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-10-20 16:35 - 2014-04-29 20:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-10-20 16:35 - 2014-04-28 15:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-10-20 16:35 - 2014-04-26 11:41 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfg.exe
2014-10-20 16:35 - 2014-04-26 11:22 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2014-10-20 16:35 - 2014-04-26 11:04 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2014-10-20 16:35 - 2014-04-26 10:36 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2014-10-20 16:35 - 2014-04-26 09:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-10-20 16:35 - 2014-04-14 02:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-10-20 16:35 - 2014-04-14 01:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-10-20 16:35 - 2014-04-13 22:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-10-20 16:34 - 2014-08-15 21:08 - 21195616 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-10-20 16:34 - 2014-08-15 21:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-10-20 16:34 - 2014-08-15 21:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-10-20 16:34 - 2014-08-15 20:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-10-20 16:34 - 2014-08-15 20:57 - 02498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-10-20 16:34 - 2014-08-15 20:57 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-10-20 16:34 - 2014-08-15 20:16 - 18722600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-10-20 16:34 - 2014-08-15 20:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-10-20 16:34 - 2014-08-15 20:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-10-20 16:34 - 2014-08-15 18:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-10-20 16:34 - 2014-08-15 18:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2014-10-20 16:34 - 2014-08-15 17:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-10-20 16:34 - 2014-08-15 17:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-10-20 16:34 - 2014-08-15 17:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2014-10-20 16:34 - 2014-08-15 17:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-10-20 16:34 - 2014-08-15 17:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2014-10-20 16:34 - 2014-08-15 17:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-10-20 16:34 - 2014-08-15 17:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-10-20 16:34 - 2014-08-15 17:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-10-20 16:34 - 2014-08-15 17:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-20 16:34 - 2014-08-15 17:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-10-20 16:34 - 2014-08-15 17:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-10-20 16:34 - 2014-08-15 17:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-10-20 16:34 - 2014-08-15 17:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-20 16:34 - 2014-08-15 17:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-10-20 16:34 - 2014-08-15 17:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-10-20 16:34 - 2014-08-15 17:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-10-20 16:34 - 2014-08-15 17:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-10-20 16:34 - 2014-08-15 17:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-10-20 16:34 - 2014-08-15 17:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-10-20 16:34 - 2014-08-15 17:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-10-20 16:34 - 2014-08-15 17:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-10-20 16:34 - 2014-08-15 17:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-10-20 16:34 - 2014-08-15 17:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-10-20 16:34 - 2014-07-31 16:22 - 00388729 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-10-20 16:34 - 2014-07-23 20:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2014-10-20 16:34 - 2014-07-23 20:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2014-10-20 16:34 - 2014-06-01 19:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-10-20 16:34 - 2014-05-30 23:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-10-20 16:34 - 2014-05-30 23:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-10-20 16:34 - 2014-05-30 21:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-10-20 16:34 - 2014-05-30 21:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-10-20 16:34 - 2014-05-30 21:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-10-20 16:34 - 2014-05-28 23:21 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2014-10-20 16:34 - 2014-05-27 02:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-10-20 16:34 - 2014-05-27 02:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-10-20 16:34 - 2014-04-29 21:30 - 00668160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2014-10-20 16:34 - 2014-04-29 20:52 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2014-10-20 16:33 - 2014-10-09 15:16 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-10-20 16:33 - 2014-10-08 15:09 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-10-20 16:33 - 2014-09-18 18:24 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-10-20 16:33 - 2014-09-04 19:36 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-10-20 16:33 - 2014-07-11 21:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-10-20 16:33 - 2014-07-09 21:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lockscreencn.dll
2014-10-20 15:33 - 2014-10-31 10:47 - 00003954 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{DB5BE8A8-CDCF-435D-B2F8-C119AA984A4E}
2014-10-20 15:33 - 2014-10-20 15:33 - 00000000 __SHD () C:\Users\bryga_000\AppData\Local\EmieUserList
2014-10-20 15:33 - 2014-10-20 15:33 - 00000000 __SHD () C:\Users\bryga_000\AppData\Local\EmieSiteList
2014-10-20 15:31 - 2014-10-31 10:46 - 00000000 ___DO () C:\Users\bryga_000\OneDrive
2014-10-20 15:27 - 2014-10-20 15:27 - 00001446 _____ () C:\Users\bryga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-20 15:27 - 2014-10-20 15:27 - 00000020 ___SH () C:\Users\bryga_000\ntuser.ini
2014-10-20 15:20 - 2014-10-20 15:20 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Security Suite
2014-10-20 15:12 - 2014-10-20 15:12 - 00001446 _____ () C:\Users\GAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-20 15:11 - 2014-10-20 15:11 - 00000020 ___SH () C:\Users\GAdmin\ntuser.ini
2014-10-20 14:41 - 2014-10-21 00:00 - 00000000 ___DC () C:\WINDOWS\Panther
2014-10-20 14:40 - 2014-10-20 14:40 - 03448320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 01702400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-10-20 14:40 - 2014-10-20 14:40 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-10-20 14:40 - 2014-10-20 14:40 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-10-20 14:40 - 2014-10-20 14:40 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-10-20 14:39 - 2014-10-20 14:39 - 23631360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 17484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 13619200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 11807232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 05829632 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 04201472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 04183040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-10-20 14:39 - 2014-10-20 14:39 - 03117568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 02779648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 02321920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 02309632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 02187264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 02108416 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-10-20 14:39 - 2014-10-20 14:39 - 02017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-10-20 14:39 - 2014-10-20 14:39 - 01810944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 01447936 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-10-20 14:39 - 2014-10-20 14:39 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-20 14:38 - 2014-10-20 14:38 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-10-20 14:38 - 2014-10-20 14:38 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-10-20 14:37 - 2014-10-20 14:37 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-10-20 14:33 - 2014-10-20 14:33 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-10-20 14:28 - 2014-10-20 14:28 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hyper-V Management Tools
2014-10-20 14:28 - 2014-10-20 14:28 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-10-20 14:28 - 2014-10-20 14:28 - 00000000 ____D () C:\Program Files\MSBuild
2014-10-20 14:28 - 2014-10-20 14:28 - 00000000 ____D () C:\Program Files\Hyper-V
2014-10-20 14:28 - 2014-10-20 14:28 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-10-20 14:28 - 2014-10-20 14:28 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-10-20 14:27 - 2013-08-02 21:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2014-10-20 14:27 - 2013-08-02 21:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-10-20 14:27 - 2013-08-02 21:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2014-10-20 14:27 - 2013-08-02 21:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-10-20 14:07 - 2014-10-20 14:07 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-10-20 13:59 - 2014-10-20 13:59 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-10-20 13:57 - 2014-10-20 14:42 - 00030483 _____ () C:\WINDOWS\diagwrn.xml
2014-10-20 13:57 - 2014-10-20 14:42 - 00030483 _____ () C:\WINDOWS\diagerr.xml
2014-10-20 13:56 - 2014-10-30 15:00 - 00000000 ____D () C:\Users\GAdmin
2014-10-20 13:56 - 2014-10-30 13:58 - 00000000 ____D () C:\Users\bryga_000
2014-10-20 13:56 - 2014-10-20 13:59 - 00000000 ___RD () C:\Users\GAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-10-20 13:56 - 2014-10-20 13:59 - 00000000 ___RD () C:\Users\GAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-20 13:56 - 2014-10-20 13:58 - 00000000 ___RD () C:\Users\bryga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-10-20 13:56 - 2014-10-20 13:58 - 00000000 ___RD () C:\Users\bryga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-20 13:56 - 2014-09-24 00:25 - 00000369 _____ () C:\Users\GAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-10-20 13:56 - 2014-09-24 00:25 - 00000369 _____ () C:\Users\GAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-10-20 13:56 - 2014-09-24 00:25 - 00000369 _____ () C:\Users\bryga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-10-20 13:56 - 2014-09-24 00:25 - 00000369 _____ () C:\Users\bryga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-10-20 13:56 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\GAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-20 13:56 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\bryga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-20 13:56 - 2013-08-22 08:36 - 00000000 ____D () C:\Users\GAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-10-20 13:56 - 2013-08-22 08:36 - 00000000 ____D () C:\Users\bryga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-10-20 13:45 - 2014-10-31 11:56 - 01805709 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-20 13:45 - 2014-10-20 13:45 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_Apfiltr_01009.Wdf
2014-10-20 13:45 - 2014-10-20 13:45 - 00000000 ____D () C:\Program Files\DellTPad
2014-10-20 13:45 - 2013-08-29 15:43 - 06599968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-10-20 13:45 - 2013-08-29 15:43 - 03452192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2014-10-20 13:45 - 2013-08-29 15:43 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2014-10-20 13:45 - 2013-08-29 15:43 - 00920864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2014-10-20 13:45 - 2013-08-29 15:43 - 00219424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-10-20 13:45 - 2013-08-29 15:43 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2014-10-20 13:44 - 2014-10-20 13:45 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-10-20 13:44 - 2014-10-20 13:44 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-10-20 12:45 - 2014-10-20 14:42 - 00006629 _____ () C:\WINDOWS\comsetup.log
2014-10-20 10:54 - 2014-10-20 10:54 - 00000000 ____D () C:\Users\GAdmin\AppData\Roaming\Motorola Mobility
2014-10-19 21:44 - 2014-10-19 21:44 - 00001066 _____ () C:\Users\Public\Desktop\DivX Player.lnk
2014-10-19 21:43 - 2014-10-20 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2014-10-19 21:43 - 2014-10-19 21:43 - 00001131 _____ () C:\Users\Public\Desktop\DivX Converter.lnk
2014-10-19 21:43 - 2014-10-19 21:43 - 00000000 ____D () C:\Users\GAdmin\AppData\Roaming\DivX
2014-10-19 19:42 - 2014-07-02 13:48 - 01890080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434052.dll
2014-10-19 19:42 - 2014-07-02 13:48 - 01539928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434052.dll
2014-10-19 19:38 - 2014-10-19 19:38 - 00000000 ____D () C:\NVIDIA
2014-10-19 19:31 - 2014-10-20 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-10-19 19:30 - 2014-10-19 19:31 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-10-19 19:27 - 2014-10-19 19:27 - 00000000 ____D () C:\Program Files\Intel
2014-10-19 19:26 - 2014-10-19 19:26 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-19 19:19 - 2014-10-19 19:19 - 00000000 ____D () C:\ProgramData\SlimWare Utilities, Inc
2014-10-19 19:16 - 2014-10-20 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverUpdate
2014-10-19 19:16 - 2014-10-19 19:16 - 00000000 ____D () C:\Program Files (x86)\DriverUpdate
2014-10-17 17:15 - 2014-10-31 11:08 - 00005000 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for GARRETT-XPS-bryga_000 Garrett-XPS
2014-10-08 09:31 - 2014-10-20 14:08 - 00000000 ____D () C:\Users\bryga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-31 12:14 - 2014-03-19 13:25 - 00000000 ____D () C:\Users\bryga_000\AppData\Local\CrashDumps
2014-10-31 12:14 - 2013-07-16 08:21 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3749778937-3158879764-3578227263-1001
2014-10-31 12:10 - 2013-09-10 23:48 - 00016152 _____ () C:\WINDOWS\system32\Drivers\SWDUMon.sys
2014-10-31 12:10 - 2013-09-10 23:48 - 00000444 _____ () C:\WINDOWS\Tasks\DriverUpdate Startup.job
2014-10-31 12:09 - 2014-03-01 18:02 - 00000926 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-31 12:00 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-10-31 11:45 - 2014-04-28 14:08 - 00000948 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3749778937-3158879764-3578227263-1004UA.job
2014-10-31 11:42 - 2013-07-16 13:35 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3749778937-3158879764-3578227263-1004
2014-10-31 11:37 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-10-31 10:40 - 2013-08-22 07:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-31 10:38 - 2014-06-06 23:59 - 699223909 _____ () C:\WINDOWS\MEMORY.DMP
2014-10-30 11:29 - 2013-09-16 15:42 - 00000000 ____D () C:\Users\bryga_000\Documents\Outlook Files
2014-10-30 11:23 - 2014-09-24 00:17 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-30 11:20 - 2014-03-11 16:38 - 00000000 ____D () C:\Users\bryga_000\Desktop\The Hunt
2014-10-29 22:07 - 2013-08-22 07:46 - 00338535 _____ () C:\WINDOWS\setupact.log
2014-10-29 13:45 - 2014-04-28 14:08 - 00000896 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3749778937-3158879764-3578227263-1004Core.job
2014-10-28 16:35 - 2013-07-16 13:27 - 00000000 ____D () C:\Users\bryga_000\AppData\Local\Packages
2014-10-28 11:27 - 2014-09-24 00:03 - 00005270 _____ () C:\WINDOWS\PFRO.log
2014-10-28 11:26 - 2013-08-22 06:25 - 01310720 ___SH () C:\WINDOWS\system32\config\BBI
2014-10-28 10:50 - 2014-08-05 20:05 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-28 10:43 - 2014-08-05 20:08 - 00000000 ____D () C:\ProgramData\Nero
2014-10-28 10:43 - 2014-08-05 20:05 - 00000000 ____D () C:\Users\GAdmin\AppData\Roaming\Motorola
2014-10-28 10:43 - 2014-08-05 20:05 - 00000000 ____D () C:\Program Files (x86)\Motorola
2014-10-27 22:48 - 2014-03-01 18:03 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-27 19:07 - 2014-07-21 20:42 - 00000000 ____D () C:\Users\GAdmin\AppData\Local\fst_us_170
2014-10-27 15:16 - 2013-08-22 06:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-10-27 12:49 - 2013-12-29 22:06 - 00000000 ____D () C:\Users\GAdmin\AppData\Roaming\ID Vault
2014-10-27 12:48 - 2014-04-09 14:22 - 00000000 ____D () C:\Users\GAdmin\AppData\Local\ID Vault
2014-10-27 12:45 - 2014-05-22 08:04 - 00000000 ____D () C:\Users\GAdmin\AppData\Local\NPE
2014-10-27 12:35 - 2013-08-21 20:59 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-10-27 11:44 - 2014-03-01 18:02 - 00000000 ____D () C:\Users\GAdmin\AppData\Local\Google
2014-10-27 11:38 - 2013-09-16 15:18 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-10-23 16:16 - 2014-02-21 15:26 - 00052440 _____ () C:\Users\bryga_000\Desktop\Book3.xlsx
2014-10-23 15:03 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-10-23 13:41 - 2014-03-01 18:03 - 00003902 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-23 13:41 - 2014-03-01 18:03 - 00000930 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-23 13:41 - 2014-03-01 18:02 - 00003666 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-23 13:40 - 2014-04-28 14:08 - 00003902 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3749778937-3158879764-3578227263-1004UA
2014-10-23 13:40 - 2014-04-28 14:08 - 00003522 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3749778937-3158879764-3578227263-1004Core
2014-10-22 10:21 - 2012-07-26 00:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-10-22 10:08 - 2013-07-16 09:59 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-10-22 10:08 - 2013-07-16 09:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-10-22 09:59 - 2013-08-22 08:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-10-22 09:58 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-10-22 09:57 - 2014-09-24 02:57 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-10-22 09:57 - 2013-12-29 22:05 - 00000000 ____D () C:\Program Files (x86)\Constant Guard Protection Suite
2014-10-22 09:57 - 2013-11-21 09:23 - 00000000 ____D () C:\Program Files (x86)\PasswordBox
2014-10-22 09:08 - 2013-12-29 22:06 - 00000000 ____D () C:\Users\bryga_000\AppData\Roaming\ID Vault
2014-10-21 18:05 - 2014-08-11 14:33 - 00000000 ____D () C:\Users\bryga_000\AppData\Roaming\HpUpdate
2014-10-21 04:15 - 2013-07-16 09:27 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-10-21 03:39 - 2013-07-16 09:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-10-21 03:22 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-10-20 17:34 - 2013-10-07 15:35 - 00117248 ___SH () C:\Users\bryga_000\Desktop\Thumbs.db
2014-10-20 15:57 - 2013-08-22 07:46 - 00000766 _____ () C:\WINDOWS\setuperr.log
2014-10-20 15:55 - 2013-12-29 22:07 - 00000000 ____D () C:\Users\bryga_000\AppData\Local\ID Vault
2014-10-20 15:51 - 2014-08-05 20:08 - 00000000 ____D () C:\Temp
2014-10-20 15:50 - 2012-07-26 01:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-10-20 15:31 - 2014-04-24 20:45 - 00000000 ___RD () C:\Users\bryga_000\OneDrive.old
2014-10-20 15:19 - 2014-08-05 20:10 - 00000000 ____D () C:\Users\GAdmin\.gstreamer-0.10
2014-10-20 15:17 - 2013-07-16 08:15 - 00000000 ____D () C:\Users\GAdmin\AppData\Local\Packages
2014-10-20 15:12 - 2014-08-14 16:03 - 00003228 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2014-10-20 14:42 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Registration
2014-10-20 14:40 - 2013-08-22 08:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2014-10-20 14:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-10-20 14:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-10-20 14:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-10-20 14:39 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-10-20 14:28 - 2013-08-22 08:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-10-20 14:28 - 2013-08-22 08:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-10-20 14:28 - 2013-08-22 03:35 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteFileBrowse.dll
2014-10-20 14:28 - 2013-08-22 01:25 - 00533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmconnect.exe
2014-10-20 14:28 - 2013-08-22 00:35 - 00144967 _____ () C:\WINDOWS\system32\virtmgmt.msc
2014-10-20 14:12 - 2013-08-22 07:44 - 00555152 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-20 14:08 - 2014-08-11 16:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2014-10-20 14:08 - 2014-08-04 14:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-10-20 14:08 - 2014-07-21 20:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
2014-10-20 14:08 - 2014-07-21 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREESOFTTODAY
2014-10-20 14:08 - 2014-05-29 08:43 - 00000000 ____D () C:\Users\bryga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Cloud Player
2014-10-20 14:08 - 2014-05-28 12:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 16
2014-10-20 14:08 - 2014-04-28 14:15 - 00000000 ____D () C:\Users\bryga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromecast
2014-10-20 14:08 - 2014-04-24 20:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-10-20 14:08 - 2014-04-10 20:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tango
2014-10-20 14:08 - 2014-04-09 14:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Broadcom
2014-10-20 14:08 - 2014-04-09 14:31 - 00000000 ____D () C:\Users\GAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth
2014-10-20 14:08 - 2014-03-03 21:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2014-10-20 14:08 - 2014-03-01 18:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-20 14:08 - 2013-12-29 22:16 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Suite
2014-10-20 14:08 - 2013-10-19 23:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon
2014-10-20 14:08 - 2013-10-19 23:03 - 00000000 ____D () C:\Users\bryga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Verizon
2014-10-20 14:08 - 2013-08-21 21:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCare Data Recovery Free
2014-10-20 14:08 - 2013-08-07 23:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home
2014-10-20 14:07 - 2013-08-22 08:37 - 00004893 _____ () C:\WINDOWS\DtcInstall.log
2014-10-20 14:07 - 2012-07-25 22:37 - 00000000 ____D () C:\Users\Default.migrated
2014-10-20 14:06 - 2014-09-23 23:33 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2014-10-20 14:06 - 2014-09-23 23:33 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2014-10-20 14:06 - 2014-09-23 23:33 - 00000000 ____D () C:\WINDOWS\system32\WCN
2014-10-20 14:06 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2014-10-20 14:06 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-10-20 14:06 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2014-10-20 14:06 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2014-10-20 14:06 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-10-20 14:06 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-10-20 14:06 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2014-10-20 14:06 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2014-10-20 14:05 - 2013-08-22 08:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2014-10-20 14:05 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Resources
2014-10-20 14:05 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Help
2014-10-20 14:03 - 2014-03-17 09:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Printers
2014-10-20 14:03 - 2013-08-07 21:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disney
2014-10-20 14:03 - 2013-07-16 08:15 - 00000000 ____D () C:\ProgramData\PRICache
2014-10-20 14:02 - 2013-08-22 08:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2014-10-20 14:02 - 2013-08-22 08:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2014-10-20 14:02 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-10-20 13:59 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-10-20 13:59 - 2013-08-07 21:40 - 00000000 ____D () C:\Users\GAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WMV9 VCM
2014-10-20 13:49 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-10-20 13:43 - 2013-08-22 06:36 - 00000000 __RHD () C:\Users\Default
2014-10-20 13:15 - 2013-07-16 08:15 - 01451384 _____ () C:\WINDOWS\WindowsUpdate (1).log
2014-10-20 10:54 - 2013-07-16 08:15 - 00000000 ____D () C:\Users\GAdmin\AppData\Local\VirtualStore
2014-10-19 21:44 - 2013-08-31 17:01 - 00001617 _____ () C:\Users\GAdmin\Desktop\DivX Movies.lnk
2014-10-19 21:44 - 2013-08-31 16:50 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-10-19 21:44 - 2013-08-31 16:48 - 00000000 ____D () C:\ProgramData\DivX
2014-10-19 21:43 - 2013-08-31 17:00 - 00000000 ____D () C:\Program Files\DivX
2014-10-19 20:54 - 2013-12-15 20:34 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-19 19:32 - 2014-03-11 11:05 - 00003062 _____ () C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-10-19 19:32 - 2014-03-11 11:05 - 00003060 _____ () C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-10-19 19:16 - 2013-09-10 23:47 - 00002469 _____ () C:\Users\Public\Desktop\DriverUpdate.lnk
2014-10-19 19:16 - 2013-09-10 23:47 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2014-10-17 17:37 - 2014-05-29 08:43 - 00000000 ____D () C:\Users\bryga_000\AppData\Local\Amazon Cloud Player
2014-10-17 10:27 - 2013-12-29 22:05 - 00002201 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Constant Guard.lnk
2014-10-17 10:27 - 2013-12-29 22:05 - 00002189 _____ () C:\Users\Public\Desktop\Constant Guard.lnk
2014-10-17 10:21 - 2013-12-29 22:16 - 00000000 ____D () C:\WINDOWS\system32\Drivers\N360x64
2014-10-17 10:20 - 2013-12-29 22:17 - 00002440 _____ () C:\Users\Public\Desktop\Norton Security Suite.lnk
2014-10-10 09:04 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-10-08 21:21 - 2014-05-28 12:52 - 00000956 _____ () C:\Users\bryga_000\AppData\Roaming\__AvidCloudManager.log
2014-10-08 21:20 - 2014-05-28 12:52 - 00000000 ____D () C:\Users\bryga_000\temp
2014-10-08 20:10 - 2014-05-28 12:51 - 00000000 ____D () C:\Users\bryga_000\AppData\Local\Avid
2014-10-08 20:10 - 2014-05-28 12:34 - 00000349 _____ () C:\Users\Public\Documents\PCLECHAL.INI
2014-10-08 20:09 - 2014-05-28 12:52 - 00000763 _____ () C:\Users\bryga_000\AppData\Roaming\GARRETT-XPS.MTBF.txt
2014-10-06 09:40 - 2013-12-19 23:17 - 00036864 ___SH () C:\Users\bryga_000\Downloads\Thumbs.db
2014-10-03 10:02 - 2013-07-16 09:27 - 103265616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-10-20 13:42
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-10-2014 01
Ran by GAdmin at 2014-10-31 12:17:46
Running from C:\Users\GAdmin\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security Suite (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Norton Security Suite (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: Norton Security Suite (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2206 - AVAST Software)
Broadcom NetXtreme-I Netlink Driver and Management Installer (HKLM\...\{0AEF4677-C1BE-489C-A5BA-85382F8DA38B}) (Version: 15.4.13.2 - Broadcom Corporation)
Constant Guard Protection Suite (HKLM-x32\...\ID Vault) (Version: 1.14.922.1 - Comcast)
Dell Photo AIO Printer 926 (HKLM\...\Dell Photo AIO Printer 926) (Version:  - Dell, Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.209 - ALPS ELECTRIC CO., LTD.)
Disney Pix 3.2 (HKLM-x32\...\{B78ACFBD-A0AD-4A37-B8EB-B01745793E67}) (Version: 3.2.0.4 - Disney©)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.88 - DivX, LLC)
DriverUpdate (HKLM-x32\...\{CF516344-84E1-4420-BDAD-52E13F32D07E}) (Version: 2.2.41149 - SlimWare Utilities, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
HP ENVY 4500 series Basic Device Software (HKLM\...\{38A08516-1847-43E4-8076-9540B60EC43B}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP ENVY 4500 series Help (HKLM-x32\...\{95BECC50-22B4-4FCA-8A2E-BF77713E6D3A}) (Version: 30.0.0 - Hewlett Packard)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
iCare Data Recovery Free 5.0 (HKLM-x32\...\iCare Data Recovery Free_is1) (Version:  - iCare Software)
InstallVC90Support (x32 Version: 1.01.0000 - Novatel Wireless) Hidden
Intel® Chipset Device Software (x32 Version: 10.0.13 - Intel® Corporation) Hidden
Laptop Integrated Webcam Driver (1.04.01.1011)   (HKLM\...\Creative OEM002) (Version:  - )
Linkey (HKCU\...\Linkey) (Version: 0.0.0.431 - Aztec Media Inc) <==== ATTENTION
MergeModule_x64 (Version: 8.0.00 - Sony Corporation) Hidden
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4659.1001 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4659.1001 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Windows Media Video 9 VCM (HKLM-x32\...\WMV9_VCM) (Version:  - )
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Norton Security Suite (HKLM-x32\...\N360) (Version: 21.6.0.32 - Symantec Corporation)
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
PDF24 Creator 6.3.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Pinnacle Studio 16 - Install Manager (HKLM-x32\...\{F1886CD7-9F73-417A-92E9-7E0AB0F0E099}) (Version: 16.0.75 - Avid Technology, Inc.)
Pinnacle Studio 16 (HKLM-x32\...\{284BFDBC-DAC6-43EC-85A8-E1CEC0D3A114}) (Version: 16.0.0.75 - Avid Technology, Inc.)
Pinnacle Video Driver (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
PlayMemories Home (HKLM-x32\...\{7EA1A4E8-A5CE-4626-87DC-6DEF99BAE931}) (Version: 3.1.11.04230 - Sony Corporation)
Product Improvement Study for HP ENVY 4500 series (HKLM\...\{3A5F6684-5FD8-4660-A4DA-BF60A20FCCFC}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.22.0 - SAMSUNG Electronics Co., Ltd.)
SOHLib for PlayMemories Home (Version: 1.0.3.02170 - Sony Corporation) Hidden
Tango (HKCU\...\Tango) (Version: 1.6.14117 - TangoMe, Inc.)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Verizon Wireless Software Upgrade Assistant - Samsung(ar) (HKLM-x32\...\{7D75F678-4499-436C-B219-9E6DC24EE82D}) (Version: 2.13.0903 - Samsung Electronics Co., Ltd.)
Verizon Wireless Software Utility Application for Android - Samsung (HKLM-x32\...\{2FFBFBA6-8191-45A5-B952-226DB651268E}) (Version: 2.13.0806 - Samsung Electronics Co., Ltd.)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.4700 - Broadcom Corporation)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-3749778937-3158879764-3578227263-1004_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\bryga_000\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3749778937-3158879764-3578227263-1004_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\bryga_000\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3749778937-3158879764-3578227263-1004_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\bryga_000\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3749778937-3158879764-3578227263-1004_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\bryga_000\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3749778937-3158879764-3578227263-1004_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 247 more characters). <==== Poweliks?
CustomCLSID: HKU\S-1-5-21-3749778937-3158879764-3578227263-1004_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\bryga_000\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3749778937-3158879764-3578227263-1004_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\bryga_000\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3749778937-3158879764-3578227263-1004_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\bryga_000\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3749778937-3158879764-3578227263-1004_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\bryga_000\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3749778937-3158879764-3578227263-1004_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\bryga_000\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3749778937-3158879764-3578227263-1004_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\bryga_000\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
 
==================== Restore Points  =========================
 
21-10-2014 10:22:42 Windows Update
27-10-2014 17:57:48 avast! antivirus system restore point
27-10-2014 21:20:24 Before installing program xx 10/27/17
28-10-2014 17:41:05 Removed MotoCast
28-10-2014 17:49:44 Removed Motorola Device Manager
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 06:25 - 2013-08-22 06:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0FCDC31F-8ADB-4F45-97D7-F8E15E4FCAAC} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {15469E3E-4818-4257-8DA5-8B5674DD91CB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3749778937-3158879764-3578227263-1004Core => C:\Users\bryga_000\AppData\Local\Google\Update\GoogleUpdate.exe [2014-04-28] (Google Inc.)
Task: {1E74EFBD-CC39-4899-A3B8-F3086CB5C7D6} - System32\Tasks\DriverUpdate Startup => C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe [2014-09-11] (SlimWare Utilities, Inc.)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2DA57115-01EB-4DA5-93D7-640A1C12D8AB} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2014-01-16] (Sony Corporation)
Task: {2EC0179C-F7DD-4AB2-ADDB-2C3F8C12CEEB} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {2F0C332C-3B52-42CC-810A-CE828A1329E0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3749778937-3158879764-3578227263-1004UA => C:\Users\bryga_000\AppData\Local\Google\Update\GoogleUpdate.exe [2014-04-28] (Google Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-21] (Microsoft Corporation)
Task: {35D8DEA7-75A1-4967-9986-3EEF1F851895} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-09-25] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3FD0B1DD-DBC9-46A9-A7F0-9785D1D9D600} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-09-24] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {511C9BCC-BCB4-48C6-B10D-95B635BBBEF5} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation)
Task: {5BB11712-EA6D-4589-B017-2801354768C0} - System32\Tasks\HPCustParticipation HP ENVY 4500 series => C:\Program Files\HP\HP ENVY 4500 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77376E9D-50DC-4F6F-BBC5-C28689E59C9C} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7C4E57D6-B619-474D-9AC9-2393249C11D3} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {7E6DB0E3-5361-4E06-BA1B-DBC16C5015DF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {80694E8A-7288-427C-AA69-A78B0F7EF428} - System32\Tasks\Microsoft Office 15 Sync Maintenance for GARRETT-XPS-bryga_000 Garrett-XPS => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-09-16] (Microsoft Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8CF9D7D1-7D62-4580-9BE9-2F2D01BBECF5} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {8EEF9E4B-CD0D-4F1A-8A79-F7451309688E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-08-26] (Microsoft Corporation)
Task: {94AE58B1-9D0F-44E5-A0AC-86593092BD7A} - System32\Tasks\Norton Security Suite\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A6B1FDAA-6B77-4605-ABF3-B4F6222E101E} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {ACA3C32A-42E7-4808-BBC0-AD3FAE00424B} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {B636CE13-BB87-43ED-8BA6-7A61DF3B2F03} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-10-27] (AVAST Software)
Task: {BD3D3EF9-6DBB-48D0-A700-F7C84C36AF54} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-01] (Google Inc.)
Task: {C3BF622F-7C8C-46E2-A5FA-29DCD711E161} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-08-26] (Microsoft Corporation)
Task: {C628AF7A-1EB0-4904-A9B0-6D17F1C4115A} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {C7913E28-1E81-4A1F-B1A5-1B4773E483AB} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-09-25] (Microsoft Corporation)
Task: {CB8E0D48-3937-41B0-AA0D-150FD64D4A68} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-01] (Google Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D4473CAA-F2CA-4739-97F3-805701F26221} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {D536D0F0-C5BA-489A-B7F3-023A21CB96FB} - System32\Tasks\HP AR Program Upload - 8a0bbf06f4e84eefae8ebc8443892fbaac914fe8aa1e40f09cb2e8baf89553c5 => C:\Program Files\HP\HP ENVY 4500 series\bin\HPRewards.exe [2014-03-06] (TODO: <Company name>)
Task: {D568B449-9615-4B42-8ECB-21307855BDD8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-10-03] (Microsoft Corporation)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F6AD7FD4-3FCB-452C-9D5C-C3CF47FD8BB0} - System32\Tasks\Norton Security Suite\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: C:\WINDOWS\Tasks\DriverUpdate Startup.job => C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3749778937-3158879764-3578227263-1004Core.job => C:\Users\bryga_000\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3749778937-3158879764-3578227263-1004UA.job => C:\Users\bryga_000\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-03-17 09:38 - 2006-10-20 00:39 - 00144896 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\dlcxdrpp.dll
2014-03-19 14:02 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-10-27 11:01 - 2014-10-27 11:01 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-10-27 11:01 - 2014-10-27 11:01 - 05846160 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2014-10-27 11:21 - 2014-09-09 07:59 - 08896160 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-05-29 08:43 - 2014-05-08 10:26 - 03145536 _____ () C:\Users\bryga_000\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2014-10-30 14:02 - 2014-10-30 14:02 - 02897920 _____ () C:\Program Files\AVAST Software\Avast\defs\14103001\algo.dll
2014-10-27 11:01 - 2014-10-27 11:01 - 04491192 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2014-10-31 10:42 - 2014-10-31 10:42 - 02898944 _____ () C:\Program Files\AVAST Software\Avast\defs\14103101\algo.dll
2014-10-27 11:02 - 2014-10-27 11:02 - 38561576 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-10-27 22:47 - 2014-10-21 21:04 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-10-27 22:47 - 2014-10-21 21:04 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll
2014-10-27 22:47 - 2014-10-21 21:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-10-27 22:47 - 2014-10-21 21:04 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
2014-10-27 22:47 - 2014-10-21 21:04 - 00310088 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libexif.dll
2014-10-27 22:47 - 2014-10-21 21:05 - 14902600 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\WINDOWS\system32\dlcxcomm.dll:Microsoft_Appcompat_ReinstallUpgrade
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\Users\bryga_000\OneDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: APNMCP => 2
MSCONFIG\Services: BcmBtRSupport => 2
MSCONFIG\Services: BrcmMgmtAgent => 2
MSCONFIG\Services: btwdins => 2
MSCONFIG\Services: DeviceMonitorService => 2
MSCONFIG\Services: dlcx_device => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IDVaultSvc => 2
MSCONFIG\Services: Motorola Device Manager => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: PasswordBox => 2
MSCONFIG\Services: PMBDeviceInfoProvider => 2
MSCONFIG\Services: PST Service => 2
MSCONFIG\Services: SOHDms => 2
MSCONFIG\Services: SOHDs => 3
MSCONFIG\Services: SpfService => 3
MSCONFIG\Services: SWGVCSvc => 2
MSCONFIG\Services: vToolbarUpdater18.1.9 => 2
HKLM\...\StartupApproved\StartupFolder: => "Bluetooth.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Constant Guard.lnk"
HKLM\...\StartupApproved\Run: => "dlcxmon.exe"
HKLM\...\StartupApproved\Run: => "MemoryCardManager"
HKLM\...\StartupApproved\Run32: => "ApnTBMon"
HKLM\...\StartupApproved\Run32: => "DivXMediaServer"
HKLM\...\StartupApproved\Run32: => "DivXUpdate"
HKLM\...\StartupApproved\Run32: => "fst_us_170"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "PMBVolumeWatcher"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "vProt"
HKCU\...\StartupApproved\Run: => "MotoCast"
HKCU\...\StartupApproved\Run: => "Tango"
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-3749778937-3158879764-3578227263-500 - Administrator - Disabled)
bryga_000 (S-1-5-21-3749778937-3158879764-3578227263-1004 - Limited - Enabled) => C:\Users\bryga_000
GAdmin (S-1-5-21-3749778937-3158879764-3578227263-1001 - Administrator - Enabled) => C:\Users\GAdmin
Guest (S-1-5-21-3749778937-3158879764-3578227263-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3749778937-3158879764-3578227263-1008 - Limited - Enabled)
 
==================== Faulty Device Manager Devices =============
 
Name: Data Interface
Description: Data Interface
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: PCI Device
Description: PCI Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Base System Device
Description: Base System Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Data Interface
Description: Data Interface
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/31/2014 00:14:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dllhost.exe, version: 6.3.9600.16384, time stamp: 0x52157bbc
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x001801e2
Faulting process id: 0x16e0
Faulting application start time: 0xdllhost.exe0
Faulting application path: dllhost.exe1
Faulting module path: dllhost.exe2
Report Id: dllhost.exe3
Faulting package full name: dllhost.exe4
Faulting package-relative application ID: dllhost.exe5
 
Error: (10/31/2014 00:09:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dllhost.exe, version: 6.3.9600.16384, time stamp: 0x52157bbc
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00c301e2
Faulting process id: 0x2c0
Faulting application start time: 0xdllhost.exe0
Faulting application path: dllhost.exe1
Faulting module path: dllhost.exe2
Report Id: dllhost.exe3
Faulting package full name: dllhost.exe4
Faulting package-relative application ID: dllhost.exe5
 
Error: (10/31/2014 00:04:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dllhost.exe, version: 6.3.9600.16384, time stamp: 0x52157bbc
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00c501e2
Faulting process id: 0x438
Faulting application start time: 0xdllhost.exe0
Faulting application path: dllhost.exe1
Faulting module path: dllhost.exe2
Report Id: dllhost.exe3
Faulting package full name: dllhost.exe4
Faulting package-relative application ID: dllhost.exe5
 
Error: (10/31/2014 11:59:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dllhost.exe, version: 6.3.9600.16384, time stamp: 0x52157bbc
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00bf01e2
Faulting process id: 0x16f0
Faulting application start time: 0xdllhost.exe0
Faulting application path: dllhost.exe1
Faulting module path: dllhost.exe2
Report Id: dllhost.exe3
Faulting package full name: dllhost.exe4
Faulting package-relative application ID: dllhost.exe5
 
Error: (10/31/2014 11:54:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dllhost.exe, version: 6.3.9600.16384, time stamp: 0x52157bbc
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00ef01e2
Faulting process id: 0x740
Faulting application start time: 0xdllhost.exe0
Faulting application path: dllhost.exe1
Faulting module path: dllhost.exe2
Report Id: dllhost.exe3
Faulting package full name: dllhost.exe4
Faulting package-relative application ID: dllhost.exe5
 
Error: (10/31/2014 11:49:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dllhost.exe, version: 6.3.9600.16384, time stamp: 0x52157bbc
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x008901e2
Faulting process id: 0x1434
Faulting application start time: 0xdllhost.exe0
Faulting application path: dllhost.exe1
Faulting module path: dllhost.exe2
Report Id: dllhost.exe3
Faulting package full name: dllhost.exe4
Faulting package-relative application ID: dllhost.exe5
 
Error: (10/30/2014 08:56:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dllhost.exe, version: 6.3.9600.16384, time stamp: 0x52157bbc
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00f201e2
Faulting process id: 0x1c48
Faulting application start time: 0xdllhost.exe0
Faulting application path: dllhost.exe1
Faulting module path: dllhost.exe2
Report Id: dllhost.exe3
Faulting package full name: dllhost.exe4
Faulting package-relative application ID: dllhost.exe5
 
Error: (10/30/2014 08:51:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dllhost.exe, version: 6.3.9600.16384, time stamp: 0x52157bbc
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x003001e2
Faulting process id: 0x19f4
Faulting application start time: 0xdllhost.exe0
Faulting application path: dllhost.exe1
Faulting module path: dllhost.exe2
Report Id: dllhost.exe3
Faulting package full name: dllhost.exe4
Faulting package-relative application ID: dllhost.exe5
 
Error: (10/30/2014 08:46:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dllhost.exe, version: 6.3.9600.16384, time stamp: 0x52157bbc
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x008601e2
Faulting process id: 0x1354
Faulting application start time: 0xdllhost.exe0
Faulting application path: dllhost.exe1
Faulting module path: dllhost.exe2
Report Id: dllhost.exe3
Faulting package full name: dllhost.exe4
Faulting package-relative application ID: dllhost.exe5
 
Error: (10/30/2014 08:41:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dllhost.exe, version: 6.3.9600.16384, time stamp: 0x52157bbc
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x007601e2
Faulting process id: 0x154c
Faulting application start time: 0xdllhost.exe0
Faulting application path: dllhost.exe1
Faulting module path: dllhost.exe2
Report Id: dllhost.exe3
Faulting package full name: dllhost.exe4
Faulting package-relative application ID: dllhost.exe5
 
 
System errors:
=============
Error: (10/31/2014 11:05:35 AM) (Source: DCOM) (EventID: 10010) (User: Garrett-XPS)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
Error: (10/31/2014 11:05:03 AM) (Source: DCOM) (EventID: 10010) (User: Garrett-XPS)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
Error: (10/31/2014 11:04:31 AM) (Source: DCOM) (EventID: 10010) (User: Garrett-XPS)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
Error: (10/31/2014 11:04:00 AM) (Source: DCOM) (EventID: 10010) (User: Garrett-XPS)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
Error: (10/31/2014 11:03:25 AM) (Source: DCOM) (EventID: 10010) (User: Garrett-XPS)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
Error: (10/31/2014 11:02:54 AM) (Source: DCOM) (EventID: 10010) (User: Garrett-XPS)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
Error: (10/31/2014 11:02:21 AM) (Source: DCOM) (EventID: 10010) (User: Garrett-XPS)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
Error: (10/31/2014 11:01:50 AM) (Source: DCOM) (EventID: 10010) (User: Garrett-XPS)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
Error: (10/31/2014 11:01:18 AM) (Source: DCOM) (EventID: 10010) (User: Garrett-XPS)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
Error: (10/31/2014 11:00:46 AM) (Source: DCOM) (EventID: 10010) (User: Garrett-XPS)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
 
Microsoft Office Sessions:
=========================
Error: (10/31/2014 00:14:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: dllhost.exe6.3.9600.1638452157bbcunknown0.0.0.000000000c0000005001801e216e001cff53ef16e4420C:\WINDOWS\syswow64\dllhost.exeunknown2f396623-6132-11e4-beb6-0015c582a03d
 
Error: (10/31/2014 00:09:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: dllhost.exe6.3.9600.1638452157bbcunknown0.0.0.000000000c000000500c301e22c001cff53e3dfd1e7fC:\WINDOWS\syswow64\dllhost.exeunknown7bcd8ada-6131-11e4-beb6-0015c582a03d
 
Error: (10/31/2014 00:04:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: dllhost.exe6.3.9600.1638452157bbcunknown0.0.0.000000000c000000500c501e243801cff53d8ab204e3C:\WINDOWS\syswow64\dllhost.exeunknownc86ff8ec-6130-11e4-beb6-0015c582a03d
 
Error: (10/31/2014 11:59:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: dllhost.exe6.3.9600.1638452157bbcunknown0.0.0.000000000c000000500bf01e216f001cff53cd740c3f6C:\WINDOWS\syswow64\dllhost.exeunknown1501a9f4-6130-11e4-beb6-0015c582a03d
 
Error: (10/31/2014 11:54:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: dllhost.exe6.3.9600.1638452157bbcunknown0.0.0.000000000c000000500ef01e274001cff53c23e8a74cC:\WINDOWS\syswow64\dllhost.exeunknown61a84ee5-612f-11e4-beb6-0015c582a03d
 
Error: (10/31/2014 11:49:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: dllhost.exe6.3.9600.1638452157bbcunknown0.0.0.000000000c0000005008901e2143401cff53b7056de9aC:\WINDOWS\syswow64\dllhost.exeunknownae394710-612e-11e4-beb6-0015c582a03d
 
Error: (10/30/2014 08:56:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: dllhost.exe6.3.9600.1638452157bbcunknown0.0.0.000000000c000000500f201e21c4801cff4beb08c6d7fC:\WINDOWS\syswow64\dllhost.exeunknownee49a84a-60b1-11e4-beb5-0015c582a03d
 
Error: (10/30/2014 08:51:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: dllhost.exe6.3.9600.1638452157bbcunknown0.0.0.000000000c0000005003001e219f401cff4bdfd4de2ecC:\WINDOWS\syswow64\dllhost.exeunknown3b0b18cd-60b1-11e4-beb5-0015c582a03d
 
Error: (10/30/2014 08:46:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: dllhost.exe6.3.9600.1638452157bbcunknown0.0.0.000000000c0000005008601e2135401cff4bd4a0f8542C:\WINDOWS\syswow64\dllhost.exeunknown87ccc0ae-60b0-11e4-beb5-0015c582a03d
 
Error: (10/30/2014 08:41:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: dllhost.exe6.3.9600.1638452157bbcunknown0.0.0.000000000c0000005007601e2154c01cff4bc96d39074C:\WINDOWS\syswow64\dllhost.exeunknownd48e6a23-60af-11e4-beb5-0015c582a03d
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™2 Extreme CPU X7900 @ 2.80GHz
Percentage of memory in use: 63%
Total physical RAM: 4094.06 MB
Available physical RAM: 1501.62 MB
Total Pagefile: 8190.06 MB
Available Pagefile: 4554.23 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:185.97 GB) (Free:30.05 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 186.3 GB) (Disk ID: 3BB34E27)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=186 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 186.3 GB) (Disk ID: B85C0C57)
 
==================== End Of Log ============================


#6 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:35 AM

Posted 31 October 2014 - 03:09 PM

Hi,

warning.gif Malware Warning

All passwords should be changed immediately to include those used for banking, email, eBay, paypal and online forums from a CLEAN COMPUTER.

Step 1

frst.pngfrstfix.png

Press thew7.png + R on your keyboard at the same time. Type notepad and click OK.

  • Copy the entire content of the codebox below and paste into the notepad document:
    CloseProcesses:
    HKU\S-1-5-21-3749778937-3158879764-3578227263-1004\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 239 more characters). <==== Poweliks!
    IFEO\bitguard.exe: [Debugger] tasklist.exe
    IFEO\bprotect.exe: [Debugger] tasklist.exe
    IFEO\bpsvc.exe: [Debugger] tasklist.exe
    IFEO\browserdefender.exe: [Debugger] tasklist.exe
    IFEO\browserprotect.exe: [Debugger] tasklist.exe
    IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
    IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
    IFEO\jumpflip: [Debugger] tasklist.exe
    IFEO\protectedsearch.exe: [Debugger] tasklist.exe
    IFEO\searchinstaller.exe: [Debugger] tasklist.exe
    IFEO\searchprotection.exe: [Debugger] tasklist.exe
    IFEO\searchprotector.exe: [Debugger] tasklist.exe
    IFEO\searchsettings.exe: [Debugger] tasklist.exe
    IFEO\searchsettings64.exe: [Debugger] tasklist.exe
    IFEO\snapdo.exe: [Debugger] tasklist.exe
    IFEO\stinst32.exe: [Debugger] tasklist.exe
    IFEO\stinst64.exe: [Debugger] tasklist.exe
    IFEO\umbrella.exe: [Debugger] tasklist.exe
    IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
    IFEO\volaro: [Debugger] tasklist.exe
    IFEO\vonteera: [Debugger] tasklist.exe
    IFEO\websteroids.exe: [Debugger] tasklist.exe
    IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.default-search.net?sid=476&aid=100&itype=n&ver=12302&tm=314&src=hmp
    SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-search.net/search?sid=476&aid=100&itype=a&ver=12692&tm=314&src=ds&p={searchTerms}
    SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-search.net/search?sid=476&aid=100&itype=a&ver=12692&tm=314&src=ds&p={searchTerms}
    SearchScopes: HKCU - {20B4A0B5-10F8-42B8-8DCF-0962BDA93C52} URL = http://www.search.ask.com/web?tpid=OVO2V7C&o=APN11381&pf=V7&p2=^BAO^YYYYYY^YY^US&gct=&itbv=12.10.6.5033&apn_uid=14250F2E-33C6-4FDA-BC27-EEF94FCF7C77&apn_ptnrs=^BAO&apn_dtid=^YYYYYY^YY^US&apn_dbr=iexplore.exe_6_10.0.9200.16843&doi=2014-04-09&trgb=IE&q={searchTerms}&psv=
    SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-search.net/search?sid=476&aid=100&itype=a&ver=12521&tm=314&src=ds&p={searchTerms}
    BHO: No Name -> {4F564F32-5637-4300-76A7-7A786E7484D7} ->  No File
    BHO: No Name -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} ->  No File
    BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} ->  No File
    BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> \bin\jp2ssv.dll No File
    Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
    Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
    Toolbar: HKCU - No Name - {4F564F32-5637-4300-76A7-7A786E7484D7} -  No File
    AlternateDataStreams: C:\ProgramData\TEMP:373E1720
    
  • Click File, Save As and type fixlist.txt as the File Name.

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please post it to your reply.


After the Reboot:

Step 2

Please uninstall some programs:

  • Windows 8 w8.png: Hold down the Windows logo key and press X to open a menu at the lower-left area of the screen.
  • Select Programs and Features from the menu.
  • Search and select the following programs one by one and click on Uninstall:

                                       Linkey

  • Reboot your computer.

Step 3
Please download mbam.pngMalwarebytes Anti-Malware and save it to your desktop.

  • Please open Malwarebytes Anti-Malware.
  • Please update the database by clicking on the "Update Now" button.
  • Following the update and click "Settings" and go to "Detection and Protection"
  • Make sure "Scan for Rootkits" is checked.
  • Click on Dashboard, then click on Scan Now to start the scan.
    (If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt so that you can decide what you want to do. I suggest "Quarantine". Click the button: Apply All Actions.)
  • A window with an option to view the detailed log will appear. Click on "View Detailed Log".
  • After viewing the results, please click on the "Copy to Clipboard" button and then OK.
  • Return to our forum. Paste your log into your next reply.

Step 4

frst.pngfrstscan.png

Start FRST with administator privileges.

  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.
    Please copy and paste the log in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#7 brygar

brygar
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:35 PM

Posted 31 October 2014 - 05:08 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 30-10-2014 01
Ran by GAdmin at 2014-10-31 13:39:28 Run:1
Running from C:\Users\GAdmin\Downloads
Loaded Profiles: GAdmin & bryga_000 (Available profiles: GAdmin & bryga_000)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
CloseProcesses:
HKU\S-1-5-21-3749778937-3158879764-3578227263-1004\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 239 more characters). <==== Poweliks!
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.default-search.net?sid=476&aid=100&itype=n&ver=12302&tm=314&src=hmp
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-search.net/search?sid=476&aid=100&itype=a&ver=12692&tm=314&src=ds&p={searchTerms}
BHO: No Name -> {4F564F32-5637-4300-76A7-7A786E7484D7} ->  No File
BHO: No Name -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} ->  No File
BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} ->  No File
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> \bin\jp2ssv.dll No File
Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Toolbar: HKCU - No Name - {4F564F32-5637-4300-76A7-7A786E7484D7} -  No File
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
*****************
 
Processes closed successfully.
"HKU\S-1-5-21-3749778937-3158879764-3578227263-1004\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32" => Key deleted successfully.
"HKU\S-1-5-21-3749778937-3158879764-3578227263-1004\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bitguard.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bprotect.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bpsvc.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browserdefender.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browserprotect.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browsersafeguard.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\dprotectsvc.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\jumpflip" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\protectedsearch.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchinstaller.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchprotection.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchprotector.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchsettings.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchsettings64.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\snapdo.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst32.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst64.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\umbrella.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\utiljumpflip.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\volaro" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\vonteera" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\websteroids.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\websteroidsservice.exe" => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}" => Key deleted successfully.
"HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{20B4A0B5-10F8-42B8-8DCF-0962BDA93C52}" => Key deleted successfully.
"HKCR\CLSID\{20B4A0B5-10F8-42B8-8DCF-0962BDA93C52}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}" => Key deleted successfully.
"HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F564F32-5637-4300-76A7-7A786E7484D7}" => Key deleted successfully.
"HKCR\CLSID\{4F564F32-5637-4300-76A7-7A786E7484D7}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}" => Key deleted successfully.
"HKCR\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => value deleted successfully.
"HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4F564F32-5637-4300-76A7-7A786E7484D7} => value deleted successfully.
"HKCR\CLSID\{4F564F32-5637-4300-76A7-7A786E7484D7}" => Key not found.
C:\ProgramData\TEMP => ":373E1720" ADS removed successfully.
 
 
The system needed a reboot. 


#8 brygar

brygar
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:35 PM

Posted 31 October 2014 - 05:11 PM

Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 10/31/2014

Scan Time: 1:53:56 PM

Logfile:

Administrator: Yes

 

Version: 2.00.3.1025

Malware Database: v2014.10.31.11

Rootkit Database: v2014.10.22.01

License: Free

Malware Protection: Disabled

Malicious Website Protection: Disabled

Self-protection: Disabled

 

OS: Windows 8.1

CPU: x64

File System: NTFS

User: GAdmin

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 366313

Time Elapsed: 1 hr, 2 min, 12 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Enabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 19

PUP.Optional.Linkey.A, HKLM\SOFTWARE\CLASSES\APPID\{6A7CD9EC-D8BD-4340-BCD0-77C09A282921}, , [00c1869116667cba571d85290af84db3],

PUP.Optional.Linkey.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{6A7CD9EC-D8BD-4340-BCD0-77C09A282921}, , [00c1869116667cba571d85290af84db3],

PUP.Optional.Wajam.A, HKLM\SOFTWARE\CLASSES\APPID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}, , [645d9a7d2557f541c19d7d68b34f966a],

PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}, , [645d9a7d2557f541c19d7d68b34f966a],

PUP.Optional.Linkey.A, HKLM\SOFTWARE\CLASSES\Linkey.Linkey, , [00c1a4736e0e2610fb816846639f0cf4],

PUP.Optional.Linkey.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Linkey.Linkey, , [922f19fe25578da9f8844965729048b8],

PUP.Optional.Linkey.A, HKU\S-1-5-21-3749778937-3158879764-3578227263-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Linkey, , [17aa13040c70979f066394ee3dc4a65a],

PUP.Optional.Linkey.A, HKLM\SOFTWARE\LINKEY, , [229f76a1e5973afcaf7c173d689b53ad],

Adware.EoRezo, HKLM\SOFTWARE\WOW6432NODE\FREESOFTTODAY, , [a9187d9a324aa98d34bdc0bce1239070],

PUP.Optional.LuckyLeap.A, HKLM\SOFTWARE\WOW6432NODE\lucky leap, , [843d39de4d2f5ed8f110196590744ab6],

PUP.Optional.SystemK.A, HKLM\SOFTWARE\WOW6432NODE\SystemK, , [14addb3c3349181e35e90333c53ed927],

PUP.Optional.Linkey.A, HKLM\SOFTWARE\WOW6432NODE\LINKEY, , [b50c27f0a5d7ed49fb30371d43c0a060],

PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\WOW6432NODE\SYSTEMK\General, , [249d2fe81765b77f8132bb984cb77987],

PUP.Optional.Tuto4PC.A, HKU\S-1-5-21-3749778937-3158879764-3578227263-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\TutoTag, , [b40daf68bfbd5bdb1522019910f4ef11],

PUP.Optional.Softonic.A, HKU\S-1-5-21-3749778937-3158879764-3578227263-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, , [4c750116ef8d88aec93a87c9d33005fb],

PUP.Optional.PCFixSpeed, HKU\S-1-5-21-3749778937-3158879764-3578227263-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\PCFixSpeed, , [16abab6c5824d363207ccfaa2cd8659b],

PUP.Optional.SystemK.A, HKU\S-1-5-21-3749778937-3158879764-3578227263-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SystemK, , [f4cdd4435d1fcc6a00fb9aa7dd26d030],

PUP.Optional.SuperFish.A, HKU\S-1-5-21-3749778937-3158879764-3578227263-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com, , [ffc2d2450f6df541aea443fa768de61a],

PUP.Optional.Softonic.A, HKU\S-1-5-21-3749778937-3158879764-3578227263-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, , [a61b86914f2d9c9afd065ef2f112e719],

 

Registry Values: 3

PUP.Optional.Linkey.A, HKLM\SOFTWARE\LINKEY|ie_jsurl, http://app.linkeyproject.com/popup/IE/background.js, , [229f76a1e5973afcaf7c173d689b53ad]

PUP.Optional.Linkey.A, HKLM\SOFTWARE\WOW6432NODE\LINKEY|ie_jsurl, http://app.linkeyproject.com/popup/IE/background.js, , [b50c27f0a5d7ed49fb30371d43c0a060]

PUP.Optional.FirstSeenToday.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|fst_us_170, "C:\Program Files (x86)\fst_us_170\fst_us_170.exe", , [8a372ee94f2de84ee4bd0944cf34956b]

 

Registry Data: 0

(No malicious items detected)

 

Folders: 13

PUP.Optional.Linkey.A, C:\Program Files (x86)\Linkey, , [e4dd5fb8a1db142265c383d18e7548b8],

PUP.Optional.Linkey.A, C:\Program Files (x86)\Linkey\ChromeExtension, , [e4dd5fb8a1db142265c383d18e7548b8],

PUP.Optional.Linkey.A, C:\Program Files (x86)\Linkey\IEExtension, , [e4dd5fb8a1db142265c383d18e7548b8],

PUP.Optional.PCFixSpeed, C:\Users\bryga_000\AppData\Roaming\PCFixSpeed, , [932e3cdbcbb186b0096d5236b2526e92],

PUP.Optional.PCFixSpeed, C:\Users\bryga_000\AppData\Roaming\PCFixSpeed\News, , [932e3cdbcbb186b0096d5236b2526e92],

Rogue.Multiple, C:\ProgramData\374311380, , [606120f7c7b586b0b4cd31b7e0229868],

Adware.EoRezo, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREESOFTTODAY, , [c9f88e89ea92e551d7c58870b34f926e],

PUP.Optional.Datamngr.A, C:\Users\bryga_000\AppData\LocalLow\DataMngr, , [00c177a04d2f93a3b6ab7985808219e7],

PUP.Optional.Datamngr.A, C:\Users\GAdmin\AppData\LocalLow\DataMngr, , [7b460a0d89f3e155ec755ca2b0528f71],

PUP.Optional.SearchProtect.A, C:\Users\GAdmin\AppData\Local\SearchProtect, , [9b265bbc522a4ee8ddc4c548ee15c13f],

PUP.Optional.SearchProtect.A, C:\Users\GAdmin\AppData\Local\SearchProtect\Logs, , [9b265bbc522a4ee8ddc4c548ee15c13f],

PUP.Optional.FreeSoftToday.A, C:\Users\GAdmin\AppData\Local\fst_us_170, , [c7fa8b8c621a81b5f720be5307fcb54b],

PUP.Optional.FreeSoftToday.A, C:\Program Files (x86)\fst_us_170, , [338e4fc8ff7dc5718e8af31ed03323dd],

 

Files: 20

Adware.EoRezo, C:\Program Files (x86)\fst_us_170\freeSoftToday_widget.exe, , [ac15f91ecbb1a98d7ea10c4414ec22de],

PUP.Optional.Linkey.A, C:\Program Files (x86)\Linkey\Uninstall.exe, , [17aa13040c70979f066394ee3dc4a65a],

PUP.Optional.SnapDo.A, C:\Windows\Installer\83036bcd.msi, , [962b63b42b5100368474f5a5f9086799],

PUP.Optional.SmartBar, C:\Windows\Installer\MSID0C6.tmp, , [7b467c9bbebe0630084cf23cf808ed13],

PUP.Optional.Linkey.A, C:\Program Files (x86)\Linkey\log.log, , [e4dd5fb8a1db142265c383d18e7548b8],

PUP.Optional.Linkey.A, C:\Program Files (x86)\Linkey\ChromeExtension\ChromeExtension.crx, , [e4dd5fb8a1db142265c383d18e7548b8],

PUP.Optional.PCFixSpeed, C:\Users\bryga_000\AppData\Roaming\PCFixSpeed\faq.htm, , [932e3cdbcbb186b0096d5236b2526e92],

PUP.Optional.PCFixSpeed, C:\Users\bryga_000\AppData\Roaming\PCFixSpeed\News\PCFS_NEWS_promote_app_MLM_horizontal.png, , [932e3cdbcbb186b0096d5236b2526e92],

PUP.Optional.PCFixSpeed, C:\Users\bryga_000\AppData\Roaming\PCFixSpeed\News\PCFS_NEWS_promote_app_SO_horizontal.png, , [932e3cdbcbb186b0096d5236b2526e92],

PUP.Optional.PCFixSpeed, C:\Users\bryga_000\AppData\Roaming\PCFixSpeed\News\PCFS_news_tech_offer.png, , [932e3cdbcbb186b0096d5236b2526e92],

PUP.Optional.PCFixSpeed, C:\Users\bryga_000\AppData\Roaming\PCFixSpeed\News\PCFS_NEWS_trialpay_tray_ads.png, , [932e3cdbcbb186b0096d5236b2526e92],

Adware.EoRezo, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREESOFTTODAY\Freesofttoday.lnk, , [c9f88e89ea92e551d7c58870b34f926e],

PUP.Optional.Datamngr.A, C:\Users\bryga_000\AppData\LocalLow\DataMngr\{99BB1406-1CFB-488C-90D1-2D978E04F707}64, , [00c177a04d2f93a3b6ab7985808219e7],

PUP.Optional.Datamngr.A, C:\Users\GAdmin\AppData\LocalLow\DataMngr\{99BB1406-1CFB-488C-90D1-2D978E04F707}64, , [7b460a0d89f3e155ec755ca2b0528f71],

PUP.Optional.FreeSoftToday.A, C:\Users\GAdmin\AppData\Local\fst_us_170\upfst_us_170.cyl, , [c7fa8b8c621a81b5f720be5307fcb54b],

PUP.Optional.FreeSoftToday.A, C:\Program Files (x86)\fst_us_170\freeSoftToday_widget.exe, , [338e4fc8ff7dc5718e8af31ed03323dd],

PUP.Optional.FreeSoftToday.A, C:\Program Files (x86)\fst_us_170\predm.exe, , [338e4fc8ff7dc5718e8af31ed03323dd],

PUP.Optional.FreeSoftToday.A, C:\Program Files (x86)\fst_us_170\unins000.dat, , [338e4fc8ff7dc5718e8af31ed03323dd],

PUP.Optional.FreeSoftToday.A, C:\Program Files (x86)\fst_us_170\unins000.exe, , [338e4fc8ff7dc5718e8af31ed03323dd],

PUP.Optional.FreeSoftToday.A, C:\Program Files (x86)\fst_us_170\unins000.msg, , [338e4fc8ff7dc5718e8af31ed03323dd],

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)



#9 brygar

brygar
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:35 PM

Posted 31 October 2014 - 05:27 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-10-2014 01
Ran by GAdmin (administrator) on GARRETT-XPS on 31-10-2014 15:12:11
Running from C:\Users\GAdmin\Downloads
Loaded Profiles: GAdmin & bryga_000 (Available profiles: GAdmin & bryga_000)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\n360.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Users\bryga_000\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\n360.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\nacl64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coNatHst.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\nacl64.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\18.1.9\ScriptHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\n360.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\GAdmin\Downloads\FRST64 (1).exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\winword.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17246_none_fa4ae8e99b1f603c\TiWorker.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [678296 2012-07-09] (Alps Electric Co., Ltd.)
HKLM\...\Run: [dlcxmon.exe] => C:\Program Files (x86)\Dell Photo AIO Printer 926\dlcxmon.exe [292336 2007-01-12] ()
HKLM\...\Run: [MemoryCardManager] => C:\Program Files (x86)\Dell Photo AIO Printer 926\memcard.exe [304008 2006-11-03] ()
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2548248 2014-04-23] (Sony Corporation)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2640408 2014-08-27] ()
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-08-18] (DivX, LLC)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-09] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2014-10-31] (AVAST Software)
HKLM-x32\...\Run: [OEM02Mon.exe] => C:\WINDOWS\OEM02Mon.exe [36864 2007-05-09] (Creative Technology Ltd.)
HKU\S-1-5-21-3749778937-3158879764-3578227263-1001\...\Run: [Tango] => C:\Program Files (x86)\Tango\Tango.exe [13489992 2011-11-04] (Tango Inc.)
HKU\S-1-5-21-3749778937-3158879764-3578227263-1004\...\Run: [Google Update] => C:\Users\bryga_000\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-04-28] (Google Inc.)
HKU\S-1-5-21-3749778937-3158879764-3578227263-1004\...\Run: [Amazon Cloud Player] => C:\Users\bryga_000\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2014-05-08] ()
HKU\S-1-5-21-3749778937-3158879764-3578227263-1004\...\Run: [HP ENVY 4500 series (NET)] => C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [3487240 2014-03-06] (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Constant Guard.lnk
ShortcutTarget: Constant Guard.lnk -> C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe (White Sky, Inc.)
Startup: C:\Users\bryga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verizon Wireless Software Utility Application for Android – Samsung.lnk
ShortcutTarget: Verizon Wireless Software Utility Application for Android – Samsung.lnk -> C:\Users\GAdmin\AppData\Roaming\Verizon\UA_ar\UA.exe (No File)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: PasswordBox Helper -> {5DB69B97-934B-451D-94DB-32EF802A01CD} -> C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll (PasswordBox, Inc.)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Constant Guard Protection Suite -> {B84CDBE7-1B46-494B-A188-01D4C52DEB61} -> C:\ProgramData\White Sky, Inc\ID Vault\IEBHO1.14.922.1\NativeBHO.dll (WhiteSky)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{781318B8-AB05-469F-992B-B100ACC1F831}: [NameServer] 208.69.150.250,208.69.150.252
Tcpip\..\Interfaces\{AAFE70EE-C607-46A6-A259-8B628BE8A989}: [NameServer] 75.75.75.75,75.75.76.76
 
FireFox:
========
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.3.1 -> C:\WINDOWS\system32\npDeployJava1.dll No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.1.204
FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.1.204 [2014-02-05]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013-12-29]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2014-10-27]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-27]
 
Chrome: 
=======
CHR Profile: C:\Users\GAdmin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\GAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-28]
CHR Extension: (Avast Online Security) - C:\Users\GAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-28]
CHR Extension: (Norton Identity Safe) - C:\Users\GAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-10-28]
CHR Extension: (Norton Security Toolbar) - C:\Users\GAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-10-28]
CHR Extension: (Google Wallet) - C:\Users\GAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-28]
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-16]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-27]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-16]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-27] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-10-27] (Avast Software)
S4 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2255064 2013-10-28] (Broadcom Corporation.)
S4 BrcmMgmtAgent; C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [204288 2012-08-02] (Broadcom Corporation) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2436280 2014-09-25] (Microsoft Corporation)
S4 dlcx_device; C:\Windows\system32\dlcxcoms.exe [561152 2006-10-11] ( )
S4 dlcx_device; C:\Windows\SysWOW64\dlcxcoms.exe [532480 2006-10-11] ( ) [File not signed]
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-09-24] (Microsoft Corporation)
R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\N360.exe [265040 2014-10-02] (Symantec Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-09-24] (Microsoft Corporation)
S4 PasswordBox; C:\Program Files (x86)\PasswordBox\pbbtnService.exe [67584 2014-05-14] (PasswordBox, Inc.) [File not signed]
S4 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481816 2014-04-23] (Sony Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-21] (Microsoft Corporation)
S4 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-11] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-09-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-09-24] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-10-27] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-10-31] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-10-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-10-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-10-31] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-10-27] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-10-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-10-27] ()
S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-10-28] (Broadcom Corporation.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20141016.001\BHDrvx64.sys [1587416 2014-10-03] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
U0 ecnqu; C:\Windows\System32\drivers\vqlh.sys [79064 2014-10-31] (Malwarebytes Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-09] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-09] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20141030.001\IDSvia64.sys [633560 2014-08-29] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20141030.036\ENG64.SYS [129752 2014-10-22] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20141030.036\EX64.SYS [2137304 2014-10-22] (Symantec Corporation)
R3 OEM02Dev; C:\Windows\system32\DRIVERS\OEM02Dev.sys [266624 2007-10-10] (Creative Technology Ltd.)
R3 OEM02Vfx; C:\Windows\system32\DRIVERS\OEM02Vfx.sys [12288 2007-03-05] (EyePower Games Pte. Ltd.)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1506000.020\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2014-10-31] ()
R0 SymDS; C:\Windows\System32\drivers\N360x64\1506000.020\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1506000.020\SYMEFA64.SYS [1148120 2014-08-25] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1506000.020\SymELAM.sys [23568 2013-09-09] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-12-29] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1506000.020\SYMNETS.SYS [593112 2014-08-25] (Symantec Corporation)
S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2014-03-19] (Anchorfree Inc.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [270728 2014-10-27] (Avast Software)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [71680 2014-04-29] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-09-24] (Microsoft Corporation)
S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog64.sys [X]
S3 dcdbas; \SystemRoot\System32\drivers\dcdbas64.sys [X]
S3 SWVNIC; \SystemRoot\system32\DRIVERS\swvnic.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-31 15:04 - 2014-10-31 15:04 - 02113536 _____ (Farbar) C:\Users\GAdmin\Downloads\FRST64 (1).exe
2014-10-31 15:00 - 2014-10-31 15:00 - 00079064 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\vqlh.sys
2014-10-31 13:53 - 2014-10-31 13:53 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-10-31 13:52 - 2014-10-31 13:52 - 00001118 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-31 13:52 - 2014-10-31 13:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-31 13:52 - 2014-10-31 13:52 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-31 13:52 - 2014-10-31 13:52 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-31 13:52 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-10-31 13:52 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-10-31 13:52 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-10-31 13:51 - 2014-10-31 13:51 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\bryga_000\Downloads\mbam-setup-2.0.3.1025.exe
2014-10-31 12:17 - 2014-10-31 12:18 - 00036405 _____ () C:\Users\GAdmin\Downloads\Addition.txt
2014-10-31 12:16 - 2014-10-31 15:12 - 00023074 _____ () C:\Users\GAdmin\Downloads\FRST.txt
2014-10-31 12:13 - 2014-10-31 12:13 - 02113536 _____ (Farbar) C:\Users\GAdmin\Downloads\FRST64.exe
2014-10-31 11:25 - 2014-10-31 11:25 - 40034856 ____T () C:\WINDOWS\SysWOW64\00010332.tmp
2014-10-31 11:25 - 2014-10-31 11:25 - 40034856 ____T () C:\WINDOWS\SysWOW64\00000181.tmp
2014-10-31 11:07 - 2014-10-31 11:07 - 00023849 _____ () C:\Users\bryga_000\Downloads\Addition.txt
2014-10-31 11:05 - 2014-10-31 11:07 - 00068199 _____ () C:\Users\bryga_000\Downloads\FRST.txt
2014-10-31 11:03 - 2014-10-31 15:12 - 00000000 ____D () C:\FRST
2014-10-31 11:03 - 2014-10-31 11:03 - 02113536 _____ (Farbar) C:\Users\bryga_000\Downloads\FRST64.exe
2014-10-31 11:01 - 2014-10-31 11:01 - 01105408 _____ (Farbar) C:\Users\bryga_000\Downloads\FRST.exe
2014-10-31 10:39 - 2014-10-31 10:40 - 00297080 _____ () C:\WINDOWS\Minidump\103114-68859-01.dmp
2014-10-30 20:40 - 2014-10-30 20:40 - 02194064 _____ (Microsoft Corporation) C:\Users\bryga_000\Downloads\DefaultPack.EXE
2014-10-30 20:29 - 2014-10-30 20:30 - 00298032 _____ () C:\WINDOWS\Minidump\103014-64437-01.dmp
2014-10-30 16:29 - 2014-10-30 16:30 - 00297144 _____ () C:\WINDOWS\Minidump\103014-63328-01.dmp
2014-10-30 14:56 - 2014-10-30 14:56 - 40034856 ____T () C:\WINDOWS\SysWOW64\00023589.tmp
2014-10-30 14:56 - 2014-10-30 14:56 - 40034856 ____T () C:\WINDOWS\SysWOW64\00005896.tmp
2014-10-30 14:56 - 2014-10-30 14:56 - 40034856 ____T () C:\WINDOWS\SysWOW64\00005765.tmp
2014-10-30 13:57 - 2014-10-31 10:39 - 00000000 ____D () C:\WINDOWS\Minidump
2014-10-30 13:57 - 2014-10-30 13:58 - 00301584 _____ () C:\WINDOWS\Minidump\103014-67703-01.dmp
2014-10-28 11:24 - 2014-10-28 13:59 - 00010479 _____ () C:\Users\bryga_000\Desktop\Laundry Soap.xlsx
2014-10-28 10:42 - 2014-10-28 10:42 - 00000005 _____ () C:\WINDOWS\SysWOW64\lMMLDeleteUserData42107612FX.tmp
2014-10-28 10:39 - 2014-10-28 10:44 - 00000000 ____D () C:\WINDOWS\system32\appmgmt
2014-10-28 10:36 - 2014-10-28 10:36 - 00000000 ____D () C:\Sun
2014-10-28 06:19 - 2014-10-28 08:09 - 00000247 _____ () C:\WINDOWS\system32\2014-10-28-13-19-53.024-aswFe.exe-14536.log
2014-10-28 04:25 - 2014-10-28 04:25 - 00000197 _____ () C:\WINDOWS\system32\2014-10-28-11-25-00.011-AvastVBoxSVC.exe-9440.log
2014-10-28 03:47 - 2014-10-28 03:48 - 00000197 _____ () C:\WINDOWS\system32\2014-10-28-10-47-02.078-AvastVBoxSVC.exe-7540.log
2014-10-28 02:29 - 2014-10-28 03:46 - 00000247 _____ () C:\WINDOWS\system32\2014-10-28-09-29-44.041-aswFe.exe-4088.log
2014-10-27 22:47 - 2014-10-27 22:47 - 00000197 _____ () C:\WINDOWS\system32\2014-10-28-05-47-15.003-AvastVBoxSVC.exe-5056.log
2014-10-27 16:03 - 2014-10-27 16:04 - 00000000 ____D () C:\ProgramData\Dell
2014-10-27 15:44 - 2014-10-27 15:44 - 00089328 _____ () C:\Users\GAdmin\Desktop\Extras.Txt
2014-10-27 15:41 - 2014-10-27 15:41 - 00158150 _____ () C:\Users\GAdmin\Desktop\OTL.Txt
2014-10-27 15:17 - 2014-10-27 15:20 - 00000197 _____ () C:\WINDOWS\system32\2014-10-27-22-17-30.006-AvastVBoxSVC.exe-2524.log
2014-10-27 15:06 - 2014-10-27 15:06 - 00000000 ____D () C:\_OTL
2014-10-27 14:30 - 2014-10-27 14:30 - 00602112 _____ (OldTimer Tools) C:\Users\GAdmin\Desktop\OTL.exe
2014-10-27 13:11 - 2014-10-27 13:11 - 00000000 ____D () C:\Users\bryga_000\AppData\Roaming\AVAST Software
2014-10-27 13:00 - 2014-10-27 13:00 - 00000247 _____ () C:\WINDOWS\system32\2014-10-27-20-00-42.025-aswFe.exe-3952.log
2014-10-27 12:55 - 2014-10-27 13:00 - 00000247 _____ () C:\WINDOWS\system32\2014-10-27-19-55-33.093-aswFe.exe-3760.log
2014-10-27 12:55 - 2014-10-27 12:55 - 00000197 _____ () C:\WINDOWS\system32\2014-10-27-19-55-31.012-AvastVBoxSVC.exe-4936.log
2014-10-27 12:47 - 2014-10-27 12:48 - 00000000 ____D () C:\WINDOWS\SysWOW64\vbox
2014-10-27 12:47 - 2014-10-27 12:48 - 00000000 ____D () C:\WINDOWS\system32\vbox
2014-10-27 12:35 - 2014-10-31 13:33 - 00003942 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9C5D0419-E574-4B64-80B9-129FE35C7203}
2014-10-27 12:35 - 2014-10-27 12:35 - 00000000 __SHD () C:\Users\GAdmin\AppData\Local\EmieUserList
2014-10-27 12:35 - 2014-10-27 12:35 - 00000000 __SHD () C:\Users\GAdmin\AppData\Local\EmieSiteList
2014-10-27 11:58 - 2014-10-27 11:58 - 00000000 ____D () C:\Users\GAdmin\AppData\Roaming\AVAST Software
2014-10-27 11:12 - 2014-10-27 11:12 - 00000000 ____D () C:\Users\bryga_000\Desktop\GPUCache
2014-10-27 11:08 - 2014-10-27 11:08 - 00001980 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-10-27 11:08 - 2014-10-27 11:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-10-27 11:04 - 2014-10-31 13:45 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-10-27 11:03 - 2014-10-27 11:02 - 00267632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-10-27 11:03 - 2014-10-27 11:02 - 00116728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-10-27 11:02 - 2014-10-31 12:12 - 01050432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2014-10-27 11:02 - 2014-10-31 12:12 - 00083280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
2014-10-27 11:02 - 2014-10-27 11:02 - 00436624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-10-27 11:02 - 2014-10-27 11:02 - 00364512 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-10-27 11:02 - 2014-10-27 11:02 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-10-27 11:02 - 2014-10-27 11:02 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-10-27 11:02 - 2014-10-27 11:02 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-10-27 11:02 - 2014-10-27 11:02 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-10-27 10:59 - 2014-10-27 10:59 - 00000000 ____D () C:\Program Files\AVAST Software
2014-10-27 10:56 - 2014-10-27 11:00 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-10-20 16:41 - 2014-08-14 17:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-10-20 16:38 - 2014-08-23 00:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-10-20 16:38 - 2014-08-23 00:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-10-20 16:38 - 2014-08-22 23:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-10-20 16:38 - 2014-08-22 22:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-10-20 16:38 - 2014-08-22 21:44 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-10-20 16:38 - 2014-08-22 21:34 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-10-20 16:38 - 2014-08-22 21:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-10-20 16:38 - 2014-08-22 21:31 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-10-20 16:38 - 2014-08-22 21:20 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-10-20 16:35 - 2014-08-01 17:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-10-20 16:35 - 2014-07-15 11:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-10-20 16:35 - 2014-07-15 01:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-10-20 16:35 - 2014-07-15 01:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-10-20 16:35 - 2014-07-15 01:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-10-20 16:35 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-10-20 16:35 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-10-20 16:35 - 2014-05-02 22:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-10-20 16:35 - 2014-05-02 22:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-10-20 16:35 - 2014-05-02 22:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-10-20 16:35 - 2014-05-02 22:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-10-20 16:35 - 2014-05-02 21:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-10-20 16:35 - 2014-05-02 21:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-10-20 16:35 - 2014-05-02 21:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-10-20 16:35 - 2014-05-02 16:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-10-20 16:35 - 2014-04-29 23:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-10-20 16:35 - 2014-04-29 23:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-10-20 16:35 - 2014-04-29 23:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-10-20 16:35 - 2014-04-29 23:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-10-20 16:35 - 2014-04-29 22:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-10-20 16:35 - 2014-04-29 21:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-10-20 16:35 - 2014-04-29 21:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-10-20 16:35 - 2014-04-29 21:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-10-20 16:35 - 2014-04-29 21:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-10-20 16:35 - 2014-04-29 21:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-10-20 16:35 - 2014-04-29 21:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-10-20 16:35 - 2014-04-29 20:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-10-20 16:35 - 2014-04-29 20:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-10-20 16:35 - 2014-04-29 20:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-10-20 16:35 - 2014-04-29 20:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-10-20 16:35 - 2014-04-29 20:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-10-20 16:35 - 2014-04-29 20:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-10-20 16:35 - 2014-04-28 15:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-10-20 16:35 - 2014-04-26 11:41 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfg.exe
2014-10-20 16:35 - 2014-04-26 11:22 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2014-10-20 16:35 - 2014-04-26 11:04 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2014-10-20 16:35 - 2014-04-26 10:36 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2014-10-20 16:35 - 2014-04-26 09:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-10-20 16:35 - 2014-04-14 02:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-10-20 16:35 - 2014-04-14 01:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-10-20 16:35 - 2014-04-13 22:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-10-20 16:34 - 2014-08-15 21:08 - 21195616 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-10-20 16:34 - 2014-08-15 21:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-10-20 16:34 - 2014-08-15 21:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-10-20 16:34 - 2014-08-15 20:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-10-20 16:34 - 2014-08-15 20:57 - 02498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-10-20 16:34 - 2014-08-15 20:57 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-10-20 16:34 - 2014-08-15 20:16 - 18722600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-10-20 16:34 - 2014-08-15 20:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-10-20 16:34 - 2014-08-15 20:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-10-20 16:34 - 2014-08-15 18:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-10-20 16:34 - 2014-08-15 18:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2014-10-20 16:34 - 2014-08-15 17:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-10-20 16:34 - 2014-08-15 17:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-10-20 16:34 - 2014-08-15 17:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2014-10-20 16:34 - 2014-08-15 17:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-10-20 16:34 - 2014-08-15 17:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2014-10-20 16:34 - 2014-08-15 17:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-10-20 16:34 - 2014-08-15 17:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-10-20 16:34 - 2014-08-15 17:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-10-20 16:34 - 2014-08-15 17:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-20 16:34 - 2014-08-15 17:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-10-20 16:34 - 2014-08-15 17:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-10-20 16:34 - 2014-08-15 17:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-10-20 16:34 - 2014-08-15 17:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-20 16:34 - 2014-08-15 17:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-10-20 16:34 - 2014-08-15 17:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-10-20 16:34 - 2014-08-15 17:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-10-20 16:34 - 2014-08-15 17:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-10-20 16:34 - 2014-08-15 17:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-10-20 16:34 - 2014-08-15 17:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-10-20 16:34 - 2014-08-15 17:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-10-20 16:34 - 2014-08-15 17:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-10-20 16:34 - 2014-08-15 17:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-10-20 16:34 - 2014-08-15 17:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-10-20 16:34 - 2014-07-31 16:22 - 00388729 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-10-20 16:34 - 2014-07-23 20:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2014-10-20 16:34 - 2014-07-23 20:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2014-10-20 16:34 - 2014-06-01 19:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-10-20 16:34 - 2014-05-30 23:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-10-20 16:34 - 2014-05-30 23:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-10-20 16:34 - 2014-05-30 21:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-10-20 16:34 - 2014-05-30 21:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-10-20 16:34 - 2014-05-30 21:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-10-20 16:34 - 2014-05-28 23:21 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2014-10-20 16:34 - 2014-05-27 02:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-10-20 16:34 - 2014-05-27 02:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-10-20 16:34 - 2014-04-29 21:30 - 00668160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2014-10-20 16:34 - 2014-04-29 20:52 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2014-10-20 16:33 - 2014-10-09 15:16 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-10-20 16:33 - 2014-10-08 15:09 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-10-20 16:33 - 2014-09-18 18:24 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-10-20 16:33 - 2014-09-04 19:36 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-10-20 16:33 - 2014-07-11 21:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-10-20 16:33 - 2014-07-09 21:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lockscreencn.dll
2014-10-20 15:33 - 2014-10-31 10:47 - 00003954 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{DB5BE8A8-CDCF-435D-B2F8-C119AA984A4E}
2014-10-20 15:33 - 2014-10-20 15:33 - 00000000 __SHD () C:\Users\bryga_000\AppData\Local\EmieUserList
2014-10-20 15:33 - 2014-10-20 15:33 - 00000000 __SHD () C:\Users\bryga_000\AppData\Local\EmieSiteList
2014-10-20 15:31 - 2014-10-31 13:49 - 00000000 ___DO () C:\Users\bryga_000\OneDrive
2014-10-20 15:27 - 2014-10-20 15:27 - 00001446 _____ () C:\Users\bryga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-20 15:27 - 2014-10-20 15:27 - 00000020 ___SH () C:\Users\bryga_000\ntuser.ini
2014-10-20 15:20 - 2014-10-20 15:20 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Security Suite
2014-10-20 15:12 - 2014-10-20 15:12 - 00001446 _____ () C:\Users\GAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-20 15:11 - 2014-10-20 15:11 - 00000020 ___SH () C:\Users\GAdmin\ntuser.ini
2014-10-20 14:41 - 2014-10-21 00:00 - 00000000 ___DC () C:\WINDOWS\Panther
2014-10-20 14:40 - 2014-10-20 14:40 - 03448320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 01702400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-10-20 14:40 - 2014-10-20 14:40 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-10-20 14:40 - 2014-10-20 14:40 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-10-20 14:40 - 2014-10-20 14:40 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-10-20 14:40 - 2014-10-20 14:40 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-10-20 14:39 - 2014-10-20 14:39 - 23631360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 17484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 13619200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 11807232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 05829632 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 04201472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 04183040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-10-20 14:39 - 2014-10-20 14:39 - 03117568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 02779648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 02321920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 02309632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 02187264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 02108416 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-10-20 14:39 - 2014-10-20 14:39 - 02017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-10-20 14:39 - 2014-10-20 14:39 - 01810944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 01447936 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-10-20 14:39 - 2014-10-20 14:39 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-10-20 14:39 - 2014-10-20 14:39 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-20 14:38 - 2014-10-20 14:38 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-10-20 14:38 - 2014-10-20 14:38 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-10-20 14:37 - 2014-10-20 14:37 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-10-20 14:33 - 2014-10-20 14:33 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-10-20 14:28 - 2014-10-20 14:28 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hyper-V Management Tools
2014-10-20 14:28 - 2014-10-20 14:28 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-10-20 14:28 - 2014-10-20 14:28 - 00000000 ____D () C:\Program Files\MSBuild
2014-10-20 14:28 - 2014-10-20 14:28 - 00000000 ____D () C:\Program Files\Hyper-V
2014-10-20 14:28 - 2014-10-20 14:28 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-10-20 14:28 - 2014-10-20 14:28 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-10-20 14:27 - 2013-08-02 21:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2014-10-20 14:27 - 2013-08-02 21:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-10-20 14:27 - 2013-08-02 21:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2014-10-20 14:27 - 2013-08-02 21:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-10-20 14:07 - 2014-10-20 14:07 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-10-20 13:59 - 2014-10-20 13:59 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-10-20 13:57 - 2014-10-20 14:42 - 00030483 _____ () C:\WINDOWS\diagwrn.xml
2014-10-20 13:57 - 2014-10-20 14:42 - 00030483 _____ () C:\WINDOWS\diagerr.xml
2014-10-20 13:56 - 2014-10-31 13:41 - 00000000 ____D () C:\Users\bryga_000
2014-10-20 13:56 - 2014-10-30 15:00 - 00000000 ____D () C:\Users\GAdmin
2014-10-20 13:56 - 2014-10-20 13:59 - 00000000 ___RD () C:\Users\GAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-10-20 13:56 - 2014-10-20 13:59 - 00000000 ___RD () C:\Users\GAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-20 13:56 - 2014-10-20 13:58 - 00000000 ___RD () C:\Users\bryga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-10-20 13:56 - 2014-10-20 13:58 - 00000000 ___RD () C:\Users\bryga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-20 13:56 - 2014-09-24 00:25 - 00000369 _____ () C:\Users\GAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-10-20 13:56 - 2014-09-24 00:25 - 00000369 _____ () C:\Users\GAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-10-20 13:56 - 2014-09-24 00:25 - 00000369 _____ () C:\Users\bryga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-10-20 13:56 - 2014-09-24 00:25 - 00000369 _____ () C:\Users\bryga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-10-20 13:56 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\GAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-20 13:56 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\bryga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-20 13:56 - 2013-08-22 08:36 - 00000000 ____D () C:\Users\GAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-10-20 13:56 - 2013-08-22 08:36 - 00000000 ____D () C:\Users\bryga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-10-20 13:45 - 2014-10-31 14:59 - 01842228 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-20 13:45 - 2014-10-20 13:45 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_Apfiltr_01009.Wdf
2014-10-20 13:45 - 2014-10-20 13:45 - 00000000 ____D () C:\Program Files\DellTPad
2014-10-20 13:45 - 2013-08-29 15:43 - 06599968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-10-20 13:45 - 2013-08-29 15:43 - 03452192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2014-10-20 13:45 - 2013-08-29 15:43 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2014-10-20 13:45 - 2013-08-29 15:43 - 00920864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2014-10-20 13:45 - 2013-08-29 15:43 - 00219424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-10-20 13:45 - 2013-08-29 15:43 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2014-10-20 13:44 - 2014-10-20 13:45 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-10-20 13:44 - 2014-10-20 13:44 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-10-20 12:45 - 2014-10-20 14:42 - 00006629 _____ () C:\WINDOWS\comsetup.log
2014-10-20 10:54 - 2014-10-20 10:54 - 00000000 ____D () C:\Users\GAdmin\AppData\Roaming\Motorola Mobility
2014-10-19 21:44 - 2014-10-19 21:44 - 00001066 _____ () C:\Users\Public\Desktop\DivX Player.lnk
2014-10-19 21:43 - 2014-10-20 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2014-10-19 21:43 - 2014-10-19 21:43 - 00001131 _____ () C:\Users\Public\Desktop\DivX Converter.lnk
2014-10-19 21:43 - 2014-10-19 21:43 - 00000000 ____D () C:\Users\GAdmin\AppData\Roaming\DivX
2014-10-19 19:42 - 2014-07-02 13:48 - 01890080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434052.dll
2014-10-19 19:42 - 2014-07-02 13:48 - 01539928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434052.dll
2014-10-19 19:38 - 2014-10-19 19:38 - 00000000 ____D () C:\NVIDIA
2014-10-19 19:31 - 2014-10-20 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-10-19 19:30 - 2014-10-19 19:31 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-10-19 19:27 - 2014-10-19 19:27 - 00000000 ____D () C:\Program Files\Intel
2014-10-19 19:26 - 2014-10-19 19:26 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-19 19:19 - 2014-10-19 19:19 - 00000000 ____D () C:\ProgramData\SlimWare Utilities, Inc
2014-10-19 19:16 - 2014-10-20 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverUpdate
2014-10-19 19:16 - 2014-10-19 19:16 - 00000000 ____D () C:\Program Files (x86)\DriverUpdate
2014-10-17 17:15 - 2014-10-31 14:56 - 00005002 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for GARRETT-XPS-bryga_000 Garrett-XPS
2014-10-08 09:31 - 2014-10-20 14:08 - 00000000 ____D () C:\Users\bryga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-31 15:11 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-10-31 15:10 - 2014-08-05 20:08 - 00000000 ____D () C:\Temp
2014-10-31 15:09 - 2014-03-17 09:42 - 00000000 ____D () C:\Users\GAdmin\AppData\Local\CrashDumps
2014-10-31 15:07 - 2013-07-16 08:21 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3749778937-3158879764-3578227263-1001
2014-10-31 15:05 - 2013-07-16 13:35 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3749778937-3158879764-3578227263-1004
2014-10-31 15:01 - 2014-03-01 18:02 - 00000926 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-31 15:01 - 2013-09-10 23:48 - 00016152 _____ () C:\WINDOWS\system32\Drivers\SWDUMon.sys
2014-10-31 15:01 - 2013-09-10 23:48 - 00000444 _____ () C:\WINDOWS\Tasks\DriverUpdate Startup.job
2014-10-31 15:00 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\tracing
2014-10-31 15:00 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-10-31 14:45 - 2014-04-28 14:08 - 00000948 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3749778937-3158879764-3578227263-1004UA.job
2014-10-31 13:46 - 2013-10-07 15:35 - 00117248 ___SH () C:\Users\bryga_000\Desktop\Thumbs.db
2014-10-31 13:45 - 2014-04-28 14:08 - 00000896 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3749778937-3158879764-3578227263-1004Core.job
2014-10-31 13:43 - 2013-08-22 07:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-31 13:41 - 2013-08-22 06:25 - 01310720 ___SH () C:\WINDOWS\system32\config\BBI
2014-10-31 13:27 - 2014-03-19 13:25 - 00000000 ____D () C:\Users\bryga_000\AppData\Local\CrashDumps
2014-10-31 10:38 - 2014-06-06 23:59 - 699223909 _____ () C:\WINDOWS\MEMORY.DMP
2014-10-30 11:29 - 2013-09-16 15:42 - 00000000 ____D () C:\Users\bryga_000\Documents\Outlook Files
2014-10-30 11:23 - 2014-09-24 00:17 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-30 11:20 - 2014-03-11 16:38 - 00000000 ____D () C:\Users\bryga_000\Desktop\The Hunt
2014-10-29 22:07 - 2013-08-22 07:46 - 00338535 _____ () C:\WINDOWS\setupact.log
2014-10-28 16:35 - 2013-07-16 13:27 - 00000000 ____D () C:\Users\bryga_000\AppData\Local\Packages
2014-10-28 11:27 - 2014-09-24 00:03 - 00005270 _____ () C:\WINDOWS\PFRO.log
2014-10-28 10:50 - 2014-08-05 20:05 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-28 10:43 - 2014-08-05 20:08 - 00000000 ____D () C:\ProgramData\Nero
2014-10-28 10:43 - 2014-08-05 20:05 - 00000000 ____D () C:\Users\GAdmin\AppData\Roaming\Motorola
2014-10-28 10:43 - 2014-08-05 20:05 - 00000000 ____D () C:\Program Files (x86)\Motorola
2014-10-27 22:48 - 2014-03-01 18:03 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-27 15:16 - 2013-08-22 06:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-10-27 12:49 - 2013-12-29 22:06 - 00000000 ____D () C:\Users\GAdmin\AppData\Roaming\ID Vault
2014-10-27 12:48 - 2014-04-09 14:22 - 00000000 ____D () C:\Users\GAdmin\AppData\Local\ID Vault
2014-10-27 12:45 - 2014-05-22 08:04 - 00000000 ____D () C:\Users\GAdmin\AppData\Local\NPE
2014-10-27 12:35 - 2013-08-21 20:59 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-10-27 11:44 - 2014-03-01 18:02 - 00000000 ____D () C:\Users\GAdmin\AppData\Local\Google
2014-10-27 11:38 - 2013-09-16 15:18 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-10-23 16:16 - 2014-02-21 15:26 - 00052440 _____ () C:\Users\bryga_000\Desktop\Book3.xlsx
2014-10-23 15:03 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-10-23 13:41 - 2014-03-01 18:03 - 00003902 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-23 13:41 - 2014-03-01 18:03 - 00000930 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-23 13:41 - 2014-03-01 18:02 - 00003666 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-23 13:40 - 2014-04-28 14:08 - 00003902 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3749778937-3158879764-3578227263-1004UA
2014-10-23 13:40 - 2014-04-28 14:08 - 00003522 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3749778937-3158879764-3578227263-1004Core
2014-10-22 10:21 - 2012-07-26 00:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-10-22 10:08 - 2013-07-16 09:59 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-10-22 10:08 - 2013-07-16 09:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-10-22 09:59 - 2013-08-22 08:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-10-22 09:58 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-10-22 09:57 - 2014-09-24 02:57 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-10-22 09:57 - 2013-12-29 22:05 - 00000000 ____D () C:\Program Files (x86)\Constant Guard Protection Suite
2014-10-22 09:57 - 2013-11-21 09:23 - 00000000 ____D () C:\Program Files (x86)\PasswordBox
2014-10-22 09:08 - 2013-12-29 22:06 - 00000000 ____D () C:\Users\bryga_000\AppData\Roaming\ID Vault
2014-10-21 18:05 - 2014-08-11 14:33 - 00000000 ____D () C:\Users\bryga_000\AppData\Roaming\HpUpdate
2014-10-21 04:15 - 2013-07-16 09:27 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-10-21 03:39 - 2013-07-16 09:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-10-21 03:22 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-10-20 15:57 - 2013-08-22 07:46 - 00000766 _____ () C:\WINDOWS\setuperr.log
2014-10-20 15:55 - 2013-12-29 22:07 - 00000000 ____D () C:\Users\bryga_000\AppData\Local\ID Vault
2014-10-20 15:50 - 2012-07-26 01:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-10-20 15:31 - 2014-04-24 20:45 - 00000000 ___RD () C:\Users\bryga_000\OneDrive.old
2014-10-20 15:19 - 2014-08-05 20:10 - 00000000 ____D () C:\Users\GAdmin\.gstreamer-0.10
2014-10-20 15:17 - 2013-07-16 08:15 - 00000000 ____D () C:\Users\GAdmin\AppData\Local\Packages
2014-10-20 15:12 - 2014-08-14 16:03 - 00003228 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2014-10-20 14:42 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Registration
2014-10-20 14:40 - 2013-08-22 08:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2014-10-20 14:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-10-20 14:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-10-20 14:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-10-20 14:39 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-10-20 14:28 - 2013-08-22 08:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-10-20 14:28 - 2013-08-22 08:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-10-20 14:28 - 2013-08-22 03:35 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteFileBrowse.dll
2014-10-20 14:28 - 2013-08-22 01:25 - 00533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmconnect.exe
2014-10-20 14:28 - 2013-08-22 00:35 - 00144967 _____ () C:\WINDOWS\system32\virtmgmt.msc
2014-10-20 14:12 - 2013-08-22 07:44 - 00555152 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-20 14:08 - 2014-08-11 16:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2014-10-20 14:08 - 2014-08-04 14:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-10-20 14:08 - 2014-07-21 20:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
2014-10-20 14:08 - 2014-05-29 08:43 - 00000000 ____D () C:\Users\bryga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Cloud Player
2014-10-20 14:08 - 2014-05-28 12:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 16
2014-10-20 14:08 - 2014-04-28 14:15 - 00000000 ____D () C:\Users\bryga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromecast
2014-10-20 14:08 - 2014-04-24 20:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-10-20 14:08 - 2014-04-10 20:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tango
2014-10-20 14:08 - 2014-04-09 14:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Broadcom
2014-10-20 14:08 - 2014-04-09 14:31 - 00000000 ____D () C:\Users\GAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth
2014-10-20 14:08 - 2014-03-03 21:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2014-10-20 14:08 - 2014-03-01 18:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-20 14:08 - 2013-12-29 22:16 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Suite
2014-10-20 14:08 - 2013-10-19 23:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon
2014-10-20 14:08 - 2013-10-19 23:03 - 00000000 ____D () C:\Users\bryga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Verizon
2014-10-20 14:08 - 2013-08-21 21:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCare Data Recovery Free
2014-10-20 14:08 - 2013-08-07 23:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home
2014-10-20 14:07 - 2013-08-22 08:37 - 00004893 _____ () C:\WINDOWS\DtcInstall.log
2014-10-20 14:07 - 2012-07-25 22:37 - 00000000 ____D () C:\Users\Default.migrated
2014-10-20 14:06 - 2014-09-23 23:33 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2014-10-20 14:06 - 2014-09-23 23:33 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2014-10-20 14:06 - 2014-09-23 23:33 - 00000000 ____D () C:\WINDOWS\system32\WCN
2014-10-20 14:06 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2014-10-20 14:06 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-10-20 14:06 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2014-10-20 14:06 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2014-10-20 14:06 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-10-20 14:06 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-10-20 14:06 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2014-10-20 14:06 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2014-10-20 14:05 - 2013-08-22 08:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2014-10-20 14:05 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Resources
2014-10-20 14:05 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Help
2014-10-20 14:03 - 2014-03-17 09:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Printers
2014-10-20 14:03 - 2013-08-07 21:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disney
2014-10-20 14:03 - 2013-07-16 08:15 - 00000000 ____D () C:\ProgramData\PRICache
2014-10-20 14:02 - 2013-08-22 08:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2014-10-20 14:02 - 2013-08-22 08:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2014-10-20 14:02 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-10-20 13:59 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-10-20 13:59 - 2013-08-07 21:40 - 00000000 ____D () C:\Users\GAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WMV9 VCM
2014-10-20 13:49 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-10-20 13:43 - 2013-08-22 06:36 - 00000000 __RHD () C:\Users\Default
2014-10-20 13:15 - 2013-07-16 08:15 - 01451384 _____ () C:\WINDOWS\WindowsUpdate (1).log
2014-10-20 10:54 - 2013-07-16 08:15 - 00000000 ____D () C:\Users\GAdmin\AppData\Local\VirtualStore
2014-10-19 21:44 - 2013-08-31 17:01 - 00001617 _____ () C:\Users\GAdmin\Desktop\DivX Movies.lnk
2014-10-19 21:44 - 2013-08-31 16:50 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-10-19 21:44 - 2013-08-31 16:48 - 00000000 ____D () C:\ProgramData\DivX
2014-10-19 21:43 - 2013-08-31 17:00 - 00000000 ____D () C:\Program Files\DivX
2014-10-19 20:54 - 2013-12-15 20:34 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-19 19:32 - 2014-03-11 11:05 - 00003062 _____ () C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-10-19 19:32 - 2014-03-11 11:05 - 00003060 _____ () C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-10-19 19:16 - 2013-09-10 23:47 - 00002469 _____ () C:\Users\Public\Desktop\DriverUpdate.lnk
2014-10-19 19:16 - 2013-09-10 23:47 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2014-10-17 17:37 - 2014-05-29 08:43 - 00000000 ____D () C:\Users\bryga_000\AppData\Local\Amazon Cloud Player
2014-10-17 10:27 - 2013-12-29 22:05 - 00002201 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Constant Guard.lnk
2014-10-17 10:27 - 2013-12-29 22:05 - 00002189 _____ () C:\Users\Public\Desktop\Constant Guard.lnk
2014-10-17 10:21 - 2013-12-29 22:16 - 00000000 ____D () C:\WINDOWS\system32\Drivers\N360x64
2014-10-17 10:20 - 2013-12-29 22:17 - 00002440 _____ () C:\Users\Public\Desktop\Norton Security Suite.lnk
2014-10-10 09:04 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-10-08 21:21 - 2014-05-28 12:52 - 00000956 _____ () C:\Users\bryga_000\AppData\Roaming\__AvidCloudManager.log
2014-10-08 21:20 - 2014-05-28 12:52 - 00000000 ____D () C:\Users\bryga_000\temp
2014-10-08 20:10 - 2014-05-28 12:51 - 00000000 ____D () C:\Users\bryga_000\AppData\Local\Avid
2014-10-08 20:10 - 2014-05-28 12:34 - 00000349 _____ () C:\Users\Public\Documents\PCLECHAL.INI
2014-10-08 20:09 - 2014-05-28 12:52 - 00000763 _____ () C:\Users\bryga_000\AppData\Roaming\GARRETT-XPS.MTBF.txt
2014-10-06 09:40 - 2013-12-19 23:17 - 00036864 ___SH () C:\Users\bryga_000\Downloads\Thumbs.db
2014-10-03 10:02 - 2013-07-16 09:27 - 103265616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-10-20 13:42
 
==================== End Of Log ============================


#10 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:35 AM

Posted 01 November 2014 - 05:34 AM

Let's do a final check up:

Step 1


Please downloadesetlogo.pngOnline Scanner and save it to your Desktop.
  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start installer.pngwith administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Choose the following settings:
settings.png
  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
  • When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
  • Now click on Finish
  • A log filelog.pngis created at logpath.png
    Copy and paste the content of this log file in your next reply.
Note: Do not forget to re-enable your antivirus application after running the above scan!
eset.gif

lesestoff.png

Can you please tell me which problems still persist now?
How is the computer running

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#11 brygar

brygar
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:35 PM

Posted 01 November 2014 - 06:53 PM

It seems to be performing much better. I don't see any other issues at this point.

Thank you so much for your help!

Bryan

 

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=67421f426c751e4597987c773816b3d9
# engine=20885
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-11-01 11:47:04
# local_time=2014-11-01 04:47:04 (-0800, Pacific Daylight Time)
# country="United States"
# lang=1033
# osver=6.2.9200 NT 
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 94 11089 366346 0 0
# compatibility_mode_1='Norton 360'
# compatibility_mode=3598 16777213 87 100 0 165461720 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 2411373 27839920 0 0
# scanned=557437
# found=1
# cleaned=0
# scan_time=16908
sh=A4947FBFDF39374B96B7EB3AE6C634A1DF1066A3 ft=0 fh=0000000000000000 vn="JS/TrojanDownloader.FakeAlert.NAK trojan" ac=I fn="C:\Users\bryga_000\AppData\Local\Temp\71f0\AppData\Local\Microsoft\Windows\INetCache\IE\1ZBGVRJQ\index[1].htm"


#12 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:35 AM

Posted 01 November 2014 - 07:00 PM

OK! :)
 
Step 1

frst.pngfrstfix.png

Press thew7.png + R on your keyboard at the same time. Type notepad and click OK.

  • Copy the entire content of the codebox below and paste into the notepad document:
    C:\Users\bryga_000\AppData\Local\Temp\71f0\AppData\Local\Microsoft\Windows\INetCache\IE\1ZBGVRJQ\index[1].htm
    EmptyTemp:
    
  • Click File, Save As and type fixlist.txt as the File Name.

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please post it to your reply.
 
 
That's it! abklatsch.gif
Your logs look clean to me at the moment. :thumbup2:
We're gonna clean up everything now and in the end I'll provide you with a list of security tips so you hopefully will not need our help anymore in the future.


My help is free for everybody.
If you want to support me fighting against malware or buy me a beer for the assistance you received, then you can consider a donation: btn_donate_SM.gif
Thank you!


Clean Upcleanupm.PNG

Now we remove all the tools we used (including their logs and quarantine folders), restore your settings and delete old and infected system restorepoints:

  • You can uninstall programs that you had to install (e.g. MBAM or ESET Onlinescanner) in the control panel if you so wish.
  • Download delfix.pngDelFix (by Xplode) and save it to your Desktop.
    • Close all running programs and start delfix.exe.
    • Make sure that all available options are checked.
    • Click on Run
    • DelFix should remove all our tools and delete itself afterwards. I don't need the log file.
  • If there is still something left you can delete it manually.

Tips

I recommend to read and follow the "16 simple and easy ways to keep your computer safe and secure on the Internet" (Link) by Lawrence Abrams.


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#13 brygar

brygar
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:35 PM

Posted 01 November 2014 - 07:41 PM

I've gotten this error several times.

   

 DRIVER_IRQL_NOT_LESS_OR_EQUAL (netwlv64.sys)

 

It says the computer will restart, but it never does.



#14 brygar

brygar
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:35 PM

Posted 01 November 2014 - 08:50 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-11-2014
Ran by GAdmin at 2014-11-01 17:45:37 Run:2
Running from C:\Users\GAdmin\Downloads
Loaded Profile: GAdmin (Available profiles: GAdmin & bryga_000)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
C:\Users\bryga_000\AppData\Local\Temp\71f0\AppData\Local\Microsoft\Windows\INetCache\IE\1ZBGVRJQ\index[1].htm
EmptyTemp:
*****************
 
C:\Users\bryga_000\AppData\Local\Temp\71f0\AppData\Local\Microsoft\Windows\INetCache\IE\1ZBGVRJQ\index[1].htm => Moved successfully.
EmptyTemp: => Removed 7.9 GB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====


#15 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:35 AM

Posted 02 November 2014 - 05:22 AM

Hi,

it is not malware related.

 

 

I've gotten this error several times.

   

 DRIVER_IRQL_NOT_LESS_OR_EQUAL (netwlv64.sys)

 

It says the computer will restart, but it never does.

 

Please have a look at this:

http://answers.microsoft.com/en-us/windows/forum/windows8_1-system/windows-81-bsod-netwlv64sys/158a8406-2a39-4026-858b-d7338ef22d78

http://answers.microsoft.com/en-us/windows/forum/windows8_1-hardware/driverirqlnotlessorequal-netwlv64sys/b5f01445-b732-4f3d-b3ee-4daafdc49771


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users