Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Heuristic Virus Found - Symantec Endpint Protection


  • Please log in to reply
4 replies to this topic

#1 TheAmerican

TheAmerican

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:46 AM

Posted 16 December 2015 - 12:43 AM

Symantec Detected a Heuristic Virus. After reading some posts I gathered that I needed to Download the program and post the report here

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:14-12-2015
Ran by Noobsack (administrator) on NOOBSACK-PC (15-12-2015 21:12:56)
Running from C:\Users\Noobsack\Desktop
Loaded Profiles: Noobsack (Available Profiles: Noobsack)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareService.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\LBTWiz.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(IObit) C:\Program Files (x86)\IObit\iFreeUp\iFreeUpMini.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareTray.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILQE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILQE.EXE
(BitTorrent Inc.) C:\Users\Noobsack\AppData\Roaming\uTorrent\uTorrent.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(BitTorrent Inc.) C:\Users\Noobsack\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(BitTorrent Inc.) C:\Users\Noobsack\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe
() C:\Program Files\Synergy\synergyd.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\Smc.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\DWHWizrd.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\SavUI.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_235.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_235.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [Bluetooth Connection Assistant] => LBTWIZ.EXE -silent
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareTray.exe [9574112 2015-12-09] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058880 2013-03-28] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [896632 2015-07-22] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5889824 2015-07-28] (IObit)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3430167221-3918767714-3983531757-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3011152 2015-11-09] (Valve Corporation)
HKU\S-1-5-21-3430167221-3918767714-3983531757-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILQE.EXE [297024 2013-01-23] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3430167221-3918767714-3983531757-1001\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILQE.EXE [297024 2013-01-23] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3430167221-3918767714-3983531757-1001\...\Run: [uTorrent] => C:\Users\Noobsack\AppData\Roaming\uTorrent\uTorrent.exe [2026520 2015-12-03] (BitTorrent Inc.)
HKU\S-1-5-21-3430167221-3918767714-3983531757-1001\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2429728 2015-04-08] (IObit)
HKU\S-1-5-21-3430167221-3918767714-3983531757-1001\...\MountPoints2: {260dafdc-7f3b-11e3-8f8a-00044b06d7e4} - "J:\WD Drive Unlock.exe" autoplay=true
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{AF69A396-D87D-434E-BFBE-7FB3E6562D73}: [DhcpNameServer] 75.75.75.75 75.75.76.76

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3430167221-3918767714-3983531757-1001 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-09-18] (IObit)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO-x32: Symantec Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\bin\IPS\IPSBHO.DLL [2013-10-20] (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-11] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-04-01] (IObit)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-11] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Noobsack\AppData\Roaming\Mozilla\Firefox\Profiles\4jb1f64h.default
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxps://www.google.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-08] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-08] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1220162.dll [2015-08-31] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-11] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3430167221-3918767714-3983531757-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Noobsack\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-08-08] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Noobsack\AppData\Roaming\Mozilla\Firefox\Profiles\4jb1f64h.default\user.js [2015-10-19]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Noobsack\AppData\Roaming\Mozilla\Firefox\Profiles\4jb1f64h.default\extensions\iobitascsurfingprotection@iobit.com [2015-12-14] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-01-05] [not signed]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [821024 2015-08-05] (IObit)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2014-12-04] ()
R3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.)
R3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [831096 2015-07-21] (BlueStack Systems, Inc.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [882464 2015-07-17] (IObit)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareService.exe [712432 2015-12-09] ()
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-29] (IObit)
S3 PrintNotify; C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll [3337728 2015-10-29] (Microsoft Corporation) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SepMasterService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe [144368 2013-10-20] (Symantec Corporation)
R3 SmcService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\Smc.exe [2377984 2013-10-20] (Symantec Corporation)
S3 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\snac64.exe [334736 2013-10-20] (Symantec Corporation)
R2 Synergy; C:\Program Files\Synergy\synergyd.exe [291840 2013-10-22] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx64; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\BASHDefs\20151215.011\BHDrvx64.sys [1665608 2015-10-08] (Symantec Corporation)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-16] (BlueStack Systems)
R1 ccSettings_{2FF4FBED-F03A-4EE2-AC58-C985811A4FBE}; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\ccSetx64.sys [169048 2013-10-20] (Symantec Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-11-17] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [157520 2015-12-14] (Symantec Corporation)
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2015-03-25] (IObit)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-10-19] (REALiX™)
R1 IDSVia64; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\IPSDefs\20151215.011\IDSvia64.sys [767224 2015-12-10] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\VirusDefs\20151215.018\ENG64.SYS [138488 2015-11-16] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\VirusDefs\20151215.018\EX64.SYS [2148080 2015-11-16] (Symantec Corporation)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2015-03-25] (IObit.com)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R1 SRTSP; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\SRTSP64.SYS [797272 2013-10-20] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\SRTSPX64.SYS [36952 2013-10-20] (Symantec Corporation)
S3 SyDvCtrl; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\SyDvCtrl64.sys [34800 2013-10-20] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\SYMDS64.SYS [493656 2013-10-20] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\SYMEFA64.SYS [1147480 2013-10-20] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-07-16] (Symantec Corporation)
R1 SymIRON; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\Ironx64.SYS [224856 2013-10-20] (Symantec Corporation)
R1 SYMNETS; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\SYMNETS.SYS [437336 2013-10-20] (Symantec Corporation)
R1 SysPlant; C:\Windows\System32\Drivers\SysPlant.sys [155352 2014-07-16] (Symantec Corporation)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [452040 2015-12-09] (BitDefender S.R.L.)
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2015-03-25] (IObit.com)
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-15 21:12 - 2015-12-15 21:13 - 00018074 _____ C:\Users\Noobsack\Desktop\FRST.txt
2015-12-15 21:08 - 2015-12-15 21:12 - 00000000 ____D C:\FRST
2015-12-15 21:07 - 2015-12-15 21:07 - 02369536 _____ (Farbar) C:\Users\Noobsack\Desktop\FRST64.exe
2015-12-14 18:15 - 2015-12-14 18:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-12-12 19:31 - 2015-12-12 19:31 - 00000000 ____H C:\asc_rdflag
2015-12-12 19:15 - 2015-12-12 19:15 - 00000000 ____D C:\SUPERDelete
2015-12-12 19:10 - 2015-12-12 19:10 - 00000000 ____D C:\Users\Noobsack\AppData\Roaming\SUPERAntiSpyware.com
2015-12-12 19:09 - 2015-12-14 18:07 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-12-12 19:09 - 2015-12-12 19:09 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2015-12-12 18:39 - 2015-12-14 18:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2015-12-12 18:39 - 2015-12-12 18:39 - 00000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2015-12-12 18:38 - 2015-12-12 18:38 - 00001174 _____ C:\Users\Public\Desktop\Smart Defrag 4.lnk
2015-12-12 12:40 - 2015-12-12 12:40 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-12 12:40 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-12-08 17:16 - 2015-11-20 10:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-08 17:16 - 2015-11-20 10:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-08 17:16 - 2015-11-20 10:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-08 17:16 - 2015-11-20 10:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-08 17:16 - 2015-11-20 10:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-08 17:16 - 2015-11-20 10:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-08 17:16 - 2015-11-20 10:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-08 17:16 - 2015-11-20 10:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-08 17:16 - 2015-11-20 10:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-08 17:16 - 2015-11-20 10:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-08 17:16 - 2015-11-20 10:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-08 17:16 - 2015-11-20 10:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-08 17:16 - 2015-11-20 10:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-08 17:16 - 2015-11-20 10:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-08 17:16 - 2015-11-20 10:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-08 17:16 - 2015-11-20 10:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-08 17:16 - 2015-11-11 12:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-08 17:16 - 2015-11-11 10:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-08 17:16 - 2015-11-11 10:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-08 17:16 - 2015-11-11 10:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-08 17:16 - 2015-11-11 10:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-08 17:16 - 2015-11-11 07:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-08 17:16 - 2015-11-11 07:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-08 17:16 - 2015-11-11 06:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-08 17:16 - 2015-11-10 10:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-08 17:16 - 2015-11-10 10:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-08 17:16 - 2015-11-10 10:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-08 17:16 - 2015-11-10 10:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-08 17:16 - 2015-11-10 10:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-08 17:16 - 2015-11-10 09:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-08 17:16 - 2015-11-09 16:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-08 17:16 - 2015-11-09 16:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-08 17:16 - 2015-11-09 16:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-08 17:16 - 2015-11-09 16:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-08 17:16 - 2015-11-09 16:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-08 17:16 - 2015-11-09 15:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-08 17:16 - 2015-11-09 15:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-08 17:16 - 2015-11-09 15:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-08 17:16 - 2015-11-09 15:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-08 17:16 - 2015-11-08 14:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-08 17:16 - 2015-11-08 14:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-08 17:16 - 2015-11-08 14:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-08 17:16 - 2015-11-08 14:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-08 17:16 - 2015-11-08 13:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-08 17:16 - 2015-11-08 13:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-08 17:16 - 2015-11-05 11:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-08 17:16 - 2015-11-05 11:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-08 17:16 - 2015-11-05 11:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-08 17:16 - 2015-11-05 11:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-12-08 17:16 - 2015-11-05 01:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-08 17:16 - 2015-11-03 11:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-08 17:16 - 2015-11-03 10:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-08 17:15 - 2015-11-11 13:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-08 17:15 - 2015-11-11 08:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-08 17:15 - 2015-11-11 08:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-08 17:15 - 2015-11-11 07:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-08 17:15 - 2015-11-11 07:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-08 17:15 - 2015-11-09 16:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-08 17:15 - 2015-11-09 16:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-08 17:15 - 2015-11-09 16:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-08 17:15 - 2015-11-09 16:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-08 17:15 - 2015-11-09 16:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-08 17:15 - 2015-11-09 16:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-08 17:15 - 2015-11-09 16:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-08 17:15 - 2015-11-09 16:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-08 17:15 - 2015-11-09 15:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-08 17:15 - 2015-11-09 15:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-08 17:15 - 2015-11-09 15:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-08 17:15 - 2015-11-09 15:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-08 17:15 - 2015-11-09 15:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-08 17:15 - 2015-11-09 15:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-08 17:15 - 2015-11-09 15:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-08 17:15 - 2015-11-08 14:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-08 17:15 - 2015-11-08 14:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-08 17:15 - 2015-11-08 14:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-08 17:15 - 2015-11-08 14:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-08 17:15 - 2015-11-08 14:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-08 17:15 - 2015-11-08 14:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-08 17:15 - 2015-11-08 14:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-08 17:15 - 2015-11-08 14:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-08 17:15 - 2015-11-08 14:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-08 17:15 - 2015-11-08 14:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-08 17:15 - 2015-11-08 14:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-08 17:15 - 2015-11-08 14:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-08 17:15 - 2015-11-08 13:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-08 17:15 - 2015-11-08 13:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-08 17:15 - 2015-11-08 13:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-08 17:15 - 2015-11-08 13:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-08 17:15 - 2015-11-08 13:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-08 17:15 - 2015-11-08 13:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-08 17:15 - 2015-11-08 13:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-08 17:15 - 2015-11-08 13:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-08 17:15 - 2015-11-08 13:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-08 17:15 - 2015-11-08 13:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-08 17:15 - 2015-11-08 12:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-08 17:15 - 2015-11-08 12:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-08 17:15 - 2015-11-08 12:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-08 17:15 - 2015-11-03 11:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-08 17:15 - 2015-11-03 10:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-11-29 18:49 - 2015-11-29 18:49 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2015-11-29 18:49 - 2015-11-29 18:49 - 00419928 _____ C:\Windows\system32\locale.nls
2015-11-29 18:49 - 2015-11-29 18:49 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2015-11-29 18:49 - 2015-11-29 18:49 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2015-11-29 18:49 - 2015-11-29 18:49 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-11-29 18:49 - 2015-11-29 18:49 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2015-11-29 18:49 - 2015-11-29 18:49 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2015-11-29 18:49 - 2015-11-29 18:49 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2015-11-29 18:49 - 2015-11-29 18:49 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-11-29 18:49 - 2015-11-29 18:49 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-11-27 14:41 - 2015-11-27 14:41 - 00000000 ___HD C:\$WINDOWS.~BT
2015-11-25 19:37 - 2015-11-25 19:37 - 00000000 ____D C:\Users\Noobsack\AppData\Local\CEF
2015-11-23 01:33 - 2015-11-23 01:33 - 00000000 ____D C:\Users\Noobsack\AppData\Local\GWX

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-15 21:13 - 2014-01-04 22:00 - 00000000 ____D C:\Users\Noobsack\AppData\Roaming\uTorrent
2015-12-15 21:08 - 2009-07-13 19:20 - 00000000 ____D C:\Windows
2015-12-15 20:33 - 2014-01-05 00:22 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-15 20:27 - 2009-07-13 20:45 - 00020640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-15 20:27 - 2009-07-13 20:45 - 00020640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-15 20:18 - 2014-02-05 21:18 - 00000911 _____ C:\Windows\Tasks\EPSON XP-610 Series Update {4E80ED7C-1931-4975-B83E-64D820042555}.job
2015-12-15 20:18 - 2014-02-05 21:18 - 00000725 _____ C:\Windows\Tasks\EPSON XP-610 Series Invitation {4E80ED7C-1931-4975-B83E-64D820042555}.job
2015-12-15 20:16 - 2014-02-05 21:16 - 00000911 _____ C:\Windows\Tasks\EPSON XP-610 Series Update {08EEE307-C586-4B94-89E0-2033D85A46B0}.job
2015-12-15 20:16 - 2014-02-05 21:16 - 00000725 _____ C:\Windows\Tasks\EPSON XP-610 Series Invitation {08EEE307-C586-4B94-89E0-2033D85A46B0}.job
2015-12-15 16:34 - 2009-07-13 21:13 - 00006182 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-15 16:30 - 2015-10-19 19:08 - 00003254 _____ C:\Windows\System32\Tasks\Driver Booster Scheduler
2015-12-15 16:30 - 2015-10-19 19:08 - 00002886 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Noobsack)
2015-12-15 16:29 - 2015-10-19 19:06 - 00000000 ____D C:\ProgramData\IObit
2015-12-15 16:29 - 2014-01-04 21:27 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-15 16:27 - 2015-01-01 13:13 - 00002321 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2015-12-15 16:27 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-14 18:18 - 2015-04-27 18:17 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-14 18:13 - 2014-01-04 21:22 - 00000000 ____D C:\Users\Noobsack
2015-12-14 18:08 - 2015-04-04 21:10 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-14 18:08 - 2014-05-06 21:21 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-12-14 18:08 - 2010-11-20 23:16 - 00000000 ____D C:\Program Files\Windows Journal
2015-12-14 18:08 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2015-12-14 18:08 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-12-14 18:08 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Windows Defender
2015-12-14 18:08 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-12-14 18:08 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\com
2015-12-14 18:08 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\system32\Setup
2015-12-14 18:08 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\system32\com
2015-12-14 18:08 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-12-14 18:08 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\servicing
2015-12-14 18:07 - 2015-11-13 18:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-14 18:07 - 2015-10-20 15:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2015-12-14 18:07 - 2015-10-19 19:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 4
2015-12-14 18:07 - 2015-10-19 19:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2015-12-14 18:07 - 2015-10-19 19:07 - 00000000 ____D C:\Users\Noobsack\AppData\Roaming\ProductData
2015-12-14 18:07 - 2015-10-19 19:07 - 00000000 ____D C:\Users\Noobsack\AppData\LocalLow\IObit
2015-12-14 18:07 - 2015-10-19 19:07 - 00000000 ____D C:\ProgramData\ProductData
2015-12-14 18:07 - 2015-10-19 19:06 - 00000000 ____D C:\Users\Noobsack\AppData\Roaming\IObit
2015-12-14 18:07 - 2015-10-19 19:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2015-12-14 18:07 - 2015-10-19 19:06 - 00000000 ____D C:\Program Files (x86)\IObit
2015-12-14 18:07 - 2015-08-22 16:29 - 00000000 ____D C:\Users\Noobsack\AppData\Roaming\Auto Mouse Click by MurGee.com
2015-12-14 18:07 - 2015-06-19 20:56 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2015-12-14 18:07 - 2015-04-27 22:04 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2015-12-14 18:07 - 2015-04-27 22:04 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-12-14 18:07 - 2015-04-27 22:04 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-12-14 18:07 - 2015-04-27 22:04 - 00000000 ____D C:\KMPlayer
2015-12-14 18:07 - 2015-04-27 22:03 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2015-12-14 18:07 - 2015-04-27 18:16 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-14 18:07 - 2014-06-07 08:42 - 00000000 ____D C:\Program Files (x86)\Heroes of Newerth
2015-12-14 18:07 - 2014-03-28 23:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2015-12-14 18:07 - 2014-03-28 23:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2015-12-14 18:07 - 2014-02-07 23:16 - 00000000 ____D C:\Users\Noobsack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
2015-12-14 18:07 - 2014-01-04 21:53 - 00000000 ____D C:\Program Files\Synergy
2015-12-14 18:07 - 2014-01-04 21:36 - 00000000 ____D C:\Program Files\Speccy
2015-12-14 18:07 - 2014-01-04 21:29 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-12-14 18:07 - 2014-01-04 21:28 - 00000000 ____D C:\Program Files (x86)\Notepad++
2015-12-14 18:07 - 2014-01-04 21:27 - 00000000 ____D C:\Program Files\7-Zip
2015-12-14 18:07 - 2014-01-04 21:27 - 00000000 ____D C:\Program Files (x86)\ImgBurn
2015-12-14 18:07 - 2014-01-04 21:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-14 18:07 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
2015-12-14 18:07 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\inf
2015-12-12 19:31 - 2015-11-12 16:28 - 44154880 _____ C:\Windows\system32\config\COMPONENTS.iodefrag.bak
2015-12-12 19:31 - 2015-11-12 16:28 - 104349696 _____ C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2015-12-12 19:31 - 2015-11-12 16:28 - 04972544 _____ C:\Windows\system32\config\DEFAULT.iodefrag.bak
2015-12-12 19:31 - 2015-11-12 16:28 - 00065536 _____ C:\Windows\system32\config\SAM.iodefrag.bak
2015-12-12 19:31 - 2015-11-12 16:28 - 00024576 _____ C:\Windows\system32\config\SECURITY.iodefrag.bak
2015-12-12 16:51 - 2015-05-16 21:13 - 00000000 ____D C:\Users\Noobsack\AppData\Roaming\MPC-HC
2015-12-09 17:13 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2015-12-09 16:38 - 2009-07-13 20:45 - 00413672 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-09 11:04 - 2015-01-22 15:16 - 00452040 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\Trufos.sys
2015-12-08 19:10 - 2014-02-15 22:51 - 00000000 ____D C:\Windows\system32\MRT
2015-12-08 19:06 - 2014-02-15 22:51 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-08 18:33 - 2014-01-05 00:22 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-08 18:33 - 2014-01-05 00:22 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-08 18:33 - 2014-01-05 00:22 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-03 23:04 - 2014-07-16 19:55 - 00000000 ____D C:\ProgramData\Symantec
2015-12-02 16:20 - 2015-10-19 19:08 - 00002185 _____ C:\Users\Public\Desktop\Advanced SystemCare 8.lnk
2015-11-28 08:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\system32\spool
2015-11-27 14:46 - 2014-01-04 21:10 - 00000000 ____D C:\Windows\Panther
2015-11-22 23:45 - 2015-10-22 22:03 - 00000000 ____D C:\Users\Noobsack\AppData\Local\ElevatedDiagnostics

==================== Files in the root of some directories =======

2014-03-30 09:19 - 2014-03-30 09:19 - 27045040 _____ (McAfee) C:\Program Files (x86)\Common Files\lpuninstall.exe
2015-10-19 19:14 - 2015-10-19 19:14 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-12-11 11:27

==================== End of FRST.txt ============================


Edited by TheAmerican, 16 December 2015 - 12:46 AM.


BC AdBot (Login to Remove)

 


#2 TheAmerican

TheAmerican
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:46 AM

Posted 16 December 2015 - 08:18 PM

Ran the search again in safe mode, not sure if that will help you

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:14-12-2015
Ran by Noobsack (administrator) on NOOBSACK-PC (16-12-2015 16:52:38)
Running from C:\Users\Noobsack\Desktop
Loaded Profiles: Noobsack (Available Profiles: Noobsack)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Safe Mode (minimal)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(Microsoft Corporation) C:\Windows\System32\userinit.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [Bluetooth Connection Assistant] => LBTWIZ.EXE -silent
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareTray.exe [9574112 2015-12-09] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058880 2013-03-28] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [896632 2015-07-22] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5889824 2015-07-28] (IObit)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3430167221-3918767714-3983531757-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3011152 2015-11-09] (Valve Corporation)
HKU\S-1-5-21-3430167221-3918767714-3983531757-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILQE.EXE [297024 2013-01-23] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3430167221-3918767714-3983531757-1001\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILQE.EXE [297024 2013-01-23] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3430167221-3918767714-3983531757-1001\...\Run: [uTorrent] => C:\Users\Noobsack\AppData\Roaming\uTorrent\uTorrent.exe [2026520 2015-12-03] (BitTorrent Inc.)
HKU\S-1-5-21-3430167221-3918767714-3983531757-1001\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2429728 2015-04-08] (IObit)
HKU\S-1-5-21-3430167221-3918767714-3983531757-1001\...\RunOnce: [Application Restart #0] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKU\S-1-5-21-3430167221-3918767714-3983531757-1001\...\RunOnce: [Application Restart #1] => C:\Users\Noobsack\AppData\Roaming\uTorrent\uTorrent.exe [2026520 2015-12-03] (BitTorrent Inc.)
HKU\S-1-5-21-3430167221-3918767714-3983531757-1001\...\MountPoints2: {260dafdc-7f3b-11e3-8f8a-00044b06d7e4} - "J:\WD Drive Unlock.exe" autoplay=true
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{AF69A396-D87D-434E-BFBE-7FB3E6562D73}: [DhcpNameServer] 75.75.75.75 75.75.76.76

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3430167221-3918767714-3983531757-1001 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-09-18] (IObit)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO-x32: Symantec Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\bin\IPS\IPSBHO.DLL [2013-10-20] (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-11] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-04-01] (IObit)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-11] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Noobsack\AppData\Roaming\Mozilla\Firefox\Profiles\4jb1f64h.default
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxps://www.google.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-08] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-08] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1220162.dll [2015-08-31] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-11] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3430167221-3918767714-3983531757-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Noobsack\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-08-08] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Noobsack\AppData\Roaming\Mozilla\Firefox\Profiles\4jb1f64h.default\user.js [2015-10-19]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Noobsack\AppData\Roaming\Mozilla\Firefox\Profiles\4jb1f64h.default\extensions\iobitascsurfingprotection@iobit.com [2015-12-14] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-01-05] [not signed]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [821024 2015-08-05] (IObit)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2014-12-04] ()
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.)
S2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [831096 2015-07-21] (BlueStack Systems, Inc.)
S2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [882464 2015-07-17] (IObit)
S2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareService.exe [712432 2015-12-09] ()
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-29] (IObit)
S3 PrintNotify; C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll [3337728 2015-10-29] (Microsoft Corporation) [File not signed]
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S2 SepMasterService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe [144368 2013-10-20] (Symantec Corporation)
S3 SmcService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\Smc.exe [2377984 2013-10-20] (Symantec Corporation)
S3 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\snac64.exe [334736 2013-10-20] (Symantec Corporation)
S2 Synergy; C:\Program Files\Synergy\synergyd.exe [291840 2013-10-22] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S1 BHDrvx64; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\BASHDefs\20151215.011\BHDrvx64.sys [1665608 2015-10-08] (Symantec Corporation)
S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-16] (BlueStack Systems)
S1 ccSettings_{2FF4FBED-F03A-4EE2-AC58-C985811A4FBE}; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\ccSetx64.sys [169048 2013-10-20] (Symantec Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-11-17] (Symantec Corporation)
S3 EraserUtilDrv11520; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11520.sys [157520 2015-12-14] (Symantec Corporation)
S4 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2015-03-25] (IObit)
S1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-10-19] (REALiX™)
S1 IDSVia64; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\IPSDefs\20151215.011\IDSvia64.sys [767224 2015-12-10] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\VirusDefs\20151215.018\ENG64.SYS [138488 2015-11-16] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\VirusDefs\20151215.018\EX64.SYS [2148080 2015-11-16] (Symantec Corporation)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2015-03-25] (IObit.com)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
S1 SRTSP; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\SRTSP64.SYS [797272 2013-10-20] (Symantec Corporation)
S1 SRTSPX; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\SRTSPX64.SYS [36952 2013-10-20] (Symantec Corporation)
S3 SyDvCtrl; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\SyDvCtrl64.sys [34800 2013-10-20] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\SYMDS64.SYS [493656 2013-10-20] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\SYMEFA64.SYS [1147480 2013-10-20] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-07-16] (Symantec Corporation)
S1 SymIRON; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\Ironx64.SYS [224856 2013-10-20] (Symantec Corporation)
S1 SYMNETS; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\SYMNETS.SYS [437336 2013-10-20] (Symantec Corporation)
S1 SysPlant; C:\Windows\System32\Drivers\SysPlant.sys [155352 2014-07-16] (Symantec Corporation)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [452040 2015-12-09] (BitDefender S.R.L.)
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2015-03-25] (IObit.com)
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-16 16:52 - 2015-12-16 16:52 - 00162870 _____ C:\Windows\ntbtlog.txt
2015-12-16 16:52 - 2015-12-16 16:52 - 00015022 _____ C:\Users\Noobsack\Desktop\FRST.txt
2015-12-16 16:44 - 2015-12-16 16:44 - 00000000 ____D C:\Users\Noobsack\Desktop\FRST
2015-12-16 16:42 - 2015-12-16 16:48 - 00000000 ____D C:\Users\Noobsack\AppData\LocalLow\uTorrent
2015-12-15 21:08 - 2015-12-16 16:52 - 00000000 ____D C:\FRST
2015-12-15 21:07 - 2015-12-15 21:07 - 02369536 _____ (Farbar) C:\Users\Noobsack\Desktop\FRST64.exe
2015-12-14 18:15 - 2015-12-14 18:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-12-12 19:31 - 2015-12-12 19:31 - 00000000 ____H C:\asc_rdflag
2015-12-12 19:15 - 2015-12-12 19:15 - 00000000 ____D C:\SUPERDelete
2015-12-12 19:10 - 2015-12-12 19:10 - 00000000 ____D C:\Users\Noobsack\AppData\Roaming\SUPERAntiSpyware.com
2015-12-12 19:09 - 2015-12-14 18:07 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-12-12 19:09 - 2015-12-12 19:09 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2015-12-12 18:39 - 2015-12-14 18:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2015-12-12 18:39 - 2015-12-12 18:39 - 00000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2015-12-12 18:38 - 2015-12-12 18:38 - 00001174 _____ C:\Users\Public\Desktop\Smart Defrag 4.lnk
2015-12-12 12:40 - 2015-12-12 12:40 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-12 12:40 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-12-08 17:16 - 2015-11-20 10:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-08 17:16 - 2015-11-20 10:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-08 17:16 - 2015-11-20 10:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-08 17:16 - 2015-11-20 10:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-08 17:16 - 2015-11-20 10:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-08 17:16 - 2015-11-20 10:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-08 17:16 - 2015-11-20 10:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-08 17:16 - 2015-11-20 10:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-08 17:16 - 2015-11-20 10:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-08 17:16 - 2015-11-20 10:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-08 17:16 - 2015-11-20 10:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-08 17:16 - 2015-11-20 10:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-08 17:16 - 2015-11-20 10:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-08 17:16 - 2015-11-20 10:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-08 17:16 - 2015-11-20 10:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-08 17:16 - 2015-11-20 10:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-08 17:16 - 2015-11-11 12:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-08 17:16 - 2015-11-11 10:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-08 17:16 - 2015-11-11 10:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-08 17:16 - 2015-11-11 10:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-08 17:16 - 2015-11-11 10:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-08 17:16 - 2015-11-11 07:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-08 17:16 - 2015-11-11 07:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-08 17:16 - 2015-11-11 06:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-08 17:16 - 2015-11-10 10:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-08 17:16 - 2015-11-10 10:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-08 17:16 - 2015-11-10 10:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-08 17:16 - 2015-11-10 10:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-08 17:16 - 2015-11-10 10:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-08 17:16 - 2015-11-10 09:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-08 17:16 - 2015-11-09 16:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-08 17:16 - 2015-11-09 16:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-08 17:16 - 2015-11-09 16:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-08 17:16 - 2015-11-09 16:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-08 17:16 - 2015-11-09 16:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-08 17:16 - 2015-11-09 15:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-08 17:16 - 2015-11-09 15:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-08 17:16 - 2015-11-09 15:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-08 17:16 - 2015-11-09 15:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-08 17:16 - 2015-11-08 14:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-08 17:16 - 2015-11-08 14:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-08 17:16 - 2015-11-08 14:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-08 17:16 - 2015-11-08 14:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-08 17:16 - 2015-11-08 13:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-08 17:16 - 2015-11-08 13:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-08 17:16 - 2015-11-05 11:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-08 17:16 - 2015-11-05 11:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-08 17:16 - 2015-11-05 11:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-08 17:16 - 2015-11-05 11:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-12-08 17:16 - 2015-11-05 01:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-08 17:16 - 2015-11-03 11:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-08 17:16 - 2015-11-03 10:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-08 17:15 - 2015-11-11 13:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-08 17:15 - 2015-11-11 08:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-08 17:15 - 2015-11-11 08:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-08 17:15 - 2015-11-11 07:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-08 17:15 - 2015-11-11 07:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-08 17:15 - 2015-11-09 16:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-08 17:15 - 2015-11-09 16:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-08 17:15 - 2015-11-09 16:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-08 17:15 - 2015-11-09 16:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-08 17:15 - 2015-11-09 16:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-08 17:15 - 2015-11-09 16:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-08 17:15 - 2015-11-09 16:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-08 17:15 - 2015-11-09 16:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-08 17:15 - 2015-11-09 15:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-08 17:15 - 2015-11-09 15:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-08 17:15 - 2015-11-09 15:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-08 17:15 - 2015-11-09 15:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-08 17:15 - 2015-11-09 15:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-08 17:15 - 2015-11-09 15:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-08 17:15 - 2015-11-09 15:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-08 17:15 - 2015-11-08 14:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-08 17:15 - 2015-11-08 14:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-08 17:15 - 2015-11-08 14:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-08 17:15 - 2015-11-08 14:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-08 17:15 - 2015-11-08 14:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-08 17:15 - 2015-11-08 14:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-08 17:15 - 2015-11-08 14:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-08 17:15 - 2015-11-08 14:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-08 17:15 - 2015-11-08 14:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-08 17:15 - 2015-11-08 14:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-08 17:15 - 2015-11-08 14:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-08 17:15 - 2015-11-08 14:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-08 17:15 - 2015-11-08 13:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-08 17:15 - 2015-11-08 13:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-08 17:15 - 2015-11-08 13:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-08 17:15 - 2015-11-08 13:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-08 17:15 - 2015-11-08 13:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-08 17:15 - 2015-11-08 13:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-08 17:15 - 2015-11-08 13:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-08 17:15 - 2015-11-08 13:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-08 17:15 - 2015-11-08 13:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-08 17:15 - 2015-11-08 13:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-08 17:15 - 2015-11-08 12:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-08 17:15 - 2015-11-08 12:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-08 17:15 - 2015-11-08 12:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-08 17:15 - 2015-11-03 11:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-08 17:15 - 2015-11-03 10:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-11-29 18:49 - 2015-11-29 18:49 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2015-11-29 18:49 - 2015-11-29 18:49 - 00419928 _____ C:\Windows\system32\locale.nls
2015-11-29 18:49 - 2015-11-29 18:49 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2015-11-29 18:49 - 2015-11-29 18:49 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2015-11-29 18:49 - 2015-11-29 18:49 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-11-29 18:49 - 2015-11-29 18:49 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2015-11-29 18:49 - 2015-11-29 18:49 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2015-11-29 18:49 - 2015-11-29 18:49 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2015-11-29 18:49 - 2015-11-29 18:49 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-11-29 18:49 - 2015-11-29 18:49 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-11-27 14:41 - 2015-11-27 14:41 - 00000000 ___HD C:\$WINDOWS.~BT
2015-11-25 19:37 - 2015-11-25 19:37 - 00000000 ____D C:\Users\Noobsack\AppData\Local\CEF
2015-11-23 01:33 - 2015-11-23 01:33 - 00000000 ____D C:\Users\Noobsack\AppData\Local\GWX

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-16 16:52 - 2009-07-13 19:20 - 00000000 ____D C:\Windows
2015-12-16 16:51 - 2014-01-04 22:00 - 00000000 ____D C:\Users\Noobsack\AppData\Roaming\uTorrent
2015-12-16 16:51 - 2014-01-04 21:27 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-16 16:51 - 2009-07-13 20:45 - 00020640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-16 16:51 - 2009-07-13 20:45 - 00020640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-16 16:48 - 2015-01-01 13:13 - 00002321 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2015-12-16 16:48 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-16 16:43 - 2015-10-19 19:07 - 00000000 ____D C:\ProgramData\ProductData
2015-12-15 21:33 - 2014-01-05 00:22 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-15 21:18 - 2014-02-05 21:18 - 00000911 _____ C:\Windows\Tasks\EPSON XP-610 Series Update {4E80ED7C-1931-4975-B83E-64D820042555}.job
2015-12-15 21:18 - 2014-02-05 21:18 - 00000725 _____ C:\Windows\Tasks\EPSON XP-610 Series Invitation {4E80ED7C-1931-4975-B83E-64D820042555}.job
2015-12-15 21:16 - 2014-02-05 21:16 - 00000911 _____ C:\Windows\Tasks\EPSON XP-610 Series Update {08EEE307-C586-4B94-89E0-2033D85A46B0}.job
2015-12-15 21:16 - 2014-02-05 21:16 - 00000725 _____ C:\Windows\Tasks\EPSON XP-610 Series Invitation {08EEE307-C586-4B94-89E0-2033D85A46B0}.job
2015-12-15 16:34 - 2009-07-13 21:13 - 00006182 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-15 16:30 - 2015-10-19 19:08 - 00003254 _____ C:\Windows\System32\Tasks\Driver Booster Scheduler
2015-12-15 16:30 - 2015-10-19 19:08 - 00002886 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Noobsack)
2015-12-15 16:29 - 2015-10-19 19:06 - 00000000 ____D C:\ProgramData\IObit
2015-12-14 18:18 - 2015-04-27 18:17 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-14 18:13 - 2014-01-04 21:22 - 00000000 ____D C:\Users\Noobsack
2015-12-14 18:08 - 2015-04-04 21:10 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-14 18:08 - 2014-05-06 21:21 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-12-14 18:08 - 2010-11-20 23:16 - 00000000 ____D C:\Program Files\Windows Journal
2015-12-14 18:08 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2015-12-14 18:08 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-12-14 18:08 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Windows Defender
2015-12-14 18:08 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-12-14 18:08 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\com
2015-12-14 18:08 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\system32\Setup
2015-12-14 18:08 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\system32\com
2015-12-14 18:08 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-12-14 18:08 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\servicing
2015-12-14 18:07 - 2015-11-13 18:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-14 18:07 - 2015-10-20 15:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2015-12-14 18:07 - 2015-10-19 19:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 4
2015-12-14 18:07 - 2015-10-19 19:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2015-12-14 18:07 - 2015-10-19 19:07 - 00000000 ____D C:\Users\Noobsack\AppData\Roaming\ProductData
2015-12-14 18:07 - 2015-10-19 19:07 - 00000000 ____D C:\Users\Noobsack\AppData\LocalLow\IObit
2015-12-14 18:07 - 2015-10-19 19:06 - 00000000 ____D C:\Users\Noobsack\AppData\Roaming\IObit
2015-12-14 18:07 - 2015-10-19 19:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2015-12-14 18:07 - 2015-10-19 19:06 - 00000000 ____D C:\Program Files (x86)\IObit
2015-12-14 18:07 - 2015-08-22 16:29 - 00000000 ____D C:\Users\Noobsack\AppData\Roaming\Auto Mouse Click by MurGee.com
2015-12-14 18:07 - 2015-06-19 20:56 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2015-12-14 18:07 - 2015-04-27 22:04 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2015-12-14 18:07 - 2015-04-27 22:04 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-12-14 18:07 - 2015-04-27 22:04 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-12-14 18:07 - 2015-04-27 22:04 - 00000000 ____D C:\KMPlayer
2015-12-14 18:07 - 2015-04-27 22:03 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2015-12-14 18:07 - 2015-04-27 18:16 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-14 18:07 - 2014-06-07 08:42 - 00000000 ____D C:\Program Files (x86)\Heroes of Newerth
2015-12-14 18:07 - 2014-03-28 23:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2015-12-14 18:07 - 2014-03-28 23:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2015-12-14 18:07 - 2014-02-07 23:16 - 00000000 ____D C:\Users\Noobsack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
2015-12-14 18:07 - 2014-01-04 21:53 - 00000000 ____D C:\Program Files\Synergy
2015-12-14 18:07 - 2014-01-04 21:36 - 00000000 ____D C:\Program Files\Speccy
2015-12-14 18:07 - 2014-01-04 21:29 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-12-14 18:07 - 2014-01-04 21:28 - 00000000 ____D C:\Program Files (x86)\Notepad++
2015-12-14 18:07 - 2014-01-04 21:27 - 00000000 ____D C:\Program Files\7-Zip
2015-12-14 18:07 - 2014-01-04 21:27 - 00000000 ____D C:\Program Files (x86)\ImgBurn
2015-12-14 18:07 - 2014-01-04 21:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-14 18:07 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
2015-12-14 18:07 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\inf
2015-12-12 19:31 - 2015-11-12 16:28 - 44154880 _____ C:\Windows\system32\config\COMPONENTS.iodefrag.bak
2015-12-12 19:31 - 2015-11-12 16:28 - 104349696 _____ C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2015-12-12 19:31 - 2015-11-12 16:28 - 04972544 _____ C:\Windows\system32\config\DEFAULT.iodefrag.bak
2015-12-12 19:31 - 2015-11-12 16:28 - 00065536 _____ C:\Windows\system32\config\SAM.iodefrag.bak
2015-12-12 19:31 - 2015-11-12 16:28 - 00024576 _____ C:\Windows\system32\config\SECURITY.iodefrag.bak
2015-12-12 16:51 - 2015-05-16 21:13 - 00000000 ____D C:\Users\Noobsack\AppData\Roaming\MPC-HC
2015-12-09 17:13 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2015-12-09 16:38 - 2009-07-13 20:45 - 00413672 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-09 11:04 - 2015-01-22 15:16 - 00452040 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\Trufos.sys
2015-12-08 19:10 - 2014-02-15 22:51 - 00000000 ____D C:\Windows\system32\MRT
2015-12-08 19:06 - 2014-02-15 22:51 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-08 18:33 - 2014-01-05 00:22 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-08 18:33 - 2014-01-05 00:22 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-08 18:33 - 2014-01-05 00:22 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-03 23:04 - 2014-07-16 19:55 - 00000000 ____D C:\ProgramData\Symantec
2015-12-02 16:20 - 2015-10-19 19:08 - 00002185 _____ C:\Users\Public\Desktop\Advanced SystemCare 8.lnk
2015-11-28 08:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\system32\spool
2015-11-27 14:46 - 2014-01-04 21:10 - 00000000 ____D C:\Windows\Panther
2015-11-22 23:45 - 2015-10-22 22:03 - 00000000 ____D C:\Users\Noobsack\AppData\Local\ElevatedDiagnostics

==================== Files in the root of some directories =======

2014-03-30 09:19 - 2014-03-30 09:19 - 27045040 _____ (McAfee) C:\Program Files (x86)\Common Files\lpuninstall.exe
2015-10-19 19:14 - 2015-10-19 19:14 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-12-11 11:27

==================== End of FRST.txt ============================



#3 TsVk!

TsVk!

    penguin farmer


  • Members
  • 6,234 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Antipodes
  • Local time:03:46 AM

Posted 16 December 2015 - 08:30 PM

Hi,

 

I am a student here looking at your logs. I will not be helping you, just watching closely.

 

Could you please also post your Addition.txt log to the forum.

 

Many thanks

 

TsVk!



#4 TheAmerican

TheAmerican
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:46 AM

Posted 16 December 2015 - 09:07 PM

Hi,

 

I am a student here looking at your logs. I will not be helping you, just watching closely.

 

Could you please also post your Addition.txt log to the forum.

 

Many thanks

 

TsVk!

 

Yes, thanks for giving my post a look. I would certainly love to post the Addition, I looked things over and I noticed the wording was "Paste the logs and attach the Addition" so for the last 24hours i have been looking for a spot called 'attach' or something similar. I'll just paste it though.

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:14-12-2015
Ran by Noobsack (2015-12-16 16:53:07)
Running from C:\Users\Noobsack\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2014-01-05 05:21:30)
Boot Mode: Safe Mode (minimal)
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3430167221-3918767714-3983531757-500 - Administrator - Disabled)
Guest (S-1-5-21-3430167221-3918767714-3983531757-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3430167221-3918767714-3983531757-1002 - Limited - Enabled)
Noobsack (S-1-5-21-3430167221-3918767714-3983531757-1001 - Administrator - Enabled) => C:\Users\Noobsack

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Symantec Endpoint Protection (Disabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AV: Ad-Aware Antivirus (Disabled - Out of date) {B0CC18C6-E527-6EE6-874C-9D19920E5619}
AS: Ad-Aware Antivirus (Disabled - Out of date) {0BADF922-C31D-6168-BDFC-A66BE9891CA4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
AS: Symantec Endpoint Protection (Disabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Ad-Aware Firewall (Disabled) {88F799E3-AF48-6FBE-AC13-342C6CDD1162}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3430167221-3918767714-3983531757-1001\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Ad-Aware Antivirus (HKLM\...\{9A711B34-77B5-4DDA-A97E-2FD6663729E1}_AdAwareUpdater) (Version: 11.9.696.8769 - Lavasoft)
AdAwareInstaller (Version: 11.9.696.8769 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.9.696.8769 - Lavasoft) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1380 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.0.162 - Adobe Systems, Inc.)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.4.0 - IObit)
AMD Catalyst Install Manager (HKLM\...\{308051DA-0048-7A07-FE8B-9B6EC119A9E8}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AntimalwareEngine (Version: 3.0.99.0 - Lavasoft) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.4.2.0 - Auslogics Labs Pty Ltd)
Auto Mouse Click v7.1 (HKLM-x32\...\{F5E3859D-0720-41F0-BAF5-4CBCDFD8F406}_is1) (Version: 7.1 - MurGee.com)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{3792811C-832F-4392-B44A-24092901EDDC}) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Driver Booster 3.0 (HKLM-x32\...\Driver Booster_is1) (Version: 3.0 - IObit)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.6.3.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{2970697F-2A11-4588-8B7F-97322D1CCF3C}) (Version: 3.10.0017 - Seiko Epson Corporation)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.22.00 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-610 Series Printer Uninstall (HKLM\...\EPSON XP-610 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Heroes of Newerth (HKLM-x32\...\hon) (Version: 2.3.0 - S2 Games)
iFreeUp 1.0 (HKLM-x32\...\iFreeUp_is1) (Version: 1.0.11 - IObit)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
IObit Malware Fighter 3 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 3.3 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.0.3.171 - IObit)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.650 - Oracle)
K-Lite Codec Pack 11.1.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.1.0 - )
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.9.1.135 - PandoraTV)
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.3 - Notepad++ Team)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.57.35 - NVIDIA Corporation)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Smart Defrag 4 (HKLM-x32\...\Smart Defrag 4_is1) (Version: 4.2 - IObit)
Software Updater (HKLM-x32\...\{129C5695-0C85-4D78-827B-6CF2B0155F05}) (Version: 4.2.0 - SEIKO EPSON CORPORATION) <==== ATTENTION
Speccy (HKLM\...\Speccy) (Version: 1.24 - Piriform)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Symantec Endpoint Protection (HKLM\...\{B53661DC-CD94-4B14-B15F-D9DDCFF72558}) (Version: 12.1.4013.4013 - Symantec Corporation)
Synergy (HKLM-x32\...\Synergy) (Version: 1.4.15 - The Synergy Project)
Unity Web Player (HKU\S-1-5-21-3430167221-3918767714-3983531757-1001\...\UnityWebPlayer) (Version: 4.5.3f3 - Unity Technologies ApS)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WinDirStat 1.1.2 (HKU\S-1-5-21-3430167221-3918767714-3983531757-1001\...\WinDirStat) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 18:34 - 2015-12-12 12:42 - 00450831 ____R C:\Windows\system32\Drivers\etc\hosts

127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.0scan.com
127.0.0.1    0scan.com
127.0.0.1    1000gratisproben.com
127.0.0.1    www.1000gratisproben.com
127.0.0.1    1001namen.com
127.0.0.1    www.1001namen.com
127.0.0.1    100888290cs.com
127.0.0.1    www.100888290cs.com
127.0.0.1    www.100sexlinks.com
127.0.0.1    100sexlinks.com
127.0.0.1    10sek.com
127.0.0.1    www.10sek.com
127.0.0.1    www.1-2005-search.com
127.0.0.1    1-2005-search.com
127.0.0.1    123fporn.info
127.0.0.1    www.123fporn.info
127.0.0.1    123haustiereundmehr.com
127.0.0.1    www.123haustiereundmehr.com
127.0.0.1    123moviedownload.com
127.0.0.1    www.123moviedownload.com

There are 15464 more lines.


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0CA773CB-2624-4D6E-8F17-0FD67FEBE24E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {2B8F6307-E5CB-45CE-AD60-EFF8D23AC148} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {2C6BABC2-E7D9-4CAF-83A9-E5E9EBF51061} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-08] (Adobe Systems Incorporated)
Task: {332629F9-BBDF-45F4-A222-89A57E4AA102} - System32\Tasks\SmartDefrag4_Startup => C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe [2015-07-20] (IObit)
Task: {51CBE17E-5FBC-4F67-8D35-8E99E9DD9BFA} - System32\Tasks\SmartDefrag4_Update => C:\Program Files (x86)\IObit\Smart Defrag 4\AutoUpdate.exe [2015-03-03] (IObit)
Task: {548DDEB1-E74B-4D0B-A5C4-135E91003FC3} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe [2015-08-12] (IObit)
Task: {5A76074A-5F71-4712-85E2-6BD61ACAC3FE} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {68FD0F22-3569-488F-93DE-4357300B6363} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {718B44ED-A554-4A94-A3CA-8126E46172AA} - System32\Tasks\EPSON XP-610 Series Invitation {4E80ED7C-1931-4975-B83E-64D820042555} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [2013-02-27] (SEIKO EPSON CORPORATION)
Task: {77581DC6-54D4-4360-AEB9-3810F2899293} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2015-09-24] (IObit)
Task: {8972B9D5-C87C-4DA1-8065-740F83E76FCA} - System32\Tasks\EPSON XP-610 Series Update {08EEE307-C586-4B94-89E0-2033D85A46B0} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [2013-02-27] (SEIKO EPSON CORPORATION)
Task: {949708E8-01EF-4F2F-A086-EE46A3D26B0B} - System32\Tasks\EPSON XP-610 Series Invitation {08EEE307-C586-4B94-89E0-2033D85A46B0} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [2013-02-27] (SEIKO EPSON CORPORATION)
Task: {985D6DEA-6714-4E23-A571-568E1BC021B4} - System32\Tasks\ASC8_SkipUac_Noobsack => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2015-08-17] (IObit)
Task: {B88480F7-A563-4D53-BC0E-0B2BCD702594} - System32\Tasks\Driver Booster SkipUAC (Noobsack) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-10-08] (IObit)
Task: {C82BCAC4-54CB-4F38-B9A2-73F57F9FA638} - System32\Tasks\Uninstaller_SkipUac_Noobsack => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-09-18] (IObit)
Task: {F5E3E2C8-3523-4696-A97D-8D2636DF156E} - System32\Tasks\EPSON XP-610 Series Update {4E80ED7C-1931-4975-B83E-64D820042555} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [2013-02-27] (SEIKO EPSON CORPORATION)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EPSON XP-610 Series Invitation {08EEE307-C586-4B94-89E0-2033D85A46B0}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE
Task: C:\Windows\Tasks\EPSON XP-610 Series Invitation {4E80ED7C-1931-4975-B83E-64D820042555}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE
Task: C:\Windows\Tasks\EPSON XP-610 Series Update {08EEE307-C586-4B94-89E0-2033D85A46B0}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE:/EXE:{08EEE307-C586-4B94-89E0-2033D85A46B0} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\EPSON XP-610 Series Update {4E80ED7C-1931-4975-B83E-64D820042555}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE:/EXE:{4E80ED7C-1931-4975-B83E-64D820042555} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2013-10-22 10:28 - 2013-10-22 10:28 - 00024064 _____ () C:\Program Files\Synergy\synwinxt.dll
2015-10-19 19:06 - 2015-01-09 17:46 - 00517408 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\sqlite3.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SepMasterService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmcService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7867 more sites.

IE restricted site: HKU\S-1-5-21-3430167221-3918767714-3983531757-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3430167221-3918767714-3983531757-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3430167221-3918767714-3983531757-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3430167221-3918767714-3983531757-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3430167221-3918767714-3983531757-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3430167221-3918767714-3983531757-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3430167221-3918767714-3983531757-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3430167221-3918767714-3983531757-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3430167221-3918767714-3983531757-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3430167221-3918767714-3983531757-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3430167221-3918767714-3983531757-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3430167221-3918767714-3983531757-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3430167221-3918767714-3983531757-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3430167221-3918767714-3983531757-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3430167221-3918767714-3983531757-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3430167221-3918767714-3983531757-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3430167221-3918767714-3983531757-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3430167221-3918767714-3983531757-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3430167221-3918767714-3983531757-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3430167221-3918767714-3983531757-1001\...\1-se.com -> 1-se.com

There are 11404 more sites.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3430167221-3918767714-3983531757-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{EB90261E-0B48-45EF-921D-C6A148215FE5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D4251CBE-0550-4260-B3B0-2C0245E15AEE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1A86552F-DE8A-4666-97A5-011E2BE7265C}] => (Allow) C:\Program Files\Synergy\synergys.exe
FirewallRules: [{1D0D94A5-FA67-4D0A-8C9F-4A9D43B5D9A2}] => (Allow) C:\Program Files\Synergy\synergys.exe
FirewallRules: [{D63BB848-84DB-46CF-A32D-5F5D405C7239}] => (Allow) C:\Users\Noobsack\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{827BC6A8-5F87-4CEE-8CFE-D7AD6E43A7CD}] => (Allow) C:\Users\Noobsack\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D9644A0A-A0BD-4A5A-B71E-1A0B39FFE3AF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{AE0F87CF-90D8-47AF-9C52-371A1492264B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{91059B8B-4C88-473C-BBA0-5C286CACA5D3}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{32DF51B1-7081-4C70-954B-AB69E6FFAA94}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{9768872F-5B32-4DD1-95A3-35494F4063D0}] => (Allow) C:\Users\Noobsack\AppData\Local\Temp\WZSE0.TMP\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{0CEE59DD-2BBB-4B96-9DB7-A86B791CDC1F}] => (Allow) C:\Users\Noobsack\AppData\Local\Temp\WZSE0.TMP\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [TCP Query User{C945F679-8665-4398-8688-4305E01FB2BF}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{A57D88A0-7BA8-48F4-BC9F-EC823B4D6333}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{A0D85CAB-372B-4C67-A501-DBD1758A2F8C}C:\program files (x86)\torntv.com\torntv downloader.exe] => (Allow) C:\program files (x86)\torntv.com\torntv downloader.exe
FirewallRules: [UDP Query User{BF73C5A0-1C77-499E-8261-26C15227BC66}C:\program files (x86)\torntv.com\torntv downloader.exe] => (Allow) C:\program files (x86)\torntv.com\torntv downloader.exe
FirewallRules: [{AF4E839F-BB82-4A3D-A58F-F3738B0AEC6D}] => (Allow) C:\Users\Noobsack\AppData\Local\GCC\Controller.exe
FirewallRules: [{3A0AC730-C2E3-4155-9A2D-113F36F518E0}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{BD66C58B-A871-4D54-BB5B-AD881CBE70CE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{89161000-45B0-4E40-9B8D-E13590FA19DB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{E7CC35A2-C7ED-47FF-86E8-A72EAB0E47DE}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\Smc.exe
FirewallRules: [{E9B736D4-65A9-4B7A-9A3C-5E8ED92D271D}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\Smc.exe
FirewallRules: [{21C3CBBB-2170-4726-BDB3-AE8539BB35B4}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\snac64.exe
FirewallRules: [{8CE19EF2-26ED-49F5-82ED-F18943847950}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\snac64.exe
FirewallRules: [{78A80B1D-F472-4C00-8B3E-E695585B277B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{725D702D-0BB5-47EC-89C5-2C8731179480}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{12D4EEB9-EF31-405B-8249-7BF3AFE7FAE1}C:\program files (x86)\heroes of newerth\hon.exe] => (Allow) C:\program files (x86)\heroes of newerth\hon.exe
FirewallRules: [UDP Query User{3FE11437-9775-4B3E-A050-9EA8142A9923}C:\program files (x86)\heroes of newerth\hon.exe] => (Allow) C:\program files (x86)\heroes of newerth\hon.exe
FirewallRules: [{D73C7985-9F72-4CF4-A33D-8DF1C2D34460}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{B28C2922-EAD7-4C72-BD70-A05D0342C288}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{F5642E12-C88F-4BFE-A90A-431D1695B6B2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{39083EBD-759B-4B63-83CA-5976D607593D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{18671A2D-D5C5-4E45-8EAD-13CBCC3D96A4}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{B65CEDBD-9023-4C31-A38B-A25E98E86C68}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2B22B73C-CD79-47FA-8E6D-5354DC081D6B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Faulty Device Manager Devices =============

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/16/2015 04:54:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/16/2015 04:48:45 PM) (Source: Symantec Network Protection) (EventID: 400) (User: )
Description: Network Intrusion Prevention is not protecting machine because its driver was unloaded

Error: (12/16/2015 04:48:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/16/2015 04:48:12 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.

Error: (12/16/2015 04:42:47 PM) (Source: Symantec Network Protection) (EventID: 400) (User: )
Description: Network Intrusion Prevention is not protecting machine because its driver was unloaded

Error: (12/16/2015 04:42:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/16/2015 04:42:16 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.

Error: (12/15/2015 10:11:39 PM) (Source: Symantec AntiVirus) (EventID: 51) (User: )
Description: Security Risk Found!Suspicious.Cloud.2 in File: C:\ProgramData\Symantec\DefWatch.DWH\dwhe8d9.exe by: Auto-Protect scan.  Action: Quarantine succeeded : Access denied.  Action Description: The file was quarantined successfully.

Error: (12/15/2015 10:11:28 PM) (Source: Symantec AntiVirus) (EventID: 51) (User: )
Description: Security Risk Found!Suspicious.Cloud.2 in File: C:\ProgramData\Symantec\DefWatch.DWH\dwhd900.exe by: Auto-Protect scan.  Action: Quarantine succeeded : Access denied.  Action Description: The file was quarantined successfully.

Error: (12/15/2015 10:11:17 PM) (Source: Symantec AntiVirus) (EventID: 51) (User: )
Description: Security Risk Found!Suspicious.Cloud.2 in File: C:\ProgramData\Symantec\DefWatch.DWH\dwhc927.exe by: Auto-Protect scan.  Action: Quarantine succeeded : Access denied.  Action Description: The file was quarantined successfully.


System errors:
=============
Error: (12/16/2015 04:54:10 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068

Error: (12/16/2015 04:52:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (12/16/2015 04:52:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (12/16/2015 04:52:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (12/16/2015 04:52:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (12/16/2015 04:52:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (12/16/2015 04:52:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (12/16/2015 04:52:19 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (12/16/2015 04:52:19 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (12/16/2015 04:52:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068


==================== Memory info ===========================

Processor: Intel® Core™2 Quad CPU @ 2.40GHz
Percentage of memory in use: 9%
Total physical RAM: 8190.55 MB
Available physical RAM: 7438.58 MB
Total Virtual: 16379.32 MB
Available Virtual: 15651.5 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.79 GB) (Free:31.63 GB) NTFS
Drive j: (Media Storage) (Fixed) (Total:1854.72 GB) (Free:860.76 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 9FB37690)
Partition 1: (Not Active) - (Size=111.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: BC581F55)
Partition 1: (Active) - (Size=8.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1854.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================



#5 TheAmerican

TheAmerican
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:46 AM

Posted 25 December 2015 - 11:19 PM

Hrmm  the problem has some what stopped, but its still acting up from time to time. Let me know what you think






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users