Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infection after watching online video


  • This topic is locked This topic is locked
8 replies to this topic

#1 soderquist1

soderquist1

  • Members
  • 126 posts
  • OFFLINE
  •  
  • Local time:03:04 PM

Posted 19 April 2016 - 08:34 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-04-2016
Ran by dale (administrator) on DALE-ASUS (19-04-2016 19:23:36)
Running from C:\Users\dale\Downloads
Loaded Profiles: dale &  (Available Profiles: dale & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(AsusTek) C:\Program Files\FSP\QuickGesture\x86\QuickGesture.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Sentelic Corporation) C:\Program Files\FSP\FspUip.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Flixster, Inc.) C:\Users\dale\AppData\Local\Apps\2.0\C0QHDWTG.4N9\X2B5QJK6.N2Z\flix..tion_ecb264731b8bf913_0002.0006_591bf3f4a8b757d0\FlixsterDesktop.exe
(Awesomium Technologies) C:\Users\dale\AppData\Local\Apps\2.0\C0QHDWTG.4N9\X2B5QJK6.N2Z\flix..tion_ecb264731b8bf913_0002.0006_591bf3f4a8b757d0\awesomium_process
(Awesomium Technologies) C:\Users\dale\AppData\Local\Apps\2.0\C0QHDWTG.4N9\X2B5QJK6.N2Z\flix..tion_ecb264731b8bf913_0002.0006_591bf3f4a8b757d0\awesomium_process
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Siber Systems Inc.) C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome-nm-host.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-10-30] (Adobe Systems Incorporated)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [qgesture32] => C:\Program Files\FSP\QuickGesture\x86\quickgesture.exe [19824 2011-10-15] (AsusTek)
HKLM\...\Run: [qgesture64] => C:\Program Files\FSP\QuickGesture\x64\quickgesture64.exe [21360 2011-10-15] (AsusTek)
HKLM\...\Run: [fspuip] => C:\Program Files\FSP\fspuip.exe [6319440 2015-05-29] (Sentelic Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2396096 2016-03-29] (NVIDIA Corporation)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [12866288 2016-04-08] (Zemana Ltd.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1867448 2015-12-18] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2292912 2015-09-17] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2321072 2012-02-02] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [807392 2016-03-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [23248560 2016-04-08] (Dropbox, Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2803351199-1918054348-220819788-1000\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [881336 2015-12-18] (Adobe Systems Incorporated)
HKU\S-1-5-21-2803351199-1918054348-220819788-1000\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110160 2015-10-28] (Siber Systems)
HKU\S-1-5-21-2803351199-1918054348-220819788-1000\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [126056 2014-02-10] (Seagate Technology LLC)
HKU\S-1-5-21-2803351199-1918054348-220819788-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50605696 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2803351199-1918054348-220819788-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [881336 2015-12-18] (Adobe Systems Incorporated)
HKU\S-1-5-21-2803351199-1918054348-220819788-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110160 2015-10-28] (Siber Systems)
HKU\S-1-5-21-2803351199-1918054348-220819788-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [126056 2014-02-10] (Seagate Technology LLC)
HKU\S-1-5-21-2803351199-1918054348-220819788-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50605696 2016-02-10] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll [2010-09-02] (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll [2010-09-02] (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
Startup: C:\Users\dale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2015-11-21] ()
Startup: C:\Users\dale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk [2016-02-20]
ShortcutTarget: ERUNT AutoBackup.lnk -> C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 64.59.184.17 64.59.191.229
Tcpip\..\Interfaces\{332bc5a9-44a4-476c-b6f2-f88aa738be70}: [DhcpNameServer] 64.59.184.17 64.59.191.229
Tcpip\..\Interfaces\{a714e976-949d-45d5-8a1f-b99508a69b54}: [DhcpNameServer] 192.168.0.1
 
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2803351199-1918054348-220819788-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2803351199-1918054348-220819788-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.ca/
HKU\S-1-5-21-2803351199-1918054348-220819788-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKU\S-1-5-21-2803351199-1918054348-220819788-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2803351199-1918054348-220819788-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.ca/
HKU\S-1-5-21-2803351199-1918054348-220819788-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2803351199-1918054348-220819788-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2803351199-1918054348-220819788-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-03-15] (Microsoft Corporation)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-10-28] (Siber Systems Inc.)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_71\bin\ssv.dll [2016-02-02] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-04-19] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-02-02] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2015-10-28] (Siber Systems Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-02-02] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-02-02] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-10-28] (Siber Systems Inc.)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2015-10-28] (Siber Systems Inc.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-2803351199-1918054348-220819788-1000 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-10-28] (Siber Systems Inc.)
Toolbar: HKU\S-1-5-21-2803351199-1918054348-220819788-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-2803351199-1918054348-220819788-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-10-28] (Siber Systems Inc.)
Toolbar: HKU\S-1-5-21-2803351199-1918054348-220819788-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-06-24] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\dale\AppData\Roaming\Mozilla\Firefox\Profiles\l5o8o5y5.default-1419992173779
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-07] ()
FF Plugin: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-02-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-02-02] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-09-17] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-07] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-02-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-02-02] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-12-04] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-03-21] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-03-21] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-09-17] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-10-04] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox\roboform.xpi
FF Extension: RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox\roboform.xpi [2015-10-28]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-02-17]
FF HKU\S-1-5-21-2803351199-1918054348-220819788-1000\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox\roboform.xpi
FF HKU\S-1-5-21-2803351199-1918054348-220819788-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox\roboform.xpi
 
Chrome: 
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\dale\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-06]
CHR Extension: (Google Drive) - C:\Users\dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Docs Offline) - C:\Users\dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Skype) - C:\Users\dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-12-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
CHR Extension: (Gmail) - C:\Users\dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-06]
CHR Extension: (RoboForm Password Manager) - C:\Users\dale\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2016-03-19]
CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-07-01]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-07-01]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [955736 2016-03-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466504 2016-03-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466504 2016-03-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1424880 2016-03-18] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S3 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
S3 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R3 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2829552 2016-03-08] (Microsoft Corporation)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2011-07-15] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2011-07-15] (Creative Labs) [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-18] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-18] (Dropbox, Inc.)
S3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [713728 2015-09-02] (Microsoft Corporation) [File not signed]
S3 ehSched; C:\Windows\ehome\ehsched.exe [177152 2015-09-02] (Microsoft Corporation) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-03-29] (NVIDIA Corporation)
R2 LDrvSvc; c:\program files (x86)\ostotosoft\drivertalent\LDrvSvc.dll [147216 2015-12-16] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [83968 2015-09-05] (Microsoft Corporation) [File not signed]
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [242264 2014-11-20] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-03-29] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-03-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-03-29] (NVIDIA Corporation)
S3 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16000 2014-02-10] (Seagate Technology LLC)
S3 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [157264 2014-02-10] (Seagate Technology LLC)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe [388608 2016-01-28] (Wondershare) [File not signed]
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [12866288 2016-04-08] (Zemana Ltd.)
S2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [X]
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\MobileGo\DriverInstall.exe" [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [17152 2012-01-30] (ASUSTek Computer Inc.)
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4316784 2015-06-15] (Qualcomm Atheros Communications, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-03-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [137952 2016-03-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [68936 2016-03-18] (Avira Operations GmbH & Co. KG)
S3 cpuz134; C:\Users\dale\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [21480 2016-02-20] (Windows ® Win 7 DDK provider)
S3 DCamUSBTP10; C:\Windows\System32\Drivers\iP293x.sys [197376 2009-11-20] (iPassion Technology Inc.) [File not signed]
S3 DigiartyVirtualCDBus; C:\Windows\System32\drivers\DigiartyVirtualCDBus.sys [276256 2016-03-16] (Digiarty Software, Inc.)
R3 FLxHCIh; C:\Windows\System32\drivers\FLxHCIh.sys [77040 2012-11-08] (Fresco Logic)
R3 fspad_win764; C:\Windows\system32\DRIVERS\fspad_win764.sys [209232 2015-05-29] (Sentelic Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [15416 2009-07-20] ( )
S3 LcUvcUpper; C:\Windows\system32\DRIVERS\LcUvcUpper.sys [37912 2015-09-21] (Microsoft Corporation)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [109272 2015-10-05] (Malwarebytes)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-04-19] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-03-29] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-03-21] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [936192 2016-01-06] (Realtek                                            )
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [24688 2016-02-19] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [247464 2016-04-14] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [247464 2016-04-14] (Zemana Ltd.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-04-19 19:23 - 2016-04-19 19:24 - 00038086 _____ C:\Users\dale\Downloads\FRST.txt
2016-04-19 19:23 - 2016-04-19 19:23 - 00000000 ____D C:\FRST
2016-04-19 19:22 - 2016-04-19 19:23 - 02375680 _____ (Farbar) C:\Users\dale\Downloads\FRST64.exe
2016-04-17 19:45 - 2016-04-17 19:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan
2016-04-17 19:45 - 2016-04-17 19:45 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-04-17 19:45 - 2016-03-21 19:57 - 00110528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-04-17 19:45 - 2016-03-16 15:30 - 00128792 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-04-17 19:45 - 2016-03-16 15:29 - 00127768 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-04-17 19:45 - 2016-03-16 15:29 - 00041752 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-04-17 19:45 - 2016-03-16 15:28 - 00045848 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-04-17 19:44 - 2016-03-21 22:08 - 00213952 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-04-17 19:44 - 2016-03-21 22:08 - 00201664 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2016-04-17 19:44 - 2016-03-21 20:37 - 06369728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-04-17 19:44 - 2016-03-21 20:37 - 02994744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-04-17 19:44 - 2016-03-21 20:37 - 02561472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-04-17 19:44 - 2016-03-21 20:37 - 01265720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-04-17 19:44 - 2016-03-21 20:37 - 00530880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-04-17 19:44 - 2016-03-21 20:37 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-04-17 19:44 - 2016-03-21 20:37 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-04-17 19:44 - 2016-03-21 20:37 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-04-17 19:44 - 2016-03-18 05:44 - 06253721 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-04-17 19:42 - 2016-03-24 19:23 - 12659136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-04-17 19:42 - 2016-03-24 05:52 - 01572496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2016-04-17 19:42 - 2016-03-24 05:52 - 00205456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2016-04-17 19:42 - 2016-03-24 05:52 - 00039240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2016-04-17 19:42 - 2016-03-21 22:08 - 42923576 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-04-17 19:42 - 2016-03-21 22:08 - 37567424 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-04-17 19:42 - 2016-03-21 22:08 - 31594432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-04-17 19:42 - 2016-03-21 22:08 - 25350080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-04-17 19:42 - 2016-03-21 22:08 - 21364536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-04-17 19:42 - 2016-03-21 22:08 - 20906168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-04-17 19:42 - 2016-03-21 22:08 - 20074728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-04-17 19:42 - 2016-03-21 22:08 - 17755928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-04-17 19:42 - 2016-03-21 22:08 - 17369448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-04-17 19:42 - 2016-03-21 22:08 - 17349776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-04-17 19:42 - 2016-03-21 22:08 - 17328008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-04-17 19:42 - 2016-03-21 22:08 - 14226672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-04-17 19:42 - 2016-03-21 22:08 - 10550552 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-04-17 19:42 - 2016-03-21 22:08 - 08659472 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-04-17 19:42 - 2016-03-21 22:08 - 03685280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-04-17 19:42 - 2016-03-21 22:08 - 03263480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-04-17 19:42 - 2016-03-21 22:08 - 02614208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-04-17 19:42 - 2016-03-21 22:08 - 02260024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-04-17 19:42 - 2016-03-21 22:08 - 01922496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436472.dll
2016-04-17 19:42 - 2016-03-21 22:08 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436472.dll
2016-04-17 19:42 - 2016-03-21 22:08 - 00960056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-04-17 19:42 - 2016-03-21 22:08 - 00889400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-04-17 19:42 - 2016-03-21 22:08 - 00751552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-04-17 19:42 - 2016-03-21 22:08 - 00695864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-04-17 19:42 - 2016-03-21 22:08 - 00678520 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-04-17 19:42 - 2016-03-21 22:08 - 00572096 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-04-17 19:42 - 2016-03-21 22:08 - 00038050 _____ C:\WINDOWS\system32\nvinfo.pb
2016-04-17 19:42 - 2016-03-21 22:08 - 00000139 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-04-17 19:42 - 2016-03-21 22:08 - 00000139 _____ C:\WINDOWS\system32\nv-vk64.json
2016-04-17 10:16 - 2016-04-17 10:16 - 00000000 ____D C:\WINDOWS\LastGood
2016-04-17 10:16 - 2016-03-21 14:01 - 00109632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-04-17 10:16 - 2016-03-21 14:01 - 00100416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-04-16 17:48 - 2016-04-16 17:51 - 00516369 _____ C:\Users\dale\Downloads\cru-1.2.6.zip
2016-04-16 17:08 - 2016-04-16 17:13 - 06898535 _____ C:\Users\dale\Downloads\VGA Driver Intel (1).exe
2016-04-16 16:52 - 2016-04-16 16:52 - 06898535 _____ C:\Users\dale\Downloads\VGA Driver Intel.exe
2016-04-15 18:42 - 2016-04-15 18:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-04-15 15:32 - 2016-04-15 15:32 - 00159492 _____ C:\Users\dale\Downloads\Route14.pdf
2016-04-15 10:01 - 2016-04-15 10:01 - 00163733 _____ C:\Users\dale\Downloads\Route109.pdf
2016-04-14 17:17 - 2016-04-14 17:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2016-04-13 11:27 - 2016-04-13 17:46 - 00000000 ____D C:\Users\dale\Documents\My Recipes
2016-04-12 16:52 - 2016-03-29 04:20 - 07474016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-12 16:52 - 2016-03-29 04:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-12 16:52 - 2016-03-29 04:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-12 16:52 - 2016-03-29 03:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-04-12 16:52 - 2016-03-29 02:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-12 16:52 - 2016-03-29 02:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-12 16:52 - 2016-03-29 02:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-04-12 16:52 - 2016-03-29 01:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-12 16:52 - 2016-03-29 01:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-12 16:52 - 2016-03-29 01:46 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-04-12 16:52 - 2016-03-29 01:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-04-12 16:52 - 2016-03-29 01:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-04-12 16:52 - 2016-03-29 01:15 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-04-12 16:52 - 2016-03-29 01:15 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-04-12 16:52 - 2016-03-29 01:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-04-12 16:52 - 2016-03-29 01:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-04-12 16:52 - 2016-03-29 01:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-04-12 16:52 - 2016-03-29 01:07 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-04-12 16:52 - 2016-03-29 01:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-04-12 16:52 - 2016-03-29 00:42 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-04-12 16:52 - 2016-03-29 00:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-04-12 16:52 - 2016-03-29 00:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-04-12 16:52 - 2016-03-29 00:37 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-04-12 16:52 - 2016-03-29 00:32 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-04-12 16:52 - 2016-03-29 00:31 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-04-12 16:52 - 2016-03-29 00:26 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-12 16:52 - 2016-03-29 00:05 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-04-12 16:52 - 2016-03-29 00:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-12 16:52 - 2016-03-29 00:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-12 16:52 - 2016-03-28 23:56 - 16985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-04-12 16:52 - 2016-03-28 23:51 - 22378496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-04-12 16:52 - 2016-03-28 23:41 - 24602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-12 16:52 - 2016-03-28 23:41 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-12 16:52 - 2016-03-28 23:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-12 16:52 - 2016-03-28 23:38 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-04-12 16:52 - 2016-03-28 23:37 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-12 16:51 - 2016-04-01 22:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-04-12 16:51 - 2016-04-01 22:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-04-12 16:51 - 2016-04-01 22:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-12 16:51 - 2016-04-01 22:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-12 16:51 - 2016-04-01 21:30 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-12 16:51 - 2016-04-01 21:29 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-12 16:51 - 2016-04-01 21:29 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-04-12 16:51 - 2016-04-01 21:26 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-04-12 16:51 - 2016-04-01 21:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-12 16:51 - 2016-04-01 21:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-04-12 16:51 - 2016-04-01 21:23 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-12 16:51 - 2016-04-01 21:23 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-04-12 16:51 - 2016-04-01 21:21 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-04-12 16:51 - 2016-04-01 21:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-04-12 16:51 - 2016-04-01 21:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-04-12 16:51 - 2016-04-01 21:15 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-04-12 16:51 - 2016-04-01 21:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-12 16:51 - 2016-04-01 21:09 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-12 16:51 - 2016-04-01 21:08 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-04-12 16:51 - 2016-04-01 21:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-12 16:51 - 2016-04-01 21:07 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-12 16:51 - 2016-04-01 21:03 - 04774912 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-04-12 16:51 - 2016-04-01 21:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-12 16:51 - 2016-03-29 04:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-12 16:51 - 2016-03-29 04:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-12 16:51 - 2016-03-29 04:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-12 16:51 - 2016-03-29 04:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-12 16:51 - 2016-03-29 04:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-12 16:51 - 2016-03-29 04:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-04-12 16:51 - 2016-03-29 04:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-04-12 16:51 - 2016-03-29 04:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-04-12 16:51 - 2016-03-29 04:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-12 16:51 - 2016-03-29 04:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-04-12 16:51 - 2016-03-29 03:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-04-12 16:51 - 2016-03-29 03:28 - 00696664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-12 16:51 - 2016-03-29 03:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-04-12 16:51 - 2016-03-29 03:28 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-04-12 16:51 - 2016-03-29 03:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-04-12 16:51 - 2016-03-29 03:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-12 16:51 - 2016-03-29 03:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-04-12 16:51 - 2016-03-29 03:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-12 16:51 - 2016-03-29 03:17 - 00300104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-04-12 16:51 - 2016-03-29 03:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-04-12 16:51 - 2016-03-29 03:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-12 16:51 - 2016-03-29 03:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-04-12 16:51 - 2016-03-29 03:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-04-12 16:51 - 2016-03-29 03:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-04-12 16:51 - 2016-03-29 03:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-12 16:51 - 2016-03-29 03:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-04-12 16:51 - 2016-03-29 03:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-04-12 16:51 - 2016-03-29 02:44 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-04-12 16:51 - 2016-03-29 02:44 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-04-12 16:51 - 2016-03-29 02:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-04-12 16:51 - 2016-03-29 02:32 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-04-12 16:51 - 2016-03-29 02:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-12 16:51 - 2016-03-29 02:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-12 16:51 - 2016-03-29 02:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-04-12 16:51 - 2016-03-29 02:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-04-12 16:51 - 2016-03-29 02:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-04-12 16:51 - 2016-03-29 02:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-04-12 16:51 - 2016-03-29 02:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-04-12 16:51 - 2016-03-29 02:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-04-12 16:51 - 2016-03-29 02:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-12 16:51 - 2016-03-29 02:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-12 16:51 - 2016-03-29 02:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-12 16:51 - 2016-03-29 02:07 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-04-12 16:51 - 2016-03-29 02:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-12 16:51 - 2016-03-29 02:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-04-12 16:51 - 2016-03-29 02:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-04-12 16:51 - 2016-03-29 02:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-12 16:51 - 2016-03-29 02:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-12 16:51 - 2016-03-29 02:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-04-12 16:51 - 2016-03-29 02:00 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-12 16:51 - 2016-03-29 01:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-12 16:51 - 2016-03-29 01:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-12 16:51 - 2016-03-29 01:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-12 16:51 - 2016-03-29 01:57 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-04-12 16:51 - 2016-03-29 01:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-04-12 16:51 - 2016-03-29 01:55 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-12 16:51 - 2016-03-29 01:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-04-12 16:51 - 2016-03-29 01:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-04-12 16:51 - 2016-03-29 01:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-12 16:51 - 2016-03-29 01:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-12 16:51 - 2016-03-29 01:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-12 16:51 - 2016-03-29 01:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-04-12 16:51 - 2016-03-29 01:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-04-12 16:51 - 2016-03-29 01:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-12 16:51 - 2016-03-29 01:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-12 16:51 - 2016-03-29 01:50 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-04-12 16:51 - 2016-03-29 01:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-12 16:51 - 2016-03-29 01:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-12 16:51 - 2016-03-29 01:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-12 16:51 - 2016-03-29 01:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-12 16:51 - 2016-03-29 01:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-04-12 16:51 - 2016-03-29 01:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-04-12 16:51 - 2016-03-29 01:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-04-12 16:51 - 2016-03-29 01:42 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-04-12 16:51 - 2016-03-29 01:39 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-04-12 16:51 - 2016-03-29 01:38 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-12 16:51 - 2016-03-29 01:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-04-12 16:51 - 2016-03-29 01:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-04-12 16:51 - 2016-03-29 01:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-04-12 16:51 - 2016-03-29 01:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-04-12 16:51 - 2016-03-29 01:34 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-04-12 16:51 - 2016-03-29 01:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-04-12 16:51 - 2016-03-29 01:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-04-12 16:51 - 2016-03-29 01:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-04-12 16:51 - 2016-03-29 01:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-04-12 16:51 - 2016-03-29 01:32 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-04-12 16:51 - 2016-03-29 01:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-04-12 16:51 - 2016-03-29 01:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-12 16:51 - 2016-03-29 01:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-12 16:51 - 2016-03-29 01:28 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-04-12 16:51 - 2016-03-29 01:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-04-12 16:51 - 2016-03-29 01:26 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-04-12 16:51 - 2016-03-29 01:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-04-12 16:51 - 2016-03-29 01:23 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-12 16:51 - 2016-03-29 01:23 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-04-12 16:51 - 2016-03-29 01:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-04-12 16:51 - 2016-03-29 01:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-12 16:51 - 2016-03-29 01:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-04-12 16:51 - 2016-03-29 01:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-12 16:51 - 2016-03-29 01:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-04-12 16:51 - 2016-03-29 01:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-04-12 16:51 - 2016-03-29 01:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-12 16:51 - 2016-03-29 01:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-04-12 16:51 - 2016-03-29 01:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-04-12 16:51 - 2016-03-29 01:17 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-04-12 16:51 - 2016-03-29 01:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-12 16:51 - 2016-03-29 01:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-04-12 16:51 - 2016-03-29 01:16 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-04-12 16:51 - 2016-03-29 01:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-04-12 16:51 - 2016-03-29 01:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-12 16:51 - 2016-03-29 01:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-04-12 16:51 - 2016-03-29 01:12 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-04-12 16:51 - 2016-03-29 01:11 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-04-12 16:51 - 2016-03-29 01:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-12 16:51 - 2016-03-29 01:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-04-12 16:51 - 2016-03-29 01:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-12 16:51 - 2016-03-29 01:11 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-04-12 16:51 - 2016-03-29 01:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-04-12 16:51 - 2016-03-29 01:10 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-04-12 16:51 - 2016-03-29 01:10 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-04-12 16:51 - 2016-03-29 01:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-12 16:51 - 2016-03-29 01:09 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-04-12 16:51 - 2016-03-29 01:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-04-12 16:51 - 2016-03-29 01:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-04-12 16:51 - 2016-03-29 01:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-04-12 16:51 - 2016-03-29 01:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-12 16:51 - 2016-03-29 01:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-12 16:51 - 2016-03-29 01:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-12 16:51 - 2016-03-29 01:06 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-04-12 16:51 - 2016-03-29 01:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-04-12 16:51 - 2016-03-29 01:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-12 16:51 - 2016-03-29 01:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-04-12 16:51 - 2016-03-29 01:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-04-12 16:51 - 2016-03-29 01:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-04-12 16:51 - 2016-03-29 01:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-04-12 16:51 - 2016-03-29 01:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-12 16:51 - 2016-03-29 01:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-04-12 16:51 - 2016-03-29 01:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-04-12 16:51 - 2016-03-29 01:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-12 16:51 - 2016-03-29 01:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-12 16:51 - 2016-03-29 00:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-04-12 16:51 - 2016-03-29 00:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-12 16:51 - 2016-03-29 00:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-12 16:51 - 2016-03-29 00:56 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-04-12 16:51 - 2016-03-29 00:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-04-12 16:51 - 2016-03-29 00:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-12 16:51 - 2016-03-29 00:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-04-12 16:51 - 2016-03-29 00:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-04-12 16:51 - 2016-03-29 00:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-04-12 16:51 - 2016-03-29 00:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-04-12 16:51 - 2016-03-29 00:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-04-12 16:51 - 2016-03-29 00:48 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-04-12 16:51 - 2016-03-29 00:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-04-12 16:51 - 2016-03-29 00:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-04-12 16:51 - 2016-03-29 00:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-12 16:51 - 2016-03-29 00:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-12 16:51 - 2016-03-29 00:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-04-12 16:51 - 2016-03-29 00:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-04-12 16:51 - 2016-03-29 00:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-04-12 16:51 - 2016-03-29 00:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-12 16:51 - 2016-03-29 00:39 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-04-12 16:51 - 2016-03-29 00:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-04-12 16:51 - 2016-03-29 00:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-12 16:51 - 2016-03-29 00:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-12 16:51 - 2016-03-29 00:35 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-04-12 16:51 - 2016-03-29 00:34 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-04-12 16:51 - 2016-03-29 00:34 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-04-12 16:51 - 2016-03-29 00:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-04-12 16:51 - 2016-03-29 00:34 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-04-12 16:51 - 2016-03-29 00:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-12 16:51 - 2016-03-29 00:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-04-12 16:51 - 2016-03-29 00:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-04-12 16:51 - 2016-03-29 00:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-04-12 16:51 - 2016-03-29 00:32 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-04-12 16:51 - 2016-03-29 00:32 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-04-12 16:51 - 2016-03-29 00:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-04-12 16:51 - 2016-03-29 00:31 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-04-12 16:51 - 2016-03-29 00:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-04-12 16:51 - 2016-03-29 00:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-04-12 16:51 - 2016-03-29 00:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-04-12 16:51 - 2016-03-29 00:29 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-04-12 16:51 - 2016-03-29 00:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-04-12 16:51 - 2016-03-29 00:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-04-12 16:51 - 2016-03-29 00:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-04-12 16:51 - 2016-03-29 00:27 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-04-12 16:51 - 2016-03-29 00:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-04-12 16:51 - 2016-03-29 00:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-04-12 16:51 - 2016-03-29 00:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-12 16:51 - 2016-03-29 00:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-04-12 16:51 - 2016-03-29 00:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-04-12 16:51 - 2016-03-29 00:22 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-04-12 16:51 - 2016-03-29 00:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-12 16:51 - 2016-03-29 00:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-04-12 16:51 - 2016-03-29 00:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-04-12 16:51 - 2016-03-29 00:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-04-12 16:51 - 2016-03-29 00:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-04-12 16:51 - 2016-03-29 00:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-04-12 16:51 - 2016-03-29 00:05 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-04-12 16:51 - 2016-03-29 00:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-04-12 16:51 - 2016-03-29 00:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-04-12 16:51 - 2016-03-29 00:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-04-12 16:51 - 2016-03-29 00:04 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-12 16:51 - 2016-03-29 00:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-12 16:51 - 2016-03-29 00:01 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-04-12 16:51 - 2016-03-29 00:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-12 16:51 - 2016-03-29 00:00 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-04-12 16:51 - 2016-03-28 23:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-04-12 16:51 - 2016-03-28 23:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-04-12 16:51 - 2016-03-28 23:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-04-12 16:51 - 2016-03-28 23:49 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-04-12 16:51 - 2016-03-28 23:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-04-12 16:51 - 2016-03-28 23:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-04-12 16:51 - 2016-03-28 23:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-04-12 16:51 - 2016-03-28 23:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-04-12 16:51 - 2016-03-28 23:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-04-12 16:51 - 2016-03-28 23:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-04-12 16:51 - 2016-03-28 23:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-04-12 16:51 - 2016-03-28 23:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-04-12 16:51 - 2016-03-28 23:27 - 07836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-04-12 16:51 - 2016-03-28 23:27 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-04-12 16:51 - 2016-03-28 23:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-12 16:51 - 2016-03-28 23:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-12 16:51 - 2016-03-28 23:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-12 16:51 - 2016-03-28 23:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-04-12 16:51 - 2016-03-28 23:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-12 16:51 - 2016-03-28 23:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-07 11:05 - 2016-04-07 11:05 - 00000000 ____D C:\Users\dale\AppData\Roaming\Epson
2016-04-07 10:59 - 2016-04-07 10:59 - 00000870 _____ C:\Users\Public\Desktop\Print CD.lnk
2016-04-07 10:52 - 2016-04-07 10:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
2016-04-07 10:52 - 2016-04-07 10:59 - 00000000 ____D C:\Program Files (x86)\Epson Software
2016-04-07 10:51 - 2016-04-07 10:52 - 35088312 _____ C:\Users\dale\Downloads\epson17332.exe
2016-04-07 10:45 - 2016-04-07 10:45 - 07384264 _____ C:\Users\dale\Downloads\HPPSdr.exe
2016-04-07 10:45 - 2016-04-07 10:45 - 00000000 ____D C:\ProgramData\HP
2016-04-07 10:45 - 2016-04-07 10:45 - 00000000 ____D C:\Program Files (x86)\HP
2016-04-07 10:38 - 2016-04-07 10:39 - 00000000 ____D C:\Users\dale\Documents\Fax
2016-04-07 10:38 - 2016-04-07 10:38 - 00000000 ___RD C:\Users\dale\Documents\Scanned Documents
2016-04-07 09:11 - 2016-04-07 09:11 - 00159698 _____ C:\Users\dale\Documents\Resume.pdf
2016-04-05 22:17 - 2016-04-05 22:17 - 00000360 _____ C:\Users\dale\Desktop\Flixster Video.appref-ms
2016-04-05 22:17 - 2016-04-05 22:17 - 00000000 ____D C:\Users\dale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flixster Video
2016-04-02 10:39 - 2016-04-02 10:39 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2016-04-02 10:39 - 2016-04-02 10:39 - 00000000 _SHDL C:\Users\DefaultAppPool\My Documents
2016-04-02 10:39 - 2016-04-02 10:39 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\My Videos
2016-04-02 10:39 - 2016-04-02 10:39 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\My Pictures
2016-04-02 10:39 - 2016-04-02 10:39 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\My Music
2016-04-02 10:39 - 2016-04-02 10:39 - 00000000 ____D C:\Users\DefaultAppPool
2016-04-02 10:39 - 2015-11-21 16:12 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
2016-04-02 10:39 - 2015-11-21 16:12 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Adobe
2016-04-02 10:39 - 2015-09-05 10:26 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Media Center Programs
2016-03-26 15:15 - 2016-03-10 15:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\is-GD479.tmp
2016-03-26 15:13 - 2016-03-26 15:13 - 00001824 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-03-26 15:13 - 2016-03-26 15:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-03-26 15:13 - 2016-03-26 15:13 - 00000000 ____D C:\Program Files\iTunes
2016-03-26 15:13 - 2016-03-26 15:13 - 00000000 ____D C:\Program Files\iPod
2016-03-26 15:13 - 2016-03-26 15:13 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-03-26 10:26 - 2016-03-26 10:26 - 00000000 ____D C:\Users\dale\AppData\Local\TempTaskUpdateDetection239F2221-C4FD-49F3-90B9-2549D4352519
2016-03-26 09:51 - 2016-03-26 10:26 - 00000000 ____D C:\Users\dale\AppData\Local\TempTaskUpdateDetection488DDA2D-B64A-43F5-A0B1-131D1C0DD9F2
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-04-19 19:20 - 2011-04-01 22:36 - 00000926 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-19 19:19 - 2015-12-28 11:59 - 00000000 ____D C:\Users\dale\AppData\Local\Deployment
2016-04-19 18:50 - 2012-05-27 21:15 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-04-19 18:40 - 2015-12-18 00:35 - 00000924 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-04-19 16:34 - 2016-02-19 12:39 - 00008464 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2016-04-19 16:29 - 2015-10-30 01:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-04-19 16:28 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-19 16:27 - 2013-12-04 14:32 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-04-19 16:26 - 2015-10-30 01:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-19 16:17 - 2016-02-19 11:55 - 00000000 ____D C:\Users\dale\AppData\Roaming\Skype
2016-04-19 16:17 - 2015-11-21 18:24 - 00004152 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{786A8471-473F-4390-9B9F-E166896F3ADD}
2016-04-19 16:16 - 2016-02-19 12:39 - 00052139 _____ C:\WINDOWS\ZAM.krnl.trace
2016-04-19 16:16 - 2015-12-18 00:35 - 00000920 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-04-19 16:16 - 2014-08-20 12:19 - 00000000 ____D C:\Users\dale\AppData\Local\Adobe
2016-04-19 16:16 - 2014-04-26 19:14 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-04-19 16:16 - 2011-04-01 22:36 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-19 16:15 - 2015-11-21 16:03 - 01010622 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-19 16:15 - 2015-10-30 01:21 - 00000000 ____D C:\WINDOWS\INF
2016-04-17 19:45 - 2015-11-21 16:00 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-04-17 19:45 - 2015-11-21 16:00 - 00000000 ____D C:\ProgramData\NVIDIA
2016-04-17 19:44 - 2015-11-21 18:01 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-04-17 19:44 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\Help
2016-04-17 10:16 - 2016-02-02 12:40 - 00001452 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-04-17 09:08 - 2015-11-21 16:19 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-17 09:07 - 2015-10-30 00:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-04-17 08:59 - 2015-11-21 10:59 - 00000000 ____D C:\ProgramData\DriverTalent
2016-04-16 17:26 - 2013-10-04 07:24 - 00000000 ____D C:\Users\dale\AppData\Local\ElevatedDiagnostics
2016-04-16 16:49 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-04-15 23:46 - 2016-03-01 20:02 - 00000000 ____D C:\Users\dale\AppData\Roaming\SoftGrid Client
2016-04-15 18:42 - 2015-12-18 00:35 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-04-15 09:25 - 2016-02-19 14:45 - 00000000 ____D C:\Users\dale\AppData\Local\CrashDumps
2016-04-15 09:21 - 2015-11-21 16:04 - 00000000 ____D C:\Users\dale
2016-04-14 17:17 - 2016-02-19 12:39 - 00247464 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2016-04-14 17:17 - 2016-02-19 12:39 - 00247464 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys
2016-04-14 17:17 - 2016-02-19 12:39 - 00001147 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2016-04-14 17:17 - 2016-02-19 12:39 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2016-04-14 08:23 - 2015-09-21 00:48 - 00000000 ____D C:\Users\dale\Downloads\lew articles
2016-04-14 08:05 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\rescache
2016-04-14 07:37 - 2015-11-21 15:56 - 00362640 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-13 22:11 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2016-04-13 22:11 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-13 22:11 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-04-13 22:11 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-04-13 22:11 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-04-13 22:11 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-04-13 17:30 - 2016-02-19 11:55 - 00000000 ____D C:\Users\dale\AppData\Local\Packages
2016-04-12 17:03 - 2015-10-30 01:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-12 17:01 - 2013-07-15 12:55 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-12 16:54 - 2011-11-04 19:32 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-11 16:21 - 2011-04-01 22:36 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-07 10:59 - 2015-10-30 03:07 - 00000000 ____D C:\WINDOWS\ShellNew
2016-04-07 10:59 - 2011-07-15 23:27 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-04-07 10:38 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-04-06 12:32 - 2015-10-30 01:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-04-06 12:32 - 2015-10-30 01:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-04 15:09 - 2014-10-20 21:16 - 00000000 ____D C:\Users\dale\Downloads\misc files keep
2016-03-29 19:06 - 2016-02-02 12:36 - 01373680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-03-29 19:06 - 2016-02-02 12:36 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-03-29 19:05 - 2016-02-02 12:36 - 01767248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-03-29 19:05 - 2016-02-02 12:36 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-03-29 19:05 - 2016-02-02 12:36 - 00112216 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-03-29 04:07 - 2009-07-29 00:03 - 00400302 __RSH C:\bootmgr
2016-03-26 15:15 - 2014-04-26 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-03-26 15:15 - 2014-04-26 19:13 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-03-26 15:15 - 2013-10-04 10:08 - 00001173 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-03-26 15:13 - 2015-10-09 23:34 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-03-26 12:37 - 2012-06-26 00:19 - 00000401 _____ C:\Users\dale\Desktop\CD Drive - Shortcut.lnk
2016-03-21 14:01 - 2016-02-02 12:33 - 00056384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
 
==================== Files in the root of some directories =======
 
2016-02-20 14:34 - 2016-02-20 15:11 - 0000115 _____ () C:\Users\dale\AppData\Roaming\LogFile.txt
2016-03-16 17:34 - 2016-03-16 17:34 - 0003584 _____ () C:\Users\dale\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
Some files in TEMP:
====================
C:\Users\dale\AppData\Local\Temp\avgnt.exe
C:\Users\dale\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\dale\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\dale\AppData\Local\Temp\nvStInst.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-04-10 23:11
 
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:18-04-2016
Ran by dale (2016-04-19 19:24:46)
Running from C:\Users\dale\Downloads
Windows 10 Home Version 1511 (X64) (2015-11-21 22:23:52)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2803351199-1918054348-220819788-500 - Administrator - Disabled)
dale (S-1-5-21-2803351199-1918054348-220819788-1000 - Administrator - Enabled) => C:\Users\dale
DefaultAccount (S-1-5-21-2803351199-1918054348-220819788-503 - Limited - Disabled)
Guest (S-1-5-21-2803351199-1918054348-220819788-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2803351199-1918054348-220819788-1013 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.3.0.151 - Adobe Systems Incorporated)
Adobe ExtendScript Toolkit CC (HKLM-x32\...\{6297487E-3778-4F72-B458-55690418DB98}) (Version: 4.0.0.0 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.7 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.2 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.2.0 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.0.8 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.25 - ASUS)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.84.161 - eCareme Technologies, Inc.)
AsusScr_G74 Series_ENG (HKLM-x32\...\AsusScr_G74 Series_ENG) (Version: 1.0.0001 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0038 - ASUS)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.16.282 - Avira Operations GmbH & Co. KG)
BitTorrent (HKU\S-1-5-21-2803351199-1918054348-220819788-1000\...\BitTorrent) (Version: 7.9.2.34312 - BitTorrent Inc.)
BitTorrent (HKU\S-1-5-21-2803351199-1918054348-220819788-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\BitTorrent) (Version: 7.9.2.34312 - BitTorrent Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.18.1 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.77 - Dropbox, Inc.) Hidden
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.42.00 - SEIKO EPSON CORPORATION)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version: - Lars Hederer)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Finger Sensing Pad Driver (HKLM\...\{E86906FF-C63D-4EAF-ACE7-5F8D55FBEA9A}) (Version: 9.2.5.5 - Sentelic)
Flixster Video (HKU\S-1-5-21-2803351199-1918054348-220819788-1000\...\44adf2ca8644bf21) (Version: 2.6.1.520 - Flixster Video)
Flixster Video (HKU\S-1-5-21-2803351199-1918054348-220819788-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\44adf2ca8644bf21) (Version: 2.6.1.520 - Flixster Video)
Fresco Logic USB3.0 Host Controller (HKLM\...\{17F94DA8-CB07-4BD8-A6DB-E53A1CC5C433}) (Version: 3.5.73.0 - Fresco Logic Inc.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
InstallVC90Support (x32 Version: 1.01.0000 - Novatel Wireless) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
Java 8 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418071F0}) (Version: 8.0.710.15 - Oracle Corporation)
Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation)
Java SE Development Kit 7 Update 71 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170710}) (Version: 1.7.0.710 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LG USB Modem driver (HKLM-x32\...\{C3ABE126-2BB2-4246-BFE1-6797679B3579}) (Version: - )
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4815.1001 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Word 2013 - en-us (HKLM\...\WordRetail - en-us) (Version: 15.0.4815.1001 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.26.01.465 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 33.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.0 (x86 en-US)) (Version: 33.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5876 - Mozilla)
Nightly 47.0a1 (x64 en-US) (HKLM\...\Nightly 47.0a1 (x64 en-US)) (Version: 47.0a1 - Mozilla)
NVIDIA 3D Vision Driver 364.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 364.72 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.2.55 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.2.55 - NVIDIA Corporation)
NVIDIA Graphics Driver 364.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.72 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4815.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4815.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4815.1001 - Microsoft Corporation) Hidden
Old Calculator for Windows 10 (HKLM-x32\...\OldCalcForWin10) (Version: 1.1 - hxxp://winaero.com)
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.44.421.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7709 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10001 - Realtek Semiconductor Corp.)
RoboForm 7-9-16-7 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-16-7 - Siber Systems)
RuneScape Launcher 1.2.7 (HKLM-x32\...\{FA52A2D0-298E-4D40-8BB7-39928627EA6A}) (Version: 1.2.7 - Jagex Ltd)
SAMSUNG Intelli-studio (HKLM-x32\...\Intelli-studio) (Version: 3.1.32.1 - Samsung Electronics Co., Ltd.)
Seagate Dashboard (HKLM-x32\...\{67445E65-3D93-428F-83A5-446F7D02689A}) (Version: 3.0.34.1 - Seagate)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.2.55 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Sony Pictures Download Manager (HKU\S-1-5-21-2803351199-1918054348-220819788-1000\...\482838368.redeem.sonypicturesstore.com) (Version: - redeem.sonypicturesstore.com)
Sony Pictures Download Manager (HKU\S-1-5-21-2803351199-1918054348-220819788-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\482838368.redeem.sonypicturesstore.com) (Version: - redeem.sonypicturesstore.com)
Switch Sound File Converter (HKLM-x32\...\Switch) (Version: 4.88 - NCH Software)
syncables desktop SE (HKLM-x32\...\{341697D8-9923-445E-B42A-529E5A99CB7A}) (Version: 5.5.746.11492 - syncables)
THX TruStudio (HKLM-x32\...\{B11AB9C8-18A6-41DC-98B4-4988CC030136}) (Version: 1.03.01 - Creative Technology Limited)
USB 2.0 PC Camera Driver (HKLM-x32\...\{E398E7CC-30B8-4D63-B07B-741163A12565}) (Version: 100.000.070814 - )
Vulkan Run Time Libraries 1.0.5.1 (HKLM\...\VulkanRT1.0.5.1) (Version: 1.0.5.1 - LunarG, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.32.0 - ASUS)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinRAR 5.20 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.2 - win.rar GmbH)
WinX DVD Ripper Platinum 7.5.14 (HKLM-x32\...\WinX DVD Ripper Platinum_is1) (Version: - Digiarty Software, Inc.)
Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.27 - ASUS)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.20.140 - Zemana Ltd.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2803351199-1918054348-220819788-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\dale\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2803351199-1918054348-220819788-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0380148B-19C8-4452-B604-3794E04877E6} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-18] (Dropbox, Inc.)
Task: {10BDEDC7-CD4F-4B31-B74E-28F569421982} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {3160ACE9-668E-4479-AA9A-49386D50C3A9} - System32\Tasks\dale DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2014-02-10] (Seagate Technology LLC)
Task: {36BE1253-BBB9-4C2F-9AC5-6B8C837188D2} - System32\Tasks\{360FE696-0A3C-417B-A705-B57CC054D6D2} => pcalua.exe -a "C:\Users\dale\Downloads\Inventory Tweaks Mod Installer.exe" -d C:\Users\dale\Downloads
Task: {3E825910-EC80-4FA5-B6B6-63405EB9DD79} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {4916BE3A-7C01-473A-B809-0DB24EE7DCFB} - System32\Tasks\{E1A52068-557B-4FD8-A88B-ED8B7F20BFC6} => C:\Users\dale\Desktop\Display Driver Uninstaller.exe
Task: {4C85F90E-FEB5-445C-81D1-C6AEE751E184} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {6B661A5F-59D4-4F3E-BBC0-0B5B4D720C62} - System32\Tasks\{4177DDE1-F197-45A4-9D68-66C4857FD80A} => C:\Users\dale\AppData\Roaming\BitTorrent\BitTorrent.exe [2014-10-09] (BitTorrent Inc.)
Task: {730115A6-C18D-4538-90DB-AF72010ACCFB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {7718BEE0-3AEC-4678-A627-6EF874A2F248} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/test-pass.html?aaa=KICMKJPMOJKMNMPMLMIMCNNJKJJJIMCNLMLJLJJMCNGMHMMMLJCNNMNMPMKJGMPMPMOJJJIMJMKJJNJICMIMCNGMCNOMJMFMOMOMCNPMCNGMJMPMPMFMJMCNOMCNIMJMPMOMCNNMJNPICMOMFMEKMICNJJCKFMOMNMIMMMJNHICMMJBJKJLIMJJNBJCMLJOJDJKJJNKJCMJNNICMJNDJCMKJBJJNMJCMOMFM (the data entry has 45 more characters).
Task: {7D1CFD04-ABA8-49A6-93ED-14EF7FE49F7B} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-12-29] (Realtek Semiconductor)
Task: {81E45604-D7FC-4BE2-882E-8DE7CA4A9C8D} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-01-04] (ASUS)
Task: {9301C096-EC30-489F-9696-FE2831ECDB69} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-18] (Dropbox, Inc.)
Task: {95274A48-88AC-4854-A9B1-6286EE6DFF06} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [2014-02-10] (Seagate Technology LLC)
Task: {9E671A38-2AF8-4D77-BD71-54E1BA0516EA} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {A166615D-4913-4DCC-AA23-CA53C8B40331} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe <==== ATTENTION
Task: {A3FE6E9D-A940-4BA7-B059-E49EE9AC2C59} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2015-10-28] (Siber Systems)
Task: {A7082E8D-5DB7-42A0-8402-619EE04DE2D1} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {A868332A-24EF-4B02-901E-2E67EBC81F92} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {AC336583-1737-4484-8767-46ECD820C20B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {B2DA305C-F324-42FE-80A6-37CC4A080BF9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-07] (Adobe Systems Incorporated)
Task: {B50881EB-2893-455A-9C21-3EF626EF7188} - System32\Tasks\{ABE38C90-E736-4AA0-A0B3-1EEB481C0636} => C:\Program Files (x86)\ASUS\ASUS LifeFrame3\LifeFrame.exe [2012-09-14] (ASUSTek Computer Inc. All rights reserved.)
Task: {B67C76B6-D0BC-430A-AE9E-282847E75C87} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation)
Task: {B712C05A-F919-41CB-9CF1-EB96F82174C6} - System32\Tasks\{267A9112-EC83-49EA-A2C5-95CB8FC62293} => C:\Program Files (x86)\ASUS\ASUS LifeFrame3\LifeFrame.exe [2012-09-14] (ASUSTek Computer Inc. All rights reserved.)
Task: {BF6F692A-22A1-470C-B965-752001DC2B61} - System32\Tasks\{339E3F71-6C6E-490D-8FC3-9DD722E38906} => C:\Users\dale\AppData\Roaming\BitTorrent\BitTorrent.exe [2014-10-09] (BitTorrent Inc.)
Task: {C072FDB6-D0E9-431E-A60F-407F4C009420} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-01-30] (ASUSTek Computer Inc.)
Task: {C2B6DB32-B965-421C-9A93-A7C70E728966} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-03-15] (Microsoft Corporation)
Task: {D05E3E70-742E-4EB6-965C-5CCCE868C2DA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-12] (Microsoft Corporation)
Task: {D49ABBFC-FA51-4494-B04B-B1C1919AFB95} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-12-29] (Realtek Semiconductor)
Task: {D81D7544-F087-4207-A522-46426DDC35F5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {DC1A5188-101C-4DDE-B718-872C1A5A344E} - System32\Tasks\{F9CF7368-9FD1-42BF-A0BC-884D42C74A74} => C:\Program Files (x86)\ASUS\ASUS LifeFrame3\LifeFrame.exe [2012-09-14] (ASUSTek Computer Inc. All rights reserved.)
Task: {EB761125-D001-4906-B88F-A50393C127A4} - System32\Tasks\{93A7734E-3DB4-4BBD-AD15-6D0B976CD0D2} => C:\Program Files (x86)\ASUS\ASUS LifeFrame3\LifeFrame.exe [2012-09-14] (ASUSTek Computer Inc. All rights reserved.)
Task: {F34B9417-6BA1-4316-B581-1028DF6749B4} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-01-09] (ASUSTeK Computer Inc.)
Task: {FF895562-0BB8-4DD0-923D-9B51838E1E56} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 01:17 - 2015-10-30 01:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2016-04-12 16:52 - 2016-03-29 04:20 - 02656952 _____ () c:\windows\system32\CoreUIComponents.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-06-24 17:48 - 2014-11-20 02:48 - 00242264 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
2016-02-19 19:05 - 2016-03-29 19:21 - 00366528 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-02-02 12:36 - 2016-03-29 19:21 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-04-17 10:16 - 2016-03-29 19:21 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-02-19 19:05 - 2016-03-29 19:22 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-04-17 10:16 - 2016-03-29 19:21 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-04-17 10:16 - 2016-03-29 19:21 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-04-17 10:16 - 2016-03-29 19:22 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-02-02 12:36 - 2016-03-29 19:22 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2015-10-30 01:18 - 2015-10-30 01:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-04-17 19:44 - 2016-03-21 20:37 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-04-12 16:52 - 2016-03-29 04:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2010-07-14 17:11 - 2010-07-14 17:11 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2016-04-12 16:52 - 2016-03-29 04:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-09-11 20:02 - 2015-09-11 20:02 - 00803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-12-17 16:52 - 2015-12-06 22:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-04-12 16:51 - 2016-04-01 21:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-04-12 16:51 - 2016-04-01 21:03 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-04-12 16:51 - 2016-04-01 20:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-04-12 16:51 - 2016-04-01 20:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-04-12 16:51 - 2016-04-01 21:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-04-17 10:16 - 2016-03-29 19:20 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-04-17 10:16 - 2016-03-29 19:20 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2014-03-25 15:49 - 2015-10-13 05:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2016-02-02 12:36 - 2016-03-29 19:28 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2009-11-02 15:20 - 2009-11-02 15:20 - 00619816 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 15:23 - 2009-11-02 15:23 - 00013096 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2012-01-31 10:25 - 2012-01-31 10:25 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
2016-04-05 22:17 - 2016-04-05 22:16 - 00211456 ____N () C:\Users\dale\AppData\Local\Apps\2.0\C0QHDWTG.4N9\X2B5QJK6.N2Z\flix..tion_ecb264731b8bf913_0002.0006_591bf3f4a8b757d0\FlixsterDesktop.Utilities.dll
2016-02-17 16:45 - 2016-02-17 16:44 - 01100784 _____ () C:\Users\dale\AppData\Local\Apps\2.0\C0QHDWTG.4N9\X2B5QJK6.N2Z\flix..tion_ecb264731b8bf913_0002.0006_591bf3f4a8b757d0\avcodec-53.dll
2016-02-17 16:45 - 2016-02-17 16:44 - 00124400 _____ () C:\Users\dale\AppData\Local\Apps\2.0\C0QHDWTG.4N9\X2B5QJK6.N2Z\flix..tion_ecb264731b8bf913_0002.0006_591bf3f4a8b757d0\avutil-51.dll
2016-02-17 16:45 - 2016-02-17 16:44 - 00191984 _____ () C:\Users\dale\AppData\Local\Apps\2.0\C0QHDWTG.4N9\X2B5QJK6.N2Z\flix..tion_ecb264731b8bf913_0002.0006_591bf3f4a8b757d0\avformat-53.dll
2016-04-05 22:17 - 2016-04-05 22:16 - 16843952 _____ () C:\Users\dale\AppData\Local\Apps\2.0\C0QHDWTG.4N9\X2B5QJK6.N2Z\flix..tion_ecb264731b8bf913_0002.0006_591bf3f4a8b757d0\Plugins\NPSWF32_16_0_0_235.dll
2015-11-21 10:58 - 2015-12-16 03:45 - 00147216 _____ () c:\program files (x86)\ostotosoft\drivertalent\ldrvsvc.dll
2015-11-21 10:58 - 2015-12-16 03:45 - 00186640 _____ () c:\program files (x86)\ostotosoft\drivertalent\CrashCatch.dll
2015-11-21 10:58 - 2015-11-16 01:19 - 00254824 _____ () c:\program files (x86)\ostotosoft\drivertalent\updater\checkupdate.dll
2015-11-21 10:58 - 2016-03-09 19:38 - 00165088 _____ () c:\program files (x86)\ostotosoft\drivertalent\substat.dll
2015-11-21 10:58 - 2015-11-16 01:19 - 00103776 _____ () c:\program files (x86)\ostotosoft\drivertalent\dstudp.dll
2015-11-21 10:58 - 2015-11-16 01:19 - 00117088 _____ () c:\program files (x86)\ostotosoft\drivertalent\udp.dll
2016-04-11 16:21 - 2016-04-06 04:04 - 01675928 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libglesv2.dll
2016-04-11 16:21 - 2016-04-06 04:04 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libegl.dll
2016-04-08 20:16 - 2016-04-08 13:53 - 17532096 _____ () C:\Users\dale\AppData\Local\Google\Chrome\User Data\PepperFlash\21.0.0.216\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2803351199-1918054348-220819788-1000\...\facebook.com -> www.facebook.com
IE trusted site: HKU\S-1-5-21-2803351199-1918054348-220819788-1000\...\hotmail.com -> hxxps://www.hotmail.com
IE trusted site: HKU\S-1-5-21-2803351199-1918054348-220819788-1000\...\runescape.com -> hxxps://services.runescape.com
IE restricted site: HKU\S-1-5-21-2803351199-1918054348-220819788-1000\...\bing.com -> hxxp://www.bing.com
IE restricted site: HKU\S-1-5-21-2803351199-1918054348-220819788-1000\...\longfintuna.net -> hxxp://web.longfintuna.net
IE restricted site: HKU\S-1-5-21-2803351199-1918054348-220819788-1000\...\systweak.com -> hxxp://www.systweak.com
IE trusted site: HKU\S-1-5-21-2803351199-1918054348-220819788-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\facebook.com -> www.facebook.com
IE trusted site: HKU\S-1-5-21-2803351199-1918054348-220819788-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\hotmail.com -> hxxps://www.hotmail.com
IE trusted site: HKU\S-1-5-21-2803351199-1918054348-220819788-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\runescape.com -> hxxps://services.runescape.com
IE restricted site: HKU\S-1-5-21-2803351199-1918054348-220819788-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\bing.com -> hxxp://www.bing.com
IE restricted site: HKU\S-1-5-21-2803351199-1918054348-220819788-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\longfintuna.net -> hxxp://web.longfintuna.net
IE restricted site: HKU\S-1-5-21-2803351199-1918054348-220819788-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\systweak.com -> hxxp://www.systweak.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 20:34 - 2014-10-24 17:54 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2803351199-1918054348-220819788-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\dale\Pictures\yah1.jpg
HKU\S-1-5-21-2803351199-1918054348-220819788-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\dale\Pictures\yah1.jpg
DNS Servers: 64.59.184.17 - 64.59.191.229
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup
MSCONFIG\startupreg: BitTorrent => "C:\Users\dale\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
HKLM\...\StartupApproved\Run: => "qgesture64"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "ZAM"
HKLM\...\StartupApproved\Run32: => "ACMON"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-2803351199-1918054348-220819788-1000\...\StartupApproved\StartupFolder: => "ERUNT AutoBackup.lnk"
HKU\S-1-5-21-2803351199-1918054348-220819788-1000\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-2803351199-1918054348-220819788-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "ERUNT AutoBackup.lnk"
HKU\S-1-5-21-2803351199-1918054348-220819788-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{B1B77622-1C84-4041-BBAC-6C5427C69367}] => (Allow) C:\Program Files (x86)\OSTotoSoft\DriverTalent\DTLService.exe
FirewallRules: [{46486258-7E59-4C0F-8377-99D557044171}] => (Allow) C:\Program Files (x86)\OSTotoSoft\DriverTalent\download\MiniThunderPlatform.exe
FirewallRules: [{573C4EB1-ADA6-4906-8966-652D017B2607}] => (Allow) C:\Program Files (x86)\OSTotoSoft\DriverTalent\LDrvSvc.dll
FirewallRules: [{DEED7CCF-17C1-41C0-8A58-5D3CFB93B4CF}] => (Allow) C:\Program Files (x86)\OSTotoSoft\DriverTalent\DriverTalent.exe
FirewallRules: [UDP Query User{0D407FD3-1997-490E-BDFE-99613FE97478}C:\users\dale\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\dale\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{B2669C97-3AFE-412F-9BE9-C1A85B4104E7}C:\users\dale\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\dale\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{E1E36F88-FEAE-4AF8-A0A2-A44E79B3DA07}C:\users\dale\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\dale\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{7EFB48B7-168F-4D7E-97D9-88E67E991906}C:\users\dale\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\dale\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{C45E60B9-CC36-48C1-8DA7-B6BA7393B4CC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{55A8E146-323E-49CB-995B-91FF7EFE2403}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A28B6654-2068-4639-9DAC-AC2C417C4F94}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FB6A9AA3-3F05-40D7-AC77-AC5459FE26E0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6F0862CE-24C6-49EF-9AA9-95CABE085BBF}] => (Allow) C:\Program Files\Nightly\firefox.exe
FirewallRules: [{4FAFF1B0-A258-4253-B7FC-EE208C6D8B97}] => (Allow) C:\Program Files\Nightly\firefox.exe
FirewallRules: [UDP Query User{982F146A-3574-49E4-AD9C-B01D7ADDBB93}C:\users\dale\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\dale\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{3A93DFC4-CF03-4161-809C-07A7F6A78B41}C:\users\dale\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\dale\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{73ED8503-7E84-4009-BE19-C12C5F933BB2}] => (Allow) C:\Program Files\Nightly\firefox.exe
FirewallRules: [{F75A447A-2263-40B2-AB38-1703FB9C1F9E}] => (Allow) C:\Program Files\Nightly\firefox.exe
FirewallRules: [UDP Query User{2D04ABDC-62BE-406D-846D-D3018A0FFA02}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{42BDA63B-2411-4ABF-AAE6-F08CAED61B19}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{D44D37B3-58E3-4F13-9EF5-4DAA619E4874}C:\program files\nightly\firefox.exe] => (Allow) C:\program files\nightly\firefox.exe
FirewallRules: [TCP Query User{F16FB283-F3BD-4A49-AFFB-449C2851573C}C:\program files\nightly\firefox.exe] => (Allow) C:\program files\nightly\firefox.exe
FirewallRules: [UDP Query User{E25B7853-4F06-4634-A3F3-A592A324FC44}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [TCP Query User{CCD0F3D3-3F3A-47C9-BCE7-D69717E88F5E}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [{A60B4866-28E1-4652-A41B-8A8EC1244BD4}] => (Allow) C:\Users\dale\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{B462791E-213F-4066-AE70-23C2BFDFCF75}] => (Allow) C:\Users\dale\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{2EF18549-AB05-4024-8C58-CAF7BEFA8A1C}] => (Allow) C:\Windows\system32\rundll32.exe
FirewallRules: [{395D36CE-C5BF-4E23-AF44-746C91130066}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{ADCC5165-00E2-4D9A-BD82-93CFB74D867C}] => (Allow) C:\Users\dale\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{A5922C76-D42D-4C45-AF5C-ABC7F49DD218}] => (Allow) C:\Users\dale\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{C3CDDF29-D67A-4630-833F-552B03C1C4B3}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{88302879-3F61-4922-8CD4-A7EA1020ED10}] => (Allow) LPort=8888
FirewallRules: [{76117A0D-45ED-4600-95EB-C08476E20C98}] => (Allow) LPort=8888
FirewallRules: [{CFCC883C-E50C-49A0-BE33-20761408DF76}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{86315A17-DE80-44ED-9DB5-8C8C466070A4}] => (Allow) LPort=8182
FirewallRules: [{32CA6032-93C4-4472-A793-FC6A795651DE}] => (Allow) LPort=5353
FirewallRules: [{791077C2-119B-483E-ACC9-A0ED846C0768}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{2B0A300F-2FA9-4EE6-98F0-44D93A1F0EB4}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{1A165FF4-80F7-488F-A0ED-2A89D740AF12}] => (Allow) LPort=1900
FirewallRules: [{2CE2C232-DEBE-48D9-BAB6-AFF70DA911C3}] => (Allow) LPort=2869
FirewallRules: [{E6B0EF51-00A0-4BC8-8249-D6D366A96D6E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{DCE4C303-E728-4DC3-9C29-92EC1C613E7C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C52E211C-B701-469B-9D4F-CF513AFF8638}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{7E283D9D-CA1C-4E86-A78C-ED123D4EEAB4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{9E2693EF-B1C3-4692-988D-8CDC6E82D0EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{6662DBEB-1F85-441C-A906-A74E35FD4F61}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{89828B80-A85C-4BB0-8792-4ECF2FBEBCC1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8B7E9451-BDBC-4382-A5EF-028D8F48D434}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{64FF657A-9663-4068-9BED-B0D87C0B0F02}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe
FirewallRules: [UDP Query User{F5C1ABFD-9EF8-4C36-9E85-BB407217EB29}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe
FirewallRules: [TCP Query User{20D42160-A355-4894-846E-F6A73238FD8B}C:\program files (x86)\wondershare\mobilego\mobilego.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilego.exe
FirewallRules: [UDP Query User{5D8CEAFB-954F-4AEA-8278-7291615EABA4}C:\program files (x86)\wondershare\mobilego\mobilego.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilego.exe
FirewallRules: [{78A1296A-4625-49CD-B9BB-61A0D62BD9A0}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{3ADFC1FD-8804-4B15-95C1-27567EEEF4C8}] => (Allow) C:\Users\dale\AppData\Local\Temp\7zS650C\HPDiagnosticCoreUI.exe
FirewallRules: [{1EF7A661-86A3-40B6-B51F-4E6160C5BA6E}] => (Allow) C:\Users\dale\AppData\Local\Temp\7zS650C\HPDiagnosticCoreUI.exe
FirewallRules: [{44F638AB-8337-483C-8C4E-D863E6B298D6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F595FAE8-44C7-40A3-BD0A-74679A515885}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Restore Points =========================

19-04-2016 18:42:38 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/19/2016 06:42:51 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (04/19/2016 04:31:33 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (04/19/2016 04:24:01 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418219

Error: (04/17/2016 02:01:59 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (04/17/2016 09:01:36 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418219

Error: (04/16/2016 01:35:27 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (04/16/2016 11:35:41 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418219

Error: (04/15/2016 09:25:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 2.3.173.0, time stamp: 0x56e065b4
Faulting module name: Qt5Widgets.dll, version: 5.4.1.0, time stamp: 0x555bbfbd
Exception code: 0xc0000005
Fault offset: 0x001bb582
Faulting process ID: 0xb78
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report ID: mbam.exe3
Faulting package full name: mbam.exe4
Faulting package-relative application ID: mbam.exe5

Error: (04/15/2016 09:21:56 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DALE-ASUS)
Description: Activation of application Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (04/15/2016 08:44:36 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418219


System errors:
=============
Error: (04/19/2016 04:28:12 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070003: Microsoft Solitaire Collection.

Error: (04/19/2016 04:27:54 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070003: Microsoft Phone.

Error: (04/19/2016 04:26:06 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070003: Messaging + Skype.

Error: (04/19/2016 04:25:52 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070003: Movies & TV.

Error: (04/19/2016 04:23:04 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070003: Store.

Error: (04/19/2016 04:22:47 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070003: Microsoft People.

Error: (04/19/2016 04:22:36 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070003: Windows Camera.

Error: (04/19/2016 04:21:43 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070003: Microsoft Photos.

Error: (04/19/2016 04:21:22 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070003: Windows Alarms & Clock.

Error: (04/19/2016 04:21:02 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070003: Microsoft Wi-Fi.


CodeIntegrity:
===================================
Date: 2016-04-15 08:38:23.560
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-04-14 17:44:48.899
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2016-04-14 17:44:48.839
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2016-04-14 17:44:48.752
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2016-04-14 17:44:48.592
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2016-04-14 17:44:48.510
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2016-04-14 17:44:48.447
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2016-04-14 17:44:45.965
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2016-04-14 17:44:45.200
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2016-04-14 17:21:07.702
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

Processor: Intel® Core™ i7-2630QM CPU @ 2.00GHz
Percentage of memory in use: 49%
Total physical RAM: 8169.16 MB
Available physical RAM: 4128.34 MB
Total Virtual: 8681.16 MB
Available Virtual: 3532.75 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:279.01 GB) (Free:200.13 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:394.18 GB) (Free:393.2 GB) NTFS
Drive e: (SDATA1) (Fixed) (Total:349.3 GB) (Free:349.17 GB) NTFS
Drive f: (SDATA2) (Fixed) (Total:349.33 GB) (Free:203.66 GB) NTFS
Drive r: (RECOVERY) (Fixed) (Total:24.98 GB) (Free:12.24 GB) FAT32 ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 38601C96)
Partition 1: (Not Active) - (Size=25 GB) - (Type=0C)
Partition 2: (Active) - (Size=279 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=394.2 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 698.6 GB) (Disk ID: BBC58B91)
Partition 1: (Not Active) - (Size=349.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=349.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Attached Files


Edited by Oh My!, 19 April 2016 - 09:41 PM.
Deleted duplicate


BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,158 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:03:04 PM

Posted 19 April 2016 - 09:48 PM

Greetings soderquist1 and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far.

Can you tell me if you intentionally installed this program?

Flixster Video
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 soderquist1

soderquist1
  • Topic Starter

  • Members
  • 126 posts
  • OFFLINE
  •  
  • Local time:03:04 PM

Posted 19 April 2016 - 09:59 PM

HI my infection was not from downloading/installing anythings only streaming a few movies online. i have scanned with MBAM and it detected nothing but when i scanned with avira anti-virus it detected 4 hidden infections and never showed any signs of removal for them.

 

Thanks



#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,158 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:03:04 PM

Posted 19 April 2016 - 10:05 PM

Please post the Avira report.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 soderquist1

soderquist1
  • Topic Starter

  • Members
  • 126 posts
  • OFFLINE
  •  
  • Local time:03:04 PM

Posted 19 April 2016 - 10:08 PM

Alright here it is
 
 
 
Antivirus Pro
Report file date: April 17, 2016  14:26
 
 
The program is running as an unrestricted full version.
Online services are available.
 
Licensee        : dale
Serial number   :
Platform        : Windows 10 Home
Windows version : (plain)  [10.0.10586]
Boot mode       : Normally booted
Username        : dale
Computer name   : DALE-ASUS
 
Version information:
build.dat       : 15.0.16.282    92460 Bytes  2016-02-22 16:45:00
AVSCAN.EXE      : 15.0.16.276  1235360 Bytes  2016-03-19 01:45:04
AVSCANRC.DLL    : 15.0.16.268    55480 Bytes  2016-03-19 01:45:04
LUKE.DLL        : 15.0.16.273    67840 Bytes  2016-03-19 01:45:14
AVSCPLR.DLL     : 15.0.16.280   130712 Bytes  2016-03-19 01:45:04
REPAIR.DLL      : 15.0.16.251   596760 Bytes  2016-03-19 01:45:03
repair.rdf      : 1.0.16.28    1542694 Bytes  2016-04-13 02:49:15
AVREG.DLL       : 15.0.16.273   350584 Bytes  2016-03-19 01:45:03
avlode.dll      : 15.0.16.276   721384 Bytes  2016-03-19 01:45:02
avlode.rdf      : 14.0.5.36      94056 Bytes  2016-03-02 03:43:24
XBV00008.VDF    : 8.12.37.66      2048 Bytes  2015-12-17 23:50:40
XBV00009.VDF    : 8.12.37.66      2048 Bytes  2015-12-17 23:50:40
XBV00010.VDF    : 8.12.37.66      2048 Bytes  2015-12-17 23:50:40
XBV00011.VDF    : 8.12.37.66      2048 Bytes  2015-12-17 23:50:40
XBV00012.VDF    : 8.12.37.66      2048 Bytes  2015-12-17 23:50:40
XBV00013.VDF    : 8.12.37.66      2048 Bytes  2015-12-17 23:50:40
XBV00014.VDF    : 8.12.37.66      2048 Bytes  2015-12-17 23:50:40
XBV00015.VDF    : 8.12.37.66      2048 Bytes  2015-12-17 23:50:40
XBV00016.VDF    : 8.12.37.66      2048 Bytes  2015-12-17 23:50:40
XBV00017.VDF    : 8.12.37.66      2048 Bytes  2015-12-17 23:50:40
XBV00018.VDF    : 8.12.37.66      2048 Bytes  2015-12-17 23:50:40
XBV00019.VDF    : 8.12.37.66      2048 Bytes  2015-12-17 23:50:40
XBV00020.VDF    : 8.12.37.66      2048 Bytes  2015-12-17 23:50:40
XBV00021.VDF    : 8.12.37.66      2048 Bytes  2015-12-17 23:50:40
XBV00022.VDF    : 8.12.37.66      2048 Bytes  2015-12-17 23:50:40
XBV00023.VDF    : 8.12.37.66      2048 Bytes  2015-12-17 23:50:40
XBV00024.VDF    : 8.12.37.66      2048 Bytes  2015-12-17 23:50:40
XBV00025.VDF    : 8.12.37.66      2048 Bytes  2015-12-17 23:50:41
XBV00026.VDF    : 8.12.37.66      2048 Bytes  2015-12-17 23:50:41
XBV00027.VDF    : 8.12.37.66      2048 Bytes  2015-12-17 23:50:41
XBV00028.VDF    : 8.12.37.66      2048 Bytes  2015-12-17 23:50:41
XBV00029.VDF    : 8.12.37.66      2048 Bytes  2015-12-17 23:50:41
XBV00030.VDF    : 8.12.37.66      2048 Bytes  2015-12-17 23:50:41
XBV00031.VDF    : 8.12.37.66      2048 Bytes  2015-12-17 23:50:41
XBV00032.VDF    : 8.12.37.66      2048 Bytes  2015-12-17 23:50:41
XBV00033.VDF    : 8.12.37.66      2048 Bytes  2015-12-17 23:50:41
XBV00034.VDF    : 8.12.37.66      2048 Bytes  2015-12-17 23:50:41
XBV00035.VDF    : 8.12.37.66      2048 Bytes  2015-12-17 23:50:41
XBV00036.VDF    : 8.12.37.66      2048 Bytes  2015-12-17 23:50:42
XBV00037.VDF    : 8.12.37.66      2048 Bytes  2015-12-17 23:50:42
XBV00038.VDF    : 8.12.37.66      2048 Bytes  2015-12-17 23:50:42
XBV00039.VDF    : 8.12.37.66      2048 Bytes  2015-12-17 23:50:42
XBV00040.VDF    : 8.12.37.66      2048 Bytes  2015-12-17 23:50:42
XBV00041.VDF    : 8.12.37.66      2048 Bytes  2015-12-17 23:50:42
XBV00079.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:35
XBV00080.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:35
XBV00081.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:35
XBV00082.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:35
XBV00083.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:35
XBV00084.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:35
XBV00085.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:35
XBV00086.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:35
XBV00087.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:35
XBV00088.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:35
XBV00089.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:35
XBV00090.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:35
XBV00091.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:35
XBV00092.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:35
XBV00093.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:35
XBV00094.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:35
XBV00095.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:35
XBV00096.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:35
XBV00097.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:35
XBV00098.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:35
XBV00099.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:35
XBV00100.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:35
XBV00101.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:35
XBV00102.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:35
XBV00103.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:35
XBV00104.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:35
XBV00105.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:35
XBV00106.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:35
XBV00107.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:35
XBV00108.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:35
XBV00109.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:35
XBV00110.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:35
XBV00111.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:35
XBV00112.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:35
XBV00113.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:35
XBV00114.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:35
XBV00115.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:35
XBV00116.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:36
XBV00117.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:36
XBV00118.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:36
XBV00119.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:36
XBV00120.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:36
XBV00121.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:36
XBV00122.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:36
XBV00123.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:36
XBV00124.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:36
XBV00125.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:36
XBV00126.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:36
XBV00127.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:36
XBV00128.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:36
XBV00129.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:36
XBV00130.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:36
XBV00131.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:36
XBV00132.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:36
XBV00133.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:36
XBV00134.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:36
XBV00135.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:36
XBV00136.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:36
XBV00137.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:36
XBV00138.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:36
XBV00139.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:36
XBV00140.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:36
XBV00141.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:36
XBV00142.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:36
XBV00143.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:36
XBV00144.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:36
XBV00145.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:36
XBV00146.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:36
XBV00147.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:36
XBV00148.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:36
XBV00149.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:36
XBV00150.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:36
XBV00151.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:36
XBV00152.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:36
XBV00153.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:36
XBV00154.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:36
XBV00155.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:36
XBV00156.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:36
XBV00157.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:37
XBV00158.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:37
XBV00159.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:37
XBV00160.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:37
XBV00161.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:37
XBV00162.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:37
XBV00163.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:37
XBV00164.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:37
XBV00165.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:37
XBV00166.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:37
XBV00167.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:37
XBV00168.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:37
XBV00169.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:37
XBV00170.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:37
XBV00171.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:37
XBV00172.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:37
XBV00173.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:37
XBV00174.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:37
XBV00175.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:37
XBV00176.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:37
XBV00177.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:37
XBV00178.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:37
XBV00179.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:37
XBV00180.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:37
XBV00181.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:37
XBV00182.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:37
XBV00183.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:37
XBV00184.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:37
XBV00185.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:37
XBV00186.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:37
XBV00187.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:37
XBV00188.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:37
XBV00189.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:37
XBV00190.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:37
XBV00191.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:37
XBV00192.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:37
XBV00193.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:38
XBV00194.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:38
XBV00195.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:38
XBV00196.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:38
XBV00197.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:38
XBV00198.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:38
XBV00199.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:38
XBV00200.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:38
XBV00201.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:38
XBV00202.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:38
XBV00203.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:38
XBV00204.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:38
XBV00205.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:38
XBV00206.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:38
XBV00207.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:38
XBV00208.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:38
XBV00209.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:38
XBV00210.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:38
XBV00211.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:38
XBV00212.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:38
XBV00213.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:38
XBV00214.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:38
XBV00215.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:38
XBV00216.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:38
XBV00217.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:38
XBV00218.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:38
XBV00219.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:38
XBV00220.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:38
XBV00221.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:38
XBV00222.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:38
XBV00223.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:38
XBV00224.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:38
XBV00225.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:38
XBV00226.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:38
XBV00227.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:38
XBV00228.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:38
XBV00229.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:38
XBV00230.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:38
XBV00231.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:39
XBV00232.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:39
XBV00233.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:39
XBV00234.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:39
XBV00235.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:39
XBV00236.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:39
XBV00237.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:39
XBV00238.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:39
XBV00239.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:39
XBV00240.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:39
XBV00241.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:39
XBV00242.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:39
XBV00243.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:39
XBV00244.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:39
XBV00245.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:39
XBV00246.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:39
XBV00247.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:39
XBV00248.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:39
XBV00249.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:39
XBV00250.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:39
XBV00251.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:39
XBV00252.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:39
XBV00253.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:39
XBV00254.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:39
XBV00255.VDF    : 8.12.80.192     2048 Bytes  2016-04-13 00:03:39
XBV00000.VDF    : 7.11.70.0   66736640 Bytes  2013-04-04 16:36:49
XBV00001.VDF    : 7.11.237.0  48041984 Bytes  2015-06-02 23:50:28
XBV00002.VDF    : 7.12.37.36  16452096 Bytes  2015-12-17 23:50:40
XBV00003.VDF    : 8.12.44.142  3948032 Bytes  2016-01-09 17:17:43
XBV00004.VDF    : 8.12.52.208  4036096 Bytes  2016-02-02 16:13:23
XBV00005.VDF    : 8.12.62.184  2779136 Bytes  2016-02-26 01:44:49
XBV00006.VDF    : 8.12.71.186  2191360 Bytes  2016-03-19 03:46:53
XBV00007.VDF    : 8.12.80.192  3617280 Bytes  2016-04-13 00:03:33
XBV00042.VDF    : 8.12.80.194    49152 Bytes  2016-04-13 00:03:33
XBV00043.VDF    : 8.12.80.210     2048 Bytes  2016-04-13 00:03:33
XBV00044.VDF    : 8.12.80.226     2048 Bytes  2016-04-13 00:03:33
XBV00045.VDF    : 8.12.80.242    33792 Bytes  2016-04-13 00:03:33
XBV00046.VDF    : 8.12.81.34     67072 Bytes  2016-04-13 00:03:34
XBV00047.VDF    : 8.12.81.50      2048 Bytes  2016-04-13 00:03:34
XBV00048.VDF    : 8.12.81.66     39424 Bytes  2016-04-13 00:03:34
XBV00049.VDF    : 8.12.81.68     12288 Bytes  2016-04-13 00:03:34
XBV00050.VDF    : 8.12.81.70     11264 Bytes  2016-04-13 00:03:34
XBV00051.VDF    : 8.12.81.72      6656 Bytes  2016-04-13 00:03:34
XBV00052.VDF    : 8.12.81.78     33280 Bytes  2016-04-14 00:03:34
XBV00053.VDF    : 8.12.81.80     15872 Bytes  2016-04-14 00:03:34
XBV00054.VDF    : 8.12.81.82      9728 Bytes  2016-04-14 00:03:34
XBV00055.VDF    : 8.12.81.98     13824 Bytes  2016-04-14 00:03:34
XBV00056.VDF    : 8.12.81.126    68608 Bytes  2016-04-14 00:03:34
XBV00057.VDF    : 8.12.81.140    17920 Bytes  2016-04-14 00:03:34
XBV00058.VDF    : 8.12.81.154    38912 Bytes  2016-04-14 00:03:34
XBV00059.VDF    : 8.12.81.156    35328 Bytes  2016-04-14 00:03:34
XBV00060.VDF    : 8.12.81.158    13824 Bytes  2016-04-14 00:03:34
XBV00061.VDF    : 8.12.81.162    71168 Bytes  2016-04-15 22:28:43
XBV00062.VDF    : 8.12.81.176     2048 Bytes  2016-04-15 22:28:43
XBV00063.VDF    : 8.12.81.190    22016 Bytes  2016-04-15 22:28:43
XBV00064.VDF    : 8.12.81.204    19456 Bytes  2016-04-15 22:28:43
XBV00065.VDF    : 8.12.81.218    29696 Bytes  2016-04-15 22:28:43
XBV00066.VDF    : 8.12.81.232    16384 Bytes  2016-04-15 22:28:44
XBV00067.VDF    : 8.12.81.246    13824 Bytes  2016-04-15 22:28:44
XBV00068.VDF    : 8.12.81.250    47616 Bytes  2016-04-15 22:28:44
XBV00069.VDF    : 8.12.81.252     2048 Bytes  2016-04-15 22:28:44
XBV00070.VDF    : 8.12.81.254    31744 Bytes  2016-04-15 22:28:44
XBV00071.VDF    : 8.12.82.0      11776 Bytes  2016-04-15 22:28:44
XBV00072.VDF    : 8.12.82.8     129024 Bytes  2016-04-16 22:28:44
XBV00073.VDF    : 8.12.82.22      2048 Bytes  2016-04-16 22:28:44
XBV00074.VDF    : 8.12.82.34     20992 Bytes  2016-04-16 22:28:44
XBV00075.VDF    : 8.12.82.46     23552 Bytes  2016-04-16 22:28:44
XBV00076.VDF    : 8.12.82.58     19456 Bytes  2016-04-16 22:28:44
XBV00077.VDF    : 8.12.82.60     15872 Bytes  2016-04-16 22:28:44
XBV00078.VDF    : 8.12.82.64     14848 Bytes  2016-04-16 22:28:44
LOCAL001.VDF    : 8.12.82.64  150672384 Bytes  2016-04-16 22:29:16
Engine version  : 8.3.38.26 
AEBB.DLL        : 8.1.3.0        59296 Bytes  2015-11-19 17:08:36
AECORE.DLL      : 8.3.12.4      247720 Bytes  2016-03-23 03:46:51
AEDROID.DLL     : 8.4.3.358    2717608 Bytes  2016-04-05 13:23:52
AEEMU.DLL       : 8.1.3.8       404328 Bytes  2016-03-19 01:44:54
AEEXP.DLL       : 8.4.2.160     300968 Bytes  2016-04-05 13:23:51
AEGEN.DLL       : 8.1.8.84      534432 Bytes  2016-04-16 22:28:43
AEHELP.DLL      : 8.3.2.10      284584 Bytes  2016-02-15 15:58:12
AEHEUR.DLL      : 8.1.4.2246  10165104 Bytes  2016-04-09 17:03:57
AEMOBILE.DLL    : 8.1.8.10      301936 Bytes  2015-11-26 23:37:49
AEOFFICE.DLL    : 8.3.3.24      460712 Bytes  2016-04-09 17:03:58
AEPACK.DLL      : 8.4.2.14      805744 Bytes  2016-04-05 13:23:50
AERDL.DLL       : 8.2.1.42      813928 Bytes  2016-03-19 01:44:59
AESBX.DLL       : 8.2.21.4     1629032 Bytes  2016-03-16 17:09:19
AESCN.DLL       : 8.3.4.4       142456 Bytes  2016-03-12 01:44:47
AESCRIPT.DLL    : 8.3.0.100     592752 Bytes  2016-04-16 22:28:43
AEVDF.DLL       : 8.3.3.4       142184 Bytes  2016-03-23 03:46:52
AVWINLL.DLL     : 15.0.16.227    27680 Bytes  2016-03-19 01:44:54
AVPREF.DLL      : 15.0.16.227    53944 Bytes  2016-03-19 01:45:03
AVREP.DLL       : 15.0.16.227   223400 Bytes  2016-03-19 01:45:03
AVARKT.DLL      : 15.0.16.227   230080 Bytes  2016-03-19 01:45:00
AVEVTLOG.DLL    : 15.0.16.251   200192 Bytes  2016-03-19 01:45:00
SQLITE3.DLL     : 15.0.16.227   459752 Bytes  2016-03-19 01:45:16
AVSMTP.DLL      : 15.0.16.227    80200 Bytes  2016-03-19 01:45:04
NETNT.DLL       : 15.0.16.227    16880 Bytes  2016-03-19 01:45:14
CommonImageRc.dll: 15.0.16.222  4307832 Bytes  2016-03-19 01:44:54
CommonTextRc.dll: 15.0.16.222    68352 Bytes  2016-03-19 01:44:54
 
Configuration settings for the scan:
Jobname.............................: Full scan
Configuration file..................: C:\program files (x86)\avira\antivirus\sysscan.avp
Reporting...........................: default
Primary action......................: Interactive
Secondary action....................: Ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:, E:, F:, Q:, R:, 
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Limit recursion depth...............: 20
Smart extensions....................: on
Macrovirus heuristic................: on
File heuristic......................: extended
Skipped files.......................: 
 
Start of the scan: April 17, 2016  14:26
 
Start scanning boot sectors:
Boot sector 'HDD0(C:, D:, Q:, R:)'
    [info]      No virus was found!
Boot sector 'HDD1(E:, F:)'
    [info]      No virus was found!
 
Starting search for hidden objects.
c:\windows\lastgood\system32\nvaudcap64v.dll
  [NOTE]      The file is not visible.
c:\windows\lastgood\system32\drivers\nvvad64v.sys
  [NOTE]      The file is not visible.
c:\windows\lastgood\system32\drivers
  [NOTE]      The directory is not visible.
 
The scan of running processes will be started:
Scan process 'svchost.exe' - '75' Module(s) have been scanned
Scan process 'svchost.exe' - '31' Module(s) have been scanned
Scan process 'svchost.exe' - '199' Module(s) have been scanned
Scan process 'svchost.exe' - '110' Module(s) have been scanned
Scan process 'svchost.exe' - '54' Module(s) have been scanned
Scan process 'svchost.exe' - '131' Module(s) have been scanned
Scan process 'svchost.exe' - '88' Module(s) have been scanned
Scan process 'svchost.exe' - '122' Module(s) have been scanned
Scan process 'nvvsvc.exe' - '32' Module(s) have been scanned
Scan process 'nvSCPAPISvr.exe' - '39' Module(s) have been scanned
Scan process 'svchost.exe' - '76' Module(s) have been scanned
Scan process 'GFNEXSrv.exe' - '15' Module(s) have been scanned
Scan process 'dashost.exe' - '46' Module(s) have been scanned
Scan process 'AsLdrSrv.exe' - '28' Module(s) have been scanned
Scan process 'spoolsv.exe' - '89' Module(s) have been scanned
Scan process 'sched.exe' - '80' Module(s) have been scanned
Scan process 'svchost.exe' - '38' Module(s) have been scanned
Scan process 'armsvc.exe' - '32' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '29' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '60' Module(s) have been scanned
Scan process 'sftvsa.exe' - '34' Module(s) have been scanned
Scan process 'svchost.exe' - '46' Module(s) have been scanned
Scan process 'avguard.exe' - '119' Module(s) have been scanned
Scan process 'svchost.exe' - '86' Module(s) have been scanned
Scan process 'mbbservice.exe' - '34' Module(s) have been scanned
Scan process 'AGSService.exe' - '34' Module(s) have been scanned
Scan process 'svchost.exe' - '65' Module(s) have been scanned
Scan process 'SMSvcHost.exe' - '41' Module(s) have been scanned
Scan process 'mqsvc.exe' - '68' Module(s) have been scanned
Scan process 'svchost.exe' - '39' Module(s) have been scanned
Scan process 'wlcrasvc.exe' - '63' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '51' Module(s) have been scanned
Scan process 'svchost.exe' - '38' Module(s) have been scanned
Scan process 'mbamservice.exe' - '69' Module(s) have been scanned
Scan process 'ZAM.exe' - '80' Module(s) have been scanned
Scan process 'mbamscheduler.exe' - '47' Module(s) have been scanned
Scan process 'svchost.exe' - '28' Module(s) have been scanned
Scan process 'sftlist.exe' - '75' Module(s) have been scanned
Scan process 'GoogleCrashHandler.exe' - '34' Module(s) have been scanned
Scan process 'GoogleCrashHandler64.exe' - '28' Module(s) have been scanned
Scan process 'SMSvcHost.exe' - '39' Module(s) have been scanned
Scan process 'CVHSVC.EXE' - '74' Module(s) have been scanned
Scan process 'avshadow.exe' - '25' Module(s) have been scanned
Scan process 'avmailc7.exe' - '56' Module(s) have been scanned
Scan process 'avwebg7.exe' - '60' Module(s) have been scanned
Scan process 'alg.exe' - '26' Module(s) have been scanned
Scan process 'OfficeClickToRun.exe' - '89' Module(s) have been scanned
Scan process 'PresentationFontCache.exe' - '39' Module(s) have been scanned
Scan process 'iPodService.exe' - '28' Module(s) have been scanned
Scan process 'dwm.exe' - '53' Module(s) have been scanned
Scan process 'sihost.exe' - '57' Module(s) have been scanned
Scan process 'taskhostw.exe' - '51' Module(s) have been scanned
Scan process 'BatteryLife.exe' - '49' Module(s) have been scanned
Scan process 'USBChargerPlus.exe' - '41' Module(s) have been scanned
Scan process 'LiveUpdate.exe' - '94' Module(s) have been scanned
Scan process 'Explorer.EXE' - '259' Module(s) have been scanned
Scan process 'mbam.exe' - '121' Module(s) have been scanned
Scan process 'nvxdsync.exe' - '59' Module(s) have been scanned
Scan process 'nvvsvc.exe' - '50' Module(s) have been scanned
Scan process 'HControl.exe' - '47' Module(s) have been scanned
Scan process 'ATKOSD2.exe' - '45' Module(s) have been scanned
Scan process 'DMedia.exe' - '41' Module(s) have been scanned
Scan process 'ShellExperienceHost.exe' - '88' Module(s) have been scanned
Scan process 'RuntimeBroker.exe' - '86' Module(s) have been scanned
Scan process 'SetPoint.exe' - '94' Module(s) have been scanned
Scan process 'KHALMNPR.EXE' - '49' Module(s) have been scanned
Scan process 'QuickGesture.exe' - '32' Module(s) have been scanned
Scan process 'FspUip.exe' - '70' Module(s) have been scanned
Scan process 'robotaskbaricon.exe' - '65' Module(s) have been scanned
Scan process 'Seagate.Dashboard.Uploader.exe' - '106' Module(s) have been scanned
Scan process 'Skype.exe' - '144' Module(s) have been scanned
Scan process 'CLMLSvc.exe' - '42' Module(s) have been scanned
Scan process 'wcourier.exe' - '67' Module(s) have been scanned
Scan process 'avgnt.exe' - '108' Module(s) have been scanned
Scan process 'RAVCpl64.exe' - '55' Module(s) have been scanned
Scan process 'RAVBg64.exe' - '54' Module(s) have been scanned
Scan process 'svchost.exe' - '123' Module(s) have been scanned
Scan process 'SettingSyncHost.exe' - '68' Module(s) have been scanned
Scan process 'ApplicationFrameHost.exe' - '45' Module(s) have been scanned
Scan process 'SystemSettings.exe' - '76' Module(s) have been scanned
Scan process 'distnoted.exe' - '40' Module(s) have been scanned
Scan process 'conhost.exe' - '26' Module(s) have been scanned
Scan process 'chrome.exe' - '123' Module(s) have been scanned
Scan process 'chrome.exe' - '35' Module(s) have been scanned
Scan process 'chrome.exe' - '40' Module(s) have been scanned
Scan process 'chrome.exe' - '73' Module(s) have been scanned
Scan process 'chrome.exe' - '55' Module(s) have been scanned
Scan process 'cmd.exe' - '9' Module(s) have been scanned
Scan process 'conhost.exe' - '31' Module(s) have been scanned
Scan process 'rf-chrome-nm-host.exe' - '65' Module(s) have been scanned
Scan process 'chrome.exe' - '55' Module(s) have been scanned
Scan process 'chrome.exe' - '55' Module(s) have been scanned
Scan process 'chrome.exe' - '55' Module(s) have been scanned
Scan process 'chrome.exe' - '55' Module(s) have been scanned
Scan process 'chrome.exe' - '55' Module(s) have been scanned
Scan process 'chrome.exe' - '55' Module(s) have been scanned
Scan process 'chrome.exe' - '55' Module(s) have been scanned
Scan process 'iTunes.exe' - '167' Module(s) have been scanned
Scan process 'AppleMobileDeviceHelper.exe' - '67' Module(s) have been scanned
Scan process 'conhost.exe' - '26' Module(s) have been scanned
Scan process 'APSDaemon.exe' - '83' Module(s) have been scanned
Scan process 'NvNetworkService.exe' - '60' Module(s) have been scanned
Scan process 'GfExperienceService.exe' - '46' Module(s) have been scanned
Scan process 'NvBackend.exe' - '73' Module(s) have been scanned
Scan process 'nvtray.exe' - '51' Module(s) have been scanned
Scan process 'NvStreamService.exe' - '57' Module(s) have been scanned
Scan process 'GFExperience.exe' - '171' Module(s) have been scanned
Scan process 'NvStreamNetworkService.exe' - '71' Module(s) have been scanned
Scan process 'NvStreamUserAgent.exe' - '74' Module(s) have been scanned
Scan process 'conhost.exe' - '31' Module(s) have been scanned
Scan process 'taskhostw.exe' - '61' Module(s) have been scanned
Scan process 'SearchUI.exe' - '118' Module(s) have been scanned
Scan process 'ZAM.exe' - '115' Module(s) have been scanned
Scan process 'avcenter.exe' - '129' Module(s) have been scanned
Scan process 'avscan.exe' - '77' Module(s) have been scanned
Scan process 'avscan.exe' - '111' Module(s) have been scanned
Scan process 'vssvc.exe' - '32' Module(s) have been scanned
Scan process 'svchost.exe' - '26' Module(s) have been scanned
Scan process 'chrome.exe' - '57' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '24' Module(s) have been scanned
Scan process 'lsass.exe' - '94' Module(s) have been scanned
Scan process 'winlogon.exe' - '30' Module(s) have been scanned
 
Starting to scan executable files (registry):
The file 'C:\Program Files (x86)\ERUNT\NTREGOPT.EXE' was found in the cache; the Protection Cloud scan was skipped. SHA256 = 7C49DBE389E77646C1C0A4643059DF578CA0D613222683338862391D17285278
The registry was scanned ( '5801' files ).
 
 
Starting the file scan:
 
Begin scan in 'C:\' <OS>
The file 'C:\Program Files\Common Files\Logishrd\sp6_Uninstall\tools\SetClean.exe' was found in the cache; the Protection Cloud scan was skipped. SHA256 = EAFCA21C1913F5402463874E3F08D88F4D56D15D45E5076F3E430B4B7D35236E
The file 'C:\Program Files\Common Files\Logishrd\sp6_Uninstall\tools\tools\SetClean.exe' was found in the cache; the Protection Cloud scan was skipped. SHA256 = EAFCA21C1913F5402463874E3F08D88F4D56D15D45E5076F3E430B4B7D35236E
Successful Cloud SDK initialization and license check.
The file 'C:\Program Files\Nightly\uninstall\helper.exe' was scanned with the Protection Cloud. SHA256 = 835A75FA66E9B5DF16073861813F09359876BEA675D0BDCE663D9BAD8E339A74
The file 'C:\Program Files (x86)\Bonjour\mDNSResponder.exe' was found in the cache; the Protection Cloud scan was skipped. SHA256 = 7E5EB1CE44FEBE93686174058D51581FA00BDFF0EBB84BD74BC08F6386019253
The file 'C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe' was found in the cache; the Protection Cloud scan was skipped. SHA256 = CA26DACA9C8731E4DE50B555F31D25921BA52000D1340389BA7A9C0189A80CC4
The file 'C:\Program Files (x86)\ERUNT\NTREGOPT.EXE' was found in the cache; the Protection Cloud scan was skipped. SHA256 = 7C49DBE389E77646C1C0A4643059DF578CA0D613222683338862391D17285278
The file 'C:\Program Files (x86)\LG Electronics\LG USB Modem Driver\ExeLauncher.exe' was found in the cache; the Protection Cloud scan was skipped. SHA256 = 1E569CD10CB394EC4EC794DA337DADA8406640B218A1066C61E73221D112ADD4
The file 'C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\SeagateRegister.exe' was scanned with the Protection Cloud. SHA256 = F6AD410BBD2FCD4F6289D24462C6678A5E633F46FFBF79316E07C99BA700BFA0
The file 'C:\Users\dale\Documents\Curse\Minecraft\Install\minecraft.exe' was found in the cache; the Protection Cloud scan was skipped. SHA256 = 19E708DC0F89FD7D0B7FA6D70955C6F2B5DAEB402BA298FC2DAA5AB676941C84
The file 'C:\Users\dale\Downloads\erunt-setup.exe' was found in the cache; the Protection Cloud scan was skipped. SHA256 = 87DFB640B4CC6037B804D4C0CC5DA3C2A9023F67422F00F7BD6953E4F650ECA0
The file 'C:\Users\dale\Downloads\misc files keep\setpoint6.61.15_smart.exe' was found in the cache; the Protection Cloud scan was skipped. SHA256 = 6C06454C5811D2ECCE071375D1335A380150F167B7A9CE69F26241E8F87BC39C
The file 'C:\Windows\zoek-delete.exe' was found in the cache; the Protection Cloud scan was skipped. SHA256 = 8BE8C4881651E30C8B0197980250E6A66E287F72E7EE3FCF0615A24C100998C2
Begin scan in 'D:\' <DATA>
Begin scan in 'E:\' <SDATA1>
Begin scan in 'F:\' <SDATA2>
Begin scan in 'Q:\'
Search path Q:\ could not be opened!
System error [5]: Access is denied.
Begin scan in 'R:\' <RECOVERY>
 
 
End of the scan: April 17, 2016  17:36
Used time:  3:10:02 Hour(s)
 
The scan has been done completely.
 
  50562 Scanned directories
 3097883 Files were scanned
      0 Viruses and/or unwanted programs were found
      0 Files were classified as suspicious
      0 Files were deleted
      0 Viruses and unwanted programs were repaired
      0 Files were moved to quarantine
      0 Files were renamed
      0 Files cannot be scanned
 3097883 Files not concerned
  71139 Archives were scanned
      0 Warnings
      3 Notes
 1272175 Objects were scanned with rootkit scan
      3 Hidden objects were found

Edited by Oh My!, 19 April 2016 - 10:21 PM.


#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,158 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:03:04 PM

Posted 19 April 2016 - 10:15 PM

I only see 3 entries and I assume you are referring to:

c:\windows\lastgood\system32\nvaudcap64v.dll
c:\windows\lastgood\system32\drivers\nvvad64v.sys
c:\windows\lastgood\system32\drivers


These files are not malicious and your computer is clean.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 soderquist1

soderquist1
  • Topic Starter

  • Members
  • 126 posts
  • OFFLINE
  •  
  • Local time:03:04 PM

Posted 19 April 2016 - 10:21 PM

Ah alright thanks for your time, good to know it was clean afterall



#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,158 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:03:04 PM

Posted 19 April 2016 - 10:23 PM

My pleasure. I will close the Topic.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,158 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:03:04 PM

Posted 19 April 2016 - 10:24 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users