TechSpot

Malware or ???? Logs contained within

By lushy
Apr 22, 2015
  1. Hi,
    I am new here but I suspect that malware of some kind may be hidden on my computer. I came here to join in hopes that perhaps some one might help me with this situation. I have completed step 2 and will attach
    my results from the indicated place in the step 5 removal process. It might take 3 pages to get all of the results from the scan. Please bare with me as I try to break this down in a reasonably amount to post.

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-04-2015 01
    Ran by owner (administrator) on OWNER-PC on 22-04-2015 17:25:55
    Running from C:\Users\owner\Downloads\Downloads
    Loaded Profiles: owner (Available profiles: owner)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    More to follow
     
  2. lushy

    lushy TS Rookie Topic Starter Posts: 86

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKU\S-1-5-21-2095107414-2841986566-2177878057-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
    HKU\S-1-5-21-2095107414-2841986566-2177878057-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://us.yhs4.search.yahoo.com/yhs...D&cr=289238440&a=wny_dnldstr_15_14&os=Windows 7 Home Premium&p={searchTerms}
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://us.yhs4.search.yahoo.com/yhs...D&cr=289238440&a=wny_dnldstr_15_14&os=Windows 7 Home Premium&p={searchTerms}
    SearchScopes: HKLM -> {EECAE40C-15F1-454A-AFD5-D1640B86E434} URL = http://www.google.com/search?source...nputEncoding}&oe={outputEncoding}&rlz=1I7TSNF
    SearchScopes: HKLM-x32 -> {9587D1B1-61A8-4FCF-A9E3-276286D475ED} URL = http://www.google.com/search?source...nputEncoding}&oe={outputEncoding}&rlz=1I7TSNF
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-2095107414-2841986566-2177878057-1000 -> DefaultScope {EECAE40C-15F1-454A-AFD5-D1640B86E434} URL = http://www.google.com/search?source...nputEncoding}&oe={outputEncoding}&rlz=1I7TSNF
    SearchScopes: HKU\S-1-5-21-2095107414-2841986566-2177878057-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://us.yhs4.search.yahoo.com/yhs...D&cr=289238440&a=wny_dnldstr_15_14&os=Windows 7 Home Premium&p={searchTerms}
    SearchScopes: HKU\S-1-5-21-2095107414-2841986566-2177878057-1000 -> {EECAE40C-15F1-454A-AFD5-D1640B86E434} URL = http://www.google.com/search?source...nputEncoding}&oe={outputEncoding}&rlz=1I7TSNF
    BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
    BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
    BHO: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
    BHO: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll [2012-08-24] (TOSHIBA Corporation)
    BHO-x32: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-29] (Oracle Corporation)
    BHO-x32: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
    BHO-x32: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-29] (Oracle Corporation)
    Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12

    FireFox:
    ========
    FF ProfilePath: C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\1fgxzkaq.default
    FF DefaultSearchEngine: Google
    FF DefaultSearchEngine.US: Search Provided by Yahoo
    FF Homepage: hxxp://us.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_dnldstr_15_14&param1=1&param2=f%3D1%26b%3DFirefox%26cc%3Dus%26pa%3DWinYahoo%26cd%3D2XzuyEtN2Y1L1Qzu0BzzyBtD0FyEyE0CyDyCyDzz0Bzyzy0AtN0D0Tzu0StCtCzzyCtN1L2XzutAtFzytFyEtFtCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyDtDyEyBtB0FyD0EtGyBzyzyzytGzztBtCzztGzzzz0A0BtGyDyEzyyD0E0CyByEtDzytD0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDzytB0D0BtDtByCtG0A0EyBtBtGyE0DzytAtG0AyDtC0FtG0DtBzyzztDzztBtAtCyCtCtC2QtN0A0LzutBtN1B2Z1V1T1S1NzuyCyDyD%26cr%3D289238440%26a%3Dwny_dnldstr_15_14%26os%3DWindows 7 Home Premium
    FF NetworkProxy: "no_proxies_on", "localhost,127.0.0.1"
    FF NetworkProxy: "type", 4
    FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll No File
    FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-29] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-29] (Oracle Corporation)
    FF Plugin-x32: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\content_blocker@kaspersky.com [2015-02-27] ()
    FF Plugin-x32: @kaspersky.com/online_banking_08806E753BE44495B44E90AA2513BDC5 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\online_banking@kaspersky.com [2015-02-27] ()
    FF Plugin-x32: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-02-27] ()
    FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2010-06-01] (Yahoo! Inc.)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-02] (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-2095107414-2841986566-2177878057-1000: @tools.google.com/Google Update;version=3 -> C:\Users\owner\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll [2014-02-20] (Google Inc.)
    FF Plugin HKU\S-1-5-21-2095107414-2841986566-2177878057-1000: @tools.google.com/Google Update;version=9 -> C:\Users\owner\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll [2014-02-20] (Google Inc.)
    FF SearchPlugin: C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\1fgxzkaq.default\searchplugins\search-provided-by-yahoo.xml [2015-04-01]
    FF Extension: Blur (Formerly DoNotTrackMe) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\1fgxzkaq.default\Extensions\donottrackplus@abine.com [2015-01-11]
    FF Extension: MaskMe - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\1fgxzkaq.default\Extensions\idme@abine.com [2014-11-22]
    FF Extension: Adblock Plus Pop-up Addon - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\1fgxzkaq.default\Extensions\adblockpopups@jessehakanen.net.xpi [2015-02-12]
    FF Extension: Cipherbox - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\1fgxzkaq.default\Extensions\jid0-EXn9xmBHVjhjf7gdSvcwa8VK00M@jetpack.xpi [2012-06-28]
    FF Extension: QuickWhois - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\1fgxzkaq.default\Extensions\jid0-teMJF8ekAEGnSSBPEBxCcyGbBO0@jetpack.xpi [2012-06-28]
    FF Extension: Lightbeam - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\1fgxzkaq.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2015-01-22]
    FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak [2015-03-22]
    FF HKLM-x32\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\content_blocker@kaspersky.com
    FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\content_blocker@kaspersky.com [2015-02-27]
    FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\virtual_keyboard@kaspersky.com
    FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-02-27]
    FF HKLM-x32\...\Firefox\Extensions: [online_banking_08806E753BE44495B44E90AA2513BDC5@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\online_banking@kaspersky.com
    FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\online_banking@kaspersky.com [2015-02-27]
     
  3. lushy

    lushy TS Rookie Topic Starter Posts: 86

    Chrome:
    =======
    CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
    CHR Plugin: (Native Client) - C:\Users\owner\AppData\Local\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll ()
    CHR Plugin: (Chrome PDF Viewer) - C:\Users\owner\AppData\Local\Google\Chrome\Application\33.0.1750.146\pdf.dll ()
    CHR Plugin: (Shockwave Flash) - C:\Users\owner\AppData\Local\Google\Chrome\Application\33.0.1750.146\gcswf32.dll No File
    CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
    CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.397_0\plugin/npUrlAdvisor.dll No File
    CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.374_0\plugin/npVKPlugin.dll No File
    CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll No File
    CHR Plugin: (Skype Toolbars) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.8.0.8855_0\npSkypeChromePlugin.dll No File
    CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll No File
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll No File
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll No File
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll No File
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll No File
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
    CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL No File
    CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
    CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
    CHR Plugin: (Photodex Presenter Plugin) - C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll No File
    CHR Plugin: (Windows Live? Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll No File
    CHR Plugin: (Default Plug-in) - default_plugin No File
    CHR Profile: C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (YouTube) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-01-18]
    CHR Extension: (Google Search) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-01-18]
    CHR Extension: (Kaspersky URL Advisor) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-03-13]
    CHR Extension: (Dangerous Websites Blocker) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2014-03-13]
    CHR Extension: (Virtual Keyboard) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-03-13]
    CHR Extension: (Google Wallet) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-16]
    CHR Extension: (Gmail) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-01-18]
    CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
    CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
    StartMenuInternet: Google Chrome - C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2015-03-26] (SUPERAntiSpyware.com)
    R2 AVP15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe [193400 2014-12-23] (Kaspersky Lab ZAO)
    R2 DMAgent; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [514048 2011-11-30] (Red Bend Ltd.) [File not signed]
    R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
    R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
    S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-07-19] ()
    S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
    S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
    R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 1999-12-31] (Realtek Semiconductor)
    R2 WiMAXAppSrv; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [979456 2011-11-30] (Intel(R) Corporation) [File not signed]
    R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
     
  4. lushy

    lushy TS Rookie Topic Starter Posts: 86

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
    R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
    R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
    R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [56008 2015-03-26] (Kaspersky Lab ZAO)
    R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [151240 2014-11-28] (Kaspersky Lab ZAO)
    R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [245960 2014-10-22] (Kaspersky Lab ZAO)
    R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [842440 2015-03-26] (Kaspersky Lab ZAO)
    R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30920 2014-10-10] (Kaspersky Lab ZAO)
    R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [30920 2014-10-30] (Kaspersky Lab ZAO)
    R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
    R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
    R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [57032 2014-10-09] (Kaspersky Lab ZAO)
    R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77000 2014-11-22] (Kaspersky Lab ZAO)
    R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [181960 2014-11-10] (Kaspersky Lab ZAO)
    R1 mbamchameleon; C:\windows\system32\drivers\mbamchameleon.sys [107736 2015-03-17] (Malwarebytes Corporation)
    R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-22] (Malwarebytes Corporation)
    R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)
    R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2014-03-14] (Intel Corporation)
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [141384 2010-11-11] (MCCI Corporation)
    S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-01-08] ()
    S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
     
  5. lushy

    lushy TS Rookie Topic Starter Posts: 86

    ==================== Three Months Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-04-22 17:25 - 2015-04-22 17:25 - 00000000 ____D () C:\FRST
    2015-04-22 02:19 - 2015-04-22 02:19 - 00000000 _____ () C:\windows\SysWOW64\FAP18B0.tmp
    2015-04-22 02:19 - 2015-04-22 02:19 - 00000000 _____ () C:\windows\SysWOW64\FAP15EF.tmp
    2015-04-21 19:40 - 2015-04-21 19:40 - 00001677 _____ () C:\Users\owner\Documents\All there is..txt
    2015-04-18 11:36 - 2015-04-18 11:36 - 00001197 _____ () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\GIF Construction Set Professional 5.lnk
    2015-04-18 11:36 - 2015-04-18 11:36 - 00001173 _____ () C:\Users\owner\Desktop\GIF Construction Set Professional 5.lnk
    2015-04-18 11:36 - 2015-04-18 11:36 - 00000000 ____D () C:\Users\owner\Documents\My GIF Animations
    2015-04-16 14:09 - 2015-04-22 11:27 - 00000366 _____ () C:\windows\Tasks\SCHEDLGU.TXT
    2015-04-14 14:58 - 2015-03-24 20:24 - 03298816 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
    2015-04-14 14:58 - 2015-03-24 20:24 - 02553856 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
    2015-04-14 14:58 - 2015-03-24 20:24 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
    2015-04-14 14:58 - 2015-03-24 20:24 - 00191488 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
    2015-04-14 14:58 - 2015-03-24 20:24 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
    2015-04-14 14:58 - 2015-03-24 20:24 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
    2015-04-14 14:58 - 2015-03-24 20:24 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
    2015-04-14 14:58 - 2015-03-24 20:24 - 00035328 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
    2015-04-14 14:58 - 2015-03-24 20:23 - 00135168 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
    2015-04-14 14:58 - 2015-03-24 20:23 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
    2015-04-14 14:58 - 2015-03-24 20:23 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
    2015-04-14 14:58 - 2015-03-24 20:00 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
    2015-04-14 14:58 - 2015-03-24 20:00 - 00173056 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
    2015-04-14 14:58 - 2015-03-24 20:00 - 00092672 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
    2015-04-14 14:58 - 2015-03-24 20:00 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
    2015-04-14 14:58 - 2015-03-24 20:00 - 00029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
    2015-04-14 14:58 - 2015-03-22 20:25 - 00769536 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
    2015-04-14 14:58 - 2015-03-22 20:25 - 00726528 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
    2015-04-14 14:58 - 2015-03-22 20:24 - 00957952 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
    2015-04-14 14:58 - 2015-03-22 20:24 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
    2015-04-14 14:58 - 2015-03-22 20:24 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
    2015-04-14 14:58 - 2015-03-22 20:24 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
    2015-04-14 14:58 - 2015-03-22 20:24 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
    2015-04-14 14:58 - 2015-03-22 20:17 - 01111552 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
    2015-04-14 14:58 - 2015-03-04 22:12 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
    2015-04-14 14:58 - 2015-03-04 21:05 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
    2015-04-14 14:57 - 2015-03-16 22:22 - 05557696 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
    2015-04-14 14:57 - 2015-03-16 22:19 - 01727904 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
    2015-04-14 14:57 - 2015-03-16 22:17 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
    2015-04-14 14:57 - 2015-03-16 22:17 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
    2015-04-14 14:57 - 2015-03-16 22:16 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
    2015-04-14 14:57 - 2015-03-16 22:16 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
    2015-04-14 14:57 - 2015-03-16 22:16 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
    2015-04-14 14:57 - 2015-03-16 22:16 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
    2015-04-14 14:57 - 2015-03-16 22:16 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
    2015-04-14 14:57 - 2015-03-16 22:16 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
    2015-04-14 14:57 - 2015-03-16 22:16 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
    2015-04-14 14:57 - 2015-03-16 22:16 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
    2015-04-14 14:57 - 2015-03-16 22:15 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
    2015-04-14 14:57 - 2015-03-16 22:01 - 03976632 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
    2015-04-14 14:57 - 2015-03-16 22:01 - 03920824 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
    2015-04-14 14:57 - 2015-03-16 21:59 - 01309696 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
    2015-04-14 14:57 - 2015-03-16 21:57 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
    2015-04-14 14:57 - 2015-03-16 21:57 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
    2015-04-14 14:57 - 2015-03-16 21:56 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
    2015-04-14 14:57 - 2015-03-09 20:25 - 01882624 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
    2015-04-14 14:57 - 2015-03-09 20:21 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
    2015-04-14 14:57 - 2015-03-09 20:08 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
    2015-04-14 14:57 - 2015-03-09 20:05 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
    2015-04-14 14:56 - 2015-03-16 22:22 - 00155576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
    2015-04-14 14:56 - 2015-03-16 22:22 - 00095672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
    2015-04-14 14:56 - 2015-03-16 22:17 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
    2015-04-14 14:56 - 2015-03-16 22:16 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
    2015-04-14 14:56 - 2015-03-16 22:16 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
    2015-04-14 14:56 - 2015-03-16 22:16 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
    2015-04-14 14:56 - 2015-03-16 22:16 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
    2015-04-14 14:56 - 2015-03-16 22:16 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
    2015-04-14 14:56 - 2015-03-16 22:16 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
    2015-04-14 14:56 - 2015-03-16 22:16 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
    2015-04-14 14:56 - 2015-03-16 22:16 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
    2015-04-14 14:56 - 2015-03-16 22:16 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
    2015-04-14 14:56 - 2015-03-16 22:16 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
    2015-04-14 14:56 - 2015-03-16 22:16 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
    2015-04-14 14:56 - 2015-03-16 22:16 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
    2015-04-14 14:56 - 2015-03-16 22:15 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
    2015-04-14 14:56 - 2015-03-16 22:15 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
    2015-04-14 14:56 - 2015-03-16 22:13 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
    2015-04-14 14:56 - 2015-03-16 22:13 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
    2015-04-14 14:56 - 2015-03-16 22:11 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
    2015-04-14 14:56 - 2015-03-16 22:11 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
    2015-04-14 14:56 - 2015-03-16 22:11 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 22:11 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 22:11 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 22:11 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 22:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 22:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 22:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 22:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 21:57 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
    2015-04-14 14:56 - 2015-03-16 21:57 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
    2015-04-14 14:56 - 2015-03-16 21:57 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
    2015-04-14 14:56 - 2015-03-16 21:57 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
    2015-04-14 14:56 - 2015-03-16 21:57 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
    2015-04-14 14:56 - 2015-03-16 21:57 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
    2015-04-14 14:56 - 2015-03-16 21:57 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
    2015-04-14 14:56 - 2015-03-16 21:56 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
    2015-04-14 14:56 - 2015-03-16 21:56 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
    2015-04-14 14:56 - 2015-03-16 21:56 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
    2015-04-14 14:56 - 2015-03-16 21:56 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
    2015-04-14 14:56 - 2015-03-16 21:56 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
    2015-04-14 14:56 - 2015-03-16 21:56 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
    2015-04-14 14:56 - 2015-03-16 21:53 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
    2015-04-14 14:56 - 2015-03-16 21:53 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
    2015-04-14 14:56 - 2015-03-16 21:50 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
    2015-04-14 14:56 - 2015-03-16 21:50 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
    2015-04-14 14:56 - 2015-03-16 21:50 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 21:50 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 21:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 21:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 21:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 21:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 21:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 20:45 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
    2015-04-14 14:56 - 2015-03-16 20:45 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
    2015-04-14 14:56 - 2015-03-16 20:43 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 20:43 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 20:43 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
    2015-04-14 14:56 - 2015-03-16 20:43 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
    2015-04-14 14:55 - 2015-02-24 20:18 - 00754688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
    2015-04-14 14:54 - 2015-04-01 17:17 - 00389808 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
    2015-04-14 14:54 - 2015-04-01 16:49 - 00342704 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
    2015-04-14 14:54 - 2015-03-12 21:32 - 24980480 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
    2015-04-14 14:54 - 2015-03-12 21:25 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
    2015-04-14 14:54 - 2015-03-12 21:25 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
    2015-04-14 14:54 - 2015-03-12 21:09 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
    2015-04-14 14:54 - 2015-03-12 21:08 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
    2015-04-14 14:54 - 2015-03-12 21:08 - 00417280 _____ (Microsoft Corporation) C:\windows\system32\html.iec
    2015-04-14 14:54 - 2015-03-12 21:08 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
    2015-04-14 14:54 - 2015-03-12 21:07 - 02886144 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
    2015-04-14 14:54 - 2015-03-12 21:06 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
    2015-04-14 14:54 - 2015-03-12 21:00 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
    2015-04-14 14:54 - 2015-03-12 20:59 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
    2015-04-14 14:54 - 2015-03-12 20:55 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
    2015-04-14 14:54 - 2015-03-12 20:54 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
    2015-04-14 14:54 - 2015-03-12 20:54 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
    2015-04-14 14:54 - 2015-03-12 20:53 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
    2015-04-14 14:54 - 2015-03-12 20:50 - 06025216 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
     
  6. lushy

    lushy TS Rookie Topic Starter Posts: 86

    2015-04-14 14:54 - 2015-03-12 20:44 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
    2015-04-14 14:54 - 2015-03-12 20:42 - 19695616 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
    2015-04-14 14:54 - 2015-03-12 20:42 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
    2015-04-14 14:54 - 2015-03-12 20:40 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
    2015-04-14 14:54 - 2015-03-12 20:32 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
    2015-04-14 14:54 - 2015-03-12 20:28 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
    2015-04-14 14:54 - 2015-03-12 20:28 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
    2015-04-14 14:54 - 2015-03-12 20:27 - 00340992 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
    2015-04-14 14:54 - 2015-03-12 20:27 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
    2015-04-14 14:54 - 2015-03-12 20:27 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
    2015-04-14 14:54 - 2015-03-12 20:26 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
    2015-04-14 14:54 - 2015-03-12 20:26 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
    2015-04-14 14:54 - 2015-03-12 20:23 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
    2015-04-14 14:54 - 2015-03-12 20:22 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
    2015-04-14 14:54 - 2015-03-12 20:20 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
    2015-04-14 14:54 - 2015-03-12 20:20 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
    2015-04-14 14:54 - 2015-03-12 20:17 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
    2015-04-14 14:54 - 2015-03-12 20:16 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
    2015-04-14 14:54 - 2015-03-12 20:15 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
    2015-04-14 14:54 - 2015-03-12 20:08 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
    2015-04-14 14:54 - 2015-03-12 20:07 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
    2015-04-14 14:54 - 2015-03-12 20:06 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
    2015-04-14 14:54 - 2015-03-12 20:05 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
    2015-04-14 14:54 - 2015-03-12 20:05 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
    2015-04-14 14:54 - 2015-03-12 20:01 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
    2015-04-14 14:54 - 2015-03-12 20:00 - 14397440 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
    2015-04-14 14:54 - 2015-03-12 19:57 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
    2015-04-14 14:54 - 2015-03-12 19:56 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
    2015-04-14 14:54 - 2015-03-12 19:54 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
    2015-04-14 14:54 - 2015-03-12 19:49 - 04305408 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
    2015-04-14 14:54 - 2015-03-12 19:45 - 02358784 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
    2015-04-14 14:54 - 2015-03-12 19:44 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
    2015-04-14 14:54 - 2015-03-12 19:43 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
    2015-04-14 14:54 - 2015-03-12 19:42 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
    2015-04-14 14:54 - 2015-03-12 19:34 - 12825600 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
    2015-04-14 14:54 - 2015-03-12 19:33 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
    2015-04-14 14:54 - 2015-03-12 19:22 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
    2015-04-14 14:54 - 2015-03-12 19:20 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
    2015-04-14 14:54 - 2015-03-12 19:16 - 01311232 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
    2015-04-14 14:54 - 2015-03-12 19:14 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
    2015-04-14 14:52 - 2015-03-03 21:55 - 00367552 _____ (Microsoft Corporation) C:\windows\system32\clfs.sys
    2015-04-14 14:52 - 2015-03-03 21:41 - 00079360 _____ (Microsoft Corporation) C:\windows\system32\clfsw32.dll
    2015-04-14 14:52 - 2015-03-03 21:10 - 00058880 _____ (Microsoft Corporation) C:\windows\SysWOW64\clfsw32.dll
    2015-04-13 18:30 - 2015-04-13 18:44 - 00003022 _____ () C:\Users\owner\Documents\VA Document File244940828.txt
    2015-04-13 18:21 - 2015-04-13 18:21 - 00003022 _____ () C:\Users\owner\VA Document File244940828.txt
    2015-04-13 16:25 - 2015-04-13 16:25 - 00001990 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
    2015-04-13 16:23 - 2015-04-13 16:23 - 00000000 ____D () C:\Program Files (x86)\Adobe
    2015-04-06 16:55 - 2015-04-07 13:43 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\58A52B02.sys
    2015-04-04 11:24 - 2015-04-04 11:25 - 00000000 ___SD () C:\windows\system32\GWX
    2015-04-04 11:24 - 2015-04-04 11:24 - 00000000 ___SD () C:\windows\SysWOW64\GWX
    2015-04-03 15:04 - 2015-04-03 15:04 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\6C9D6BB4.sys
    2015-04-02 14:57 - 2015-04-02 14:57 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\4B701823.sys
    2015-04-01 15:44 - 2015-04-01 15:44 - 00001432 _____ () C:\Users\owner\Blue Cross Blue shield protection Plan enrollment 4-1-2015.txt
    2015-03-29 13:01 - 2015-03-29 13:01 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\4FF40755.sys
    2015-03-24 15:02 - 2015-03-24 15:02 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\76CC5CCB.sys
    2015-03-22 12:08 - 2015-03-21 11:17 - 21555712 _____ () C:\Users\owner\Downloads\AnimationWorkshop - Copy.msi
     
  7. lushy

    lushy TS Rookie Topic Starter Posts: 86

    2015-03-22 12:08 - 2015-03-21 11:17 - 21555712 _____ () C:\Users\owner\Downloads\AnimationWorkshop - Copy - Copy.msi
    2015-03-21 17:27 - 2015-03-21 17:27 - 00001107 _____ () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Font Wrangler 5.lnk
    2015-03-21 17:27 - 2015-03-21 17:27 - 00001083 _____ () C:\Users\owner\Desktop\Font Wrangler 5.lnk
    2015-03-21 11:28 - 2015-03-28 11:56 - 00001209 _____ () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Animation Workshop 5.lnk
    2015-03-21 11:28 - 2015-03-28 11:56 - 00001185 _____ () C:\Users\owner\Desktop\Animation Workshop 5.lnk
    2015-03-21 11:16 - 2015-03-21 11:17 - 21555712 _____ () C:\Users\owner\Downloads\AnimationWorkshop.msi
    2015-03-20 16:51 - 2015-03-21 10:53 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\564177C9.sys
    2015-03-19 15:56 - 2015-03-19 15:56 - 00000583 _____ () C:\Users\owner\Documents\Donation Receipt.txt
    2015-03-16 14:14 - 2015-03-16 14:14 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\owner\Downloads\tdsskiller.exe
    2015-03-15 12:07 - 2015-03-15 12:07 - 00101321 _____ () C:\Users\owner\Downloads\Dans SD.pspimage
    2015-03-15 10:03 - 2015-03-15 10:04 - 00000000 ____D () C:\ProgramData\SUPERSetup
    2015-03-14 16:13 - 2015-03-14 16:13 - 01740699 _____ () C:\Users\owner\Downloads\IMG_1165.pspimage
    2015-03-14 12:41 - 2015-03-14 12:41 - 10108416 _____ () C:\Users\owner\Downloads\TextEffects3Plugin.msi
    2015-03-11 18:03 - 2015-03-11 18:03 - 00029440 _____ () C:\Users\owner\Documents\Kaspersky Virus removal & PC Support.txt
    2015-03-11 14:17 - 2015-03-20 10:57 - 00000550 _____ () C:\windows\Tasks\SUPERAntiSpyware Scheduled Task 70c72f10-ae51-4b33-9831-ce4128b5386b.job
    2015-03-11 14:17 - 2015-03-11 14:17 - 00003628 _____ () C:\windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 70c72f10-ae51-4b33-9831-ce4128b5386b
    2015-03-11 14:13 - 2015-04-22 14:15 - 00000510 _____ () C:\windows\Tasks\SUPERAntiSpyware Scheduled Task e8cb2094-8d83-4bb2-a5df-352dff43669b.job
    2015-03-11 14:13 - 2015-03-11 14:15 - 00003554 _____ () C:\windows\System32\Tasks\SUPERAntiSpyware Scheduled Task e8cb2094-8d83-4bb2-a5df-352dff43669b
    2015-03-10 19:42 - 2015-04-21 19:47 - 00000587 _____ () C:\Users\owner\Documents\Quotes1.txt
    2015-03-10 15:24 - 2015-03-19 17:17 - 00001936 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
    2015-03-10 15:24 - 2015-03-10 15:24 - 00000000 ____D () C:\Users\owner\AppData\Roaming\SUPERAntiSpyware.com
    2015-03-10 15:24 - 2015-03-10 15:24 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
    2015-03-10 15:21 - 2012-08-27 11:18 - 19411496 _____ (SUPERAntiSpyware.com) C:\Users\owner\Desktop\SUPERAntiSpyware.exe
    2015-03-10 14:09 - 2014-02-22 12:06 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\owner\Desktop\MalwareBytes Antimalware.exe
    2015-03-10 13:57 - 2015-03-10 13:57 - 01528128 _____ (LogMeIn, Inc.) C:\Users\owner\Downloads\Support-LogMeInRescue.exe
    2015-03-10 12:25 - 2015-02-19 21:13 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
    2015-03-10 12:25 - 2015-02-19 21:13 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
    2015-03-10 12:25 - 2015-02-19 21:13 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
    2015-03-10 12:25 - 2015-02-19 21:12 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
    2015-03-10 12:25 - 2015-02-19 20:09 - 00299008 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
    2015-03-10 12:25 - 2015-02-02 20:34 - 00094656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
    2015-03-10 12:25 - 2015-02-02 20:19 - 00663552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
    2015-03-10 12:25 - 2015-02-02 20:12 - 11411968 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
    2015-03-10 12:25 - 2015-02-02 20:12 - 03209728 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
    2015-03-10 12:25 - 2015-02-02 20:12 - 01329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
    2015-03-10 12:25 - 2015-02-02 20:12 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
    2015-03-10 12:25 - 2015-02-02 20:12 - 01005056 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptui.dll
    2015-03-10 12:25 - 2015-02-02 20:12 - 00988160 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmv2clt.dll
    2015-03-10 12:25 - 2015-02-02 20:12 - 00744960 _____ (Microsoft Corporation) C:\windows\SysWOW64\blackbox.dll
    2015-03-10 12:25 - 2015-02-02 20:12 - 00617984 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmdrmsdk.dll
    2015-03-10 12:25 - 2015-02-02 20:12 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
    2015-03-10 12:25 - 2015-02-02 20:12 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscp.dll
    2015-03-10 12:25 - 2015-02-02 20:12 - 00489984 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
    2015-03-10 12:25 - 2015-02-02 20:12 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
    2015-03-10 12:25 - 2015-02-02 20:12 - 00406016 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmmgrtn.dll
    2015-03-10 12:25 - 2015-02-02 20:12 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
    2015-03-10 12:25 - 2015-02-02 20:12 - 00354816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
    2015-03-10 12:25 - 2015-02-02 20:12 - 00265216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msnetobj.dll
    2015-03-10 12:25 - 2015-02-02 20:12 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
    2015-03-10 12:25 - 2015-02-02 20:12 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
    2015-03-10 12:25 - 2015-02-02 20:12 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
    2015-03-10 12:25 - 2015-02-02 20:12 - 00103936 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
    2015-03-10 12:25 - 2015-02-02 20:12 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
    2015-03-10 12:25 - 2015-02-02 20:12 - 00081408 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsp.dll
    2015-03-10 12:25 - 2015-02-02 20:12 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
    2015-03-10 12:25 - 2015-02-02 20:12 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
    2015-03-10 12:25 - 2015-02-02 20:12 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
    2015-03-10 12:25 - 2015-02-02 20:12 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
    2015-03-10 12:25 - 2015-02-02 20:11 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
    2015-03-10 12:25 - 2015-02-02 20:11 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
    2015-03-10 12:25 - 2015-02-02 20:11 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
    2015-03-10 12:25 - 2015-02-02 20:09 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
    2015-03-10 12:25 - 2015-02-02 19:32 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
    2015-03-10 12:24 - 2015-02-12 22:26 - 12875264 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
    2015-03-10 12:24 - 2015-02-02 20:12 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\ubpm.dll
    2015-03-10 12:23 - 2015-02-03 19:54 - 00417792 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
    2015-03-10 12:23 - 2015-02-02 20:12 - 01230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
    2015-03-10 12:23 - 2015-01-30 16:56 - 00459336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
    2015-03-10 12:23 - 2015-01-16 19:30 - 00828928 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
    2015-03-07 13:10 - 2015-04-14 22:59 - 00000000 ____D () C:\Users\owner\Desktop\Vintage tubes
    2015-03-06 14:41 - 2015-03-06 14:41 - 00008123 _____ () C:\Users\owner\Documents\Grand Canyon Watershed National Monument proposable.txt
    2015-03-05 16:31 - 2015-03-05 16:31 - 00243424 _____ () C:\Users\owner\Downloads\Firefox Setup Stub 36.0.exe
    2015-03-02 15:37 - 2015-03-02 15:38 - 196619072 _____ (Kaspersky Lab) C:\Users\owner\Downloads\kis15.0.2.361en_7255.exe
    2015-02-28 13:01 - 2015-02-28 13:01 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\0A742D76.sys
    2015-02-28 12:39 - 2015-02-28 12:39 - 00001128 _____ () C:\Users\owner\Desktop\PNG MNG Construction Set 5.lnk
    2015-02-28 12:39 - 2015-02-28 12:39 - 00000000 ____D () C:\Users\owner\Documents\My MNG Animations
    2015-02-28 12:36 - 2015-02-28 12:36 - 20665856 _____ () C:\Users\owner\Downloads\PNG-MNGConstructionSet.msi
    2015-02-27 16:02 - 2015-03-02 15:49 - 00002242 _____ () C:\Users\owner\Desktop\Safe Money.lnk
    2015-02-27 16:01 - 2015-03-02 15:42 - 00002068 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
    2015-02-27 16:01 - 2015-03-02 15:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
    2015-02-27 14:58 - 2014-10-22 21:13 - 00245960 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klhk.sys
    2015-02-27 14:54 - 2015-02-27 14:55 - 195151168 _____ (Kaspersky Lab) C:\Users\owner\Downloads\kav15.0.2.361en_7202.exe
    2015-02-27 13:04 - 2015-02-27 13:04 - 00000000 ____D () C:\ProgramData\Trusteer
    2015-02-25 13:48 - 2015-01-08 16:44 - 00419936 _____ () C:\windows\SysWOW64\locale.nls
    2015-02-24 15:01 - 2015-02-24 15:01 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\02BF50C9.sys
    2015-02-21 14:16 - 2015-02-22 12:46 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\6D4E43D5.sys
    2015-02-13 16:40 - 2015-01-08 19:48 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdi.dll
    2015-02-11 16:00 - 2014-11-25 20:32 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
    2015-02-11 15:59 - 2014-12-07 19:46 - 00308224 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll
    2015-02-10 12:35 - 2015-02-10 12:35 - 13529600 _____ () C:\Users\owner\Downloads\PhotoFX1Plugin.msi
    2015-02-09 13:01 - 2015-02-09 13:01 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\627760F6.sys
    2015-02-05 12:01 - 2015-02-05 12:01 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\3E647A7E.sys
    2015-02-04 12:23 - 2015-02-04 12:23 - 00875688 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr120_clr0400.dll
    2015-02-04 08:36 - 2015-02-04 08:36 - 00001373 _____ () C:\Users\owner\Desktop\Screen Saver Construction Set.lnk
    2015-02-04 08:36 - 2015-02-04 08:36 - 00000000 ____D () C:\Users\owner\Documents\My Screen Savers
    2015-02-04 08:36 - 2015-02-04 08:36 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Screen Saver Construction Set
    2015-02-04 08:34 - 2015-02-04 08:36 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Alchemy Mindworks
    2015-02-01 18:24 - 2015-02-01 18:24 - 00000000 ____D () C:\Users\owner\AppData\Local\Skype
    2015-02-01 13:18 - 2015-02-01 13:18 - 10624000 _____ () C:\Users\owner\Downloads\Elements1Plugin.msi
    2015-02-01 12:59 - 2015-03-10 17:28 - 00001596 _____ () C:\Users\owner\Documents\Alchemy Mindworks Plugin Elements 1.txt
    2015-01-30 20:20 - 2015-01-30 20:20 - 19802112 _____ () C:\Users\owner\Downloads\GIFConstructionSet.msi
    2015-01-30 11:01 - 2015-01-30 11:01 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\3DFE77C6.sys
    2015-01-29 19:19 - 2015-04-18 11:36 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alchemy Mindworks
    2015-01-29 19:19 - 2015-04-11 12:42 - 00000000 ____D () C:\ProgramData\Alchemy Mindworks
    2015-01-26 18:55 - 2015-01-26 18:57 - 00000000 ____D () C:\Users\owner\AppData\Roaming\DivX
    2015-01-26 18:53 - 2015-01-26 20:57 - 00000000 ____D () C:\ProgramData\DivX
    2015-01-24 11:01 - 2015-01-24 11:01 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\571622F3.sys
    2015-01-22 11:36 - 2015-01-22 11:36 - 00561326 _____ () C:\Users\owner\VD Heart Sheet.pspimage

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-04-22 17:25 - 2013-10-27 14:43 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
    2015-04-22 17:06 - 2012-05-02 19:01 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
    2015-04-22 17:00 - 2012-01-18 17:05 - 00000908 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2095107414-2841986566-2177878057-1000UA.job
    2015-04-22 16:37 - 2015-03-10 15:24 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
    2015-04-22 16:10 - 2014-09-25 15:55 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
    2015-04-22 16:04 - 2013-06-05 18:52 - 01561914 _____ () C:\windows\WindowsUpdate.log
    2015-04-22 15:06 - 2012-01-18 17:05 - 00000856 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2095107414-2841986566-2177878057-1000Core.job
    2015-04-22 14:19 - 2011-08-30 10:22 - 00000000 ____D () C:\Users\owner\Desktop\Sharing folder
    2015-04-22 12:18 - 2011-04-12 02:24 - 00000000 ____D () C:\Users\owner\Documents\My PSP8 Files
    2015-04-22 12:16 - 2011-04-13 02:01 - 00000000 ____D () C:\Users\owner\AppData\Local\CrashDumps
    2015-04-22 11:36 - 2009-07-13 21:45 - 00019248 _____ () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-04-22 11:36 - 2009-07-13 21:45 - 00019248 _____ () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-04-22 11:28 - 2013-11-08 13:50 - 00000095 _____ () C:\Users\owner\.accessibility.properties
    2015-04-22 11:28 - 2011-04-11 13:34 - 00000000 ____D () C:\Users\owner
    2015-04-22 11:27 - 2015-03-05 16:35 - 00004842 _____ () C:\windows\setupact.log
    2015-04-22 11:27 - 2009-07-13 22:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
    2015-04-21 22:23 - 2015-01-11 17:12 - 00269323 _____ () C:\Users\owner\pspbrwse.jbf
    2015-04-19 01:23 - 2011-05-19 11:29 - 00002405 _____ () C:\Users\owner\Documents\Quotes and tidbits.txt
    2015-04-18 18:06 - 2011-05-19 19:08 - 00000000 ____D () C:\Users\owner\Documents\My PSP Files
    2015-04-18 18:06 - 2011-05-19 19:08 - 00000000 ____D () C:\Users\owner\AppData\Local\Corel
    2015-04-18 18:05 - 2014-03-23 18:11 - 00000952 ___SH () C:\ProgramData\KGyGaAvL.sys
    2015-04-17 15:31 - 2014-03-13 09:22 - 00369360 _____ () C:\Users\owner\AppData\Local\GDIPFONTCACHEV1.DAT
    2015-04-17 15:10 - 2009-07-13 21:45 - 01189568 _____ () C:\windows\system32\FNTCACHE.DAT
    2015-04-16 14:39 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\system32\NDF
    2015-04-14 17:03 - 2014-12-14 15:01 - 00000000 ____D () C:\windows\system32\appraiser
    2015-04-14 17:03 - 2014-05-10 13:42 - 00000000 ___SD () C:\windows\system32\CompatTel
    2015-04-14 17:03 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\PolicyDefinitions
    2015-04-14 16:55 - 2011-05-20 16:50 - 00759232 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
    2015-04-14 16:55 - 2009-07-13 22:13 - 00759232 _____ () C:\windows\system32\PerfStringBackup.INI
    2015-04-14 16:47 - 2013-08-14 10:51 - 00000000 ____D () C:\windows\system32\MRT
    2015-04-14 16:47 - 2011-04-11 16:21 - 128913832 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
    2015-04-14 16:06 - 2014-03-22 12:13 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
    2015-04-14 16:06 - 2012-05-02 19:00 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
    2015-04-14 16:06 - 2011-05-17 13:27 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
    2015-04-13 17:22 - 2014-06-22 19:18 - 00001011 _____ () C:\windows\SysWOW64\debug.log
    2015-04-13 16:25 - 2013-04-12 17:11 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
    2015-04-13 16:24 - 2010-12-28 17:49 - 00000000 ____D () C:\ProgramData\Adobe
    2015-04-13 09:59 - 2014-01-09 10:34 - 00151542 _____ () C:\windows\PFRO.log
    2015-04-11 12:47 - 2015-01-29 19:19 - 00000000 ____D () C:\Program Files (x86)\Alchemy Mindworks
    2015-04-08 11:51 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\rescache
    2015-04-08 11:05 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\tracing
    2015-04-03 13:00 - 2015-03-22 15:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2015-03-26 10:39 - 2014-12-13 18:21 - 00842440 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klif.sys
    2015-03-26 10:39 - 2014-08-19 12:31 - 00056008 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\kldisk.sys
    2015-03-24 14:12 - 2014-11-01 16:23 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
    2015-03-23 17:15 - 2014-09-25 15:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

    ==================== Files in the root of some directories =======

    2011-05-12 20:40 - 2010-11-16 12:49 - 0148195 _____ () C:\Program Files (x86)\Common Files\BookViewer.xap
    2015-01-08 20:36 - 2015-01-26 20:01 - 0015360 _____ () C:\Users\owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2014-03-23 18:11 - 2015-04-18 18:05 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys

    Files to move or delete:
    ====================
    C:\Users\owner\kis15.0.1.415en_es_pt_fr_de_it_ru_6887.exe


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

    ==================== BCD ================================

    Windows Boot Manager
    --------------------
    identifier {bootmgr}
    device partition=\Device\HarddiskVolume1
    description Windows Boot Manager
    locale en-US
    inherit {globalsettings}
    default {current}
    resumeobject {d367a9e7-4d8d-11e0-8afd-bb537bda85ef}
    displayorder {current}
    toolsdisplayorder {memdiag}
    timeout 30

    Windows Boot Loader
    -------------------
    identifier {current}
    device partition=C:
    path \windows\system32\winload.exe
    description Windows 7
    locale en-US
    inherit {bootloadersettings}
    recoverysequence {d367a9e9-4d8d-11e0-8afd-bb537bda85ef}
    recoveryenabled Yes
    osdevice partition=C:
    systemroot \windows
    resumeobject {d367a9e7-4d8d-11e0-8afd-bb537bda85ef}
    nx OptIn

    Windows Boot Loader
    -------------------
    identifier {d367a9e9-4d8d-11e0-8afd-bb537bda85ef}
    device ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{d367a9ea-4d8d-11e0-8afd-bb537bda85ef}
    path \windows\system32\winload.exe
    description Windows Recovery Environment
    inherit {bootloadersettings}
    osdevice ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{d367a9ea-4d8d-11e0-8afd-bb537bda85ef}
    systemroot \windows
    nx OptIn
    winpe Yes

    Resume from Hibernate
    ---------------------
    identifier {d367a9e7-4d8d-11e0-8afd-bb537bda85ef}
    device partition=C:
    path \windows\system32\winresume.exe
    description Windows Resume Application
    locale en-US
    inherit {resumeloadersettings}
    filedevice partition=C:
    filepath \hiberfil.sys
    debugoptionenabled No

    Windows Memory Tester
    ---------------------
    identifier {memdiag}
    device partition=\Device\HarddiskVolume1
    path \boot\memtest.exe
    description Windows Memory Diagnostic
    locale en-US
    inherit {globalsettings}
    badmemoryaccess Yes

    EMS Settings
    ------------
    identifier {emssettings}
    bootems Yes

    Debugger Settings
    -----------------
    identifier {dbgsettings}
    debugtype Serial
    debugport 1
    baudrate 115200

    RAM Defects
    -----------
    identifier {badmemory}

    Global Settings
    ---------------
    identifier {globalsettings}
    inherit {dbgsettings}
    {emssettings}
    {badmemory}

    Boot Loader Settings
    --------------------
    identifier {bootloadersettings}
    inherit {globalsettings}
    {hypervisorsettings}

    Hypervisor Settings
    -------------------
    identifier {hypervisorsettings}
    hypervisordebugtype Serial
    hypervisordebugport 1
    hypervisorbaudrate 115200

    Resume Loader Settings
    ----------------------
    identifier {resumeloadersettings}
    inherit {globalsettings}

    Device options
    --------------
    identifier {d367a9ea-4d8d-11e0-8afd-bb537bda85ef}
    description Ramdisk Options
    ramdisksdidevice partition=\Device\HarddiskVolume1
    ramdisksdipath \Recovery\WindowsRE\boot.sdi
     
  8. lushy

    lushy TS Rookie Topic Starter Posts: 86

    LastRegBack: 2015-04-08 11:36

    ==================== End Of Log ============================

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-04-2015 01
    Ran by owner at 2015-04-22 17:27:00
    Running from C:\Users\owner\Downloads\Downloads
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
    AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
    8600_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
    8600_Readme (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
    Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
    Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
    Akamai NetSession Interface (HKU\S-1-5-21-2095107414-2841986566-2177878057-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
    Animation Plugin 3D Effects 1 (HKLM-x32\...\{00DD8CC0-1871-464E-9757-8EFF812AAF88}) (Version: 5.0.0.1 - Alchemy Mindworks)
    Animation Plugin Elements 1 (HKLM-x32\...\{21957F52-D22A-4C09-A612-018662CA1FCB}) (Version: 5.0.0.1 - Alchemy Mindworks)
    Animation Plugin Photo Effects 1 (HKLM-x32\...\{9A50F16A-5B26-4D33-8176-4D1A7A486BC5}) (Version: 5.0.2.0 - Alchemy Mindworks)
    Animation Workshop 5 (HKLM-x32\...\{88F84CCE-9FC3-4738-B9E5-13971A54AEBD}) (Version: 5.0.5.0 - Alchemy Mindworks)
    Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    BPDSoftware (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
    BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
    ContentHD (x32 Version: 1.00.0002 - Corel Corporation) Hidden
    Contents (x32 Version: 1.6.1.258 - Corel Corporation) Hidden
    Corel KPT Collection (HKLM-x32\...\_{9C9078D1-FA30-4E1B-A194-983A4898F848}) (Version: - Corel Corporation)
    Corel KPT Collection (x32 Version: 1.00.0000 - Corel Corporation) Hidden
    Corel Painter Essentials 4 (HKLM-x32\...\_{53A908D4-99C6-469B-BC13-F4189F260742}) (Version: - Corel Corporation)
    Corel Painter Essentials 4 (x32 Version: 4.2 - Corel Corporation) Hidden
    Corel PaintShop Photo Pro X3 (HKLM-x32\...\_{DEAEB5DB-04FA-489D-94EF-8600898B93EE}) (Version: 1.6.1.263 - Corel Corporation)
    Corel PaintShop Photo Pro X3 (x32 Version: 1.00.0000 - Corel Corporation) Hidden
    Corel PaintShop Photo Project Creator (HKLM-x32\...\_{DFAEB5DB-04FA-489D-94EF-8600898B93EE}) (Version: 1.6.1.258 - Corel Corporation)
    Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.6.430 - Corel Inc.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    DeviceIO (x32 Version: 1.6.1.258 - Corel Corporation) Hidden
    Font Wrangler 5 (HKLM-x32\...\{292B1963-90A4-4165-B40B-53241813CB5D}) (Version: 5.0.3.0 - Alchemy Mindworks)
    GIF Construction Set Professional 5 (HKLM-x32\...\{56040A87-521B-4046-8ACD-CB0060A7EEC2}) (Version: 5.0.7.0 - Alchemy Mindworks)
    GIF Construction Set Tutorial (HKLM-x32\...\{6F0B4E5E-678B-4545-93DD-DD1C184538FD}) (Version: 5.0.0.1 - Alchemy Mindworks)
    Google Chrome (HKU\S-1-5-21-2095107414-2841986566-2177878057-1000\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.)
    Hewlett-Packard ACLM.NET v1.1.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
    HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
    HP Officejet Pro 8600 Basic Device Software (HKLM\...\{C51B24BD-9CF9-4170-8DB2-457002F68A65}) (Version: 24.0.342.0 - Hewlett-Packard Co.)
    HP Officejet Pro 8600 Help (HKLM-x32\...\{10173615-D9A7-4C50-A036-38CA89221708}) (Version: 140.0.2.2 - Hewlett Packard)
    HP Officejet Pro K8600 (HKLM\...\{1B06283F-BB48-48D5-A303-9834D9ADD485}) (Version: 13.0 - HP)
    HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
    HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
    HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
    I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
     
  9. lushy

    lushy TS Rookie Topic Starter Posts: 86

    ICA (x32 Version: 1.6.1.258 - Corel Corporation) Hidden
    ICA (x32 Version: 1.6.1.263 - Corel Corporation) Hidden
    iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
    Intel WiMAX Tutorial (HKLM\...\{4F26C164-9373-4974-8F43-E0F2176AF937}) (Version: 1.5.3.1 - Intel Corporation)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2509 - Intel Corporation)
    Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{4327107B-E95E-415C-9194-458FCED6BF12}) (Version: 13.03.0000 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
    Intel(R) Wireless Display (HKLM-x32\...\{B3926E82-9294-4D22-A8FF-9B3EA8F16840}) (Version: 1.3.9.7 - Intel Corporation)
    IntelĀ® PROSet/Wireless WiMAX Software (HKLM\...\{5F588B19-C575-4750-86FD-6ED2B76E61F1}) (Version: 7.00.0000 - Intel Corporation)
    IntelĀ® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
    Internet TV for Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
    IPM_PSP_CL (x32 Version: 1.00.0000 - Your Company Name) Hidden
    IPM_PSP_COM (x32 Version: 1.00.0000 - Your Company Name) Hidden
    IPM_PSP_PRJ (x32 Version: 1.00.0000 - Your Company Name) Hidden
    iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
    Jasc Paint Shop Pro 8 (HKLM-x32\...\{81A34902-9D0B-4920-A25C-4CDC5D14B328}) (Version: 8.00.0000 - Jasc Software Inc)
    Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
    Java(TM) 6 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
    JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.68.0 - JMicron Technology Corp.)
    Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    K8600_Basic (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
    Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{02FECEE0-16B2-43DB-BC3B-C844477FC142}) (Version: 15.0.2.361 - Kaspersky Lab)
    Kaspersky Internet Security (x32 Version: 15.0.2.361 - Kaspersky Lab) Hidden
    Label@Once 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)
    Magic Bullet PhotoLooks for PaintShop Photo Pro (HKLM-x32\...\InstallShield_{004C349C-DC75-4F6F-9B8D-61E37DC323B6}) (Version: 1.1 - Red Giant Software)
    Magic Bullet PhotoLooks for PaintShop Photo Pro (x32 Version: 1.1 - Red Giant Software) Hidden
    Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
    Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
    Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    MLE (x32 Version: 1.0.0.23 - Corel Corporation) Hidden
    Mozilla Firefox 37.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 en-US)) (Version: 37.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    Network64 (Version: 130.0.579.000 - Hewlett-Packard) Hidden
    Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
    PaintShop Photo Pro X3 Registration Incentive (x32 Version: 1.00.0000 - Corel Corporation) Hidden
    PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
    PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
    PNG MNG Construction Set 5 (HKLM-x32\...\{45D584C7-BF63-4CA5-A3A3-FECC56D50FA1}) (Version: 5.0.5.0 - Alchemy Mindworks)
    PSPH10Pro (x32 Version: 1.00.0000 - Corel Corporation) Hidden
     
  10. lushy

    lushy TS Rookie Topic Starter Posts: 86

    PSPPContent (x32 Version: 1.00.0000 - Corel Corporation) Hidden
    PSPPRO_DCRAW (x32 Version: 13.0.0 - Corel Corporation) Hidden
    PureHD (x32 Version: 1.6.1.258 - Corel Corporation) Hidden
    QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.34.1130.2010 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7161 - Realtek Semiconductor Corp.)
    Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.28.0 - Renesas Electronics Corporation)
    Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.28.0 - Renesas Electronics Corporation) Hidden
    Setup (x32 Version: 1.6.1.258 - Corel Corporation) Hidden
    Setup (x32 Version: 1.6.1.263 - Corel Corporation) Hidden
    Share (x32 Version: 1.6.1.258 - Corel Corporation) Hidden
    Share64 (Version: 1.6.1.258 - Corel Corporation) Hidden
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.5.1012 - SUPERAntiSpyware.com)
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.12.0 - Synaptics Incorporated)
    Synei System Utilities (HKLM-x32\...\{BFDC3B26-7DB0-43D3-BC84-7E9649C157EA}_is1) (Version: 1.16 - Synei)
    Techliveconnect - Give Your PC Some TLC (HKLM-x32\...\{4815BBAB-F89B-4725-BB3A-DEEF2862D231}) (Version: 1.00 - Techliveconnect)
    Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
    Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
    TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.1 - TOSHIBA)
    TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.01.00 - TOSHIBA CORPORATION)
    TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{229C190B-7690-40B7-8680-42530179F3E9}) (Version: 2.0.10.64 - TOSHIBA Corporation)
    TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.4 for x64 - TOSHIBA Corporation)
    TOSHIBA eco Utility (HKLM-x32\...\InstallShield_{F1487CE7-F221-4391-B0EE-7009A668ED2B}) (Version: 1.3.3.64V - TOSHIBA Corporation)
    TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.3.64 - TOSHIBA Corporation)
    TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.1.3C - TOSHIBA CORPORATION)
    TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.0.32C - TOSHIBA CORPORATION)
    TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.2.0.8 - TOSHIBA Corporation)
    TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation)
    TOSHIBA Media Controller (HKLM-x32\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.85.4 - TOSHIBA CORPORATION)
    TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.8.0 - TOSHIBA CORPORATION)
    TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.7.3.64 - TOSHIBA Corporation)
    TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.3 - TOSHIBA)
    TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.5 for x64 - TOSHIBA Corporation)
    TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.16.64 - TOSHIBA Corporation)
    TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.9 - TOSHIBA)
    TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.1.6 - TOSHIBA Corporation)
    TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.51.2C - TOSHIBA CORPORATION)
    TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.23.64 - TOSHIBA Corporation)
    TOSHIBA VIDEO PLAYER (HKLM-x32\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 4.00.5.07-A - TOSHIBA Corporation)
    TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 1.1.5.7 - TOSHIBA Corporation)
    ToshibaRegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.4 - Toshiba)
    Utility Common Driver (x32 Version: 1.0.52.1C - TOSHIBA) Hidden
    VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
    VIO (x32 Version: 1.6.1.258 - Corel Corporation) Hidden
    WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
    Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
    Windows Media Center Add-in for Flash (HKLM-x32\...\{E2D09AC2-4153-4817-AAEB-24F92A8BCE88}) (Version: 4.1.2.0 - Microsoft Corporation)
    Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - )
    WinRAR 4.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
    Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
    Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


    ==================== Restore Points =========================

    10-04-2015 15:32:56 Windows Update
    11-04-2015 12:41:42 Installed Graphic Workshop Professional 5
    11-04-2015 12:46:52 Removed Graphic Workshop Professional 5
    14-04-2015 14:52:26 Windows Update
    14-04-2015 16:39:44 Windows Update
    18-04-2015 11:35:20 Installed GIF Construction Set Professional 5
    21-04-2015 14:45:10 Windows Update

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 19:34 - 2014-03-22 11:23 - 00000855 ____A C:\windows\system32\Drivers\etc\hosts
    127.0.0.1 localhost

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {040AEAA4-DFD0-4907-B4CB-DBB43129213C} - \Microsoft_Hardware_Launch_itype_exe No Task File <==== ATTENTION
    Task: {04585263-32DF-42EC-A451-BD5B5D84FB86} - System32\Tasks\ParetoLogic Update Version3_triggeronce => c:\program files (x86)\common files\paretologic\uus3\Pareto_Update3.exe
    Task: {109AB57B-B068-41E3-A977-9AAAAE73174D} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
    Task: {14C700D6-50D6-4AAB-8424-06596927A950} - System32\Tasks\{67EC9CAF-173D-4862-9CC0-0691C0E2E21E} => pcalua.exe -a C:\Users\owner\Downloads\Mipony-Installer(3).exe -d C:\Users\owner\Downloads
    Task: {15AC1135-2B84-4A0D-9617-53B034E5BC31} - System32\Tasks\{CA4FAB1D-C300-4B61-A538-F2429ECF9BB8} => pcalua.exe -a C:\Users\owner\Downloads\psp810iep.exe -d C:\Users\owner\Downloads
    Task: {1861FC06-43C5-4467-9951-1CDA88AB665E} - \Apple\AppleSoftwareUpdate No Task File <==== ATTENTION
    Task: {277B2B67-F356-41B1-8F2A-0B1A54D2D0FA} - \Microsoft_Hardware_Launch_ipoint_exe No Task File <==== ATTENTION
    Task: {2BD9FB6B-0FE7-48C9-8AAA-3BDFFEF0541E} - System32\Tasks\{8688515C-7B74-4B81-9B7C-DF989695809C} => pcalua.exe -a C:\Users\owner\Downloads\abrViewer.Net_1.0.2_Install.exe -d C:\Users\owner\Downloads
    Task: {2C91B2C0-0AAD-4B22-A671-D27BF3FF47BC} - System32\Tasks\{A8358A08-F950-45EB-AC8F-3793B96E189A} => pcalua.exe -a C:\Users\owner\Downloads\yahoo_firefox_8.0_setup_us.exe -d "C:\Program Files (x86)\Mozilla Firefox"
    Task: {46BCCC83-A780-4FD3-AD30-FF452E390831} - System32\Tasks\{D81694D5-F1E9-4087-8691-9C0278B5D5E0} => pcalua.exe -a "C:\Users\owner\Documents\program to view psd files\Vista previa.exe" -d "C:\Users\owner\Documents\program to view psd files"
    Task: {4A9D5219-EA79-42EE-B3CB-9265F6AC7549} - \GoogleUpdateTaskUserS-1-5-21-2095107414-2841986566-2177878057-1000UA No Task File <==== ATTENTION
    Task: {518F1B6C-7316-4D9E-A5A3-D7A4E25C754C} - System32\Tasks\SUPERAntiSpyware Scheduled Task 70c72f10-ae51-4b33-9831-ce4128b5386b => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2011-05-04] (SUPERAdBlocker.com)
    Task: {5D25442F-7C0B-4F4F-AA89-3A48EA49B298} - \GoogleUpdateTaskUserS-1-5-21-2095107414-2841986566-2177878057-1000Core No Task File <==== ATTENTION
    Task: {6244D7B8-DFD8-4B75-BC44-81DE79023B04} - System32\Tasks\SUPERAntiSpyware Scheduled Task e8cb2094-8d83-4bb2-a5df-352dff43669b => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2011-05-04] (SUPERAdBlocker.com)
    Task: {6EF8E817-91E7-44FE-8A0C-D22ACE3D19DB} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
    Task: {75A95891-1A27-41A7-BED4-EE0102CEECE1} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
    Task: {78A5AA5E-98B3-433E-A78B-792B638A28E4} - \Wise Turbo Checker No Task File <==== ATTENTION
    Task: {7A01F688-AE9C-4AE3-90A9-8488A954DB32} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
    Task: {7E803966-E9E2-4C41-BC1F-5D767050F873} - \{E8EF6BCC-88B4-42AF-A83A-F57C942F6973} No Task File <==== ATTENTION
    Task: {84E20813-D961-4BFA-8A86-3BF6F6D8400F} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
    Task: {8D047C2C-B847-4CC3-9B8B-83BF66037414} - \{D7320A07-4E25-45A6-8E33-942A8A06D9A9} No Task File <==== ATTENTION
    Task: {8E814D9D-1E47-4954-A729-0A18029C03FD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
    Task: {A42AFDFD-1BD4-40C0-AFAE-B81647AE854B} - System32\Tasks\{CFB46343-8787-4616-A903-5EAFB9DBE7F6} => pcalua.exe -a "C:\Program Files (x86)\Photodex Presenter\remove.exe"
    Task: {A6706692-CB06-49B9-9569-6C8D3A5BB400} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
    Task: {B0F98BED-BACC-4F51-8F21-F8DE4FFA6DDD} - \Microsoft_Hardware_Launch_devicecenter_exe No Task File <==== ATTENTION
    Task: {B53A6561-320B-4AB4-9279-197856015834} - \{622DC379-CC1E-43FA-BFF5-C2D4FB118129} No Task File <==== ATTENTION
    Task: {C1615859-EA59-49D5-B770-B9070E0F9909} - \{AB886CC1-E121-4CE4-AD7C-D5982DD25C45} No Task File <==== ATTENTION
    Task: {C65655D3-3533-49FE-BE40-108D1719B1D8} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
    Task: {D6D1BC3C-4924-4C34-B970-68E40C7FD16A} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
    Task: {DCF5E587-463B-420D-BB85-C48EAF0EB697} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
    Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2095107414-2841986566-2177878057-1000Core.job => C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2095107414-2841986566-2177878057-1000UA.job => C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\ParetoLogic Update Version3_triggeronce.job => c:\program files (x86)\common files\paretologic\uus3\Pareto_Update3.exe
    Task: C:\windows\Tasks\SUPERAntiSpyware Scheduled Task 70c72f10-ae51-4b33-9831-ce4128b5386b.job => C:\Program Files\SUPERAntiSpyware\SASTask.exexC:\Program Files\SUPERAntiSpyware\2b7218b0-a281-40a0-a314-04bfe2f764c2.com
    Task: C:\windows\Tasks\SUPERAntiSpyware Scheduled Task e8cb2094-8d83-4bb2-a5df-352dff43669b.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

    ==================== Loaded Modules (whitelisted) ==============

    2010-07-19 16:48 - 2010-07-19 16:48 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
    2014-03-24 18:20 - 2011-03-02 12:40 - 00164864 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
    2011-10-16 22:42 - 2011-08-04 15:06 - 00139264 _____ () C:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\PSPContextMenu64.dll
    2011-01-27 08:11 - 2011-01-27 08:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
    2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2014-12-23 16:54 - 2014-12-23 16:54 - 01272616 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\kpcengine.2.3.dll
    2013-10-23 15:37 - 1999-12-31 17:00 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
    2014-12-23 16:54 - 2014-12-23 16:54 - 00338216 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\online_banking@kaspersky.com\nponlinebanking.dll
    2014-12-23 16:54 - 2014-12-23 16:54 - 00502056 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll
    2014-12-23 16:54 - 2014-12-23 16:54 - 00608040 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\virtual_keyboard@kaspersky.com\npvkplugin.dll
    2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
    2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
     
  11. lushy

    lushy TS Rookie Topic Starter Posts: 86

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"

    ==================== EXE Association (whitelisted) ===============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, the associated entry will be removed from the registry.)


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-2095107414-2841986566-2177878057-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\owner\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 68.105.28.11 - 68.105.29.11

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)

    MSCONFIG\Services: MBAMScheduler => 2
    MSCONFIG\Services: MBAMService => 2

    ==================== Accounts: =============================

    Administrator (S-1-5-21-2095107414-2841986566-2177878057-500 - Administrator - Disabled)
    Guest (S-1-5-21-2095107414-2841986566-2177878057-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-2095107414-2841986566-2177878057-1002 - Limited - Enabled)
    owner (S-1-5-21-2095107414-2841986566-2177878057-1000 - Administrator - Enabled) => C:\Users\owner

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (04/22/2015 03:00:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 7036

    Error: (04/22/2015 03:00:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 7036

    Error: (04/22/2015 03:00:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (04/22/2015 03:00:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 6037

    Error: (04/22/2015 03:00:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 6037

    Error: (04/22/2015 03:00:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (04/22/2015 03:00:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 5023

    Error: (04/22/2015 03:00:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 5023

    Error: (04/22/2015 03:00:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (04/22/2015 02:59:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 4025


    System errors:
    =============
    Error: (04/22/2015 05:18:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

    Error: (04/22/2015 05:08:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

    Error: (04/22/2015 04:58:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

    Error: (04/22/2015 04:48:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

    Error: (04/22/2015 04:38:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

    Error: (04/22/2015 04:28:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

    Error: (04/22/2015 04:18:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

    Error: (04/22/2015 04:08:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

    Error: (04/22/2015 03:58:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

    Error: (04/22/2015 03:48:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)


    Microsoft Office Sessions:
    =========================
    Error: (04/22/2015 03:00:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 7036

    Error: (04/22/2015 03:00:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 7036

    Error: (04/22/2015 03:00:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (04/22/2015 03:00:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 6037

    Error: (04/22/2015 03:00:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 6037

    Error: (04/22/2015 03:00:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (04/22/2015 03:00:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 5023

    Error: (04/22/2015 03:00:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 5023

    Error: (04/22/2015 03:00:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (04/22/2015 02:59:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 4025


    CodeIntegrity Errors:
    ===================================
    Date: 2015-03-02 15:41:24.265
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2015-03-02 15:41:24.265
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2015-03-02 15:41:21.207
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
     
  12. lushy

    lushy TS Rookie Topic Starter Posts: 86

    Thank Goodness I did not have
    to try and say all that.
    Again, My apologies if I
    messed up.
    If so please tell me so I don't do it again.
    lushy :)
     
  13. Broni

    Broni Malware Annihilator Posts: 52,890   +344

    Welcome aboard [​IMG]

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    ==========================

    Both logs are incomplete.
    Make sure you post complete logs.
     
  14. lushy

    lushy TS Rookie Topic Starter Posts: 86

    Hi Broni,
    Thanks so much for responding. Is it possible to up load the reports again with the upload a file button? I will try again to do the reports again tomorrow, but, I will look for your response before hand. I really want to do this as instructed.
    Again thanks for the reply :),
    lushy
     
  15. lushy

    lushy TS Rookie Topic Starter Posts: 86

    Broni, Not running any tools? Would you please explain what tools you are speaking of? That would be helpful.
    Thanks,
    lushy
     
  16. Broni

    Broni Malware Annihilator Posts: 52,890   +344

    Do not run any programs other than those I suggest.
    All logs have to be pasted. No exception.
     
  17. lushy

    lushy TS Rookie Topic Starter Posts: 86

    I understand Broni,
    If you will allow me about about 4 days I will get the files pasted to the thread.
    I might be able to do it tomorrow,but I am handicapped and have several appointments next week. Thanks again for the help.
     
  18. Broni

    Broni Malware Annihilator Posts: 52,890   +344

    No problem :)
     
  19. lushy

    lushy TS Rookie Topic Starter Posts: 86

    Wonderful, I so appreciate it !
    :)
     
  20. lushy

    lushy TS Rookie Topic Starter Posts: 86

    Hi Broni,
    I sure hope this is all the info required. Please advise if these are not the correct ones. Thanks again, lushy

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-04-2015
    Ran by owner (administrator) on OWNER-PC on 26-04-2015 14:01:49
    Running from C:\Users\owner\Desktop
    Loaded Profiles: owner (Available profiles: owner)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (All) =========================
    (Microsoft Corporation) C:\Windows\System32\smss.exe
    (Microsoft Corporation) C:\Windows\System32\csrss.exe
    (Microsoft Corporation) C:\Windows\System32\wininit.exe
    (Microsoft Corporation) C:\Windows\System32\csrss.exe
    (Microsoft Corporation) C:\Windows\System32\services.exe
    (Microsoft Corporation) C:\Windows\System32\lsass.exe
    (Microsoft Corporation) C:\Windows\System32\lsm.exe
    (Microsoft Corporation) C:\Windows\System32\winlogon.exe
    (Microsoft Corporation) C:\Windows\System32\svchost.exe
    (Microsoft Corporation) C:\Windows\System32\svchost.exe
    (Microsoft Corporation) C:\Windows\System32\svchost.exe
    (Microsoft Corporation) C:\Windows\System32\svchost.exe
    (Microsoft Corporation) C:\Windows\System32\svchost.exe
    (Microsoft Corporation) C:\Windows\System32\svchost.exe
    (Microsoft Corporation) C:\Windows\System32\svchost.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Microsoft Corporation) C:\Windows\System32\svchost.exe
    (Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (Microsoft Corporation) C:\Windows\System32\conhost.exe
    (Microsoft Corporation) C:\Windows\System32\spoolsv.exe
    (Microsoft Corporation) C:\Windows\System32\svchost.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Microsoft Corporation) C:\Windows\System32\svchost.exe
    (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
    (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
    (Microsoft Corporation) C:\Windows\System32\svchost.exe
    (Microsoft Corporation) C:\Windows\System32\svchost.exe
    (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
    (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    (Microsoft Corporation) C:\Windows\System32\svchost.exe
    (TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
    (TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
    (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
    (Intel(R) Corporation) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
    (Red Bend Ltd.) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
    (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
    (Microsoft Corporation) C:\Windows\System32\wbem\WmiPrvSE.exe
    (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
    (Microsoft Corporation) C:\Windows\System32\svchost.exe
    (Microsoft Corporation) C:\Windows\System32\taskhost.exe
    (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avpui.exe
    (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
    (Microsoft Corporation) C:\Windows\explorer.exe
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (Microsoft Corporation) C:\Windows\System32\dwm.exe
    (Microsoft Corporation) C:\Windows\System32\taskeng.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (Microsoft Corporation) C:\Windows\System32\svchost.exe
    (Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnetwk.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Windows\System32\svchost.exe
    (InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Microsoft Corporation) C:\Windows\System32\svchost.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    (Microsoft Corporation) C:\Windows\System32\svchost.exe
    (Microsoft Corporation) C:\Windows\System32\WUDFHost.exe
    (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    (Microsoft Corporation) C:\Windows\explorer.exe
    (Jasc Software, Inc.) C:\Program Files (x86)\Jasc Software Inc\Paint Shop Pro 8\Paint Shop Pro.exe
    (Farbar) C:\Users\owner\Desktop\FRST64.exe
    (Microsoft Corporation) C:\Windows\System32\svchost.exe
    (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
    (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
    (Microsoft Corporation) C:\Windows\System32\notepad.exe
    (Microsoft Corporation) C:\Windows\System32\notepad.exe
    (Microsoft Corporation) C:\Windows\System32\notepad.exe
    (Microsoft Corporation) C:\Windows\System32\taskhost.exe

    ==================== Registry (All) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2107176 2010-03-11] (Synaptics Incorporated)
    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-03-22] (Realtek Semiconductor)
    HKLM\...\Run: [IgfxTray] => C:\windows\system32\igfxtray.exe [172016 2014-03-22] (Intel Corporation)
    HKLM\...\Run: [HotKeysCmds] => C:\windows\system32\hkcmd.exe [399856 2014-03-22] (Intel Corporation)
    HKLM\...\Run: [Persistence] => C:\windows\system32\igfxpers.exe [442352 2014-03-22] (Intel Corporation)
    HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
    HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
    HKLM\...\Winlogon: [Userinit] C:\windows\system32\userinit.exe, [30720 2010-11-20] (Microsoft Corporation)
    HKLM-x32\...\Winlogon: [Userinit] C:\Windows\sysWOW64\userinit.exe [26624 2010-11-20] (Microsoft Corporation)
    HKLM\...\Winlogon: [Shell] Explorer.exe [2871808 2011-02-24] (Microsoft Corporation)
    HKLM-x32\...\Winlogon: [Shell] explorer.exe [2616320 2011-02-24] (Microsoft Corporation)
    Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
    HKLM\...\Policies\Explorer: [NoDrives] 0
    HKLM\...\Policies\Explorer: [NoDriveTypeAutoRun] 60
    HKU\S-1-5-21-2095107414-2841986566-2177878057-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\2b7218b0-a281-40a0-a314-04bfe2f764c2.com
    HKU\S-1-5-21-2095107414-2841986566-2177878057-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 145
    HKU\S-1-5-21-2095107414-2841986566-2177878057-1000\...\Policies\Explorer: [NoDrives] 0
    HKU\S-1-5-21-2095107414-2841986566-2177878057-1000\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
    HKU\S-1-5-21-2095107414-2841986566-2177878057-1000\...\Policies\Explorer: [ClearRecentDocsOnExit] 1
    Lsa: [Authentication Packages] msv1_0
    Lsa: [Notification Packages] scecli
    SecurityProviders: credssp.dll
    Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\UpToDate.lnk [2015-01-29]
    ShortcutTarget: UpToDate.lnk -> C:\Program Files (x86)\Alchemy Mindworks\UpToDate\uptodate.exe ()
    ShellIconOverlayIdentifiers: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Windows\system32\EhStorShell.dll [2009-07-13] (Microsoft Corporation)
    ShellIconOverlayIdentifiers: [SharingPrivate] -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} => C:\Windows\system32\ntshrui.dll [2012-01-04] (Microsoft Corporation)
    ShellIconOverlayIdentifiers-x32: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Windows\SysWOW64\EhStorShell.dll [2009-07-13] (Microsoft Corporation)
    ShellIconOverlayIdentifiers-x32: [SharingPrivate] -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} => C:\Windows\SysWOW64\ntshrui.dll [2012-01-04] (Microsoft Corporation)
    BootExecute: autocheck autochk *
    AlternateShell: cmd.exe
     
  21. lushy

    lushy TS Rookie Topic Starter Posts: 86

    ==================== Internet (All) ===========================

    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKU\S-1-5-21-2095107414-2841986566-2177878057-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = C:\windows\SYSTEM32\blank.htm
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
    HKU\S-1-5-21-2095107414-2841986566-2177878057-1000\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
    HKU\S-1-5-21-2095107414-2841986566-2177878057-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\S-1-5-21-2095107414-2841986566-2177878057-1000\Software\Microsoft\Internet Explorer\Main,Start Page = Google.com
    URLSearchHook: HKU\S-1-5-21-2095107414-2841986566-2177878057-1000 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
    URLSearchHook: HKU\S-1-5-21-2095107414-2841986566-2177878057-1000 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://us.yhs4.search.yahoo.com/yhs...D&cr=289238440&a=wny_dnldstr_15_14&os=Windows 7 Home Premium&p={searchTerms}
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://us.yhs4.search.yahoo.com/yhs...D&cr=289238440&a=wny_dnldstr_15_14&os=Windows 7 Home Premium&p={searchTerms}
    SearchScopes: HKLM -> {8CDE19E6-71C2-4B46-89B7-35F6A18C571A} URL = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    SearchScopes: HKLM -> {EECAE40C-15F1-454A-AFD5-D1640B86E434} URL = http://www.google.com/search?source...nputEncoding}&oe={outputEncoding}&rlz=1I7TSNF
    SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    SearchScopes: HKLM-x32 -> {9587D1B1-61A8-4FCF-A9E3-276286D475ED} URL = http://www.google.com/search?source...nputEncoding}&oe={outputEncoding}&rlz=1I7TSNF
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-2095107414-2841986566-2177878057-1000 -> DefaultScope {EECAE40C-15F1-454A-AFD5-D1640B86E434} URL = http://www.google.com/search?source...nputEncoding}&oe={outputEncoding}&rlz=1I7TSNF
    SearchScopes: HKU\S-1-5-21-2095107414-2841986566-2177878057-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://us.yhs4.search.yahoo.com/yhs...D&cr=289238440&a=wny_dnldstr_15_14&os=Windows 7 Home Premium&p={searchTerms}
    SearchScopes: HKU\S-1-5-21-2095107414-2841986566-2177878057-1000 -> {8CDE19E6-71C2-4B46-89B7-35F6A18C571A} URL = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
    SearchScopes: HKU\S-1-5-21-2095107414-2841986566-2177878057-1000 -> {EECAE40C-15F1-454A-AFD5-D1640B86E434} URL = http://www.google.com/search?source...nputEncoding}&oe={outputEncoding}&rlz=1I7TSNF
    BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
    BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
    BHO: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
    BHO: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll [2012-08-24] (TOSHIBA Corporation)
    BHO-x32: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-29] (Oracle Corporation)
    BHO-x32: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
    BHO-x32: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-29] (Oracle Corporation)
    DPF: HKLM-x32 {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    DPF: HKLM-x32 {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    DPF: HKLM-x32 {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2015-03-12] (Microsoft Corporation)
    Handler-x32: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2015-03-12] (Microsoft Corporation)
    Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\system32\urlmon.dll [2015-03-12] (Microsoft Corporation)
    Handler-x32: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\windows\syswow64\urlmon.dll [2015-03-12] (Microsoft Corporation)
    Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll [2010-11-20] (Microsoft Corporation)
    Handler-x32: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll [2010-11-20] (Microsoft Corporation)
    Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll [2015-03-12] (Microsoft Corporation)
    Handler-x32: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\windows\syswow64\urlmon.dll [2015-03-12] (Microsoft Corporation)
    Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll [2015-03-12] (Microsoft Corporation)
    Handler-x32: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\windows\syswow64\urlmon.dll [2015-03-12] (Microsoft Corporation)
    Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll [2015-03-12] (Microsoft Corporation)
    Handler-x32: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\windows\syswow64\urlmon.dll [2015-03-12] (Microsoft Corporation)
    Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll [2015-03-12] (Microsoft Corporation)
    Handler-x32: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\windows\syswow64\urlmon.dll [2015-03-12] (Microsoft Corporation)
    Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll [2009-07-13] (Microsoft Corporation)
    Handler-x32: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll [2009-07-13] (Microsoft Corporation)
    Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2015-03-12] (Microsoft Corporation)
    Handler-x32: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2015-03-12] (Microsoft Corporation)
    Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll [2011-05-13] (Microsoft Corporation)
    Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll [2015-03-12] (Microsoft Corporation)
    Handler-x32: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\windows\syswow64\urlmon.dll [2015-03-12] (Microsoft Corporation)
    Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2015-03-12] (Microsoft Corporation)
    Handler-x32: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2015-03-12] (Microsoft Corporation)
    Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll [2011-05-02] (Microsoft Corporation)
    Handler-x32: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll [2011-05-02] (Microsoft Corporation)
    Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll [2015-03-12] (Microsoft Corporation)
    Handler-x32: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\windows\syswow64\urlmon.dll [2015-03-12] (Microsoft Corporation)
    Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll [2009-07-13] (Microsoft Corporation)
    Handler-x32: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll [2009-07-13] (Microsoft Corporation)
    Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll [2011-05-13] (Microsoft Corporation)
    Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2015-03-12] (Microsoft Corporation)
    Handler-x32: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2015-03-12] (Microsoft Corporation)
    Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll [2010-11-20] (Microsoft Corporation)
    Handler-x32: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\msvidctl.dll [2010-11-20] (Microsoft Corporation)
    Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2015-03-12] (Microsoft Corporation)
    Handler-x32: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2015-03-12] (Microsoft Corporation)
    Handler-x32: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll [2011-05-13] (Microsoft Corporation)
    Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
    Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation)
    Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
    Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation)
    Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
    Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation)
    Winsock: Catalog5 01 C:\windows\SysWOW64\NLAapi.dll [52224 2015-01-19] (Microsoft Corporation)
    Winsock: Catalog5 02 C:\windows\SysWOW64\napinsp.dll [52224 2009-07-13] (Microsoft Corporation)
    Winsock: Catalog5 03 C:\windows\SysWOW64\pnrpnsp.dll [65024 2009-07-13] (Microsoft Corporation)
    Winsock: Catalog5 04 C:\windows\SysWOW64\pnrpnsp.dll [65024 2009-07-13] (Microsoft Corporation)
    Winsock: Catalog5 05 C:\windows\SysWOW64\mswsock.dll [231424 2013-10-08] (Microsoft Corporation)
    Winsock: Catalog5 06 C:\windows\SysWOW64\winrnr.dll [20992 2009-07-13] (Microsoft Corporation)
    Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corp.)
    Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corp.)
    Winsock: Catalog5 09 C:\windows\SysWOW64\wshbth.dll [36352 2011-04-11] (Microsoft Corporation)
    Winsock: Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
    Winsock: Catalog9 01 C:\windows\SysWOW64\mswsock.dll [231424 2013-10-08] (Microsoft Corporation)
    Winsock: Catalog9 02 C:\windows\SysWOW64\mswsock.dll [231424 2013-10-08] (Microsoft Corporation)
    Winsock: Catalog9 03 C:\windows\SysWOW64\mswsock.dll [231424 2013-10-08] (Microsoft Corporation)
    Winsock: Catalog9 04 C:\windows\SysWOW64\mswsock.dll [231424 2013-10-08] (Microsoft Corporation)
    Winsock: Catalog9 05 C:\windows\SysWOW64\mswsock.dll [231424 2013-10-08] (Microsoft Corporation)
    Winsock: Catalog9 06 C:\windows\SysWOW64\mswsock.dll [231424 2013-10-08] (Microsoft Corporation)
    Winsock: Catalog9 07 C:\windows\SysWOW64\mswsock.dll [231424 2013-10-08] (Microsoft Corporation)
    Winsock: Catalog9 08 C:\windows\SysWOW64\mswsock.dll [231424 2013-10-08] (Microsoft Corporation)
    Winsock: Catalog9 09 C:\windows\SysWOW64\mswsock.dll [231424 2013-10-08] (Microsoft Corporation)
    Winsock: Catalog9 10 C:\windows\SysWOW64\mswsock.dll [231424 2013-10-08] (Microsoft Corporation)
    Winsock: Catalog9 11 C:\windows\SysWOW64\mswsock.dll [231424 2013-10-08] (Microsoft Corporation)
    Winsock: Catalog5-x64 01 C:\Windows\system32\NLAapi.dll [70656 2012-11-15] (Microsoft Corporation)
    Winsock: Catalog5-x64 02 C:\Windows\system32\napinsp.dll [68096 2009-07-13] (Microsoft Corporation)
    Winsock: Catalog5-x64 03 C:\Windows\system32\pnrpnsp.dll [86016 2009-07-13] (Microsoft Corporation)
    Winsock: Catalog5-x64 04 C:\Windows\system32\pnrpnsp.dll [86016 2009-07-13] (Microsoft Corporation)
    Winsock: Catalog5-x64 05 C:\Windows\System32\mswsock.dll [327168 2013-10-08] (Microsoft Corporation)
    Winsock: Catalog5-x64 06 C:\Windows\System32\winrnr.dll [28672 2009-07-13] (Microsoft Corporation)
    Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-28] (Microsoft Corp.)
    Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-28] (Microsoft Corp.)
    Winsock: Catalog5-x64 09 C:\Windows\system32\wshbth.dll [47104 2011-04-11] (Microsoft Corporation)
    Winsock: Catalog5-x64 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc.)
    Winsock: Catalog9-x64 01 C:\Windows\system32\mswsock.dll [327168 2013-10-08] (Microsoft Corporation)
    Winsock: Catalog9-x64 02 C:\Windows\system32\mswsock.dll [327168 2013-10-08] (Microsoft Corporation)
    Winsock: Catalog9-x64 03 C:\Windows\system32\mswsock.dll [327168 2013-10-08] (Microsoft Corporation)
    Winsock: Catalog9-x64 04 C:\Windows\system32\mswsock.dll [327168 2013-10-08] (Microsoft Corporation)
    Winsock: Catalog9-x64 05 C:\Windows\system32\mswsock.dll [327168 2013-10-08] (Microsoft Corporation)
    Winsock: Catalog9-x64 06 C:\Windows\system32\mswsock.dll [327168 2013-10-08] (Microsoft Corporation)
    Winsock: Catalog9-x64 07 C:\Windows\system32\mswsock.dll [327168 2013-10-08] (Microsoft Corporation)
    Winsock: Catalog9-x64 08 C:\Windows\system32\mswsock.dll [327168 2013-10-08] (Microsoft Corporation)
    Winsock: Catalog9-x64 09 C:\Windows\system32\mswsock.dll [327168 2013-10-08] (Microsoft Corporation)
    Winsock: Catalog9-x64 10 C:\Windows\system32\mswsock.dll [327168 2013-10-08] (Microsoft Corporation)
    Winsock: Catalog9-x64 11 C:\Windows\system32\mswsock.dll [327168 2013-10-08] (Microsoft Corporation)
    Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
    StartMenuInternet: IEXPLORE.EXE - "C:\Program Files (x86)\Internet Explorer\iexplore.exe"

    FireFox:
    ========
    FF ProfilePath: C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\1fgxzkaq.default
    FF DefaultSearchEngine: Google
    FF DefaultSearchEngine.US: Search Provided by Yahoo
    FF Homepage: hxxp://us.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_dnldstr_15_14&param1=1&param2=f%3D1%26b%3DFirefox%26cc%3Dus%26pa%3DWinYahoo%26cd%3D2XzuyEtN2Y1L1Qzu0BzzyBtD0FyEyE0CyDyCyDzz0Bzyzy0AtN0D0Tzu0StCtCzzyCtN1L2XzutAtFzytFyEtFtCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyDtDyEyBtB0FyD0EtGyBzyzyzytGzztBtCzztGzzzz0A0BtGyDyEzyyD0E0CyByEtDzytD0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDzytB0D0BtDtByCtG0A0EyBtBtGyE0DzytAtG0AyDtC0FtG0DtBzyzztDzztBtAtCyCtCtC2QtN0A0LzutBtN1B2Z1V1T1S1NzuyCyDyD%26cr%3D289238440%26a%3Dwny_dnldstr_15_14%26os%3DWindows 7 Home Premium
    FF NetworkProxy: "no_proxies_on", "localhost,127.0.0.1"
    FF NetworkProxy: "type", 4
    FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll No File
    FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-29] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-29] (Oracle Corporation)
    FF Plugin-x32: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\content_blocker@kaspersky.com [2015-02-27] ()
    FF Plugin-x32: @kaspersky.com/online_banking_08806E753BE44495B44E90AA2513BDC5 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\online_banking@kaspersky.com [2015-02-27] ()
    FF Plugin-x32: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-02-27] ()
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-02] (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-2095107414-2841986566-2177878057-1000: @tools.google.com/Google Update;version=3 -> C:\Users\owner\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll [2014-02-20] (Google Inc.)
    FF Plugin HKU\S-1-5-21-2095107414-2841986566-2177878057-1000: @tools.google.com/Google Update;version=9 -> C:\Users\owner\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll [2014-02-20] (Google Inc.)
    FF SearchPlugin: C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\1fgxzkaq.default\searchplugins\search-provided-by-yahoo.xml [2015-04-01]
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom.xml [2015-02-23]
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\bing.xml [2015-04-03]
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\ddg.xml [2015-02-23]
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay.xml [2015-02-23]
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\google.xml [2015-02-23]
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\twitter.xml [2015-02-23]
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia.xml [2015-02-23]
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo.xml [2015-02-23]
    FF Extension: Blur (Formerly DoNotTrackMe) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\1fgxzkaq.default\Extensions\donottrackplus@abine.com [2015-01-11]
    FF Extension: MaskMe - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\1fgxzkaq.default\Extensions\idme@abine.com [2014-11-22]
    FF Extension: Adblock Plus Pop-up Addon - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\1fgxzkaq.default\Extensions\adblockpopups@jessehakanen.net.xpi [2015-02-12]
    FF Extension: Cipherbox - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\1fgxzkaq.default\Extensions\jid0-EXn9xmBHVjhjf7gdSvcwa8VK00M@jetpack.xpi [2012-06-28]
    FF Extension: QuickWhois - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\1fgxzkaq.default\Extensions\jid0-teMJF8ekAEGnSSBPEBxCcyGbBO0@jetpack.xpi [2012-06-28]
    FF Extension: Lightbeam - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\1fgxzkaq.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2015-01-22]
    FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak [2015-04-23]
    FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2015-04-23]
    FF HKLM-x32\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\content_blocker@kaspersky.com
    FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\content_blocker@kaspersky.com [2015-02-27]
    FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\virtual_keyboard@kaspersky.com
    FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-02-27]
    FF HKLM-x32\...\Firefox\Extensions: [online_banking_08806E753BE44495B44E90AA2513BDC5@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\online_banking@kaspersky.com
    FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\online_banking@kaspersky.com [2015-02-27]
    FF HKLM-x32\...\Mozilla Firefox 37.0.2\Extensions: [Components] - C:\Program Files (x86)\Mozilla Firefox\components
    FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\components [2015-04-23]
    FF HKLM-x32\...\Mozilla Firefox 37.0.2\Extensions: [Plugins] - C:\Program Files (x86)\Mozilla Firefox\plugins
    FF HKLM-x32\...\Mozilla Firefox 4.0.1\Extensions: [Components] - C:\Program Files (x86)\Mozilla Firefox\components
    StartMenuInternet: FIREFOX.EXE - "C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
    FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\channel-prefs.js [2015-04-23]
     
  22. lushy

    lushy TS Rookie Topic Starter Posts: 86

    Chrome:
    =======
    CHR HomePage: Default -> hxxp://us.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_dnldstr_15_14&param1=1&param2=f%3D1%26b%3DChrome%26cc%3Dus%26pa%3DWinYahoo%26cd%3D2XzuyEtN2Y1L1Qzu0BzzyBtD0FyEyE0CyDyCyDzz0Bzyzy0AtN0D0Tzu0StCtCzzyCtN1L2XzutAtFzytFyEtFtCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyDtDyEyBtB0FyD0EtGyBzyzyzytGzztBtCzztGzzzz0A0BtGyDyEzyyD0E0CyByEtDzytD0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDzytB0D0BtDtByCtG0A0EyBtBtGyE0DzytAtG0AyDtC0FtG0DtBzyzztDzztBtAtCyCtCtC2QtN0A0LzutBtN1B2Z1V1T1S1NzuyCyDyD%26cr%3D289238440%26a%3Dwny_dnldstr_15_14%26os%3DWindows 7 Home Premium
    CHR StartupUrls: Default -> "hxxp://us.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_dnldstr_15_14&param1=1&param2=f%3D7%26b%3DChrome%26cc%3Dus%26pa%3DWinYahoo%26cd%3D2XzuyEtN2Y1L1Qzu0BzzyBtD0FyEyE0CyDyCyDzz0Bzyzy0AtN0D0Tzu0StCtCzzyCtN1L2XzutAtFzytFyEtFtCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyDtDyEyBtB0FyD0EtGyBzyzyzytGzztBtCzztGzzzz0A0BtGyDyEzyyD0E0CyByEtDzytD0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDzytB0D0BtDtByCtG0A0EyBtBtGyE0DzytAtG0AyDtC0FtG0DtBzyzztDzztBtAtCyCtCtC2QtN0A0LzutBtN1B2Z1V1T1S1NzuyCyDyD%26cr%3D289238440%26a%3Dwny_dnldstr_15_14%26os%3DWindows 7 Home Premium", "https://www.google.com/"
    CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
    CHR Plugin: (Native Client) - C:\Users\owner\AppData\Local\Google\Chrome\Application\42.0.2311.90\ppGoogleNaClPluginChrome.dll No File
    CHR Plugin: (Chrome PDF Viewer) - C:\Users\owner\AppData\Local\Google\Chrome\Application\42.0.2311.90\pdf.dll No File
    CHR Plugin: (Shockwave Flash) - C:\Users\owner\AppData\Local\Google\Chrome\Application\42.0.2311.90\gcswf32.dll No File
    CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
    CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.397_0\plugin/npUrlAdvisor.dll No File
    CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.374_0\plugin/npVKPlugin.dll No File
    CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll No File
    CHR Plugin: (Skype Toolbars) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.8.0.8855_0\npSkypeChromePlugin.dll No File
    CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll No File
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll No File
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll No File
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll No File
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll No File
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
    CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL No File
    CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
    CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
    CHR Plugin: (Photodex Presenter Plugin) - C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll No File
    CHR Plugin: (Windows Live? Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll No File
    CHR Plugin: (Default Plug-in) - default_plugin No File
    CHR Profile: C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Kaspersky Protection) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-04-26]
    CHR Extension: (Google Wallet) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-16]
    CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
    CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
    StartMenuInternet: Google Chrome - "C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe"

    ==================== Services (All) ========================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2015-03-26] (SUPERAntiSpyware.com)
    R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [81088 2014-12-19] (Adobe Systems Incorporated)
    S3 AdobeFlashPlayerUpdateSvc; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [268464 2015-04-14] (Adobe Systems Incorporated)
    R3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [72192 2009-07-13] (Microsoft Corporation)
    S3 ALG; C:\Windows\System32\alg.exe [79360 2009-07-13] (Microsoft Corporation)
    S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [32256 2015-02-02] (Microsoft Corporation)
    R3 Appinfo; C:\Windows\System32\appinfo.dll [70144 2013-02-26] (Microsoft Corporation)
    R2 Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336 2014-02-12] (Apple Inc.)
    S3 aspnet_state; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [50864 2014-04-11] (Microsoft Corporation)
    R2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [680960 2015-02-02] (Microsoft Corporation)
    R2 AudioSrv; C:\Windows\System32\Audiosrv.dll [680960 2015-02-02] (Microsoft Corporation)
    R2 AVP15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe [193400 2014-12-23] (Kaspersky Lab ZAO)
    S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [114688 2010-11-20] (Microsoft Corporation)
    S3 BDESVC; C:\Windows\System32\bdesvc.dll [100864 2009-07-13] (Microsoft Corporation)
    R2 BFE; C:\Windows\System32\bfe.dll [705024 2010-11-20] (Microsoft Corporation)
    S3 BITS; C:\Windows\System32\qmgr.dll [849920 2010-11-20] (Microsoft Corporation)
    R2 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [462184 2011-08-30] (Apple Inc.)
    R3 Browser; C:\Windows\System32\browser.dll [136704 2012-07-04] (Microsoft Corporation)
    S3 bthserv; C:\Windows\system32\bthserv.dll [83968 2009-07-13] (Microsoft Corporation)
    S3 CertPropSvc; C:\Windows\System32\certprop.dll [80384 2010-11-20] (Microsoft Corporation)
    S4 clr_optimization_v2.0.50727_32; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [67224 2014-03-20] (Microsoft Corporation)
    S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-20] (Microsoft Corporation)
    S2 clr_optimization_v4.0.30319_32; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [103608 2014-04-11] (Microsoft Corporation)
    S2 clr_optimization_v4.0.30319_64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [124088 2014-04-11] (Microsoft Corporation)
    S3 cphs; C:\Windows\SysWow64\IntelCpHeciSvc.exe [279024 2014-03-22] (Intel Corporation)
    R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [187904 2015-02-02] (Microsoft Corporation)
    R2 CryptSvc; C:\Windows\SysWOW64\cryptsvc.dll [143872 2015-02-02] (Microsoft Corporation)
    R2 DcomLaunch; C:\Windows\system32\rpcss.dll [512000 2010-11-20] (Microsoft Corporation)
    S3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-13] (Microsoft Corporation)
    R2 Dhcp; C:\Windows\system32\dhcpcore.dll [317952 2010-11-20] (Microsoft Corporation)
    R2 Dhcp; C:\Windows\SysWOW64\dhcpcore.dll [254464 2010-11-20] (Microsoft Corporation)
    R2 DMAgent; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [514048 2011-11-30] (Red Bend Ltd.) [File not signed]
    R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [183296 2011-03-02] (Microsoft Corporation)
    S3 dot3svc; C:\Windows\System32\dot3svc.dll [252416 2010-11-20] (Microsoft Corporation)
    R2 DPS; C:\Windows\system32\dps.dll [162816 2010-11-20] (Microsoft Corporation)
    R3 EapHost; C:\Windows\System32\eapsvc.dll [111104 2009-07-13] (Microsoft Corporation)
    S3 EFS; C:\Windows\System32\lsass.exe [31232 2015-03-16] (Microsoft Corporation)
    S2 ehRecvr; C:\Windows\ehome\ehRecvr.exe [696832 2010-11-20] (Microsoft Corporation)
    S2 ehSched; C:\Windows\ehome\ehsched.exe [127488 2009-07-13] (Microsoft Corporation)
    R2 eventlog; C:\Windows\System32\wevtsvc.dll [1646080 2010-11-20] (Microsoft Corporation)
    R2 EventSystem; C:\Windows\system32\es.dll [402944 2009-07-13] (Microsoft Corporation)
    R2 EventSystem; C:\Windows\SysWOW64\es.dll [271360 2009-07-13] (Microsoft Corporation)
    R2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [1429776 2010-07-19] (Intel(R) Corporation)
    S3 Fax; C:\Windows\system32\fxssvc.exe [689152 2010-11-20] (Microsoft Corporation)
    R3 fdPHost; C:\Windows\system32\fdPHost.dll [16384 2009-07-13] (Microsoft Corporation)
    R2 FDResPub; C:\Windows\system32\fdrespub.dll [34816 2009-07-13] (Microsoft Corporation)
    R2 FontCache; C:\Windows\system32\FntCache.dll [1175552 2013-01-13] (Microsoft Corporation)
    S3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-04] (Microsoft Corporation)
    R2 gpsvc; C:\Windows\System32\gpsvc.dll [777728 2010-11-20] (Microsoft Corporation)
    R3 hidserv; C:\Windows\system32\hidserv.dll [38912 2009-07-13] (Microsoft Corporation)
    R3 hidserv; C:\Windows\SysWOW64\hidserv.dll [49152 2009-07-13] (Microsoft Corporation)
    S3 hkmsvc; C:\Windows\system32\kmsvc.dll [90624 2010-11-20] (Microsoft Corporation)
    R3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [232448 2010-11-20] (Microsoft Corporation)
    R3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [187904 2010-11-20] (Microsoft Corporation)
    R3 HomeGroupProvider; C:\Windows\SysWOW64\provsvc.dll [165376 2010-11-20] (Microsoft Corporation)
    R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
    S3 idsvc; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe [859280 2014-06-30] (Microsoft Corporation)
    S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [114688 2015-03-12] (Microsoft Corporation)
    R2 IKEEXT; C:\Windows\System32\ikeext.dll [859648 2013-10-11] (Microsoft Corporation)
    R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [635104 2012-04-20] (Intel(R) Corporation)
    S3 IPBusEnum; C:\Windows\system32\ipbusenum.dll [101888 2009-07-13] (Microsoft Corporation)
    R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [569344 2012-10-03] (Microsoft Corporation)
    S3 iPod Service; C:\Program Files\iPod\bin\iPodService.exe [641352 2014-02-21] (Apple Inc.)
    R2 IviRegMgr; C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe [110736 2010-05-20] (InterVideo)
    R3 KeyIso; C:\Windows\system32\lsass.exe [31232 2015-03-16] (Microsoft Corporation)
    S3 KtmRm; C:\Windows\system32\msdtckrm.dll [368640 2009-07-13] (Microsoft Corporation)
    R2 LanmanServer; C:\Windows\System32\srvsvc.dll [236032 2010-11-20] (Microsoft Corporation)
    R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [118784 2010-11-20] (Microsoft Corporation)
    S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [300032 2009-07-13] (Microsoft Corporation)
    R2 lmhosts; C:\Windows\System32\lmhsvc.dll [23552 2009-07-13] (Microsoft Corporation)
    R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [276864 1999-12-31] (Intel Corporation)
    R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
    S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [84992 2010-11-20] (Microsoft Corporation)
    S2 MMCSS; C:\Windows\system32\mmcss.dll [67584 2009-07-13] (Microsoft Corporation)
    S3 MozillaMaintenance; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [148080 2015-02-23] (Mozilla Foundation)
    R2 MpsSvc; C:\Windows\system32\mpssvc.dll [828416 2010-11-20] (Microsoft Corporation)
    S3 MSDTC; C:\Windows\System32\msdtc.exe [141824 2009-07-13] (Microsoft Corporation)
    S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [156672 2009-07-13] (Microsoft Corporation)
    S3 msiserver; C:\Windows\System32\msiexec.exe [128000 2010-11-20] (Microsoft Corporation)
    S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [73216 2010-11-20] (Microsoft Corporation)
    S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-07-19] ()
    S3 napagent; C:\Windows\system32\qagentRT.dll [476160 2010-11-20] (Microsoft Corporation)
    R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
    S3 Netlogon; C:\Windows\system32\lsass.exe [31232 2015-03-16] (Microsoft Corporation)
    R3 Netman; C:\Windows\System32\netman.dll [360448 2009-07-13] (Microsoft Corporation)
    S4 NetMsmqActivator; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139944 2014-04-12] (Microsoft Corporation)
    S4 NetPipeActivator; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139944 2014-04-12] (Microsoft Corporation)
    R3 netprofm; C:\Windows\System32\netprofm.dll [459776 2009-07-13] (Microsoft Corporation)
    R3 netprofm; C:\Windows\SysWOW64\netprofm.dll [360448 2009-07-13] (Microsoft Corporation)
    S4 NetTcpActivator; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139944 2014-04-12] (Microsoft Corporation)
    S4 NetTcpPortSharing; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139944 2014-04-12] (Microsoft Corporation)
    R2 NlaSvc; C:\Windows\System32\nlasvc.dll [303616 2014-12-05] (Microsoft Corporation)
    R2 nsi; C:\Windows\system32\nsisvc.dll [25600 2009-07-13] (Microsoft Corporation)
    R3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-13] (Microsoft Corporation)
    R3 p2psvc; C:\Windows\system32\p2psvc.dll [438784 2009-07-13] (Microsoft Corporation)
    R2 PcaSvc; C:\Windows\System32\pcasvc.dll [188416 2015-02-02] (Microsoft Corporation)
    S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [20992 2009-07-13] (Microsoft Corporation)
    S3 pla; C:\Windows\system32\pla.dll [1389056 2010-11-20] (Microsoft Corporation)
    S3 pla; C:\Windows\SysWOW64\pla.dll [1508864 2010-11-20] (Microsoft Corporation)
    R2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [404480 2011-05-24] (Microsoft Corporation)
    R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
    S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [25088 2009-07-13] (Microsoft Corporation)
    R3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-13] (Microsoft Corporation)
    R3 PolicyAgent; C:\Windo
     
  23. lushy

    lushy TS Rookie Topic Starter Posts: 86

    R3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [501248 2010-11-20] (Microsoft Corporation)
    R2 Power; C:\Windows\system32\umpo.dll [163840 2009-07-13] (Microsoft Corporation)
    R2 ProfSvc; C:\Windows\system32\profsvc.dll [210432 2014-12-18] (Microsoft Corporation)
    S3 ProtectedStorage; C:\Windows\system32\lsass.exe [31232 2015-03-16] (Microsoft Corporation)
    R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [193824 2010-03-11] (Protexis Inc.)
    S3 QWAVE; C:\Windows\system32\qwave.dll [242688 2009-07-13] (Microsoft Corporation)
    S3 RasAuto; C:\Windows\System32\rasauto.dll [99328 2009-07-13] (Microsoft Corporation)
    S3 RasMan; C:\Windows\System32\rasmans.dll [344064 2010-11-20] (Microsoft Corporation)
    R2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [838928 2010-07-19] (Intel(R) Corporation)
    S4 RemoteAccess; C:\Windows\System32\mprdim.dll [97792 2009-07-13] (Microsoft Corporation)
    S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [75264 2009-07-13] (Microsoft Corporation)
    S3 RemoteRegistry; C:\Windows\system32\regsvc.dll [159232 2009-07-13] (Microsoft Corporation)
    R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [67072 2009-07-13] (Microsoft Corporation)
    S3 RpcLocator; C:\Windows\system32\locator.exe [10240 2009-07-13] (Microsoft Corporation)
    R2 RpcSs; C:\Windows\system32\rpcss.dll [512000 2010-11-20] (Microsoft Corporation)
    R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 1999-12-31] (Realtek Semiconductor)
    R2 SamSs; C:\Windows\system32\lsass.exe [31232 2015-03-16] (Microsoft Corporation)
    S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [190976 2009-07-13] (Microsoft Corporation)
    R2 Schedule; C:\Windows\system32\schedsvc.dll [1110016 2010-11-20] (Microsoft Corporation)
    S3 SCPolicySvc; C:\Windows\System32\certprop.dll [80384 2010-11-20] (Microsoft Corporation)
    R3 SDRSVC; C:\Windows\System32\SDRSVC.dll [170496 2010-11-20] (Microsoft Corporation)
    R3 seclogon; C:\Windows\system32\seclogon.dll [30720 2010-11-20] (Microsoft Corporation)
    R2 SENS; C:\Windows\system32\sens.dll [64512 2009-07-13] (Microsoft Corporation)
    R2 SENS; C:\Windows\SysWOW64\sens.dll [49664 2009-07-13] (Microsoft Corporation)
    S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [29184 2009-07-13] (Microsoft Corporation)
    S3 SessionEnv; C:\Windows\system32\sessenv.dll [121856 2010-11-20] (Microsoft Corporation)
    S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [113664 2010-11-20] (Microsoft Corporation)
    S4 SharedAccess; C:\Windows\System32\ipnathlp.dll [359424 2009-07-13] (Microsoft Corporation)
    R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [370688 2010-11-20] (Microsoft Corporation)
    R2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [328192 2010-11-20] (Microsoft Corporation)
    S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14336 2009-07-13] (Microsoft Corporation)
    R2 Spooler; C:\Windows\System32\spoolsv.exe [559104 2012-02-10] (Microsoft Corporation)
    S2 sppsvc; C:\Windows\system32\sppsvc.exe [3524608 2010-11-20] (Microsoft Corporation)
    S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [65536 2009-07-13] (Microsoft Corporation)
    R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [193024 2009-07-13] (Microsoft Corporation)
    S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [75264 2009-07-13] (Microsoft Corporation)
    R2 stisvc; C:\Windows\System32\wiaservc.dll [580096 2010-11-20] (Microsoft Corporation)
    R3 swprv; C:\Windows\System32\swprv.dll [524288 2009-07-13] (Microsoft Corporation)
    R2 SysMain; C:\Windows\system32\sysmain.dll [1743360 2010-11-20] (Microsoft Corporation)
    S3 TabletInputService; C:\Windows\System32\TabSvc.dll [92672 2010-11-20] (Microsoft Corporation)
    S3 TapiSrv; C:\Windows\System32\tapisrv.dll [316928 2010-11-20] (Microsoft Corporation)
    S3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [242176 2010-11-20] (Microsoft Corporation)
    S3 TBS; C:\Windows\System32\tbssvc.dll [65536 2009-07-13] (Microsoft Corporation)
    R2 TermService; C:\Windows\System32\termsrv.dll [683520 2014-10-13] (Microsoft Corporation)
    R2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-13] (Microsoft Corporation)
    R2 Thpsrv; C:\windows\system32\ThpSrv.exe [531832 2010-09-17] (TOSHIBA Corporation)
    S3 THREADORDER; C:\Windows\system32\mmcss.dll [67584 2009-07-13] (Microsoft Corporation)
    S3 TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [54136 2011-02-11] (TOSHIBA Corporation)
    R2 TODDSrv; C:\windows\system32\TODDSrv.exe [138656 2010-10-20] (TOSHIBA Corporation)
    R2 TosCoSrv; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [489384 2010-10-18] (TOSHIBA Corporation)
    R2 TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [294848 2011-05-24] (TOSHIBA Corporation)
    S3 TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [137560 2010-02-05] (TOSHIBA Corporation)
    S3 TPCHSrv; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [822704 2010-11-16] (TOSHIBA Corporation)
    R2 TrkWks; C:\Windows\System32\trkwks.dll [119808 2009-07-13] (Microsoft Corporation)
    S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [194048 2010-11-20] (Microsoft Corporation)
    S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [40960 2009-07-13] (Microsoft Corporation)
    R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [364416 1999-12-31] (Intel Corporation)
    R3 upnphost; C:\Windows\System32\upnphost.dll [353792 2009-07-13] (Microsoft Corporation)
    R3 upnphost; C:\Windows\SysWOW64\upnphost.dll [266752 2009-07-13] (Microsoft Corporation)
    R2 UxSms; C:\Windows\System32\uxsms.dll [38912 2009-07-13] (Microsoft Corporation)
    S3 VaultSvc; C:\Windows\system32\lsass.exe [31232 2015-03-16] (Microsoft Corporation)
    S3 vds; C:\Windows\System32\vds.exe [533504 2010-11-20] (Microsoft Corporation)
    S3 VSS; C:\Windows\system32\vssvc.exe [1600512 2010-11-20] (Microsoft Corporation)
    S3 W32Time; C:\Windows\system32\w32time.dll [381952 2009-07-13] (Microsoft Corporation)
    S3 WatAdminSvc; C:\Windows\system32\Wat\WatAdminSvc.exe [1255736 2011-04-11] (Microsoft Corporation)
    S3 wbengine; C:\Windows\system32\wbengine.exe [1504256 2010-11-20] (Microsoft Corporation)
    S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [202240 2009-07-13] (Microsoft Corporation)
    S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [367104 2010-11-20] (Microsoft Corporation)
    S3 wcncsvc; C:\Windows\SysWOW64\wcncsvc.dll [276992 2010-11-20] (Microsoft Corporation)
    S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [40960 2009-07-13] (Microsoft Corporation)
    S3 WcsPlugInService; C:\Windows\SysWOW64\WcsPlugInService.dll [32768 2009-07-13] (Microsoft Corporation)
    R3 WdiServiceHost; C:\Windows\system32\wdi.dll [91136 2015-01-08] (Microsoft Corporation)
    R3 WdiServiceHost; C:\Windows\SysWOW64\wdi.dll [76800 2015-01-08] (Microsoft Corporation)
    S3 WdiSystemHost; C:\Windows\system32\wdi.dll [91136 2015-01-08] (Microsoft Corporation)
    S3 WdiSystemHost; C:\Windows\SysWOW64\wdi.dll [76800 2015-01-08] (Microsoft Corporation)
    S3 WebClient; C:\Windows\System32\webclnt.dll [259584 2013-07-04] (Microsoft Corporation)
    S3 WebClient; C:\Windows\SysWOW64\webclnt.dll [205824 2013-07-04] (Microsoft Corporation)
    S3 Wecsvc; C:\Windows\system32\wecsvc.dll [237568 2009-07-13] (Microsoft Corporation)
    S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [84480 2009-07-13] (Microsoft Corporation)
    S3 WerSvc; C:\Windows\System32\WerSvc.dll [76800 2009-07-13] (Microsoft Corporation)
    R2 WiMAXAppSrv; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [979456 2011-11-30] (Intel(R) Corporation) [File not signed]
    R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
    S3 WinHttpAutoProxySvc; C:\windows\system32\winhttp.dll [444416 2010-11-20] (Microsoft Corporation)
    S3 WinHttpAutoProxySvc; C:\windows\SysWOW64\winhttp.dll [351232 2010-11-20] (Microsoft Corporation)
    R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [242688 2009-07-13] (Microsoft Corporation)
    S3 WinRM; C:\Windows\system32\WsmSvc.dll [2020352 2014-10-02] (Microsoft Corporation)
    S3 WinRM; C:\Windows\SysWOW64\WsmSvc.dll [1177088 2014-10-02] (Microsoft Corporation)
    R2 Wlansvc; C:\Windows\System32\wlansvc.dll [886784 2009-07-13] (Microsoft Corporation)
    S4 wlcrasvc; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [57184 2010-09-22] (Microsoft Corporation)
    R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292096 2011-03-28] (Microsoft Corp.)
    S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [203264 2009-07-13] (Microsoft Corporation)
    R2 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1525248 2010-11-20] (Microsoft Corporation)
    S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-13] (Microsoft Corporation)
    S3 WPCSvc; C:\Windows\SysWOW64\wpcsvc.dll [10752 2009-07-13] (Microsoft Corporation)
    S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [117248 2010-11-20] (Microsoft Corporation)
    R2 wscsvc; C:\Windows\system32\wscsvc.dll [97280 2009-07-13] (Microsoft Corporation)
    R2 WSearch; C:\Windows\system32\SearchIndexer.exe [591872 2011-05-03] (Microsoft Corporation)
    R2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [427520 2011-05-03] (Microsoft Corporation)
    R2 wuauserv; C:\Windows\system32\wuaueng.dll [2553856 2015-03-24] (Microsoft Corporation)
    R3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [84992 2012-07-25] (Microsoft Corporation)
    S3 WwanSvc; C:\Windows\System32\wwansvc.dll [228864 2014-01-27] (Microsoft Corporation)
    S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}

    ==================== Drivers (All) ==========================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    S3 1394ohci; C:\Windows\system32\drivers\1394ohci.sys [229888 2010-11-20] (Microsoft Corporation)
    R0 ACPI; C:\Windows\System32\drivers\ACPI.sys [334208 2010-11-20] (Microsoft Corporation)
    S3 AcpiPmi; C:\Windows\system32\drivers\acpipmi.sys [12800 2010-11-20] (Microsoft Corporation)
    S3 adp94xx; C:\Windows\system32\DRIVERS\adp94xx.sys [491088 2009-07-13] (Adaptec, Inc.)
    S3 adpahci; C:\Windows\system32\DRIVERS\adpahci.sys [339536 2009-07-13] (Adaptec, Inc.)
    S3 adpu320; C:\Windows\system32\DRIVERS\adpu320.sys [182864 2009-07-13] (Adaptec, Inc.)
    R1 AFD; C:\Windows\system32\drivers\afd.sys [497152 2014-05-29] (Microsoft Corporation)
    S3 agp440; C:\Windows\system32\drivers\agp440.sys [61008 2009-07-13] (Microsoft Corporation)
    S3 aliide; C:\Windows\system32\drivers\aliide.sys [15440 2009-07-13] (Acer Laboratories Inc.)
    S3 amdide; C:\Windows\system32\drivers\amdide.sys [15440 2009-07-13] (Microsoft Corporation)
    S3 AmdK8; C:\Windows\system32\DRIVERS\amdk8.sys [64512 2009-07-13] (Microsoft Corporation)
    S3 AmdPPM; C:\Windows\system32\DRIVERS\amdppm.sys [60928 2009-07-13] (Microsoft Corporation)
    S3 amdsata; C:\Windows\system32\drivers\amdsata.sys [107904 2011-03-10] (Advanced Micro Devices)
    S3 amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys [194128 2009-07-13] (AMD Technologies Inc.)
    R0 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2011-03-10] (Advanced Micro Devices)
    S3 AppID; C:\Windows\system32\drivers\appid.sys [61440 2015-02-02] (Microsoft Corporation)
    U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
    S3 arc; C:\Windows\system32\DRIVERS\arc.sys [87632 2009-07-13] (Adaptec, Inc.)
    S3 arcsas; C:\Windows\system32\DRIVERS\arcsas.sys [97856 2009-07-13] (Adaptec, Inc.)
    R3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-13] (Microsoft Corporation)
    R0 atapi; C:\Windows\System32\drivers\atapi.sys [24128 2009-07-13] (Microsoft Corporation)
    S3 b06bdrv; C:\Windows\system32\DRIVERS\bxvbda.sys [468480 2009-06-10] (Broadcom Corporation)
    S3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] (Broadcom Corporation)
    U5 BattC; C:\Windows\System32\Drivers\BattC.sys [28240 2009-07-13] (Microsoft Corporation)
    R1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-13] (Microsoft Corporation)
    R1 blbdrive; C:\Windows\system32\DRIVERS\blbdrive.sys [45056 2009-07-13] (Microsoft Corporation)
    R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2011-02-22] (Microsoft Corporation)
    R3 bpenum; C:\Windows\System32\DRIVERS\bpenum.sys [84480 2011-11-30] (Intel Corporation)
    R3 bpmp; C:\Windows\System32\DRIVERS\bpmp.sys [182272 2011-11-30] (Intel Corporation)
    R3 bpusb; C:\Windows\System32\Drivers\bpusb.sys [84992 2011-11-30] (Intel Corporation)
    S3 BrFiltLo; C:\Windows\system32\DRIVERS\BrFiltLo.sys [18432 2009-06-10] (Brother Industries, Ltd.)
    S3 BrFiltUp; C:\Windows\system32\DRIVERS\BrFiltUp.sys [8704 2009-06-10] (Brother Industries, Ltd.)
    S3 BridgeMP; C:\Windows\System32\DRIVERS\bridge.sys [95232 2009-07-13] (Microsoft Corporation)
    S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-13] (Brother Industries Ltd.)
    S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Brother Industries Ltd.)
    S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Brother Industries Ltd.)
    S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Brother Industries Ltd.)
    S3 BthEnum; C:\Windows\system32\drivers\BthEnum.sys [41984 2009-07-13] (Microsoft Corporation)
    S3 BTHMODEM; C:\Windows\system32\DRIVERS\bthmodem.sys [72192 2009-07-13] (Microsoft Corporation)
    S3 BthPan; C:\Windows\System32\DRIVERS\bthpan.sys [118784 2009-07-13] (Microsoft Corporation)
    S3 BTHPORT; C:\Windows\System32\Drivers\BTHport.sys [552960 2012-07-06] (Microsoft Corporation)
    S3 BTHUSB; C:\Windows\System32\Drivers\BTHUSB.sys [80384 2011-04-27] (Microsoft Corporation)
    S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-13] (Microsoft Corporation)
    R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [147456 2010-11-20] (Microsoft Corporation)
    S3 circlass; C:\Windows\system32\DRIVERS\circlass.sys [45568 2009-07-13] (Microsoft Corporation)
    R0 CLFS; C:\Windows\System32\CLFS.sys [367552 2015-03-03] (Microsoft Corporation)
    R3 CmBatt; C:\Windows\System32\DRIVERS\CmBatt.sys [17664 2009-07-13] (Microsoft Corporation)
    S3 cmdide; C:\Windows\system32\drivers\cmdide.sys [17488 2009-07-13] (CMD Technology, Inc.)
    R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
    R0 CNG; C:\Windows\System32\Drivers\cng.sys [459336 2015-01-30] (Microsoft Corporation)
    R0 Compbatt; C:\Windows\System32\DRIVERS\compbatt.sys [21584 2009-07-13] (Microsoft Corporation)
     
  24. lushy

    lushy TS Rookie Topic Starter Posts: 86

    R3 CompositeBus; C:\Windows\system32\drivers\CompositeBus.sys [38912 2010-11-20] (Microsoft Corporation)
    S4 crcdisk; C:\Windows\system32\DRIVERS\crcdisk.sys [24144 2009-07-13] (Microsoft Corporation)
    R3 dc3d; C:\Windows\System32\DRIVERS\dc3d.sys [76496 2014-03-19] (Microsoft Corporation)
    R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2010-11-20] (Microsoft Corporation)
    R1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-13] (Microsoft Corporation)
    R0 Disk; C:\Windows\System32\DRIVERS\disk.sys [73280 2009-07-13] (Microsoft Corporation)
    S3 drmkaud; C:\Windows\system32\drivers\drmkaud.sys [5632 2009-07-13] (Microsoft Corporation)
    R3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [985536 2014-06-15] (Microsoft Corporation)
    S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
    S3 elxstor; C:\Windows\system32\DRIVERS\elxstor.sys [530496 2009-07-13] (Emulex)
    S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [9728 2009-07-13] (Microsoft Corporation)
    S3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-13] (Microsoft Corporation)
    S3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-13] (Microsoft Corporation)
    S3 fdc; C:\Windows\system32\DRIVERS\fdc.sys [29696 2009-07-13] (Microsoft Corporation)
    R0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-13] (Microsoft Corporation)
    S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-13] (Microsoft Corporation)
    S3 flpydisk; C:\Windows\system32\DRIVERS\flpydisk.sys [24576 2009-07-13] (Microsoft Corporation)
    R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-20] (Microsoft Corporation)
    S3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [55376 2009-07-13] (Microsoft Corporation)
    U0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23408 2012-02-29] (Microsoft Corporation)
    R0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223752 2013-01-23] (Microsoft Corporation)
    S3 gagp30kx; C:\Windows\system32\DRIVERS\gagp30kx.sys [65088 2009-07-13] (Microsoft Corporation)
    S3 GEARAspiWDM; C:\Windows\System32\DRIVERS\GEARAspiWDM.sys [33240 2012-08-21] (GEAR Software Inc.)
    S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] (Hauppauge Computer Works, Inc.)
    S3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [350208 2010-11-20] (Microsoft Corporation)
    R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [122368 2010-11-20] (Microsoft Corporation)
    S3 HidBatt; C:\Windows\system32\DRIVERS\HidBatt.sys [26624 2009-07-13] (Microsoft Corporation)
    S3 HidBth; C:\Windows\system32\DRIVERS\hidbth.sys [100864 2009-07-13] (Microsoft Corporation)
    S3 HidIr; C:\Windows\system32\DRIVERS\hidir.sys [46592 2009-07-13] (Microsoft Corporation)
    R3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [30208 2010-11-20] (Microsoft Corporation)
    S3 HpSAMD; C:\Windows\system32\drivers\HpSAMD.sys [78720 2010-11-20] (Hewlett-Packard Company)
    R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [754688 2015-02-24] (Microsoft Corporation)
    R0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-20] (Microsoft Corporation)
    R3 i8042prt; C:\Windows\system32\drivers\i8042prt.sys [105472 2009-07-13] (Microsoft Corporation)
    R0 iaStor; C:\Windows\System32\DRIVERS\iaStor.sys [437272 2010-09-13] (Intel Corporation)
    S3 iaStorV; C:\Windows\system32\drivers\iaStorV.sys [410496 2011-03-10] (Intel Corporation)
    R3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [5363200 2014-03-22] (Intel Corporation)
    S3 iirsp; C:\Windows\system32\DRIVERS\iirsp.sys [44112 2009-07-13] (Intel Corp./ICP vortex GmbH)
    R3 IntcAzAudAddService; C:\Windows\System32\drivers\RTKVHD64.sys [3849304 2014-03-22] (Realtek Semiconductor Corp.)
    R3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [317440 2010-10-15] (Intel(R) Corporation)
    S3 intelide; C:\Windows\system32\drivers\intelide.sys [16960 2009-07-13] (Microsoft Corporation)
    R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [62464 2009-07-13] (Microsoft Corporation)
    S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2010-11-20] (Microsoft Corporation)
    S3 IPMIDRV; C:\Windows\system32\drivers\IPMIDrv.sys [78848 2010-11-20] (Microsoft Corporation)
    S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-13] (Microsoft Corporation)
    S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-13] (Microsoft Corporation)
    S3 isapnp; C:\Windows\system32\drivers\isapnp.sys [20544 2009-07-13] (Microsoft Corporation)
    S3 iScsiPrt; C:\Windows\system32\drivers\msiscsi.sys [274880 2014-02-03] (Microsoft Corporation)
    R3 JMCR; C:\Windows\System32\DRIVERS\jmcr.sys [176880 2014-03-14] (JMicron Technology Corporation)
    R3 kbdclass; C:\Windows\System32\DRIVERS\kbdclass.sys [50768 2009-07-13] (Microsoft Corporation)
    R3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [33280 2010-11-20] (Microsoft Corporation)
    R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
    R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [56008 2015-03-26] (Kaspersky Lab ZAO)
    R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [151240 2014-11-28] (Kaspersky Lab ZAO)
    R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [245960 2014-10-22] (Kaspersky Lab ZAO)
    R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [842440 2015-03-26] (Kaspersky Lab ZAO)
    R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30920 2014-10-10] (Kaspersky Lab ZAO)
    R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [30920 2014-10-30] (Kaspersky Lab ZAO)
    R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
    R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
    R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [57032 2014-10-09] (Kaspersky Lab ZAO)
    R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77000 2014-11-22] (Kaspersky Lab ZAO)
    R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [181960 2014-11-10] (Kaspersky Lab ZAO)
    R0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95672 2015-03-16] (Microsoft Corporation)
    R0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [155576 2015-03-16] (Microsoft Corporation)
    R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [20992 2009-07-13] (Microsoft Corporation)
    R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-13] (Microsoft Corporation)
    R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [44912 2009-07-30] (COMPAL ELECTRONIC INC.)
    S3 LSI_FC; C:\Windows\system32\DRIVERS\lsi_fc.sys [114752 2009-07-13] (LSI Corporation)
    S3 LSI_SAS; C:\Windows\system32\DRIVERS\lsi_sas.sys [106560 2009-07-13] (LSI Corporation)
    S3 LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys [65600 2009-07-13] (LSI Corporation)
    S3 LSI_SCSI; C:\Windows\system32\DRIVERS\lsi_scsi.sys [115776 2009-07-13] (LSI Corporation)
    R2 luafv; C:\Windows\system32\drivers\luafv.sys [113152 2009-07-13] (Microsoft Corporation)
    R1 mbamchameleon; C:\windows\system32\drivers\mbamchameleon.sys [107736 2015-03-17] (Malwarebytes Corporation)
    R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\windows\system32\drivers\36721863.sys [136408 2015-04-26] (Malwarebytes Corporation)
    R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)
    S3 megasas; C:\Windows\system32\DRIVERS\megasas.sys [35392 2009-07-13] (LSI Corporation)
    S3 MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys [284736 2009-07-13] (LSI Corporation, Inc.)
    R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2014-03-14] (Intel Corporation)
    S3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-13] (Microsoft Corporation)
    R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-13] (Microsoft Corporation)
    R3 mouclass; C:\Windows\System32\DRIVERS\mouclass.sys [49216 2009-07-13] (Microsoft Corporation)
    R3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [31232 2009-07-13] (Microsoft Corporation)
    R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94656 2015-02-02] (Microsoft Corporation)
    S3 mpio; C:\Windows\system32\drivers\mpio.sys [155008 2010-11-20] (Microsoft Corporation)
    R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-13] (Microsoft Corporation)
    S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [141312 2014-12-18] (Microsoft Corporation)
    R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [158208 2011-04-26] (Microsoft Corporation)
    R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [288768 2011-07-08] (Microsoft Corporation)
    R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [128000 2011-04-26] (Microsoft Corporation)
    R0 msahci; C:\Windows\System32\drivers\msahci.sys [31104 2010-11-20] (Microsoft Corporation)
    S3 msdsm; C:\Windows\system32\drivers\msdsm.sys [140672 2010-11-20] (Microsoft Corporation)
    R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2009-07-13] (Microsoft Corporation)
    S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-13] (Microsoft Corporation)
    R0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-13] (Microsoft Corporation)
    S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-13] (Microsoft Corporation)
    S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-13] (Microsoft Corporation)
    S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-13] (Microsoft Corporation)
    S3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [366976 2010-11-20] (Microsoft Corporation)
    R1 mssmbios; C:\Windows\system32\drivers\mssmbios.sys [32320 2009-07-13] (Microsoft Corporation)
    S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-13] (Microsoft Corporation)
    S3 MTConfig; C:\Windows\system32\DRIVERS\MTConfig.sys [15360 2009-07-13] (Microsoft Corporation)
    R0 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-13] (Microsoft Corporation)
    R3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-13] (Microsoft Corporation)
    R0 NDIS; C:\Windows\System32\drivers\ndis.sys [950128 2012-08-22] (Microsoft Corporation)
    S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-13] (Microsoft Corporation)
    R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-13] (Microsoft Corporation)
    R3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56832 2010-11-20] (Microsoft Corporation)
    R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2010-11-20] (Microsoft Corporation)
    R3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2010-11-20] (Microsoft Corporation)
    R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-13] (Microsoft Corporation)
    R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [261632 2010-11-20] (Microsoft Corporation)
    R3 NETwNs64; C:\Windows\System32\DRIVERS\NETwsw00.sys [11530992 2014-03-22] (Intel Corporation)
    S3 nfrd960; C:\Windows\system32\DRIVERS\nfrd960.sys [51264 2009-07-13] (IBM Corporation)
    R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44032 2009-07-13] (Microsoft Corporation)
    R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-13] (Microsoft Corporation)
    R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1684928 2014-01-23] (Microsoft Corporation)
    R1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-13] (Microsoft Corporation)
    R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [96768 2011-10-25] (Renesas Electronics Corporation)
    R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [213504 2011-10-25] (Renesas Electronics Corporation)
    S3 nvraid; C:\Windows\system32\drivers\nvraid.sys [148352 2011-03-10] (NVIDIA Corporation)
    S3 nvstor; C:\Windows\system32\drivers\nvstor.sys [166272 2011-03-10] (NVIDIA Corporation)
    S3 nv_agp; C:\Windows\system32\drivers\nv_agp.sys [122960 2009-07-13] (Microsoft Corporation)
    S3 ohci1394; C:\Windows\system32\drivers\ohci1394.sys [72832 2009-07-13] (Microsoft Corporation)
    S3 Parport; C:\Windows\system32\DRIVERS\parport.sys [97280 2009-07-13] (Microsoft Corporation)
    R0 partmgr; C:\Windows\System32\drivers\partmgr.sys [75120 2012-03-17] (Microsoft Corporation)
    R0 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-20] (Microsoft Corporation)
    R0 pciide; C:\Windows\System32\drivers\pciide.sys [12352 2009-07-13] (Microsoft Corporation)
    S3 pcmcia; C:\Windows\system32\DRIVERS\pcmcia.sys [220752 2009-07-13] (Microsoft Corporation)
    R0 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-13] (Microsoft Corporation)
    R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [663552 2015-02-02] (Microsoft Corporation)
    R3 PGEffect; C:\Windows\System32\DRIVERS\pgeffect.sys [35008 2009-06-22] (TOSHIBA Corporation)
    R3 Point64; C:\Windows\System32\DRIVERS\point64.sys [50864 2013-05-13] (Microsoft Corporation)
    R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111104 2010-11-20] (Microsoft Corporation)
    S3 Processor; C:\Windows\system32\DRIVERS\processr.sys [60416 2009-07-13] (Microsoft Corporation)
    R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2010-11-20] (Microsoft Corporation)
    S3 ql2300; C:\Windows\system32\DRIVERS\ql2300.sys [1524816 2009-07-13] (QLogic Corporation)
    S3 ql40xx; C:\Windows\system32\DRIVERS\ql40xx.sys [128592 2009-07-13] (QLogic Corporation)
    S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2009-07-13] (Microsoft Corporation)
    S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-13] (Microsoft Corporation)
    R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-13] (Microsoft Corporation)
    R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [129536 2010-11-20] (Microsoft Corporation)
    R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-13] (Microsoft Corporation)
    R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-13] (Microsoft Corporation)
    R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2010-11-20] (Microsoft Corporation)
    S3 rdpbus; C:\Windows\system32\DRIVERS\rdpbus.sys [24064 2009-07-13] (Microsoft Corporation)
    R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-13] (Microsoft Corporation)
    R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-13] (Microsoft Corporation)
    R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-13] (Microsoft Corporation)
    S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [19456 2012-08-23] (Microsoft Corporation)
    S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [212480 2014-07-16] (Microsoft Corporation)
    R0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-20] (Microsoft Corporation)
    R2 regi; C:\windows\system32\drivers\regi.sys [14112 2007-04-17] (InterVideo)
    S3 RFCOMM; C:\Windows\System32\DRIVERS\rfcomm.sys [158720 2009-07-13] (Microsoft Corporation)
    R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-13] (Microsoft Corporation)
    R3 RTL8167; C:\Windows\System32\DRIVERS\Rt64win7.sys [888536 2014-03-22] (Realtek )
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    S3 sbp2port; C:\Windows\system32\drivers\sbp2port.sys [103808 2010-11-20] (Microsoft Corporation)
    S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2010-11-20] (Microsoft Corporation)
    S3 sdbus; C:\Windows\system32\drivers\sdbus.sys [109056 2010-11-20] (Microsoft Corporation)
    R2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
    S3 Serenum; C:\Windows\system32\DRIVERS\serenum.sys [23552 2009-07-13] (Microsoft Corporation)
    S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Microsoft Corporation)
    S3 sermouse; C:\Windows\system32\DRIVERS\sermouse.sys [26624 2009-07-13] (Microsoft Corporation)
    S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [14336 2009-07-13] (Microsoft Corporation)
    S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [13824 2009-07-13] (Microsoft Corporation)
    S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [14336 2010-11-20] (Microsoft Corporation)
    S3 sfloppy; C:\Windows\system32\DRIVERS\sfloppy.sys [16896 2009-07-13] (Microsoft Corporation)
    S3 SiSRaid2; C:\Windows\system32\DRIVERS\SiSRaid2.sys [43584 2009-07-13] (Silicon Integrated Systems Corp.)
    S3 SiSRaid4; C:\Windows\system32\DRIVERS\sisraid4.sys [80464 2009-07-13] (Silicon Integrated Systems)
    S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-13] (Microsoft Corporation)
    R0 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-13] (Microsoft Corporation)
    R3 srv; C:\Windows\System32\DRIVERS\srv.sys [467456 2011-04-28] (Microsoft Corporation)
    R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [410112 2011-04-28] (Microsoft Corporation)
    R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [168448 2011-04-28] (Microsoft Corporation)
    S3 sscdbus; C:\Windows\System32\DRIVERS\sscdbus.sys [136264 2010-11-11] (MCCI Corporation)
    S3 sscdmdfl; C:\Windows\System32\DRIVERS\sscdmdfl.sys [19016 2010-11-11] (MCCI Corporation)
    S3 sscdmdm; C:\Windows\System32\DRIVERS\sscdmdm.sys [172104 2010-11-11] (MCCI Corporation)
    S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [141384 2010-11-11] (MCCI Corporation)
    S3 stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [24656 2009-07-13] (Promise Technology)
    R3 StillCam; C:\Windows\System32\DRIVERS\serscan.sys [12288 2009-07-13] (Microsoft Corporation)
    S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-01-08] ()
    R3 swenum; C:\Windows\system32\drivers\swenum.sys [12496 2009-07-13] (Microsoft Corporation)
    R3 SynTP; C:\Windows\System32\DRIVERS\SynTP.sys [316464 2010-03-11] (Synaptics Incorporated)
    R0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1903552 2014-04-04] (Microsoft Corporation)
    S3 TCPIP6; C:\Windows\System32\DRIVERS\tcpip.sys [1903552 2014-04-04] (Microsoft Corporation)
    R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [45568 2012-10-03] (Microsoft Corporation)
    R3 tdcmdpst; C:\Windows\System32\DRIVERS\tdcmdpst.sys [27784 2009-07-30] (TOSHIBA Corporation.)
    S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-13] (Microsoft Corporation)
    S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2012-02-16] (Microsoft Corporation)
    R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [119296 2014-11-10] (Microsoft Corporation)
    R1 TermDD; C:\Windows\system32\drivers\termdd.sys [63360 2010-11-20] (Microsoft Corporation)
    R0 Thpdrv; C:\Windows\System32\DRIVERS\thpdrv.sys [34880 2009-06-29] (TOSHIBA Corporation)
    R0 Thpevm; C:\Windows\System32\DRIVERS\Thpevm.SYS [14784 2009-06-29] (TOSHIBA Corporation)
    R0 tos_sps64; C:\Windows\System32\DRIVERS\tos_sps64.sys [482384 2010-12-18] (TOSHIBA Corporation)
    S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [39936 2014-07-16] (Microsoft Corporation)
    S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [56832 2013-10-01] (Microsoft Corporation)
    R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2010-11-20] (Microsoft Corporation)
    R0 TVALZ; C:\Windows\System32\DRIVERS\TVALZ_O.SYS [26840 2009-07-14] (TOSHIBA Corporation)
    R2 TVALZFL; C:\Windows\System32\DRIVERS\TVALZFL.sys [14472 2009-06-19] (TOSHIBA Corporation)
    S3 uagp35; C:\Windows\system32\DRIVERS\uagp35.sys [64080 2009-07-13] (Microsoft Corporation)
    S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [328192 2010-11-20] (Microsoft Corporation)
    S3 uliagpkx; C:\Windows\system32\drivers\uliagpkx.sys [64592 2009-07-13] (Microsoft Corporation)
    R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [48640 2010-11-20] (Microsoft Corporation)
    S3 UmPass; C:\Windows\system32\DRIVERS\umpass.sys [9728 2009-07-13] (Microsoft Corporation)
    R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [99840 2013-11-26] (Microsoft Corporation)
    S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [100864 2013-07-12] (Microsoft Corporation)
    R3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [53248 2013-11-26] (Microsoft Corporation)
    R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2013-11-26] (Microsoft Corporation)
    S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2013-11-26] (Microsoft Corporation)
    S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [25088 2009-07-13] (Microsoft Corporation)
    R3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [91648 2011-03-10] (Microsoft Corporation)
    S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [30720 2013-11-26] (Microsoft Corporation)
    R3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [185344 2013-07-12] (Microsoft Corporation)
    R0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-13] (Microsoft Corporation)
    S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-13] (Microsoft Corporation)
    R1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-13] (Microsoft Corporation)
    S3 vhdmp; C:\Windows\system32\drivers\vhdmp.sys [215936 2010-11-20] (Microsoft Corporation)
    S3 viaide; C:\Windows\system32\drivers\viaide.sys [17488 2009-07-13] (VIA Technologies, Inc.)
    R0 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-20] (Microsoft Corporation)
    R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-20] (Microsoft Corporation)
    R0 volsnap; C:\Windows\System32\drivers\volsnap.sys [295808 2010-11-20] (Microsoft Corporation)
    S3 vsmraid; C:\Windows\system32\DRIVERS\vsmraid.sys [161872 2009-07-13] (VIA Technologies Inc.,Ltd)
    R3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [24576 2009-07-13] (Microsoft Corporation)
    R1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [59904 2009-07-13] (Microsoft Corporation)
    R3 vwifimp; C:\Windows\System32\DRIVERS\vwifimp.sys [17920 2009-07-13] (Microsoft Corporation)
    S3 WacomPen; C:\Windows\system32\DRIVERS\wacompen.sys [27776 2009-07-13] (Microsoft Corporation)
    S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-20] (Microsoft Corporation)
    R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-20] (Microsoft Corporation)
    S3 Wd; C:\Windows\system32\DRIVERS\wd.sys [21056 2009-07-13] (Microsoft Corporation)
    R3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [14464 2008-05-06] (Western Digital Technologies)
    R0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785624 2013-06-25] (Microsoft Corporation)
    R3 wdkmd; C:\Windows\System32\DRIVERS\WDKMD.sys [42392 2010-10-23] (Intel Corporation)
    R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-13] (Microsoft Corporation)
    S3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [22096 2009-07-13] (Microsoft Corporation)
    S3 WIMMount; C:\Windows\SysWOW64\drivers\wimmount.sys [19008 2009-07-13] (Microsoft Corporation)
    U3 Winsock; No ImagePath
    R3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [41984 2010-11-20] (Microsoft Corporation)
    S3 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [14336 2009-07-13] (Microsoft Corporation)
    R1 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2009-07-13] (Microsoft Corporation)
    S3 WSDPrintDevice; C:\Windows\System32\DRIVERS\WSDPrint.sys [23040 2009-07-13] (Microsoft Corporation)
    R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [87040 2012-07-25] (Microsoft Corporation)
    R3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [198656 2012-07-25] (Microsoft Corporation)
    S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]
     
  25. lushy

    lushy TS Rookie Topic Starter Posts: 86

    ========================== Drivers MD5 =======================

    C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
    C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
    C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
    C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
    C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
    C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
    C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
    C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
    C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
    C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
    C:\Windows\system32\drivers\appid.sys 90C53BD47979FB8814F465A08B885102
    C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
    C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\blbdrive.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\bpenum.sys 6089E30D7F040A5BC905D42BA1AAF818
    C:\Windows\System32\DRIVERS\bpmp.sys 01B3AF9E0A9800B6A60601CFA35183CE
    C:\Windows\System32\Drivers\bpusb.sys 6BB310C5AC534F5F3E7D76E0B6C8F770
    C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\bridge.sys 5C2F352A4E961D72518261257AAE204B
    C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
    C:\Windows\system32\drivers\BthEnum.sys CF98190A94F62E405C8CB255018B2315
    C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF
    C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4
    C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37
    C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
    C:\Windows\System32\CLFS.sys 404B7DF9CA4D1CB675045AF220FF3285
    C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
    C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\cm_km_w.sys AFA1BFF926592FD0C3AB97D838652EF9
    C:\Windows\System32\Drivers\cng.sys 27667A788130A7F7A5858DE27572E6D7
    C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
    C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\dc3d.sys D06E443457FADC6B1AFAF3AA4B6936F6
    C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
    C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
    C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
    C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868
    C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
    C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
    C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
    C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
    C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
    C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
    C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
    C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
    C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
    C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
    C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
    C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
    C:\Windows\System32\drivers\HTTP.sys F61634BEC53F73702A10DE69F6DCAF57
    C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
    C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\iaStor.sys F7CE9BE72EDAC499B713ECA6DAE5D26F
    C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
    C:\Windows\System32\DRIVERS\igdkmd64.sys 8C44E6B688790E2AD3846C97661C54F1
    C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
    C:\Windows\System32\drivers\RTKVHD64.sys F853DD9ED76B3BC56A42E9C13FE49E4B
    C:\Windows\System32\DRIVERS\IntcDAud.sys FC727061C0F47C8059E88E05D5C8E381
    C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
    C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
    C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
    C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
    C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
    C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
    C:\Windows\System32\DRIVERS\jmcr.sys 7DABE2B788FF1EB32E38838EC189361E
    C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\kl1.sys D93E72DCC2A99E67931BB79485563146
    C:\Windows\System32\DRIVERS\kldisk.sys 885A70560731342CBD0D6BE8A72254B6
    C:\Windows\System32\DRIVERS\klflt.sys DDC9CC7D29254D8886DAFD62E265AE7C
    C:\Windows\System32\DRIVERS\klhk.sys 658ADE6B5345B24D28B84A49495B0CF8
    C:\Windows\System32\DRIVERS\klif.sys E05F3D847556FE0F5F14F46002CD6433
    C:\Windows\System32\DRIVERS\klim6.sys 366A0C2D4AD22E54F1B03DAC4B96E1C4
    C:\Windows\System32\DRIVERS\klkbdflt.sys 8BB0EA085EA9661B9218CCC5011C1CBE
    C:\Windows\System32\DRIVERS\klmouflt.sys 72CF64FBF38CD681FA7F37176047E967
    C:\Windows\System32\DRIVERS\klpd.sys 8C0EC95AD65A0DE3D6C040591D02BF02
    C:\Windows\System32\DRIVERS\kltdi.sys AB3A62C17F342E195AFDA108867E6381
    C:\Windows\System32\DRIVERS\klwtp.sys B699439F46FE914F3F8F60C0AA3148D3
    C:\Windows\System32\DRIVERS\kneps.sys 8FBA7BEF56D0B29FC9FEBF480E8C3902
    C:\Windows\System32\Drivers\ksecdd.sys 063C09DB965E3DFD6F4F08416F6DB8F5
    C:\Windows\System32\Drivers\ksecpkg.sys 1FA627E63195BF3BF636BFEF0D7190D4
    C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\LPCFilter.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
    C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
    C:\windows\system32\drivers\mbamchameleon.sys 68C3B11D1ED8C97648BEEFEC37E93E74
    C:\windows\system32\drivers\mbam.sys CF12E148C6FC151335B7D7FE03F1C7A2
    C:\windows\system32\drivers\36721863.sys E9CD058C79EA15B4AA93E259FA713B07
    C:\windows\system32\drivers\mwac.sys 0CE2F3E26C770CBAEB50787A2C1FD09E
    C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\TeeDriverx64.sys E0EF6C1399A9B1AAA0B28590411BED04
    C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
    C:\Windows\System32\drivers\mountmgr.sys 87BCD1034CBF33537D4D4C251D39BA26
    C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
    C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
    C:\Windows\system32\drivers\mrxdav.sys AE3334958D8F631FF14A0AEB3D7EFB3A
    C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
    C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
    C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
    C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
    C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
    C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
    C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
    C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
    C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
    C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
    C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
    C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
    C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
    C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\NETwsw00.sys 4E5F37A3B67416B999EEBEE5BB6FEF2C
    C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
    C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
    C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\nusb3hub.sys B227E75AD10A142DD326B4CC8D73A6D9
    C:\Windows\System32\DRIVERS\nusb3xhc.sys 55959DB860E4E484681586824D09E52C
    C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
    C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
    C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
    C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
    C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
    C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
    C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
    C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
    C:\Windows\System32\drivers\peauth.sys ED6E75158D28D33A2E2A020AC5B2B59D
    C:\Windows\System32\DRIVERS\pgeffect.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\point64.sys 520D48ECB54A33821C95EE496A4235AF
    C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
    C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
    C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
    C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
    C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
    C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
    C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
    C:\windows\system32\drivers\regi.sys 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6
    C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932
    C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\Rt64win7.sys D787F86566F6EA23053D9C5F401E33B7
    C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS 3289766038DB2CB14D07DC84392138D5
    C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS 58A38E75F3316A83C23DF6173D41F2B5
    C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
    C:\Windows\system32\drivers\sdbus.sys 111E0EBC0AD79CB0FA014B907B231CF0
    C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
    C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
    C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
    C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
    C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
    C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
    C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
    C:\Windows\System32\DRIVERS\sscdbus.sys ED161B91FDF7EAA39469D72D463D5F4E
    C:\Windows\System32\DRIVERS\sscdmdfl.sys 4CB09E77593DBD8D7AF33B37375CA715
    C:\Windows\System32\DRIVERS\sscdmdm.sys C7B4CF53497A6E5363F3439427663882
    C:\Windows\System32\DRIVERS\sscdserd.sys 05FFA552F578E27AB2D41B6828DB477F
    C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\serscan.sys DECACB6921DED1A38642642685D77DAC
    C:\Windows\System32\DRIVERS\SWDUMon.sys F4769CA7C8D24629DBBE6C45A0686F52
    C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\SynTP.sys CE9B5A79AEE330BC7E88C0441E5727BB
    C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
    C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
    C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
    C:\Windows\System32\DRIVERS\tdcmdpst.sys FD542B661BD22FA69CA789AD0AC58C29
    C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
    C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
    C:\Windows\System32\DRIVERS\tdx.sys 70988118145F5F10EF24720B97F35F65
    C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\thpdrv.sys C013F6ACAA9761F571BD28DADA7C157D
    C:\Windows\System32\DRIVERS\Thpevm.SYS B4E609047434ED948AF7BDEF2FA66E38
    C:\Windows\System32\DRIVERS\tos_sps64.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\tssecsrv.sys E232A3B43A894BB327FC161529BD9ED1
    C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
    C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\TVALZ_O.SYS ==> MD5 is legit
    C:\Windows\System32\DRIVERS\TVALZFL.sys 9C7191F4B2E49BFF47A6C1144B5923FA
    C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
    C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
    C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
    C:\Windows\System32\DRIVERS\usbehci.sys 18A85013A3E0F7E1755365D287443965
    C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
    C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
    C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
    C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
    C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
    C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
    C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
    C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
    C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
    C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
    C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
    C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
    C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
    C:\Windows\System32\DRIVERS\wdcsam64.sys ==> MD5 is legit
    C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
     

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...