Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malwarebytes stopped working and general slugglishness


  • This topic is locked This topic is locked
3 replies to this topic

#1 Andrew111

Andrew111

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:11:07 PM

Posted 09 May 2015 - 04:44 PM

For months now my computer seems to be struggling with some slowness. By slowness I mean applications taking longer to launch, applications freezing, and Windows taking longer to shut down. I have Norton Internet Security which is always on. I did a full scan, and it found nothing except a few infected junk email attachments. I never click on these anyway, and just delete all attachments from time to time.

 

Two weeks ago my computer slid off my lap onto the floor. It didn't look like much of a bump, so I was surprised to see a blue screen telling me that Windows had an unusual event and had to shut down. It was also making an image of memory onto my hard disk. I was too flustered to write down the details. So after it was done copying, I restarted it and allowed it to start normally. Everything seemed fine. But later that day I got a screen that appeared to be a Windows status screen. Not a blue screen. Not an error screen. A screen with wallpaper and nice font, just like the welcome screen. It said "Preparing Security Options." Then after about 5 seconds, it went back to normal. The Microsoft support area contained a question about this message, and the advice was to run sfc /scannow from an elevated prompt So I did. And it said it didn’t find any integrity violations. 

 

But I also noticed a new message when I shut down. It would often say it had to force a task host window to close. And then Norton Internet Security started frequently giving me messages about applications were doing a lot of disc writing. I was not too worried at first because I was either downloading or moving files at the time. But still, I was getting a lot of these. And then I got one for simply launching my email client.

I decided to run Malwarebytes. I have the full version but had not run or updated it for months. But it would not connect to update its malware definitions. I used it to scan anyway, and found no problems. I tried to update again, but it would still not update. I checked the settings and noticed the “enable self-protection” was not active. So I clicked that box. Then I clicked the subsetting that says “enable self-protection early start.” When I did that, Malwarebytes disappeared from the screen. I could not start it again. All I get is an hourglass cursor that quickly disappears. So I downloaded a fresh Chameleon from the Malwarebytes website using a different computer. Then I ran every script from a USB drive. It did me no good.

 

Because of what happened with Malwarebytes, I worried I had an infection, even if the other symptoms were because of something else. I posted here and was advised to run Rkill versions. I stil cannot run Malwarebytes. All I get is an hourglass cursor for a few seconds. I have not tried any other steps because I was told not to. I was told to run FRST and post here.

 

Here's the log:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-05-2015
Ran by Silver (administrator) on SILVER-PC on 09-05-2015 14:10:53
Running from C:\Users\Silver\Desktop\frst av
Loaded Profiles: Silver (Available profiles: Silver)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser path: "C:\Program Files\Opera x64\Opera.exe" "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Creative Technology Ltd) C:\Windows\SysWOW64\CTSVCCDA.EXE
(Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TBatmgrTrayicon.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
() C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(Ulrich Krebs) C:\Program Files (x86)\Kalender\Kalender.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
() C:\Windows\SysWOW64\NMSAccessU.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoHook.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Ruiware LLC) C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
() C:\Program Files (x86)\ACD Systems\ACDSee\18.0\ACDSeeCommander18.exe
(3M) C:\Program Files (x86)\3M\PSN2Lite\Psn2Lite.exe
( ) C:\Program Files (x86)\Datacolor\Spyder4Pro\Utility\SpyderUtility.exe
(GP Software) C:\Program Files\GPSoftware\Directory Opus\dopus.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(3M) C:\Program Files (x86)\3M\PSN2Lite\PSNGive.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(DTS, Inc.) C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\APO3GUI.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
() C:\Windows\SysWOW64\UMonit64.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [BatteryManager] => C:\Program Files\TOSHIBA\Power Saver\TBatmgrTrayIcon.EXE [293760 2013-02-20] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [996192 2013-05-20] (TOSHIBA Corporation)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [595840 2012-03-02] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2978544 2013-05-22] (Synaptics Incorporated)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1562032 2012-02-28] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2011-03-10] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [SVPWUTIL] => C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [532480 2012-04-19] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-08-15] (Intel Corporation)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2010-08-16] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [DTS Sound] => C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\APO3GUI.exe [1500992 2013-09-16] (DTS, Inc.)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1298816 2011-07-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
HKLM-x32\...\Run: [QuickFinder Scheduler] => c:\Program Files (x86)\Corel\WordPerfect Office X5\Programs\QFSCHD150.EXE [128440 2012-09-21] (Corel Corporation)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-02-08] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-02-08] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2014-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2014-12-03] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2068856 2011-10-13] (Flexera Software LLC.)
HKLM-x32\...\Run: [Persistence] => C:\windows\system32\igfxpers.exe
HKLM-x32\...\Run: [UMonit64] => C:\Windows\SysWOW64\UMonit64.exe [40960 2013-03-14] ()
HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [80840 2011-04-01] (TOSHIBA CORPORATION)
Winlogon\Notify\igfxcui: [X]
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1807104890-2556670774-1551231659-1000\...\Run: [Kalender] => C:\Program Files (x86)\Kalender\Kalender.exe [991232 2014-02-22] (Ulrich Krebs)
HKU\S-1-5-21-1807104890-2556670774-1551231659-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1807104890-2556670774-1551231659-1000\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1160536 2015-02-22] (Ruiware LLC)
HKU\S-1-5-21-1807104890-2556670774-1551231659-1000\...\Run: [ACDSeeCommander18] => C:\Program Files (x86)\ACD Systems\ACDSee\18.0\ACDSeeCommander18.exe [1968136 2014-12-17] ()
HKU\S-1-5-21-1807104890-2556670774-1551231659-1000\...\MountPoints2: E - E:\DTVP30_Launcher.exe
HKU\S-1-5-21-1807104890-2556670774-1551231659-1000\...\MountPoints2: G - G:\DTVP30_Launcher.exe
HKU\S-1-5-21-1807104890-2556670774-1551231659-1000\...\MountPoints2: {33a3c661-c500-11e4-aca5-005056c00008} - G:\DTVP30_Launcher.exe
HKU\S-1-5-21-1807104890-2556670774-1551231659-1000\...\MountPoints2: {7db28656-a86d-11e3-ac23-005056c00008} - E:\IronKey.exe
HKU\S-1-5-21-1807104890-2556670774-1551231659-1000\...\MountPoints2: {eb52a6ba-10d8-11e4-acb9-005056c00008} - E:\DTVP30_Launcher.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Post-it® Software Notes Lite.lnk [2014-03-11]
ShortcutTarget: Post-it® Software Notes Lite.lnk -> C:\Program Files (x86)\3M\PSN2Lite\Psn2Lite.exe (3M)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SpyderUtility.lnk [2014-03-21]
ShortcutTarget: SpyderUtility.lnk -> C:\Program Files (x86)\Datacolor\Spyder4Pro\Utility\SpyderUtility.exe ( )
Startup: C:\Users\Silver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Directory Opus (Startup).lnk [2014-09-16]
ShortcutTarget: Directory Opus (Startup).lnk -> C:\Program Files\GPSoftware\Directory Opus\dopus.exe (GP Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://toshiba13.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://toshiba13.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
HKU\S-1-5-21-1807104890-2556670774-1551231659-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKU\S-1-5-21-1807104890-2556670774-1551231659-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
HKU\S-1-5-21-1807104890-2556670774-1551231659-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://mystart.toshiba.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1807104890-2556670774-1551231659-1000 -> DefaultScope {A6FA06B1-A5C3-429F-AF53-FCC4F2CA098E} URL =
SearchScopes: HKU\S-1-5-21-1807104890-2556670774-1551231659-1000 -> {A6FA06B1-A5C3-429F-AF53-FCC4F2CA098E} URL =
BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll [2010-04-13] (TechSmith Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: Dragon Web Extension For Internet Explorer -> {609C0837-8DD3-4F9B-AAC5-446F36BC0353} -> C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\x64\dgnriaie_x64.dll [2014-07-23] (Nuance Communications, Inc.)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-09-27] (Oracle Corporation)
BHO: IVONA Reader -> {8664889D-ED18-4713-918F-E2BB69D8452B} -> C:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2_x64.dll [2013-05-31] (IVONA Software Sp. z o.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-09-27] (Oracle Corporation)
BHO-x32: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll [2010-04-13] (TechSmith Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: Dragon Web Extension For Internet Explorer -> {609C0837-8DD3-4F9B-AAC5-446F36BC0353} -> C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\dgnriaie.dll [2014-07-23] (Nuance Communications, Inc.)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-04] (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-27] (Oracle Corporation)
BHO-x32: IVONA Reader -> {8664889D-ED18-4713-918F-E2BB69D8452B} -> C:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2.dll [2013-05-31] (IVONA Software Sp. z o.o.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2014-11-13] (FreeDownloadManager.ORG)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-27] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
Toolbar: HKLM - IVONA Reader - {8664889D-ED18-4713-918F-E2BB69D8452B} - C:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2_x64.dll [2013-05-31] (IVONA Software Sp. z o.o.)
Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll [2010-04-13] (TechSmith Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM-x32 - IVONA Reader - {8664889D-ED18-4713-918F-E2BB69D8452B} - C:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2.dll [2013-05-31] (IVONA Software Sp. z o.o.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll [2010-04-13] (TechSmith Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Handler-x32: asksam7 - {7176DE82-982D-4f2b-A562-9D0BBE96DEBC} - C:\Program Files (x86)\askSam\asksam7\AS7_AIPP.dll [2008-07-11] (askSam Systems)
ShellExecuteHooks: Directory Opus Shell Execute Hook - {3CF9ECE0-1A9F-11D2-8C73-00C06C2005DE} - C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll [1573992 2015-03-27] (GP Software)
ShellExecuteHooks-x32: Directory Opus Shell Execute Hook - {EE761688-C137-4b04-8FAB-3C9CDF0886F0} - C:\Program Files\GPSoftware\Directory Opus\dopuslib32.dll [344128 2015-03-27] (GP Software)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Silver\AppData\Roaming\Mozilla\Firefox\Profiles\5169f315.default
FF DefaultSearchEngine: Bing
FF DefaultSearchEngine.US: Bing
FF SelectedSearchEngine: Bing
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-09-27] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-01-30] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems)
FF Plugin: nuance.com/DgnRia2_x86_64 -> C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\x64\npDgnRia2_x64.dll [2014-07-23] (Nuance Communications, Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-08] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-09-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-02] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF Plugin-x32: nuance.com/DgnRia2 -> C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\npDgnRia2.dll [2014-07-23] (Nuance Communications, Inc.)
FF Plugin HKU\S-1-5-21-1807104890-2556670774-1551231659-1000: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2014-07-10] (Sony Network Entertainment International LLC)
FF SearchPlugin: C:\Users\Silver\AppData\Roaming\Mozilla\Firefox\Profiles\5169f315.default\searchplugins\duckduckgo.xml [2013-07-24]
FF Extension: Ant Video Downloader - C:\Users\Silver\AppData\Roaming\Mozilla\Firefox\Profiles\5169f315.default\Extensions\anttoolbar@ant.com [2015-04-03]
FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\Silver\AppData\Roaming\Mozilla\Firefox\Profiles\5169f315.default\Extensions\artur.dubovoy@gmail.com [2015-04-18]
FF Extension: MinimizeToTray revived (MinTrayR) - C:\Users\Silver\AppData\Roaming\Mozilla\Firefox\Profiles\5169f315.default\Extensions\mintrayr@tn123.ath.cx [2015-03-07]
FF Extension: Speed Dial [FVD] - New Tab Page, Sync... - C:\Users\Silver\AppData\Roaming\Mozilla\Firefox\Profiles\5169f315.default\Extensions\pavel.sherbakov@gmail.com [2015-04-18]
FF Extension: FireShot - C:\Users\Silver\AppData\Roaming\Mozilla\Firefox\Profiles\5169f315.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2015-03-28]
FF Extension: All-in-One Gestures - C:\Users\Silver\AppData\Roaming\Mozilla\Firefox\Profiles\5169f315.default\Extensions\{8b86149f-01fb-4842-9dd8-4d7eb02fd055} [2014-03-09]
FF Extension: Flash and Video Download - C:\Users\Silver\AppData\Roaming\Mozilla\Firefox\Profiles\5169f315.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-04-22]
FF Extension: DownThemAll! AntiContainer - C:\Users\Silver\AppData\Roaming\Mozilla\Firefox\Profiles\5169f315.default\Extensions\anticontainer@downthemall.net.xpi [2014-03-11]
FF Extension: YouTube Video and Audio Downloader - C:\Users\Silver\AppData\Roaming\Mozilla\Firefox\Profiles\5169f315.default\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2014-03-31]
FF Extension: Video Downloader Professional - C:\Users\Silver\AppData\Roaming\Mozilla\Firefox\Profiles\5169f315.default\Extensions\ffext_basicvideoext@startpage24.xpi [2014-12-13]
FF Extension: FireGestures - C:\Users\Silver\AppData\Roaming\Mozilla\Firefox\Profiles\5169f315.default\Extensions\firegestures@xuldev.org.xpi [2014-03-11]
FF Extension: Translate This! - C:\Users\Silver\AppData\Roaming\Mozilla\Firefox\Profiles\5169f315.default\Extensions\jid0-k75TfRGfOXPHfEZmJ9cKu5eCgLc@jetpack.xpi [2014-10-27]
FF Extension: Private Tab - C:\Users\Silver\AppData\Roaming\Mozilla\Firefox\Profiles\5169f315.default\Extensions\privateTab@infocatcher.xpi [2014-11-06]
FF Extension: Freecorder YouTube Download Wizard - C:\Users\Silver\AppData\Roaming\Mozilla\Firefox\Profiles\5169f315.default\Extensions\ytvdw@pgport.com.xpi [2014-03-11]
FF Extension: All-in-One Sidebar - C:\Users\Silver\AppData\Roaming\Mozilla\Firefox\Profiles\5169f315.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi [2014-06-22]
FF Extension: Capture & Print - C:\Users\Silver\AppData\Roaming\Mozilla\Firefox\Profiles\5169f315.default\Extensions\{146f1820-2b0d-49ef-acbf-d85a6986e10c}.xpi [2014-03-11]
FF Extension: Web Developer - C:\Users\Silver\AppData\Roaming\Mozilla\Firefox\Profiles\5169f315.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2014-03-11]
FF Extension: DownThemAll! - C:\Users\Silver\AppData\Roaming\Mozilla\Firefox\Profiles\5169f315.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-03-11]
FF Extension: Download Manager Tweak - C:\Users\Silver\AppData\Roaming\Mozilla\Firefox\Profiles\5169f315.default\Extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}.xpi [2014-06-12]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\coFFPlgn [2015-05-09]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-03-14]
FF HKLM-x32\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\Program Files (x86)\Free Download Manager\Firefox\Extension
FF Extension: Free Download Manager plugin - C:\Program Files (x86)\Free Download Manager\Firefox\Extension [2014-12-04]
FF HKU\S-1-5-21-1807104890-2556670774-1551231659-1000\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\Program Files (x86)\Free Download Manager\Firefox\Extension

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Silver\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Silver\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-20]
CHR Extension: (Google Drive) - C:\Users\Silver\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-20]
CHR Extension: (YouTube) - C:\Users\Silver\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-20]
CHR Extension: (Google Search) - C:\Users\Silver\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-20]
CHR Extension: (Norton Identity Safe) - C:\Users\Silver\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-09-08]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Silver\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-10]
CHR Extension: (Google Wallet) - C:\Users\Silver\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-14]
CHR Extension: (Gmail) - C:\Users\Silver\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-20]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-22]
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-22]

Opera:
=======
StartMenuInternet: (HKLM) Opera - C:\Program Files\Opera x64\Opera.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Creative Service for CDROM Access; C:\windows\SysWOW64\CTsvcCDA.exe [44032 1999-12-12] (Creative Technology Ltd) [File not signed]
R2 DragonLoggerService; C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe [137280 2014-07-23] (Nuance Communications, Inc.)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-16] ()
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-08] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-05-08] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 NAT; C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe [232424 2013-10-11] (Symantec Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\NIS.exe [276336 2015-03-06] (Symantec Corporation)
R2 NMSAccess; C:\windows\SysWOW64\NMSAccessU.exe [71096 2009-01-12] ()
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4230016 2013-01-28] (Symantec Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 vmware-converter-agent; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe [479312 2013-10-07] (VMware, Inc.)
R2 vmware-converter-server; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [479312 2013-10-07] (VMware, Inc.)
R2 vmware-converter-worker; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [479312 2013-10-07] (VMware, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\BASHDefs\20150501.001\BHDrvx64.sys [1639128 2015-05-01] (Symantec Corporation)
S3 bmdrvr; C:\Windows\SysWow64\drivers\bmdrvr.sys [75344 2013-08-28] (VMware, Inc.)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-25] (Symantec Corporation)
R1 ccSet_NAT; C:\Windows\system32\drivers\NATx64\010A000.009\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1507000.00B\ccSetx64.sys [162392 2014-02-20] (Symantec Corporation)
R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2015-05-01] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-11] (Symantec Corporation)
U5 GeneStor; C:\Windows\System32\Drivers\GeneStor.sys [79592 2013-02-21] (GenesysLogic)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-07-30] (Intel Corporation)
R3 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\IPSDefs\20150508.001\IDSvia64.sys [671448 2015-03-26] (Symantec Corporation)
R2 mbamchameleon; C:\windows\system32\drivers\mbamchameleon.sys [91352 2014-05-12] (Malwarebytes Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99800 2013-05-08] (Intel Corporation)
S3 MWAC; \??\C:\windows\system32\drivers\ [0 ] () <==== ATTENTION (zero size file/folder)
S3 MWAC; \??\C:\windows\SysWOW64\drivers\ [0 ] () <==== ATTENTION (zero size file/folder)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\VirusDefs\20150508.016\ENG64.SYS [129752 2015-05-01] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\VirusDefs\20150508.016\EX64.SYS [2137304 2015-05-01] (Symantec Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33008 2013-05-22] (Synaptics Incorporated)
S3 Spyder4; C:\Windows\System32\DRIVERS\dccmtr.sys [15360 2011-06-02] (Datacolor)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1507000.00B\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1507000.00B\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
R3 SymDS; C:\Windows\system32\drivers\NISx64\1507000.00B\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NISx64\1507000.00B\SYMEFA64.SYS [1148120 2014-03-03] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-06-10] (Symantec Corporation)
R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [78936 2013-10-30] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R3 SymNetS; C:\Windows\System32\Drivers\NISx64\1507000.00B\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
R3 vmkbd2; C:\windows\system32\drivers\VMkbd.sys [33496 2014-04-14] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-08-28] (VMware, Inc.)
S3 WsAudio_Device(1); C:\Windows\System32\drivers\VirtualAudio1.sys [31080 2014-11-26] (Wondershare)
S3 WsAudio_Device(2); C:\Windows\System32\drivers\VirtualAudio2.sys [31080 2014-11-26] (Wondershare)
S3 WsAudio_Device(3); C:\Windows\System32\drivers\VirtualAudio3.sys [31080 2014-11-26] (Wondershare)
S3 WsAudio_Device(4); C:\Windows\System32\drivers\VirtualAudio4.sys [31080 2014-11-26] (Wondershare)
S3 WsAudio_Device(5); C:\Windows\System32\drivers\VirtualAudio5.sys [31080 2014-11-26] (Wondershare)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-09 12:10 - 2015-05-09 12:11 - 00048242 _____ () C:\Users\Silver\Desktop\Addition.txt
2015-05-09 12:08 - 2015-05-09 12:20 - 00073013 _____ () C:\Users\Silver\Desktop\FRST.txt
2015-05-09 12:06 - 2015-05-09 14:10 - 00000000 ____D () C:\FRST
2015-05-09 11:12 - 2015-05-09 14:10 - 00000000 ____D () C:\Users\Silver\Desktop\frst av
2015-05-06 16:14 - 2015-05-06 16:14 - 02506522 _____ () C:\Users\Silver\Desktop\Toshiba Tecra W50-ABT1500 Workstation.mht
2015-05-06 09:15 - 2015-05-06 09:15 - 00000000 ____D () C:\Users\Silver\Desktop\New folder
2015-05-05 15:40 - 2015-05-05 15:40 - 00001092 _____ () C:\Users\Silver\Desktop\FreeCommander.lnk
2015-05-05 15:40 - 2015-05-05 15:40 - 00000000 ____D () C:\Users\Silver\AppData\Roaming\FreeCommander
2015-05-05 15:40 - 2015-05-05 15:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeCommander
2015-05-05 15:40 - 2015-05-05 15:40 - 00000000 ____D () C:\Program Files (x86)\FreeCommander
2015-05-05 08:11 - 2015-05-05 08:45 - 00002946 _____ () C:\Users\Silver\Desktop\Rkill.txt
2015-05-05 08:09 - 2015-05-05 08:41 - 00000000 ____D () C:\Users\Silver\Desktop\rkill
2015-05-04 09:17 - 2015-05-04 09:18 - 00000000 ____D () C:\Users\Silver\Desktop\av
2015-05-02 21:21 - 2015-05-03 09:25 - 00006249 _____ () C:\Users\Silver\Documents\For months now my computer seems to be struggling.wpd
2015-05-02 12:36 - 2015-05-02 16:37 - 00000000 ____D () C:\windows\Microsoft Antimalware
2015-05-01 09:58 - 2015-05-01 09:58 - 00000000 ____D () C:\Users\Silver\AppData\Roaming\InstallShield
2015-04-27 15:31 - 2015-04-27 16:03 - 00024576 _____ () C:\Users\Silver\Documents\blood pressure2.qpw
2015-04-20 20:46 - 2015-04-20 20:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-17 12:17 - 2015-04-17 12:18 - 00281664 _____ () C:\windows\Minidump\041715-40029-01.dmp
2015-04-17 12:09 - 2015-05-05 08:54 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-04-16 09:20 - 2015-04-16 09:21 - 00281664 _____ () C:\windows\Minidump\041615-54038-01.dmp
2015-04-15 20:38 - 2015-04-01 17:17 - 00389808 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-04-15 20:38 - 2015-04-01 16:49 - 00342704 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-04-15 20:38 - 2015-03-24 20:24 - 03298816 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-04-15 20:38 - 2015-03-24 20:24 - 02553856 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-04-15 20:38 - 2015-03-24 20:24 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-04-15 20:38 - 2015-03-24 20:24 - 00191488 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-04-15 20:38 - 2015-03-24 20:24 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-04-15 20:38 - 2015-03-24 20:24 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-04-15 20:38 - 2015-03-24 20:24 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-04-15 20:38 - 2015-03-24 20:24 - 00035328 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-04-15 20:38 - 2015-03-24 20:23 - 00135168 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-04-15 20:38 - 2015-03-24 20:23 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-04-15 20:38 - 2015-03-24 20:23 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-04-15 20:38 - 2015-03-24 20:00 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-04-15 20:38 - 2015-03-24 20:00 - 00173056 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-04-15 20:38 - 2015-03-24 20:00 - 00092672 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-04-15 20:38 - 2015-03-24 20:00 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-04-15 20:38 - 2015-03-24 20:00 - 00029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-04-15 20:38 - 2015-03-22 20:25 - 00769536 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-04-15 20:38 - 2015-03-22 20:25 - 00726528 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-04-15 20:38 - 2015-03-22 20:24 - 00957952 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-04-15 20:38 - 2015-03-22 20:24 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-04-15 20:38 - 2015-03-22 20:24 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-04-15 20:38 - 2015-03-22 20:24 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-04-15 20:38 - 2015-03-22 20:24 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-04-15 20:38 - 2015-03-22 20:17 - 01111552 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-04-15 20:38 - 2015-03-12 21:32 - 24980480 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-04-15 20:38 - 2015-03-12 21:25 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-04-15 20:38 - 2015-03-12 21:25 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-04-15 20:38 - 2015-03-12 21:09 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-04-15 20:38 - 2015-03-12 21:08 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-04-15 20:38 - 2015-03-12 21:08 - 00417280 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-04-15 20:38 - 2015-03-12 21:08 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-04-15 20:38 - 2015-03-12 21:07 - 02886144 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-04-15 20:38 - 2015-03-12 21:06 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-04-15 20:38 - 2015-03-12 21:00 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-04-15 20:38 - 2015-03-12 20:59 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-04-15 20:38 - 2015-03-12 20:55 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-04-15 20:38 - 2015-03-12 20:54 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-04-15 20:38 - 2015-03-12 20:54 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-04-15 20:38 - 2015-03-12 20:53 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-04-15 20:38 - 2015-03-12 20:50 - 06025216 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-04-15 20:38 - 2015-03-12 20:44 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-04-15 20:38 - 2015-03-12 20:42 - 19695616 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-04-15 20:38 - 2015-03-12 20:42 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-04-15 20:38 - 2015-03-12 20:40 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-04-15 20:38 - 2015-03-12 20:32 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 20:38 - 2015-03-12 20:28 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-04-15 20:38 - 2015-03-12 20:28 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-04-15 20:38 - 2015-03-12 20:27 - 00340992 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-04-15 20:38 - 2015-03-12 20:27 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-04-15 20:38 - 2015-03-12 20:27 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-04-15 20:38 - 2015-03-12 20:26 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-04-15 20:38 - 2015-03-12 20:26 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-04-15 20:38 - 2015-03-12 20:23 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-04-15 20:38 - 2015-03-12 20:22 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-04-15 20:38 - 2015-03-12 20:20 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-04-15 20:38 - 2015-03-12 20:20 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-04-15 20:38 - 2015-03-12 20:17 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-04-15 20:38 - 2015-03-12 20:16 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-04-15 20:38 - 2015-03-12 20:15 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-04-15 20:38 - 2015-03-12 20:08 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-04-15 20:38 - 2015-03-12 20:07 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-04-15 20:38 - 2015-03-12 20:06 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-04-15 20:38 - 2015-03-12 20:05 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-04-15 20:38 - 2015-03-12 20:05 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-04-15 20:38 - 2015-03-12 20:01 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-15 20:38 - 2015-03-12 20:00 - 14397440 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-04-15 20:38 - 2015-03-12 19:57 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-04-15 20:38 - 2015-03-12 19:56 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-04-15 20:38 - 2015-03-12 19:54 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-04-15 20:38 - 2015-03-12 19:49 - 04305408 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-04-15 20:38 - 2015-03-12 19:45 - 02358784 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-04-15 20:38 - 2015-03-12 19:44 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-04-15 20:38 - 2015-03-12 19:43 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-04-15 20:38 - 2015-03-12 19:42 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-04-15 20:38 - 2015-03-12 19:34 - 12825600 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-04-15 20:38 - 2015-03-12 19:33 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-04-15 20:38 - 2015-03-12 19:22 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-04-15 20:38 - 2015-03-12 19:20 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-04-15 20:38 - 2015-03-12 19:16 - 01311232 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-04-15 20:38 - 2015-03-12 19:14 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-04-15 20:37 - 2015-03-16 22:22 - 05557696 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-04-15 20:37 - 2015-03-16 22:22 - 00155576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-04-15 20:37 - 2015-03-16 22:22 - 00095672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-04-15 20:37 - 2015-03-16 22:19 - 01727904 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-04-15 20:37 - 2015-03-16 22:17 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-04-15 20:37 - 2015-03-16 22:17 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-04-15 20:37 - 2015-03-16 22:17 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-04-15 20:37 - 2015-03-16 22:16 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-04-15 20:37 - 2015-03-16 22:16 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-04-15 20:37 - 2015-03-16 22:16 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-04-15 20:37 - 2015-03-16 22:16 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-04-15 20:37 - 2015-03-16 22:16 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-04-15 20:37 - 2015-03-16 22:16 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-04-15 20:37 - 2015-03-16 22:16 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-04-15 20:37 - 2015-03-16 22:16 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-04-15 20:37 - 2015-03-16 22:16 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-04-15 20:37 - 2015-03-16 22:16 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-04-15 20:37 - 2015-03-16 22:16 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-04-15 20:37 - 2015-03-16 22:16 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-04-15 20:37 - 2015-03-16 22:16 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-04-15 20:37 - 2015-03-16 22:16 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-04-15 20:37 - 2015-03-16 22:16 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-04-15 20:37 - 2015-03-16 22:16 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-04-15 20:37 - 2015-03-16 22:16 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-04-15 20:37 - 2015-03-16 22:16 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-04-15 20:37 - 2015-03-16 22:16 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-04-15 20:37 - 2015-03-16 22:16 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-04-15 20:37 - 2015-03-16 22:15 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-04-15 20:37 - 2015-03-16 22:15 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-04-15 20:37 - 2015-03-16 22:15 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-04-15 20:37 - 2015-03-16 22:13 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-04-15 20:37 - 2015-03-16 22:13 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-04-15 20:37 - 2015-03-16 22:11 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-04-15 20:37 - 2015-03-16 22:11 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-04-15 20:37 - 2015-03-16 22:11 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 22:11 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 22:11 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 22:11 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 22:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 22:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 22:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 22:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 22:01 - 03976632 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-04-15 20:37 - 2015-03-16 22:01 - 03920824 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-04-15 20:37 - 2015-03-16 21:59 - 01309696 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-04-15 20:37 - 2015-03-16 21:57 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-04-15 20:37 - 2015-03-16 21:57 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-04-15 20:37 - 2015-03-16 21:57 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-04-15 20:37 - 2015-03-16 21:57 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-04-15 20:37 - 2015-03-16 21:57 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-04-15 20:37 - 2015-03-16 21:57 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-04-15 20:37 - 2015-03-16 21:57 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-04-15 20:37 - 2015-03-16 21:57 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-04-15 20:37 - 2015-03-16 21:57 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-04-15 20:37 - 2015-03-16 21:56 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-04-15 20:37 - 2015-03-16 21:56 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-04-15 20:37 - 2015-03-16 21:56 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-04-15 20:37 - 2015-03-16 21:56 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-04-15 20:37 - 2015-03-16 21:56 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-04-15 20:37 - 2015-03-16 21:56 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-04-15 20:37 - 2015-03-16 21:56 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-04-15 20:37 - 2015-03-16 21:53 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-04-15 20:37 - 2015-03-16 21:53 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-04-15 20:37 - 2015-03-16 21:50 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-04-15 20:37 - 2015-03-16 21:50 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-04-15 20:37 - 2015-03-16 21:50 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 21:50 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 21:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 21:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 21:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 21:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 21:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 20:45 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-04-15 20:37 - 2015-03-16 20:45 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-04-15 20:37 - 2015-03-16 20:43 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 20:43 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 20:43 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 20:37 - 2015-03-16 20:43 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 20:37 - 2015-03-09 20:25 - 01882624 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-04-15 20:37 - 2015-03-09 20:21 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2015-04-15 20:37 - 2015-03-09 20:08 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2015-04-15 20:37 - 2015-03-09 20:05 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2015-04-15 20:37 - 2015-03-04 22:12 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-04-15 20:37 - 2015-03-04 21:05 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2015-04-15 20:37 - 2015-03-03 21:55 - 00367552 _____ (Microsoft Corporation) C:\windows\system32\clfs.sys
2015-04-15 20:37 - 2015-03-03 21:41 - 00079360 _____ (Microsoft Corporation) C:\windows\system32\clfsw32.dll
2015-04-15 20:37 - 2015-03-03 21:10 - 00058880 _____ (Microsoft Corporation) C:\windows\SysWOW64\clfsw32.dll
2015-04-15 20:37 - 2015-02-24 20:18 - 00754688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2015-04-14 15:28 - 2015-04-14 15:28 - 18178736 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2015-04-11 12:10 - 2015-05-09 11:51 - 00000000 ____D () C:\53038d67efd964c65a7f06
2015-04-11 10:23 - 2015-04-11 10:23 - 00000000 ____D () C:\Users\Silver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ExtractNow
2015-04-11 10:15 - 2015-05-01 22:03 - 00000000 ____D () C:\Users\Silver\AppData\Local\ExtractNow
2015-04-11 10:15 - 2015-04-12 05:54 - 00000000 ____D () C:\Program Files (x86)\ExtractNow
2015-04-11 10:15 - 2015-04-11 10:23 - 00001056 _____ () C:\Users\Silver\Desktop\ExtractNow.lnk
2015-04-10 19:37 - 2015-04-10 19:37 - 00000000 ____D () C:\ProgramData\Free Download Manager
2015-04-10 13:11 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_27.dll
2015-04-10 13:11 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_27.dll
2015-04-10 13:10 - 2015-04-10 13:10 - 00000000 ____D () C:\Program Files\Common Files\ACD Systems
2015-04-09 12:05 - 2015-04-09 12:28 - 00000000 ____D () C:\Program Files (x86)\Beyond Compare 4
2015-04-09 12:05 - 2015-04-09 12:06 - 00000000 ____D () C:\Users\Silver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Beyond Compare 4

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-09 14:11 - 2009-07-13 21:45 - 00032704 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-09 14:11 - 2009-07-13 21:45 - 00032704 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-09 14:06 - 2014-03-01 05:18 - 01466658 _____ () C:\windows\WindowsUpdate.log
2015-05-09 14:02 - 2014-04-12 18:05 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-09 14:02 - 2014-03-09 18:50 - 00000000 ____D () C:\ProgramData\VMware
2015-05-09 14:02 - 2009-07-13 22:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-05-09 14:01 - 2009-07-13 21:51 - 00113130 _____ () C:\windows\setupact.log
2015-05-09 14:00 - 2014-03-11 19:48 - 00000000 ____D () C:\Users\Silver\AppData\Roaming\UK's Kalender
2015-05-09 13:43 - 2014-04-12 18:05 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-09 13:27 - 2013-06-06 19:46 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-05-09 12:40 - 2009-07-13 22:13 - 00786022 _____ () C:\windows\system32\PerfStringBackup.INI
2015-05-09 11:54 - 2014-12-04 16:34 - 00000000 ____D () C:\Users\Silver\AppData\Roaming\Free Download Manager
2015-05-09 11:54 - 2014-03-26 19:15 - 00000000 ____D () C:\ProgramData\TEMP
2015-05-09 08:53 - 2014-04-02 08:53 - 00000000 ____D () C:\Users\Silver\AppData\Roaming\.oit
2015-05-09 02:00 - 2014-07-07 05:42 - 00000000 ____D () C:\Users\Silver\AppData\Local\Adobe
2015-05-08 22:39 - 2014-03-27 08:03 - 00000000 ____D () C:\Users\Silver\AppData\Roaming\vlc
2015-05-08 15:53 - 2014-03-17 13:56 - 00000000 ____D () C:\Users\Silver\AppData\Local\CrashDumps
2015-05-08 11:23 - 2014-03-12 06:16 - 00004704 ___SH () C:\ProgramData\KGyGaAvL.sys
2015-05-08 11:23 - 2009-07-13 22:32 - 00000000 ____D () C:\windows\system32\FxsTmp
2015-05-08 09:33 - 2014-03-01 05:20 - 00000000 ____D () C:\Intel
2015-05-06 10:06 - 2014-03-11 04:09 - 00893638 _____ () C:\Users\Silver\Documents\main.ask
2015-05-04 20:04 - 2014-03-10 19:09 - 00000000 ____D () C:\Users\Silver\Documents\a receipts
2015-05-04 12:42 - 2014-03-10 19:06 - 00000000 ____D () C:\Users\Silver\Documents\A Medical
2015-05-03 14:39 - 2014-03-07 19:06 - 00000000 ____D () C:\Users\Silver
2015-05-02 20:59 - 2014-03-11 18:49 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-05-02 20:42 - 2014-03-12 20:47 - 00000000 ____D () C:\ProgramData\Package Cache
2015-05-01 22:03 - 2015-04-04 14:39 - 00000000 ___SD () C:\windows\system32\GWX
2015-05-01 22:03 - 2013-06-06 19:48 - 00000000 ____D () C:\ProgramData\Norton
2015-05-01 22:03 - 2013-06-06 19:46 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-05-01 22:03 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\registration
2015-04-28 11:04 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\system32\NDF
2015-04-28 08:53 - 2014-08-19 15:36 - 00003832 _____ () C:\windows\System32\Tasks\Opera scheduled Autoupdate 1408487785
2015-04-26 21:26 - 2014-10-01 09:45 - 00000000 ____D () C:\Users\Silver\AppData\Roaming\AMT_Workdir
2015-04-26 15:35 - 2014-03-11 05:11 - 00000000 ____D () C:\Users\Silver\Documents\mybb
2015-04-26 14:11 - 2015-04-04 10:57 - 00028672 _____ () C:\Users\Silver\Documents\blood pressure.qpw
2015-04-24 00:17 - 2014-12-04 16:34 - 00000000 ____D () C:\Program Files (x86)\Free Download Manager
2015-04-23 09:22 - 2014-03-11 05:37 - 00016897 _____ () C:\Users\Silver\Documents\PSA4.qpw
2015-04-22 23:26 - 2014-03-09 15:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-22 12:37 - 2015-01-10 17:06 - 00002234 _____ () C:\Users\Silver\AppData\Roaming\SAS7_000.DAT
2015-04-21 08:11 - 2014-03-11 05:21 - 00057344 _____ () C:\Users\Silver\Documents\diet3.qpw
2015-04-19 22:23 - 2014-04-11 12:15 - 00000000 ____D () C:\ProgramData\ThumbsPlus
2015-04-19 22:21 - 2014-04-12 08:50 - 00000000 ____D () C:\Users\Silver\AppData\Roaming\ThumbsPlus
2015-04-18 17:30 - 2014-03-01 05:50 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-04-17 12:17 - 2014-07-04 23:13 - 674595055 _____ () C:\windows\MEMORY.DMP
2015-04-17 12:17 - 2014-07-04 23:13 - 00000000 ____D () C:\windows\Minidump
2015-04-17 12:09 - 2014-07-04 23:22 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-16 22:39 - 2014-03-11 00:42 - 00000000 ____D () C:\Users\Silver\Documents\Graphics
2015-04-16 01:01 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\rescache
2015-04-16 01:01 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\AppCompat
2015-04-15 21:05 - 2014-12-14 09:35 - 00000000 ____D () C:\windows\system32\appraiser
2015-04-15 21:05 - 2014-05-06 08:35 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-04-15 20:52 - 2013-06-06 18:33 - 00778636 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2015-04-15 20:50 - 2014-03-28 07:05 - 00000000 ____D () C:\windows\system32\MRT
2015-04-15 20:42 - 2014-03-28 07:05 - 128913832 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-04-14 20:32 - 2014-03-11 06:01 - 00000000 ____D () C:\Users\Silver\Documents\Quicken Backups
2015-04-14 15:32 - 2013-06-06 19:46 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-04-14 15:32 - 2013-06-06 19:46 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-14 15:32 - 2013-06-06 19:46 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-04-13 17:29 - 2014-07-04 23:21 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-12 05:54 - 2010-11-20 20:47 - 00048686 _____ () C:\windows\PFRO.log
2015-04-11 22:22 - 2014-10-02 12:16 - 00000000 ____D () C:\Users\Silver\Desktop\blood volume
2015-04-10 13:11 - 2014-04-09 21:28 - 00014428 _____ () C:\windows\DirectX.log
2015-04-10 13:11 - 2014-03-26 23:54 - 00000000 ____D () C:\Users\Silver\AppData\Local\ACD Systems
2015-04-10 13:10 - 2014-03-26 23:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems
2015-04-10 13:08 - 2014-03-12 21:11 - 00000000 ____D () C:\Users\Silver\AppData\Local\Downloaded Installations
2015-04-09 12:06 - 2014-03-15 17:28 - 00000000 ____D () C:\Users\Silver\AppData\Roaming\Scooter Software
2015-04-09 10:55 - 2014-03-11 04:18 - 00000000 ____D () C:\Users\Silver\Documents\My Music z lab

==================== Files in the root of some directories =======

2014-04-05 14:41 - 2014-04-05 14:46 - 0000132 _____ () C:\Users\Silver\AppData\Roaming\Adobe GIF Format CS6 Prefs
2014-06-27 15:01 - 2014-11-06 16:52 - 0000132 _____ () C:\Users\Silver\AppData\Roaming\Adobe PNG Format CS6 Prefs
2015-01-10 17:06 - 2015-04-22 12:37 - 0002234 _____ () C:\Users\Silver\AppData\Roaming\SAS7_000.DAT
2014-04-05 14:41 - 2015-02-12 08:29 - 0001456 _____ () C:\Users\Silver\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-11-28 15:16 - 2014-11-28 15:16 - 0003990 _____ () C:\Users\Silver\AppData\Local\recently-used.xbel
2014-03-08 15:41 - 2014-03-25 15:29 - 0007618 _____ () C:\Users\Silver\AppData\Local\Resmon.ResmonCfg
2014-03-01 05:29 - 2014-03-01 05:29 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-05-14 12:56 - 2014-05-14 12:56 - 0000008 __RSH () C:\ProgramData\E173D9DEBD.sys
2014-03-12 06:16 - 2015-05-08 11:23 - 0004704 ___SH () C:\ProgramData\KGyGaAvL.sys
2001-10-23 11:54 - 2001-10-23 11:54 - 0000000 ____H () C:\ProgramData\sdpsenv.dat

Files to move or delete:
====================
C:\ProgramData\sdpsenv.dat


Some content of TEMP:
====================
C:\Users\Silver\AppData\Local\Temp\ACDSee 18.exe
C:\Users\Silver\AppData\Local\Temp\bitool.dll
C:\Users\Silver\AppData\Local\Temp\DTVaultPrivacy30-0000-E-ParaDelay.exe
C:\Users\Silver\AppData\Local\Temp\DTVaultPrivacy30-1280-E-ParaDelay.exe
C:\Users\Silver\AppData\Local\Temp\DTVaultPrivacy30-1552-E-ParaDelay.exe
C:\Users\Silver\AppData\Local\Temp\DTVaultPrivacy30-8192-E-ParaDelay.exe
C:\Users\Silver\AppData\Local\Temp\DTVaultPrivacy30-8704-E-ParaDelay.exe
C:\Users\Silver\AppData\Local\Temp\DTVaultPrivacy30-8960-G-ParaDelay.exe
C:\Users\Silver\AppData\Local\Temp\gvpg929z.dll
C:\Users\Silver\AppData\Local\Temp\HelpInstaller_StartUp.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-04 12:06

==================== End Of Log ============================

Attached Files



BC AdBot (Login to Remove)

 


#2 Andrew111

Andrew111
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:11:07 PM

Posted 14 May 2015 - 03:29 AM

The situation changed, but I see no way to delete my post. My computer was getting worse, I was getting no reply here, and and I had some work I had to get done immediately. So I decided to restore it to factory state using recover discs I made when I first got the computer. I told it to preserve nothing and start fresh. I'll see how it goes from here.


Edited by Andrew111, 14 May 2015 - 03:29 AM.


#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:07 AM

Posted 14 May 2015 - 04:50 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/575688 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#4 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:07 AM

Posted 14 May 2015 - 05:44 PM

You have stated that you no longer need help with this issue, therefore I am closing this topic. If that is not the case and you need or wish to continue with this topic, please send any Moderator a Personal Message (PM) that you would like this topic re-opened.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users