Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Bestdriverstar and Anythicago


  • This topic is locked This topic is locked
5 replies to this topic

#1 freeness

freeness

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:05:24 AM

Posted 07 July 2015 - 05:05 PM

I have the same problem as many other users.  Avast keeps popping up that it blocked a site even when I have no browsers open.  Attached are my frst logs.  Any help is greatly appreciated.  Thanks,
 
Andy
 
Mod Edit:  Same post at http://www.geekstogo.com/forum/topic/354047-bestdriverstar-and-anythicago/ - Hamluis.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-07-2015
Ran by Andy (administrator) on H50 on 07-07-2015 17:04:17
Running from C:\Users\Andy\Desktop
Loaded Profiles: Andy (Available Profiles: Andy & eManagerUser & Classic .NET AppPool & DefaultAppPool)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Juniper Networks, Inc.) C:\Program Files\Common Files\Juniper Networks\JUNS\dsAccessService.exe
(Juniper Networks, Inc.) C:\Program Files\Common Files\Juniper Networks\JUNS\dsAccessService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\bcc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\bccavsvc.exe
(Realtek Semiconductor Corporation) C:\Program Files\REALTEK\Realtek Bluetooth\AvrcpService.exe
(Google Inc.) C:\Program Files\Google\Chrome Remote Desktop\44.0.2403.25\remoting_host.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE
(Foxit Software Inc.) C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Google Inc.) C:\Program Files\Google\Chrome Remote Desktop\44.0.2403.25\remoting_host.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareService.exe
(Lavasoft Limited) C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Realtek Semiconductor) C:\Program Files\REALTEK\Audio\HDA\RtHDVCpl.exe
(Realtek Semiconductor) C:\Program Files\REALTEK\Audio\HDA\RtHDVBg.exe
() C:\Program Files\ClipX\clipx.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Elaborate Bytes AG) C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareTray.exe
(XemiComputers ltd.) C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
(Lavasoft) C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe
(Famatech Corp.) C:\Windows\System32\rserver30\rserver3.exe
() C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
(Famatech Corp.) C:\Windows\System32\rserver30\FamItrfc.Exe
(Famatech Corp.) C:\Windows\System32\rserver30\FamItrfc.Exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Dell SonicWALL, Inc.) C:\Program Files\Dell SonicWALL\Global VPN Client\SWGVCSvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Poco Systems Inc) C:\Program Files\Pocomail4\Poco.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [USB3MON] => C:\Program Files\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-12-20] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12021464 2014-06-30] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [1011416 2014-06-30] (Realtek Semiconductor)
HKLM\...\Run: [ClipX] => C:\Program Files\ClipX\clipx.exe [68608 2005-11-30] ()
HKLM\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [688128 2011-08-01] ()
HKLM\...\Run: [VirtualCloneDrive] => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5516008 2015-06-17] (Avast Software s.r.o.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareTray.exe [7966192 2015-06-24] ()
HKU\S-1-5-21-363809082-620757088-3605342814-1000\...\Run: [Active Desktop Calendar] => C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe [7608832 2011-11-23] (XemiComputers ltd.)
HKU\S-1-5-21-363809082-620757088-3605342814-1000\...\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe [1381648 2015-06-08] (Lavasoft)
HKU\S-1-5-21-363809082-620757088-3605342814-1000\...\RunOnce: [Application Restart #0] => C:\Program Files\Google\Chrome\Application\chrome.exe [813896 2015-07-06] (Google Inc.)
HKU\S-1-5-21-363809082-620757088-3605342814-1000\...\MountPoints2: {fcada96e-edf4-11e4-bd00-b8aeed2006a5} - J:\setup.exe
HKU\S-1-5-21-363809082-620757088-3605342814-1000\...\MountPoints2: {fcadab8a-edf4-11e4-bd00-b8aeed2006a5} - I:\MotorolaDeviceManagerSetup.exe -a
HKU\S-1-5-21-363809082-620757088-3605342814-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [10240 2009-07-13] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-06-17] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-363809082-620757088-3605342814-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-363809082-620757088-3605342814-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.lavasoft.com?partner=WCYID10140&campaign=cnet&d=150707
HKU\S-1-5-21-363809082-620757088-3605342814-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> {9143e921-7c9a-4d27-ac43-eaccc78cc55a} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-363809082-620757088-3605342814-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-363809082-620757088-3605342814-1000 -> {9143e921-7c9a-4d27-ac43-eaccc78cc55a} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-363809082-620757088-3605342814-1000 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = http://search.lavasoft.com/results.php?search={searchTerms}&category=web&partner=WCYID10140&campaign=cnet&d=150707
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation)
Winsock: Catalog9 01 C:\Windows\system32\LavasoftTcpService.dll [348488 2015-07-07] (Lavasoft Limited)
Winsock: Catalog9 02 C:\Windows\system32\LavasoftTcpService.dll [348488 2015-07-07] (Lavasoft Limited)
Winsock: Catalog9 03 C:\Windows\system32\LavasoftTcpService.dll [348488 2015-07-07] (Lavasoft Limited)
Winsock: Catalog9 04 C:\Windows\system32\LavasoftTcpService.dll [348488 2015-07-07] (Lavasoft Limited)
Winsock: Catalog9 46 C:\Windows\system32\LavasoftTcpService.dll [348488 2015-07-07] (Lavasoft Limited)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{24155087-DEC7-4C5D-B480-25838857C56B}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{54C38067-B02E-41F6-A779-B67371426B75}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7824A7EF-01CA-4F47-8EE3-C252718D79FA}: [NameServer] 10.200.0.10,10.200.0.7

FireFox:
========
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-03] (Intel Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-03] (Intel Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-363809082-620757088-3605342814-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Andy\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-06-08] (Citrix Online)
FF HKU\.DEFAULT\...\Firefox\Extensions: [ninjaloader@mail.com] - C:\Program Files\Ninja Loader\FireFox

Chrome:
=======
CHR Profile: C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Ebates Cash Back) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\chhjbpecpncaggjpdakmflnfcopglcmi [2015-05-12]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2015-05-12]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-14]
CHR Extension: (Google Wallet) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-14]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AcfXAudioService; C:\Windows\system32\ACFXAU32.dll [410624 2009-04-29] (Conexant Systems, Inc.)
R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [26112 2009-12-03] (LSI Corporation)
R2 aswBcc; C:\Program Files\AVAST Software\Avast\bcc.exe [633288 2015-06-17] (AVAST Software)
R2 Avast Business Console Client Antivirus Service; C:\Program Files\AVAST Software\Avast\bccavsvc.exe [1313096 2015-06-17] (Avast Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-17] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3210384 2015-06-17] (Avast Software)
R2 AvrcpService; C:\Program Files\REALTEK\Realtek Bluetooth\AvrcpService.exe [30720 2013-05-07] (Realtek Semiconductor Corporation) [File not signed]
S4 BTDevManager; C:\Program Files\REALTEK\Realtek Bluetooth\BTDevMgr.exe [65536 2014-01-06] () [File not signed]
R2 chromoting; C:\Program Files\Google\Chrome Remote Desktop\44.0.2403.25\remoting_host.exe [69448 2015-05-28] (Google Inc.)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [280840 2015-03-19] (Intel Corporation)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [122000 2011-12-12] (Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_05; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE [142432 2012-02-27] (SEIKO EPSON CORPORATION)
R2 FoxitCloudUpdateService; C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe [244392 2015-06-02] (Foxit Software Inc.)
R2 ftpsvc; C:\Windows\system32\inetsrv\ftpsvc.dll [310272 2012-06-01] (Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [293128 2015-03-19] (Intel Corporation)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [13824 2009-07-13] (Microsoft Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [595968 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [642520 2013-08-27] (Intel® Corporation)
R2 jhi_service; C:\Program Files\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-03] (Intel Corporation)
R2 JuniperAccessService; C:\Program Files\Common Files\Juniper Networks\JUNS\dsAccessService.exe [166232 2014-06-24] (Juniper Networks, Inc.)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareService.exe [663592 2015-06-24] ()
R2 LavasoftTcpService; C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751792 2015-06-08] (Lavasoft Limited)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 MSSQL$WLAUSERPROFILE; c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29178224 2007-02-10] (Microsoft Corporation)
S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [45272 2005-10-14] (Microsoft Corporation)
R2 RServer3; C:\Windows\system32\rserver30\RServer3.exe [1154752 2012-12-19] (Famatech Corp.)
R2 SearchProtectionService; C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [19816 2015-06-08] ()
R2 SWGVCSvc; C:\Program Files\Dell SonicWALL\Global VPN Client\SWGVCSvc.exe [256800 2013-12-03] (Dell SonicWALL, Inc.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-18] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 acfva; C:\Windows\System32\DRIVERS\ACFVA32.sys [87424 2009-09-02] (Conexant Systems Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-06-17] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-06-17] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-06-17] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-06-17] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-06-17] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427992 2015-06-17] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-06-17] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-06-17] ()
R3 dgcfltr; C:\Windows\System32\DRIVERS\ACFDCP32.sys [28928 2009-04-29] (Conexant Systems, Inc.)
R1 DNE; C:\Windows\System32\DRIVERS\dnelwf.sys [108368 2013-10-03] (Citrix Systems, Inc.)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [30616 2013-03-04] (Elaborate Bytes AG)
R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [16880 2013-12-20] (Intel Corporation)
R3 iusb3hub; C:\Windows\System32\DRIVERS\iusb3hub.sys [363504 2013-12-20] (Intel Corporation)
R3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [799216 2013-12-20] (Intel Corporation)
R3 jnprna; C:\Windows\System32\DRIVERS\jnprna6.sys [408944 2011-01-19] (Juniper Networks, Inc.)
R1 jnprns; C:\Windows\System32\DRIVERS\jnprns.sys [412984 2014-06-16] (Juniper Networks)
S4 jnprTdi_805_47721; C:\Windows\system32\Drivers\jnprTdi_805_47721.sys [92984 2014-06-24] (Juniper Networks, Inc.)
S3 jnprva; C:\Windows\System32\DRIVERS\jnprva.sys [24952 2014-06-16] (Juniper Networks, Inc.)
R3 JnprVaMgr; C:\Windows\System32\DRIVERS\jnprvamgr.sys [36776 2014-06-16] (Juniper Networks, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [98520 2015-07-07] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation)
R2 mdmxsdk; C:\Windows\System32\DRIVERS\ACFSDK32.sys [12672 2007-03-15] (Conexant)
R3 MEI; C:\Windows\System32\DRIVERS\TeeDriver.sys [85976 2013-12-03] (Intel Corporation)
R3 mf; C:\Windows\System32\DRIVERS\mf.sys [114176 2009-07-13] (Microsoft Corporation)
R3 mirrorv3; C:\Windows\System32\DRIVERS\rminiv3.sys [3328 2012-12-18] (Famatech International Corp.)
R3 Neo_IPSEC_VPN; C:\Windows\System32\DRIVERS\Neo_0107.sys [38144 2015-06-08] (SoftEther Corporation)
S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
R1 PCIESER; C:\Windows\System32\drivers\PCIESER.sys [67584 2013-07-22] (www.winchiphead.com)
R1 raddrvv3; C:\Windows\system32\rserver30\raddrvv3.sys [48920 2012-12-19] (Famatech Corp.)
R3 RSUSBVSTOR; C:\Windows\System32\Drivers\RtsUVStor.sys [232040 2012-03-19] (Realtek Semiconductor Corp.)
S3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [488152 2013-12-18] (Realtek Semiconductor Corporation)
S3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [2840792 2014-03-13] (Realtek Semiconductor Corporation )
S2 Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS [64512 1998-03-31] () [File not signed]
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2011-07-08] (Samsung Electronics) [File not signed]
R2 SWIPsec; C:\Windows\system32\Drivers\SWIPsec.sys [95120 2013-12-03] (Dell SonicWALL, Inc.)
S3 SWVNIC; C:\Windows\System32\DRIVERS\swvnic.sys [21016 2013-08-26] (SonicWALL, Inc.)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [408280 2015-01-22] (BitDefender S.R.L.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-06-17] (Avast Software)
S3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [172416 2010-11-20] (Microsoft Corporation)
S3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2010-11-20] (Microsoft Corporation)
R2 XAudio; C:\Windows\System32\DRIVERS\ACFXAU32.sys [8704 2009-04-29] (Conexant Systems, Inc.)
S1 mmi1m2f2nnnjbgj; system32\drivers\mmi1m2f2nnnjbgj.sys [X]
S2 RELIANCE; \??\C:\Program Files\Datalight\Reliance Windows Driver\driver\win7\reliance.sys [X]
S3 Winacusb; system32\DRIVERS\winacusb.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-07 17:04 - 2015-07-07 17:04 - 00021111 _____ C:\Users\Andy\Desktop\FRST.txt
2015-07-07 17:03 - 2015-07-07 17:04 - 00000000 ____D C:\FRST
2015-07-07 17:03 - 2015-07-07 17:03 - 01636352 _____ (Farbar) C:\Users\Andy\Desktop\FRST.exe
2015-07-07 16:54 - 2015-07-07 16:54 - 00000436 _____ C:\DelFix.txt
2015-07-07 16:51 - 2015-07-07 16:54 - 00000731 _____ C:\runcheck.txt
2015-07-07 16:45 - 2015-07-07 16:56 - 00002321 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2015-07-07 16:45 - 2015-07-07 16:45 - 00002872 _____ C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-07-07 16:45 - 2015-07-07 16:45 - 00000000 ____D C:\Users\Andy\AppData\Roaming\Lavasoft
2015-07-07 16:45 - 2015-07-07 16:45 - 00000000 ____D C:\Users\Andy\AppData\Local\Lavasoft
2015-07-07 16:45 - 2015-07-07 16:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-07-07 16:45 - 2015-07-07 16:45 - 00000000 ____D C:\Program Files\Lavasoft
2015-07-07 16:45 - 2015-06-08 14:13 - 00348488 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService.dll
2015-07-07 16:44 - 2015-07-07 16:45 - 00000000 ____D C:\ProgramData\Lavasoft
2015-07-07 16:44 - 2015-07-07 16:44 - 00000000 ____D C:\Program Files\Common Files\Lavasoft
2015-07-07 16:40 - 2015-07-07 16:43 - 00000000 ____D C:\ProgramData\HitmanPro
2015-07-07 16:35 - 2015-07-07 16:35 - 00070368 _____ C:\Users\Andy\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-07 16:21 - 2015-07-07 16:55 - 00001140 _____ C:\Windows\PFRO.log
2015-07-07 16:12 - 2015-07-07 16:55 - 00000224 _____ C:\Windows\setupact.log
2015-07-07 16:12 - 2015-07-07 16:12 - 00000000 _____ C:\Windows\setuperr.log
2015-07-07 16:10 - 2015-07-07 16:10 - 00001281 _____ C:\Users\Andy\Desktop\GP6.exe - Shortcut.lnk
2015-07-07 16:05 - 2015-07-07 16:05 - 00001060 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-07-07 14:56 - 2015-05-09 14:09 - 00715200 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-07 14:56 - 2015-04-27 15:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-07 14:56 - 2015-04-27 15:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-07 14:56 - 2015-04-27 15:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-07 14:56 - 2015-04-27 15:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-07 14:56 - 2014-12-05 16:33 - 00339968 _____ C:\Windows\system32\SaMinDrv.dll
2015-07-07 14:56 - 2014-12-05 16:32 - 00131072 _____ C:\Windows\system32\SaImgFlt.dll
2015-07-07 14:56 - 2014-12-05 16:32 - 00073728 _____ C:\Windows\system32\SaErHdlr.dll
2015-07-07 14:55 - 2015-05-08 23:14 - 02937344 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-07 14:55 - 2015-05-08 23:14 - 02045952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-07 14:55 - 2015-05-08 23:14 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-07 14:55 - 2015-05-08 23:14 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-07 14:55 - 2015-05-08 23:14 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-07 14:55 - 2015-05-08 23:14 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-07 14:55 - 2015-05-08 23:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-07 14:55 - 2015-05-08 23:13 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-07 14:55 - 2015-05-08 23:13 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-07 14:55 - 2015-05-08 23:13 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-07 14:55 - 2015-05-08 23:13 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-07 12:17 - 2015-07-07 12:17 - 00002146 _____ C:\Users\Andy\Desktop\Global VPN Client.lnk
2015-07-06 10:42 - 2015-07-06 10:42 - 00000020 ___SH C:\Users\TEMP.H50.006\ntuser.ini
2015-07-06 10:42 - 2015-07-06 10:42 - 00000000 ____D C:\Users\TEMP.H50.006
2015-07-06 10:42 - 2015-04-24 21:55 - 00000000 ___RD C:\Users\TEMP.H50.006\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-07-06 10:42 - 2015-04-24 21:55 - 00000000 ___RD C:\Users\TEMP.H50.006\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-01 17:33 - 2015-07-01 17:33 - 00000000 ____D C:\Users\Andy\Desktop\Recordings
2015-06-27 13:03 - 2015-06-27 13:03 - 00000048 _____ C:\Windows\TaxACT12.ini
2015-06-27 13:03 - 2015-06-27 13:03 - 00000000 ____D C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\2nd Story Software
2015-06-27 13:03 - 2015-06-27 13:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2nd Story Software
2015-06-27 13:03 - 2015-06-27 13:03 - 00000000 ____D C:\2nd Story Software
2015-06-24 11:14 - 2015-06-24 11:14 - 00002715 _____ C:\Users\Public\Desktop\SL1100 PCPro.lnk
2015-06-24 11:14 - 2015-06-24 11:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SL1100 Application Suite
2015-06-23 20:08 - 2015-06-24 09:30 - 00000000 ____D C:\Users\TEMP.H50.005
2015-06-23 11:32 - 2015-06-23 20:08 - 00000000 ____D C:\Users\TEMP.H50.004
2015-06-22 16:05 - 2015-06-22 16:05 - 00000000 ____D C:\Users\Andy\AppData\Roaming\Wireshark
2015-06-22 16:04 - 2015-06-22 16:04 - 00001694 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2015-06-22 16:04 - 2015-06-22 16:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2015-06-22 16:04 - 2015-06-22 16:04 - 00000000 ____D C:\Program Files\Wireshark
2015-06-22 16:04 - 2015-06-22 16:04 - 00000000 ____D C:\Program Files\WinPcap
2015-06-17 16:09 - 2015-06-17 16:09 - 00000178 _____ C:\Users\Andy\Documents\Teleco Phone Numbers.txt
2015-06-17 14:39 - 2015-06-17 14:39 - 00697828 _____ C:\Users\Andy\AppData\Local\census.cache
2015-06-17 14:39 - 2015-06-17 14:39 - 00170470 _____ C:\Users\Andy\AppData\Local\ars.cache
2015-06-17 13:03 - 2015-06-17 13:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2015-06-17 13:03 - 2015-06-17 13:03 - 00000000 ____D C:\Program Files\Panda Security
2015-06-17 12:47 - 2015-06-17 12:47 - 00000010 _____ C:\Users\Andy\AppData\Local\sponge.last.runtime.cache
2015-06-17 12:33 - 2013-09-27 22:56 - 00289352 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2015-06-17 12:32 - 2015-07-07 16:20 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-17 12:32 - 2015-07-07 16:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-17 12:32 - 2015-07-07 16:05 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-06-17 12:32 - 2015-06-18 08:41 - 00094936 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-17 12:32 - 2015-06-18 08:41 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-17 12:32 - 2015-06-18 08:41 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-17 12:32 - 2015-06-17 12:32 - 00000036 _____ C:\Users\Andy\AppData\Local\housecall.guid.cache
2015-06-17 12:32 - 2015-06-17 12:32 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-17 12:29 - 2015-06-17 12:29 - 00000000 ____D C:\Users\Andy\AppData\Roaming\LavasoftStatistics
2015-06-17 11:29 - 2015-06-17 11:29 - 00020472 _____ C:\Users\Andy\Documents\cc_20150617_112935.reg
2015-06-17 11:12 - 2015-06-17 11:12 - 00001413 _____ C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-17 10:10 - 2015-06-17 10:10 - 00000000 ____D C:\Users\Andy\AppData\Roaming\AVAST Software
2015-06-17 10:09 - 2015-06-17 10:09 - 00000000 ___HD C:\ProgramData\qnl
2015-06-17 10:07 - 2015-06-17 10:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-06-17 10:06 - 2015-06-17 10:06 - 00787760 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-06-17 10:06 - 2015-06-17 10:06 - 00427992 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-06-17 10:06 - 2015-06-17 10:06 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-06-17 10:06 - 2015-06-17 10:06 - 00209048 _____ C:\Windows\system32\Drivers\aswVmm.sys
2015-06-17 10:06 - 2015-06-17 10:06 - 00106912 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-06-17 10:06 - 2015-06-17 10:06 - 00081728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-06-17 10:06 - 2015-06-17 10:06 - 00074976 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-06-17 10:06 - 2015-06-17 10:06 - 00049904 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2015-06-17 10:06 - 2015-06-17 10:06 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-06-17 10:06 - 2015-06-17 10:06 - 00024144 _____ C:\Windows\system32\Drivers\aswHwid.sys
2015-06-17 10:05 - 2015-06-17 10:05 - 00631296 _____ C:\Windows\qnl.dat
2015-06-17 10:04 - 2015-06-17 10:04 - 00000000 ____D C:\Users\Andy\AppData\Roaming\Macromedia
2015-06-17 10:02 - 2015-06-17 10:02 - 03451936 ____N (Avast Software s.r.o.) C:\Users\Public\Documents\aswOfferTool.exe
2015-06-17 10:02 - 2015-06-17 10:02 - 00000000 ____D C:\Program Files\AVAST Software
2015-06-17 09:56 - 2015-06-17 09:56 - 00000000 ____D C:\Windows\system32\Flash
2015-06-17 09:47 - 2015-06-17 09:47 - 00070368 _____ C:\Users\Default\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-17 09:47 - 2015-06-17 09:47 - 00070368 _____ C:\Users\Default User\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-17 09:47 - 2015-06-17 09:47 - 00001044 _____ C:\Windows\Tasks\43UjIlbSW.job
2015-06-17 09:47 - 2015-06-17 09:47 - 00000064 _____ C:\Users\Andy\AppData\Local\993a711bd833e389ce0696959054f408
2015-06-17 09:47 - 2015-06-17 09:47 - 00000000 ____D C:\Users\Default\Documents\MaxComputerCleaner
2015-06-17 09:47 - 2015-06-17 09:47 - 00000000 ____D C:\Users\Default\AppData\Local\Max_Computer_Cleaner
2015-06-17 09:47 - 2015-06-17 09:47 - 00000000 ____D C:\Users\Default User\Documents\MaxComputerCleaner
2015-06-17 09:47 - 2015-06-17 09:47 - 00000000 ____D C:\Users\Default User\AppData\Local\Max_Computer_Cleaner
2015-06-17 09:47 - 2015-06-17 09:47 - 00000000 ____D C:\Users\Andy\AppData\Local\Chromium
2015-06-17 09:46 - 2015-06-17 09:46 - 00000045 _____ C:\user.js
2015-06-17 09:46 - 2015-06-17 09:46 - 00000000 ____D C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066
2015-06-17 09:45 - 2015-06-17 09:45 - 00000000 ____D C:\ProgramData\COMODO
2015-06-17 09:45 - 2015-06-17 09:45 - 00000000 ____D C:\Program Files\COMODO
2015-06-17 09:45 - 2015-06-11 16:08 - 00000824 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-06-17 09:43 - 2015-06-17 09:43 - 00000004 _____ C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-06-17 09:24 - 2015-06-17 09:24 - 00000000 ____D C:\Users\Andy\Downloads\Inside Out 2015 HDRip XviD - AMIABLE
2015-06-17 09:20 - 2015-06-17 09:20 - 00000000 ____D C:\Users\Andy\Downloads\American.Girl.Grace.Stirs.Up.Success.2015.DVDRip.XviD-EVO
2015-06-17 09:19 - 2015-06-17 09:38 - 00000000 ____D C:\Users\Andy\Downloads\Strawberry Shortcake Berry Best Friends 2014 Dvdrip Xvid AC3 ACAB
2015-06-17 09:19 - 2015-06-17 09:20 - 00000000 ____D C:\Users\Andy\Downloads\Strawberry Shortcake Berry Big Help 2014 DVDRiP XViD-sC0rp
2015-06-17 09:18 - 2015-06-17 11:29 - 00000000 ____D C:\Users\Andy\AppData\Roaming\BitTorrent
2015-06-17 09:18 - 2015-06-17 09:18 - 00000845 _____ C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2015-06-17 09:13 - 2015-06-17 09:14 - 00000000 ____D C:\Program Files\LuckyWire
2015-06-15 11:56 - 2015-06-15 11:56 - 00000000 ____D C:\Windows\CheckSur
2015-06-15 11:19 - 2010-11-20 08:30 - 00172416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpchbus.sys
2015-06-15 11:19 - 2010-11-20 08:21 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\vpchbuspipe.dll
2015-06-15 11:19 - 2010-11-20 06:50 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpcusb.sys
2015-06-15 09:19 - 2015-06-18 09:34 - 00000000 ____D C:\Users\TEMP.H50.003
2015-06-11 14:21 - 2015-06-11 14:21 - 00002767 _____ C:\Users\Public\Desktop\SL InMail CF Utility.lnk
2015-06-11 14:13 - 2015-07-01 15:00 - 00000000 ____D C:\Users\Andy\AppData\Roaming\vlc
2015-06-11 14:13 - 2015-06-11 14:13 - 00001024 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-06-11 14:13 - 2015-06-11 14:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-06-11 14:13 - 2015-06-11 14:13 - 00000000 ____D C:\Program Files\VideoLAN
2015-06-10 16:57 - 2015-06-10 16:57 - 00000000 ____D C:\Users\Andy\AppData\Roaming\Mozilla
2015-06-10 16:57 - 2015-06-10 16:57 - 00000000 ____D C:\Users\Andy\AppData\Local\WebEx
2015-06-10 16:45 - 2015-06-10 16:45 - 00002597 _____ C:\Users\Public\Desktop\NEC SL DesktopSuite.lnk
2015-06-10 16:45 - 2015-06-10 16:45 - 00000000 ____D C:\Users\Andy\Documents\Add-in Express
2015-06-10 16:45 - 2014-02-25 13:55 - 01929216 _____ (Red Phoenix) C:\Windows\system32\RpCtiTsp2.tsp
2015-06-10 16:44 - 2015-06-10 16:45 - 00000000 ____D C:\ProgramData\RedPhoenix
2015-06-10 16:44 - 2015-06-10 16:45 - 00000000 ____D C:\ProgramData\NEC-i
2015-06-10 16:44 - 2015-06-10 16:44 - 00000000 ____D C:\Program Files\Common Files\Plantronics
2015-06-10 16:44 - 2015-06-10 16:44 - 00000000 ____D C:\Program Files\Common Files\NEC-i
2015-06-09 21:19 - 2015-06-02 15:35 - 00342728 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-09 21:19 - 2015-05-27 10:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-09 21:19 - 2015-05-25 14:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-06-09 21:19 - 2015-05-25 14:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-09 21:19 - 2015-05-25 14:07 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-09 21:19 - 2015-05-25 14:07 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-09 21:19 - 2015-05-25 14:04 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-09 21:19 - 2015-05-25 14:01 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-09 21:19 - 2015-05-25 14:01 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-09 21:19 - 2015-05-25 14:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-09 21:19 - 2015-05-25 14:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-09 21:19 - 2015-05-25 14:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-09 21:19 - 2015-05-25 14:01 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-09 21:19 - 2015-05-25 14:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-09 21:19 - 2015-05-25 14:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-09 21:19 - 2015-05-25 14:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-09 21:19 - 2015-05-25 14:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-09 21:19 - 2015-05-25 14:01 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-09 21:19 - 2015-05-25 14:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-09 21:19 - 2015-05-25 14:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-09 21:19 - 2015-05-25 14:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-09 21:19 - 2015-05-25 14:01 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-09 21:19 - 2015-05-25 14:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-09 21:19 - 2015-05-25 14:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-09 21:19 - 2015-05-25 14:01 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-09 21:19 - 2015-05-25 14:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-09 21:19 - 2015-05-25 14:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-09 21:19 - 2015-05-25 14:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-09 21:19 - 2015-05-25 14:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-09 21:19 - 2015-05-25 14:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-09 21:19 - 2015-05-25 14:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-09 21:19 - 2015-05-25 14:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-09 21:19 - 2015-05-25 14:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-09 21:19 - 2015-05-25 14:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-09 21:19 - 2015-05-25 13:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-09 21:19 - 2015-05-25 13:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-09 21:19 - 2015-05-25 13:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-09 21:19 - 2015-05-25 13:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-09 21:19 - 2015-05-25 13:00 - 02384384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-09 21:19 - 2015-05-25 12:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-09 21:19 - 2015-05-22 23:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-09 21:19 - 2015-05-22 23:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-09 21:19 - 2015-05-22 23:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-09 21:19 - 2015-05-22 23:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-09 21:19 - 2015-05-22 23:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-09 21:19 - 2015-05-22 23:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-09 21:19 - 2015-05-22 23:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-09 21:19 - 2015-05-22 23:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-09 21:19 - 2015-05-22 23:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-09 21:19 - 2015-05-22 23:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-09 21:19 - 2015-05-22 23:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-09 21:19 - 2015-05-22 23:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-09 21:19 - 2015-05-22 23:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-09 21:19 - 2015-05-22 23:05 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-09 21:19 - 2015-05-22 23:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-09 21:19 - 2015-05-22 23:00 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-09 21:19 - 2015-05-22 22:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-09 21:19 - 2015-05-22 22:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-09 21:19 - 2015-05-22 22:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-09 21:19 - 2015-05-22 22:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-09 21:19 - 2015-05-22 22:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-09 21:19 - 2015-05-22 22:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-09 21:19 - 2015-05-22 22:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-09 21:19 - 2015-05-22 22:38 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-09 21:19 - 2015-05-22 22:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-09 21:19 - 2015-05-22 22:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-09 21:19 - 2015-05-22 22:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-09 21:19 - 2015-05-22 22:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-09 21:19 - 2015-05-22 22:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-09 21:19 - 2015-05-22 22:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-09 21:19 - 2015-05-08 23:14 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-09 21:19 - 2015-05-08 23:13 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-09 21:19 - 2015-05-08 23:13 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-09 21:19 - 2015-05-08 23:12 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-09 21:19 - 2015-05-08 23:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-09 21:19 - 2015-05-08 23:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-09 21:19 - 2015-05-08 23:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-09 21:19 - 2015-05-08 23:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-09 21:19 - 2015-05-08 23:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-09 21:19 - 2015-05-08 23:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-09 21:19 - 2015-05-08 23:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-09 21:19 - 2015-05-08 23:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-09 21:19 - 2015-05-08 23:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-09 21:19 - 2015-05-08 23:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-09 21:19 - 2015-05-08 23:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-09 21:19 - 2015-05-08 23:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-09 21:19 - 2015-05-08 23:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-09 21:19 - 2015-05-08 23:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-09 21:19 - 2015-05-08 23:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-09 21:19 - 2015-05-08 23:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-09 21:19 - 2015-05-08 23:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-09 21:19 - 2015-05-08 23:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-09 21:19 - 2015-05-08 23:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-09 21:19 - 2015-05-08 23:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-09 21:19 - 2015-05-08 23:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-09 21:19 - 2015-05-08 23:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-09 21:19 - 2015-05-08 23:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-09 21:19 - 2015-05-08 23:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-09 21:19 - 2015-05-08 21:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-09 21:19 - 2015-05-08 21:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-09 21:19 - 2015-05-08 21:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-09 21:19 - 2015-05-08 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-09 21:19 - 2015-04-29 14:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-09 21:19 - 2015-04-29 14:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-09 21:19 - 2015-04-29 14:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-09 21:19 - 2015-04-29 14:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-09 21:19 - 2015-04-29 14:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-09 21:19 - 2015-04-10 23:07 - 00054656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-09 21:18 - 2015-04-24 13:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-08 16:00 - 2015-06-24 14:17 - 00000000 ____D C:\Users\Andy\AppData\Local\Citrix
2015-06-08 10:02 - 2015-07-07 16:55 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2015-06-08 09:48 - 2015-06-08 09:48 - 00038144 _____ (SoftEther Corporation) C:\Windows\system32\Drivers\Neo_0107.sys
2015-06-08 09:47 - 2015-06-08 09:50 - 00000000 ____D C:\Program Files\SoftEther VPN Client
2015-06-08 09:47 - 2015-06-08 09:47 - 00142056 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Windows\system32\vpncmd.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-07 17:03 - 2009-07-14 00:34 - 00025680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-07 17:03 - 2009-07-14 00:34 - 00025680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-07 17:01 - 2010-11-20 17:01 - 00918572 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-07 16:58 - 2015-04-14 17:50 - 00781718 _____ C:\Windows\WindowsUpdate.log
2015-07-07 16:57 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\inetsrv
2015-07-07 16:55 - 2009-07-14 00:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-07 16:12 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\Registration
2015-07-07 16:10 - 2009-07-13 23:20 - 00000000 ___RD C:\Program Files (x86)
2015-07-07 16:04 - 2015-04-17 14:38 - 00000000 ____D C:\Users\Andy\AppData\Roaming\TeamViewer
2015-07-07 16:02 - 2015-04-24 23:02 - 00000000 ____D C:\Program Files\CCleaner
2015-07-07 15:50 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\tracing
2015-07-07 15:30 - 2015-04-15 10:00 - 00000000 ____D C:\Users\Andy\AppData\Roaming\Pocomail
2015-07-07 12:10 - 2015-04-15 11:35 - 00000000 ___RD C:\Users\Andy\Documents\!Purchase Agreement
2015-07-07 11:39 - 2015-06-05 12:14 - 00000717 _____ C:\Users\Andy\Desktop\Working Copy of teleco.txt
2015-07-06 15:41 - 2015-04-15 11:36 - 00000000 ___RD C:\Users\Andy\Documents\Cablevision
2015-07-06 12:38 - 2015-04-17 12:53 - 00000000 ____D C:\UADMIN
2015-07-02 12:19 - 2015-04-15 10:27 - 00000000 ___RD C:\NEC Databases
2015-07-01 14:04 - 2015-05-01 14:23 - 00000000 ____D C:\Program Files\NCH Software
2015-07-01 13:59 - 2015-04-18 20:56 - 00000000 ____D C:\Users\Andy\AppData\Roaming\Audacity
2015-06-28 05:51 - 2015-04-15 10:29 - 00000000 ____D C:\Program Files\TeamViewer
2015-06-27 13:03 - 2015-04-15 11:33 - 00000000 ____D C:\Users\Andy\Documents\TaxACT 2012
2015-06-26 09:49 - 2015-04-15 11:32 - 00000000 ___RD C:\Users\Andy\Documents\References
2015-06-24 18:19 - 2015-04-14 23:54 - 00000000 ____D C:\Program Files\Google
2015-06-24 11:55 - 2015-04-15 11:14 - 00000000 ____D C:\Users\Andy\Documents\MSA
2015-06-24 11:14 - 2015-04-15 09:16 - 00000000 ____D C:\Program Files\NEC
2015-06-23 13:27 - 2015-04-14 15:29 - 00246952 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-06-22 14:25 - 2015-04-15 10:29 - 00000929 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-06-18 14:36 - 2015-04-15 11:13 - 00000000 ___RD C:\Users\Andy\Documents\DK
2015-06-18 10:02 - 2015-04-15 11:33 - 00000000 ___RD C:\Users\Andy\Documents\Voice Mail
2015-06-17 11:41 - 2015-04-14 14:59 - 01002142 _____ C:\Users\Andy\AppData\Local\BTServer.log
2015-06-17 10:07 - 2015-04-17 17:30 - 00000000 ____D C:\Windows\system32\vbox
2015-06-17 10:02 - 2015-04-17 17:27 - 00000000 ____D C:\ProgramData\AVAST Software
2015-06-17 09:55 - 2015-04-24 14:14 - 00000000 ____D C:\Program Files\Adobe
2015-06-15 15:16 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\rescache
2015-06-15 12:27 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\zh-CN
2015-06-15 12:27 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\th-TH
2015-06-15 12:27 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\sv-SE
2015-06-15 12:27 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\ru-RU
2015-06-15 12:27 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\pl-PL
2015-06-15 12:27 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\nb-NO
2015-06-15 12:27 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\ko-KR
2015-06-15 12:27 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\hu-HU
2015-06-15 12:27 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\he-IL
2015-06-15 12:27 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\ar-SA
2015-06-15 12:26 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\zh-TW
2015-06-15 12:26 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\tr-TR
2015-06-15 12:26 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\ro-RO
2015-06-15 12:26 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\pt-PT
2015-06-15 12:26 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\pt-BR
2015-06-15 12:26 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\nl-NL
2015-06-15 12:26 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\ja-JP
2015-06-15 12:26 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\it-IT
2015-06-15 12:26 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\fr-FR
2015-06-15 12:26 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\fi-FI
2015-06-15 12:26 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\el-GR
2015-06-15 12:26 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\de-DE
2015-06-15 11:21 - 2009-07-14 00:33 - 00310392 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-11 14:22 - 2015-04-15 11:21 - 00000000 ___RD C:\Users\Andy\Documents\NEC
2015-06-11 14:21 - 2015-04-17 15:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NEC
2015-06-10 03:04 - 2015-04-15 00:56 - 00000000 ____D C:\Windows\system32\MRT
2015-06-10 03:00 - 2015-04-15 00:56 - 136900096 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2015-04-24 17:40 - 2015-04-24 17:41 - 0558080 _____ () C:\Users\Andy\AppData\Roaming\SharedSettings.ccs
2015-06-17 09:47 - 2015-06-17 09:47 - 0000064 _____ () C:\Users\Andy\AppData\Local\993a711bd833e389ce0696959054f408
2015-06-17 14:39 - 2015-06-17 14:39 - 0170470 _____ () C:\Users\Andy\AppData\Local\ars.cache
2015-04-14 14:59 - 2015-06-17 11:41 - 1002142 _____ () C:\Users\Andy\AppData\Local\BTServer.log
2015-06-17 14:39 - 2015-06-17 14:39 - 0697828 _____ () C:\Users\Andy\AppData\Local\census.cache
2015-06-17 12:32 - 2015-06-17 12:32 - 0000036 _____ () C:\Users\Andy\AppData\Local\housecall.guid.cache
2015-06-17 12:47 - 2015-06-17 12:47 - 0000010 _____ () C:\Users\Andy\AppData\Local\sponge.last.runtime.cache
2015-04-14 15:01 - 2015-04-14 15:01 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Andy\AppData\Local\Temp\7za.exe
C:\Users\Andy\AppData\Local\Temp\ca860c02-a41a-4dba-b74d-d93edd955fe9.exe
C:\Users\Andy\AppData\Local\Temp\DaS_21.exe
C:\Users\Andy\AppData\Local\Temp\hijackthis.exe
C:\Users\Andy\AppData\Local\Temp\NirCmd.exe
C:\Users\Andy\AppData\Local\Temp\PEVZ.EXE
C:\Users\Andy\AppData\Local\Temp\Quarantine.exe
C:\Users\Andy\AppData\Local\Temp\remove.exe
C:\Users\Andy\AppData\Local\Temp\sed.exe
C:\Users\Andy\AppData\Local\Temp\shortcut.exe
C:\Users\Andy\AppData\Local\Temp\sqlite3.dll
C:\Users\Andy\AppData\Local\Temp\swreg.exe
C:\Users\Andy\AppData\Local\Temp\swxcacls.exe
C:\Users\Andy\AppData\Local\Temp\wget.exe
C:\Users\Andy\AppData\Local\Temp\zoek-delete.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-03 00:34

==================== End of log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 05-07-2015
Ran by Andy at 2015-07-07 17:04:31
Running from C:\Users\Andy\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-363809082-620757088-3605342814-500 - Administrator - Disabled)
Andy (S-1-5-21-363809082-620757088-3605342814-1000 - Administrator - Enabled) => C:\Users\Andy
eManagerUser (S-1-5-21-363809082-620757088-3605342814-1011 - Administrator - Enabled) => C:\Users\TEMP.H50.006
ftpuser (S-1-5-21-363809082-620757088-3605342814-1012 - Limited - Enabled)
Guest (S-1-5-21-363809082-620757088-3605342814-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-363809082-620757088-3605342814-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Active Desktop Calendar 7.96 (HKLM\...\Active Desktop Calendar_is1) (Version: - XemiComputers)
Ad-Aware Antivirus (HKLM\...\{19CD1C52-60D1-461A-BE7F-561CB6677B80}_AdAwareUpdater) (Version: 11.7.485.8398 - Lavasoft)
Ad-Aware Web Companion (Version: 2.0.1025.2130 - Lavasoft) Hidden
AdAwareInstaller (Version: 11.7.485.8398 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.7.485.8398 - Lavasoft) Hidden
Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
AntimalwareEngine (Version: 3.0.98.0 - Lavasoft) Hidden
Aspire PCPro US (HKLM\...\Aspire PCPro US7.13) (Version: - )
Audacity 2.1.0 (HKLM\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Avast Business Security (HKLM\...\Avast) (Version: 10.2.2505 - AVAST Software)
BitTorrent (HKU\S-1-5-21-363809082-620757088-3605342814-1000\...\BitTorrent) (Version: 7.9.3.40299 - BitTorrent Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
Chrome Remote Desktop Host (HKLM\...\{FD6E648E-1378-467F-AD37-2B98B379B0DD}) (Version: 44.0.2403.25 - Google Inc.)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citrix Online Launcher (HKLM\...\{8A16C63D-027A-4645-B394-C033665D0195}) (Version: 1.0.325 - Citrix)
ClipX (HKLM\...\ClipX) (Version: - )
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
DESI Labeling System (HKLM\...\DESI Labeling System) (Version: 2.5 - DESI Telephone Labels, Inc.)
DSX System Administrator (HKLM\...\{A3D1AF62-A77F-43C6-B476-663194599655}) (Version: 2.21 - NEC Infrontia, Inc.)
DSX System Administrator 3 (HKLM\...\{C5B18B18-DA78-4D25-9D85-43ACC8223DA8}) (Version: 3.37 - NEC Corporation of America)
EditPad Lite 7.3.7 (HKLM\...\EditPad Lite) (Version: 7.3.7 - Just Great Software)
Electra Elite IPK SAT (with IPK II export) Release 4.70 (HKLM\...\Electra_Elite_IPK_Uninstall) (Version: - )
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON WF-2530 Series Printer Uninstall (HKLM\...\EPSON WF-2530 Series) (Version: - SEIKO EPSON Corporation)
Foxit Cloud (HKLM\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.5.116.602 - Foxit Software Inc.)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 7.1.5.425 - Foxit Software Inc.)
Free RAR Extract Frog (HKLM\...\Free RAR Extract Frog) (Version: 6.50 - Philipp Winterberg)
Global VPN Client (HKLM\...\{C0EB418B-05EB-425C-BB9C-791A9EE36B3A}) (Version: 4.9.0 - Dell SonicWALL)
globalupdate Helper (Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTION
Google Chrome (HKLM\...\Google Chrome) (Version: 43.0.2357.132 - Google Inc.)
Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden
Icon Restore 1.0 (HKLM\...\Icon Restore_is1) (Version: - Tim Taylor)
Intel® Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.22.1760 - Intel Corporation)
Intel® Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4170 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.3.34 - Intel Corporation)
Itibiti RTC (Version: 0.0.1 - Itibiti Inc) Hidden
Juniper Networks Setup Client (HKU\S-1-5-21-363809082-620757088-3605342814-1000\...\Juniper_Setup_Client) (Version: 8.0.5.47721 - Juniper Networks)
Juniper Networks Setup Client Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks)
Junos Pulse (Version: 5.0.47721 - Juniper Networks) Hidden
Junos Pulse 2.0 Netshim/Tunnel Manager/IPSec Manager Add-On (Version: 2.0.8491 - Juniper Networks) Hidden
Junos Pulse 5.0 (HKLM\...\Junos Pulse 5.0) (Version: 5.0.47721 - Juniper Networks, Inc.)
LavasoftTcpService (Version: 2.3.4.7 - Lavasoft) Hidden
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET 2.0 AJAX Extensions 1.0 (HKLM\...\{082BDF7B-4810-4599-BF0D-E3AC44EC8524}) (Version: 1.0.61025 - Microsoft Corporation)
Microsoft Office XP Professional with FrontPage (HKLM\...\{90280409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{F9B3DD02-B0B3-42E9-8650-030DFF0D133D}) (Version: 9.00.3042.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.3042.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{E9F44C98-B8B6-480F-AF7B-E42A0A46F4E3}) (Version: 9.00.3042.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NEC Middleware (HKLM\...\{3DE06155-48C3-4890-B577-B42BDDC1FBA1}) (Version: 4.3.6 - NEC-i)
NEC SL DesktopSuite (HKLM\...\{3169DD9B-87B3-460F-A39F-AC93129AFF6E}) (Version: 2.0.0 - NEC)
Network eManager V5.20B26 (HKLM\...\InstallShield_{7E05956B-BF88-4183-9031-7B44B042BF40}) (Version: 77.89.0000 - Toshiba America Information System Inc.)
Network eManager V5.20B26 (Version: 77.89.0000 - Toshiba America Information System Inc.) Hidden
nLite 1.4.9.3 (HKLM\...\nLite_is1) (Version: 1.4.9.3 - Dino Nuhagic (nuhi))
OpenOffice 4.1.1 (HKLM\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
Panda Cloud Cleaner (HKLM\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.0.107 - Panda Security)
PocoMail 4.8 (Build 4400) (HKLM\...\pocomail4_is1) (Version: - Pocomail.com)
Quote (HKLM\...\{F2ACA921-A618-11D4-B94C-000039C29A0E}) (Version: - )
Radmin Server 3.5 (HKLM\...\{1B25B709-0909-4C30-8E85-BF3823DF7555}) (Version: 3.50.0000 - Famatech)
Radmin Viewer 3.5 (HKLM\...\{199127DC-7BDB-41AB-825B-4229A86F8F0D}) (Version: 3.50.0000 - Famatech)
REALTEK Bluetooth Driver (HKLM\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.805.802.010714 - )
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7283 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7601.39025 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.20.0239 - )
Samsung SCX-4x21 Series (HKLM\...\Samsung SCX-4x21 Series) (Version: - Samsung Electronics CO.,LTD)
Sentinel System Driver (HKLM\...\Rainbow Sentinel Driver) (Version: - )
SL InMail CF Utility (HKLM\...\{8385A31E-9B9F-48D8-B358-E9F1430425D7}) (Version: 2.03 - NEC Corporation of America)
SL1100 PCPro (HKLM\...\{27075898-6541-47D7-9CBF-A74AF865FE3B}) (Version: 5.00 - NEC)
SoftIPT (HKLM\...\{11E7A78C-2D3F-466F-9B19-DBCADA00CCE0}) (Version: 03.04.0001 - TOSHIBA)
Software Updater (HKLM\...\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}) (Version: 4.3.7 - SEIKO EPSON CORPORATION)
Strata DKi Administration System (HKLM\...\{62374EF7-94B4-11D2-8109-00A024D5D0F0}) (Version: - )
SupraMax 56K USB (HKLM\...\Diamond) (Version: - )
SV8100 PCPro (HKLM\...\SV8100 PCPro) (Version: 9.51 - NEC Unified Solutions, Inc.)
SV8100 PCPro (Version: 9.51 - NEC Unified Solutions, Inc.) Hidden
TaxACT 2012 - 1040 Edition (HKLM\...\TaxACT 2012 - 1040 Edition) (Version: - 2nd Story Software, Inc.)
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.43879 - TeamViewer)
USB Data Fax Voice Modem (HKLM\...\CNXT_MODEM_USB_ACF) (Version: 2.0.21.50 - Conexant)
VirtualCloneDrive (HKLM\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Voip Tester 3.0 (HKLM\...\Voip Tester) (Version: 3.0 - )
Web Companion (HKLM\...\{88B10E3E-8911-4FAC-8663-CCF6E33C58B3}_WebCompanion) (Version: 2.0.1025.2130 - Lavasoft)
Windows 7 USB/DVD Download Tool (HKLM\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - U.S. Robotics SoftModem (04/07/2010 2.2.100) (HKLM\...\611733EB2FEC0B7FCBAFA0D9DA8D84F1CC3FC668) (Version: 04/07/2010 2.2.100 - U.S. Robotics)
WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
Wireshark 1.12.6 (32-bit) (HKLM\...\Wireshark) (Version: 1.12.6 - The Wireshark developer community, http://www.wireshark.org)
X-Lite (HKLM\...\{817CDC28-AE0F-4241-A529-AA6EB12BBCB5}) (Version: 48.7.6122 - CounterPath Corporation)
ZOC Terminal (HKLM\...\ZOC4) (Version: 4.15 - EmTec Innovative Software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-363809082-620757088-3605342814-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-363809082-620757088-3605342814-1000_Classes\CLSID\{98760C2C-AFC3-4725-9A02-5B27506819F4}\InprocServer32 -> C:\Users\Andy\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\SWTSC.ocx (Dell Inc.)
CustomCLSID: HKU\S-1-5-21-363809082-620757088-3605342814-1000_Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}\localserver32 -> C:\Users\Andy\AppData\Local\Chromium\Application\45.0.2422.0\delegate_execute.exe (The Chromium Authors) <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-363809082-620757088-3605342814-1000_Classes\CLSID\{B79C81C0-7650-4CAB-8466-E14C6A31EBAD}\InprocServer32 -> C:\Users\Andy\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\SWTSC.ocx (Dell Inc.)

==================== Restore Points =========================

07-07-2015 16:52:43 zoek.exe restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:04 - 2015-06-25 16:23 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {A3CD153C-9C88-47F9-B0AB-21525473AC01} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-03-07] (Adobe Systems Incorporated)
Task: {BA6E96E5-F899-473A-9B4C-2AF511CF6D20} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-17] (Avast Software s.r.o.)
Task: {E3CBE52D-1F50-4923-9B87-43628798D3D6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\43UjIlbSW.job => C:\Windows\system32\config\systemprofile\AppData\Roaming\43UjIlbSW.exe <==== ATTENTION

==================== Loaded Modules (Whitelisted) ==============

2015-06-17 10:06 - 2015-06-17 10:06 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-06-17 10:06 - 2015-06-17 10:06 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-07 14:51 - 2015-07-07 14:51 - 02956288 _____ () C:\Program Files\AVAST Software\Avast\defs\15070701\algo.dll
2015-04-17 16:57 - 2009-10-13 04:43 - 00022723 _____ () C:\Windows\System32\sugw2l3.dll
2015-06-17 10:06 - 2015-06-17 10:06 - 00633688 _____ () C:\Program Files\AVAST Software\Avast\sqlite3.dll
2015-04-17 16:16 - 2011-11-23 14:59 - 00035840 _____ () C:\Program Files\XemiComputers\Active Desktop Calendar\MouseHook.dll
2015-06-24 19:17 - 2015-06-24 19:17 - 02591240 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareShellExtension.dll
2015-06-24 19:17 - 2015-06-24 19:17 - 02323424 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\RCF.dll
2015-06-24 19:17 - 2015-06-24 19:17 - 00109592 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\boost_filesystem-vc120-mt-1_58.dll
2015-06-24 19:17 - 2015-06-24 19:17 - 00023056 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\boost_system-vc120-mt-1_58.dll
2015-06-24 19:14 - 2015-06-24 19:14 - 00663592 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareService.exe
2015-06-24 19:17 - 2015-06-24 19:17 - 00089104 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\boost_thread-vc120-mt-1_58.dll
2015-06-24 19:17 - 2015-06-24 19:17 - 00031760 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\boost_chrono-vc120-mt-1_58.dll
2015-06-24 19:17 - 2015-06-24 19:17 - 00047128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\boost_date_time-vc120-mt-1_58.dll
2015-06-24 19:17 - 2015-06-24 19:17 - 10178048 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareServiceKernel.dll
2015-06-24 19:17 - 2015-06-24 19:17 - 00634384 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\boost_regex-vc120-mt-1_58.dll
2015-06-24 19:16 - 2015-06-24 19:16 - 00566784 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareActivation.dll
2015-06-24 19:16 - 2015-06-24 19:16 - 00374288 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareApplicationUpdater.dll
2015-06-24 19:16 - 2015-06-24 19:16 - 00679424 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareGamingMode.dll
2015-06-24 19:17 - 2015-06-24 19:17 - 00084464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareReset.dll
2015-06-24 19:17 - 2015-06-24 19:17 - 00102384 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareTime.dll
2015-06-24 19:16 - 2015-06-24 19:16 - 00806416 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareDefinitionsUpdater.dll
2015-06-24 19:16 - 2015-06-24 19:16 - 00729632 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareDefinitionsUpdaterScheduler.dll
2015-06-24 19:16 - 2015-06-24 19:16 - 00897024 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareIgnoreList.dll
2015-06-24 19:16 - 2015-06-24 19:16 - 00205312 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareQuarantine.dll
2015-06-24 19:16 - 2015-06-24 19:16 - 00842760 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareAntiMalwareEngine.dll
2015-06-24 19:16 - 2015-06-24 19:16 - 00169480 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareAntiRootkitEngine.dll
2015-06-24 19:17 - 2015-06-24 19:17 - 00902152 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareScannerHistory.dll
2015-06-24 19:17 - 2015-06-24 19:17 - 01053688 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareScanner.dll
2015-06-24 19:17 - 2015-06-24 19:17 - 00032272 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\boost_timer-vc120-mt-1_58.dll
2015-06-24 19:17 - 2015-06-24 19:17 - 00811016 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareScannerScheduler.dll
2015-06-24 19:16 - 2015-06-24 19:16 - 00928272 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareRealTimeProtection.dll
2015-06-24 19:16 - 2015-06-24 19:16 - 00199168 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareIncompatibles.dll
2015-06-24 19:16 - 2015-06-24 19:16 - 00750584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareAntiSpam.dll
2015-06-24 19:16 - 2015-06-24 19:16 - 00713216 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareAntiPhishing.dll
2015-06-24 19:16 - 2015-06-24 19:16 - 02518536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareParentalControl.dll
2015-06-24 19:17 - 2015-06-24 19:17 - 02700800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareWebProtection.dll
2015-06-24 19:16 - 2015-06-24 19:16 - 01044488 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareEmailProtection.dll
2015-06-24 19:17 - 2015-06-24 19:17 - 00048152 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\boost_iostreams-vc120-mt-1_58.dll
2015-06-24 19:16 - 2015-06-24 19:16 - 01032712 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareNetworkProtection.dll
2015-06-24 19:16 - 2015-06-24 19:16 - 00810480 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwarePromo.dll
2015-06-24 19:16 - 2015-06-24 19:16 - 00297464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareFeedback.dll
2015-06-24 19:17 - 2015-06-24 19:17 - 02280464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareThreatWorkAlliance.dll
2015-06-24 19:16 - 2015-06-24 19:16 - 01017336 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwarePinCode.dll
2015-06-24 19:16 - 2015-06-24 19:16 - 00810488 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareNotice.dll
2015-06-24 19:16 - 2015-06-24 19:16 - 00805880 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareAvcEngine.dll
2015-06-24 19:16 - 2015-06-24 19:16 - 00955416 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareRealTimeProtectionHistory.dll
2015-06-24 19:17 - 2015-06-24 19:17 - 00376832 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareStatistics.dll
2005-11-30 17:34 - 2005-11-30 17:34 - 00068608 _____ () C:\Program Files\ClipX\clipx.exe
2015-04-17 16:57 - 2011-08-01 09:13 - 00688128 _____ () C:\Windows\Samsung\PanelMgr\SSMMgr.exe
2015-06-17 10:06 - 2015-06-17 10:06 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-06-24 19:17 - 2015-06-24 19:17 - 07966192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareTray.exe
2015-06-24 19:17 - 2015-06-24 19:17 - 00386576 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\boost_locale-vc120-mt-1_58.dll
2015-06-24 19:17 - 2015-06-24 19:17 - 01730552 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\HtmlFramework.dll
2015-06-24 19:17 - 2015-06-24 19:17 - 00867336 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareTrayDefaultSkin.dll
2015-06-08 14:12 - 2015-06-08 14:12 - 00078656 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll
2015-06-08 14:12 - 2015-06-08 14:12 - 00184680 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll
2015-06-08 14:12 - 2015-06-08 14:12 - 00046920 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll
2015-06-08 14:12 - 2015-06-08 14:12 - 00033136 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Repositories.dll
2015-06-08 14:12 - 2015-06-08 14:12 - 00015696 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.Utils.SqlLite.dll
2015-06-08 14:12 - 2015-06-08 14:12 - 00123736 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.PUP.Management.dll
2015-06-08 14:13 - 2015-06-08 14:13 - 00073544 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SysInfo.dll
2015-06-08 14:11 - 2015-06-08 14:11 - 00039256 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.CSharp.Utilities.dll
2015-06-08 14:12 - 2015-06-08 14:12 - 00019816 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
2015-06-08 14:12 - 2015-06-08 14:12 - 00012144 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Service.Logger.dll
2015-06-08 14:12 - 2015-06-08 14:12 - 00034664 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WcfService.dll
2015-07-07 14:56 - 2014-12-05 16:33 - 00339968 _____ () C:\Windows\system32\SaMinDrv.dll
2015-04-14 15:00 - 2013-12-03 01:37 - 01242584 _____ () C:\Program Files\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-07-07 13:19 - 2015-07-06 23:49 - 01281864 _____ () C:\Program Files\Google\Chrome\Application\43.0.2357.132\libglesv2.dll
2015-07-07 13:19 - 2015-07-06 23:49 - 00080712 _____ () C:\Program Files\Google\Chrome\Application\43.0.2357.132\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Andy\Documents\Fwd_ Address.eml:OECustomProperty

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\atashost => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-363809082-620757088-3605342814-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-363809082-620757088-3605342814-1000\...\webcompanion.com -> hxxp://webcompanion.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-363809082-620757088-3605342814-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Andy\AppData\Roaming\XEMICO~1\ACTIVE~1\Desktop\ACTIVE~1.BMP
DNS Servers: 192.168.0.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: 89393f8b-ca7a-4112-88b9-824931a5e737 => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: BTDevManager => 2
MSCONFIG\Services: bugupeke => 2
MSCONFIG\Services: consumerinput_update => 2
MSCONFIG\Services: consumerinput_updatem => 3
MSCONFIG\Services: globalUpdate => 2
MSCONFIG\Services: globalUpdatem => 3
MSCONFIG\Services: insvc_1.10.0.14 => 2
MSCONFIG\Services: NinjaLoaderService => 2
MSCONFIG\Services: ooWYCQPHu => 2
MSCONFIG\Services: SwiftMediaConverter Update Service => 2
MSCONFIG\startupreg: BtServer => "C:\Program Files\REALTEK\Realtek Bluetooth\BTServer.exe"
MSCONFIG\startupreg: JunosPulse => C:\Program Files\Common Files\Juniper Networks\JamUI\Pulse.exe -tray

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{2E65BD57-4A61-4EEF-B69B-90B7FEE75219}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [{F5FDCC7E-1A9C-4BFB-B03A-DC729C7D6EB5}] => (Allow) C:\Windows\system32\rserver30\rserver3.exe
FirewallRules: [TCP Query User{D2A4CBC1-A7B8-4F44-A616-AD2BEA73216B}C:\program files\counterpath\x-lite\x-lite.exe] => (Allow) C:\program files\counterpath\x-lite\x-lite.exe
FirewallRules: [UDP Query User{2D085F18-BC32-4D79-A2AE-D5D891702963}C:\program files\counterpath\x-lite\x-lite.exe] => (Allow) C:\program files\counterpath\x-lite\x-lite.exe
FirewallRules: [TCP Query User{2B14402A-8A8B-401F-9879-A8F0368843C5}C:\program files\dell sonicwall\global vpn client\swgvc.exe] => (Allow) C:\program files\dell sonicwall\global vpn client\swgvc.exe
FirewallRules: [UDP Query User{F6316D45-408A-4CB7-8150-718A33CDC14B}C:\program files\dell sonicwall\global vpn client\swgvc.exe] => (Allow) C:\program files\dell sonicwall\global vpn client\swgvc.exe
FirewallRules: [TCP Query User{8E2AFA7C-C6A5-4218-9EF9-CC1C99ABF05A}C:\program files\voiptester\voiptester.exe] => (Allow) C:\program files\voiptester\voiptester.exe
FirewallRules: [UDP Query User{5A104D91-1FEE-47B0-86B2-32ED39322CE1}C:\program files\voiptester\voiptester.exe] => (Allow) C:\program files\voiptester\voiptester.exe
FirewallRules: [TCP Query User{42C5CBFA-EF31-4C98-8B9B-7D25873EE7A7}C:\program files\toshiba\softipt\softipt.exe] => (Allow) C:\program files\toshiba\softipt\softipt.exe
FirewallRules: [UDP Query User{7CBA357A-8540-4222-A63F-58DB3F6E65DF}C:\program files\toshiba\softipt\softipt.exe] => (Allow) C:\program files\toshiba\softipt\softipt.exe
FirewallRules: [TCP Query User{6DF9D936-9567-4156-8823-7B015389D44B}C:\program files\nec\nec sl desktopsuite\slphone.exe] => (Allow) C:\program files\nec\nec sl desktopsuite\slphone.exe
FirewallRules: [UDP Query User{66858B67-9264-47DD-B166-1688493CF911}C:\program files\nec\nec sl desktopsuite\slphone.exe] => (Allow) C:\program files\nec\nec sl desktopsuite\slphone.exe
FirewallRules: [TCP Query User{E54205A2-10C6-4B54-A144-200179282282}C:\program files\common files\nec-i\cygnusclientapilib\bin\remoteobjectserver.exe] => (Allow) C:\program files\common files\nec-i\cygnusclientapilib\bin\remoteobjectserver.exe
FirewallRules: [UDP Query User{85D50558-7212-4B56-982B-40AB68A81554}C:\program files\common files\nec-i\cygnusclientapilib\bin\remoteobjectserver.exe] => (Allow) C:\program files\common files\nec-i\cygnusclientapilib\bin\remoteobjectserver.exe
FirewallRules: [{44FF9DA2-924D-4A92-BF55-D8A0FD09211C}] => (Allow) C:\Users\Andy\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{205AC5DA-5AA2-41F9-B06B-BE7828CA111C}] => (Allow) C:\Users\Andy\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{65CF3656-B9A7-4F51-A8E8-D3F198A7E39B}] => (Allow) C:\Users\Andy\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{C568009E-AF91-4E9A-B737-E80389FC275F}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{03A508ED-EE1E-46F5-BE86-03C90D5FAFFE}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{CA63C279-F75B-4EAF-9312-10824F7CB664}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{896C1F42-CE91-4616-BA85-5552C42D302A}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{246C4BA1-6405-476A-A908-DF297D224BF4}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{4B8146C8-C3DA-4F3B-9309-A4CFE116D812}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{28F0FE7F-BC59-403B-932F-2BC3943DF1D6}] => (Allow) C:\Program Files\Google\Chrome Remote Desktop\44.0.2403.25\remoting_host.exe
FirewallRules: [{FFD405FC-0116-48FD-A1A1-A1942B140A54}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: SonicWALL Virtual NIC
Description: SonicWALL Virtual NIC
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: SonicWALL
Service: SWVNIC
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Realtek Bluetooth 4.0 + High Speed Chip
Description: Realtek Bluetooth 4.0 + High Speed Chip
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Realtek Semiconductor Corp.
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: mmi1m2f2nnnjbgj
Description: mmi1m2f2nnnjbgj
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mmi1m2f2nnnjbgj
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: 56SX92_SCM
Description: 56SX92_SCM
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Realtek RTL8723BE Wireless LAN 802.11n PCI-E NIC
Description: Realtek RTL8723BE Wireless LAN 802.11n PCI-E NIC
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RTWlanE
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/07/2015 04:55:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 04:52:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddLegacyDriverFiles: Unable to back up image of binary esgiguard.

System Error:
The system cannot find the file specified.
.

Error: (07/07/2015 04:29:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 04:23:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 04:12:38 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/07/2015 04:12:38 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.

Context: Windows Application


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/07/2015 04:12:38 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/07/2015 04:12:38 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)

Error: (07/07/2015 04:12:38 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/07/2015 04:12:38 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog


Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)


System errors:
=============
Error: (07/07/2015 04:55:35 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
mmi1m2f2nnnjbgj

Error: (07/07/2015 04:55:30 PM) (Source: SNMP) (EventID: 1500) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

Error: (07/07/2015 04:55:28 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Sentinel service depends on the Parallel port driver service which failed to start because of the following error:
%%1058

Error: (07/07/2015 04:55:27 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B}{B292921D-AF50-400C-9B75-0C57A7F29BA1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (07/07/2015 04:55:25 PM) (Source: PCIESER) (EventID: 18) (User: )
Description: No Parameters subkey was found for user defined data. This is odd, and it also means no user configuration can be found.

Error: (07/07/2015 04:55:24 PM) (Source: PCIESER) (EventID: 18) (User: )
Description: No Parameters subkey was found for user defined data. This is odd, and it also means no user configuration can be found.

Error: (07/07/2015 04:29:23 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
mmi1m2f2nnnjbgj

Error: (07/07/2015 04:29:17 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B}{B292921D-AF50-400C-9B75-0C57A7F29BA1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (07/07/2015 04:29:15 PM) (Source: SNMP) (EventID: 1500) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

Error: (07/07/2015 04:29:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Sentinel service depends on the Parallel port driver service which failed to start because of the following error:
%%1058


Microsoft Office:
=========================
Error: (07/07/2015 04:55:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 04:52:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary esgiguard.

System Error:
The system cannot find the file specified.

Error: (07/07/2015 04:29:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 04:23:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 04:12:38 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description:
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/07/2015 04:12:38 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Context: Windows Application


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/07/2015 04:12:38 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/07/2015 04:12:38 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (07/07/2015 04:12:38 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (07/07/2015 04:12:38 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)


==================== Memory info ===========================

Processor: Intel® Core™ i3-4160 CPU @ 3.60GHz
Percentage of memory in use: 58%
Total physical RAM: 3500.2 MB
Available physical RAM: 1442.66 MB
Total Virtual: 10498.91 MB
Available Virtual: 8245.25 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.04 GB) (Free:70.42 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: () (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (Data) (Fixed) (Total:906.24 GB) (Free:866.73 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 047B4384)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=906.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25.1 GB) - (Type=12)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 119.2 GB) (Disk ID: 0004CB4A)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119 GB) - (Type=07 NTFS)

==================== End of log ============================

Attached Files


Edited by Oh My!, 11 July 2015 - 01:24 PM.


BC AdBot (Login to Remove)

 


#2 Queen-Evie

Queen-Evie

    Official Bleepin' G.R.I.T.S. (and proud of it)


  • Members
  • 16,485 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:My own little corner of the universe (somewhere in Alabama). It's OK, they know me here
  • Local time:04:24 AM

Posted 07 July 2015 - 05:39 PM

Hello and welcome to Bleeping Computer.
 
 It has been brought to our attention that you have also posted a topic about this same issue  at
http://www.geekstogo.com/forum/topic/354047-bestdriverstar-and-anythicago/
 
http://www.geekstogo.com/forum/topic/354046-avast-bestdriverstar-and-anythicago/

 You should only seek help at one forum for malware removal.
 
We ask that you select one forum from those where you sought help and ask the others to close your topics.
 
Although we understand you wish your problems to be addressed as soon as possible, there are reasons why multi-posting causes problems.
 
By Multi Posting you are utilizing the time of two (or more) trained helpers. Helpers take a long time to train. They need a great deal of expertise and knowledge to be able to safely remove Malware from your computer and because of this are in short supply. We wish to use them to help the maximum number of people, and if they are researching the log of someone who is already being helped, then their time and effort is going to waste.
 
Advice from two separate helpers can cause problems.
 
A helper at one place has no idea what a helper somewhere else is doing. Different helpers may use different methods to combat your infection. While each one is safe to use, problems can arise if you follow the advice of both together. Some of the tools used are very powerful and have to be used in a specific way and in some cases do not combine well with others. By using advice from two different sources it is possible that tools may be used that do not combine well and you may severely damage your computer, even rendering it inoperable in some circumstances. By following BOTH sets of instructions, the clean up process could be delayed.
 
Please let us know WHERE you want to continue to receive help from. If elsewhere this topic will be closed.
 
If you choose to be helped here at Bleeping Computer, please let Geeks to Go know so your topic(s) there can be closed.

#3 freeness

freeness
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:05:24 AM

Posted 07 July 2015 - 05:45 PM

I tried posting at geekstogo several times, but I kept getting an error.  I didn't realize the posts went through.  Please leave this thread open.  I will close the thread at geekstogo.

 

Thanks,

 

Andy



#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,005 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:24 AM

Posted 11 July 2015 - 01:28 PM

Greetings Andy and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. I would like you to run FRST again making sure to check Addition.tx and post both logs. In addition, this please.

===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST results
  • Addition log
  • System Summary Information

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,005 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:24 AM

Posted 14 July 2015 - 08:37 AM

Greetings,

===================================================

3 Day Bump

It has been more than 3 days since my last post.
  • Do you still need help with this?
  • If after 48hrs you have not replied to this thread then it will have to be closed.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,005 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:24 AM

Posted 16 July 2015 - 08:37 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users