Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

So I need help with my PC I will start here first.

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

So I need help with my PC I will start here first.

Unread postby vaportrailz » January 31st, 2017, 3:20 am

I recently had an issue with booting into windows 8.1 and by the way there were no explicit instructions in the topic for windows 8.1??? Anyway I was finally able to boot into windows. I am havinf all kinds of problems and don't know where to start so I figured here was as good as any to start. So I read the info and followed what to do and hopefully everything from the FRST will fit in here. I have attached the 2 files that would not fit. Thank you.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-01-2017
Ran by Vapor 2 (administrator) on HOMEOFFICE (30-01-2017 16:34:52)
Running from C:\Users\Janet\Downloads
Loaded Profiles: Vapor 2 (Available Profiles: Vapor 2 & DefaultAppPool)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(Intel Corporation) C:\WINDOWS\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(PC Drivers HeadQuarters LP) C:\Program Files (x86)\Driver Support\svc\DriverSupportAOsvc.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(PC Drivers HeadQuarters LP) C:\Program Files (x86)\Driver Support\svc\DriverSupportAO.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Intel Corporation) C:\WINDOWS\System32\igfxEM.exe
(Intel Corporation) C:\WINDOWS\System32\igfxHK.exe
(Microsoft Corporation) C:\WINDOWS\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\WINDOWS\System32\SettingSyncHost.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\wbem\WmiPrvSE.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRSync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Janet\AppData\Roaming\HP Photo Creations\Communicator.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7666392 2014-12-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1391472 2014-12-11] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe [764544 2012-09-14] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [127616 2012-09-14] (Qualcomm Atheros Commnucations)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-04] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [143888 2012-06-01] (CyberLink Corp.)
HKLM-x32\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-09] ()
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2180680 2017-01-20] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-2419766067-897465512-1457611607-1001\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe [5458704 2009-07-16] (Logitech Inc.)
HKU\S-1-5-21-2419766067-897465512-1457611607-1001\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [44032 2014-10-28] (Microsoft Corporation)
HKU\S-1-5-21-2419766067-897465512-1457611607-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8894680 2016-08-05] (Piriform Ltd)
HKU\S-1-5-21-2419766067-897465512-1457611607-1001\...\MountPoints2: {19538001-eca6-11e3-be94-b8763f90b512} - "E:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-2419766067-897465512-1457611607-1001\...\MountPoints2: {19812951-30b2-11e5-bee2-a41f7275f882} - "F:\windows\AutoRun.exe"
HKU\S-1-5-21-2419766067-897465512-1457611607-1001\...\Winlogon: [Shell] - <==== ATTENTION
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Janet\AppData\Local\Microsoft\OneDrive\17.3.6743.1212_1\amd64\FileSyncShell64.dll [2017-01-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Janet\AppData\Local\Microsoft\OneDrive\17.3.6743.1212_1\amd64\FileSyncShell64.dll [2017-01-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Janet\AppData\Local\Microsoft\OneDrive\17.3.6743.1212_1\amd64\FileSyncShell64.dll [2017-01-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Janet\AppData\Local\Microsoft\OneDrive\17.3.6743.1212_1\FileSyncShell.dll [2017-01-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Janet\AppData\Local\Microsoft\OneDrive\17.3.6743.1212_1\FileSyncShell.dll [2017-01-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Janet\AppData\Local\Microsoft\OneDrive\17.3.6743.1212_1\FileSyncShell.dll [2017-01-18] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2014-07-24]
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
Startup: C:\Users\Janet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8610.lnk [2016-01-27]
ShortcutTarget: Monitor Ink Alerts - HP Officejet Pro 8610.lnk -> C:\Program Files\HP\HP Officejet Pro 8610\bin\HPStatusBL.dll (No File)
Startup: C:\Users\Janet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RocketTab3.1.zip.lnk [2015-04-06]
ShortcutTarget: RocketTab3.1.zip.lnk -> C:\ProgramData\{27ab82c5-3ee8-cd3a-27ab-b82c53ee0b14}\RocketTab3.1.zip.exe (No File)
Startup: C:\Users\Janet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8610.lnk [2016-01-27]
ShortcutTarget: Monitor Ink Alerts - HP Officejet Pro 8610.lnk -> C:\Program Files\HP\HP Officejet Pro 8610\bin\HPStatusBL.dll (No File)
Startup: C:\Users\Janet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RocketTab3.1.zip.lnk [2015-04-06]
ShortcutTarget: RocketTab3.1.zip.lnk -> C:\ProgramData\{27ab82c5-3ee8-cd3a-27ab-b82c53ee0b14}\RocketTab3.1.zip.exe (No File)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-2419766067-897465512-1457611607-1001\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{675728CD-5C35-4E9A-84FE-40A4764BA05F}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{C6317661-4504-43B6-82D2-6B90DFC400DB}: [NameServer] 8.8.8.8,8.8.4.4

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2419766067-897465512-1457611607-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL =
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-2419766067-897465512-1457611607-1001 -> DefaultScope {37E3C407-2C46-468D-B9CC-129B87553529} URL =
SearchScopes: HKU\S-1-5-21-2419766067-897465512-1457611607-1001 -> {37E3C407-2C46-468D-B9CC-129B87553529} URL =
SearchScopes: HKU\S-1-5-21-2419766067-897465512-1457611607-1001 -> {E0DAB97B-D92F-4DF4-8ACA-20C88E161F60} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-01-23] (Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll [2012-09-14] (Qualcomm Atheros Commnucations)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll [2017-01-20] (AVG)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-01-23] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-01-23] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-14] (Oracle Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll [2017-01-20] (AVG)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-15] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-14] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-23] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-23] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-10-11] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-23] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-23] (Microsoft Corporation)
Handler-x32: qbpos - {662E7FAE-5C17-491C-AD9D-98C1F66CC6A0} - C:\WINDOWS\SysWOW64\QBPOSProtocol.dll [2006-09-18] (Intuit Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Janet\AppData\Roaming\Mozilla\Firefox\Profiles\a79gg3hn.default [2017-01-27]
FF user.js: detected! => C:\Users\Janet\AppData\Roaming\Mozilla\Firefox\Profiles\a79gg3hn.default\user.js [2015-07-14]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\a79gg3hn.default -> Search Provided by Yahoo
FF DefaultSearchEngine,S: Mozilla\Firefox\Profiles\a79gg3hn.default -> WebSearch
FF DefaultSearchEngine.US: Mozilla\Firefox\Profiles\a79gg3hn.default -> Search Provided by Yahoo
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\a79gg3hn.default -> WebSearch
FF SearchEngineOrder.1,S: Mozilla\Firefox\Profiles\a79gg3hn.default -> WebSearch
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\a79gg3hn.default -> Search Provided by Yahoo
FF SelectedSearchEngine,S: Mozilla\Firefox\Profiles\a79gg3hn.default -> WebSearch
FF Homepage: Mozilla\Firefox\Profiles\a79gg3hn.default -> hxxps://www.malwarebytes.org/restorebro ... dows%2B8.1
FF Extension: (SilveOSWidget) - C:\Users\Janet\AppData\Roaming\Mozilla\Firefox\Profiles\a79gg3hn.default\Extensions\jid0-8PuBX6ppPYHJ9qopWqHMf11w69g@jetpack.xpi [2015-06-24]
FF Extension: (S3.Google Translator) - C:\Users\Janet\AppData\Roaming\Mozilla\Firefox\Profiles\a79gg3hn.default\Extensions\s3google@translator.xpi [2016-04-23]
FF Extension: (translator) - C:\Users\Janet\AppData\Roaming\Mozilla\Firefox\Profiles\a79gg3hn.default\Extensions\translator@dontfollowme.net.xpi [2015-06-24]
FF Extension: (Quick Translator) - C:\Users\Janet\AppData\Roaming\Mozilla\Firefox\Profiles\a79gg3hn.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2015-06-24]
FF Extension: (NoScript) - C:\Users\Janet\AppData\Roaming\Mozilla\Firefox\Profiles\a79gg3hn.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-04-23]
FF Extension: (Adblock Plus) - C:\Users\Janet\AppData\Roaming\Mozilla\Firefox\Profiles\a79gg3hn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-03-26]
FF SearchPlugin: C:\Users\Janet\AppData\Roaming\Mozilla\Firefox\Profiles\a79gg3hn.default\searchplugins\bing-avast.xml [2014-06-09]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2016-03-24]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [No File]
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [No File]
FF Plugin-x32: @alawar.com/npapi -> C:\WINDOWS\npapi.dll [2013-09-12] (Alawar)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.6\\npsitesafety.dll [No File]
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-19] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-19] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-01-23] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2419766067-897465512-1457611607-1001: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Janet\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-02-02] (RocketLife, LLP)
FF Plugin HKU\S-1-5-21-2419766067-897465512-1457611607-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Janet\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-14] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2419766067-897465512-1457611607-1001: JoongwonGames.com/JWPlugin -> C:\Users\Janet\AppData\Roaming\JWPlugin\Plugin\npJWPlugin.dll [No File]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Profile 2
CHR HomePage: Profile 2 -> hxxp://google.com/
CHR DefaultSearchURL: Profile 2 -> hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=orcl_default
CHR DefaultSearchKeyword: Profile 2 -> Yahoo
CHR DefaultSuggestURL: Profile 2 -> hxxps://search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.885\_platform_specific\win_x86\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\PepperFlash\pepflashplayer.dll => No File
CHR Profile: C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 2 [2017-01-30]
CHR Extension: (Google Docs) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-11]
CHR Extension: (Google Drive) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-11]
CHR Extension: (YouTube) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-11]
CHR Extension: (Google Search) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-11]
CHR Extension: (Adobe Acrobat) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-01-30]
CHR Extension: (Google Docs Offline) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Gmail) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-11]
CHR Extension: (Chrome Media Router) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-14]
CHR Profile: C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 3 [2017-01-30]
CHR Extension: (Google Slides) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-15]
CHR Extension: (Google Docs) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-15]
CHR Extension: (Google Drive) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-15]
CHR Extension: (YouTube) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-15]
CHR Extension: (Adblock Plus) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-15]
CHR Extension: (Google Search) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-15]
CHR Extension: (soulshine) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\enbjgfinbinhckicnbfbmgjhloecioof [2015-11-15]
CHR Extension: (Google Sheets) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-15]
CHR Extension: (Google Docs Offline) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-15]
CHR Extension: (Pin It Button) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2015-11-15]
CHR Extension: (Little Alchemy) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2015-11-15]
CHR Extension: (Skype Click to Call) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-11-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-15]
CHR Extension: (Gmail) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-15]
CHR Profile: C:\Users\Janet\AppData\Local\Google\Chrome\User Data\System Profile [2016-07-03]
CHR HKU\S-1-5-21-2419766067-897465512-1457611607-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kincmhfambjnciidkendiplanfiiemgm] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [aaffhmecfaelkngcbnfdkcckmillnoki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [216192 2012-09-14] (Qualcomm Atheros Commnucations) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3699904 2016-12-28] (Microsoft Corporation)
S4 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [137968 2015-09-22] (Dell Inc.)
S4 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2016-03-10] (Dell Inc.)
S4 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-08-27] (Dell Inc.)
R2 DSAO; C:\Program Files (x86)\driver support\svc\DriverSupportAOsvc.exe [2033104 2016-10-22] (PC Drivers HeadQuarters LP)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
S4 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
S4 Intuit Entitlement Service v3; C:\Program Files (x86)\Common Files\Intuit\Entitlement Client\v3\Server\Intuit.Spc.Map.EntitlementClient.Server.Service.exe [24576 2006-05-24] (Intuit, Inc.) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-19] (Intel Corporation)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S4 PhoneMyPC_Helper; C:\Program Files\SoftwareForMe Inc\PhoneMyPC\PhoneMyPC_Helper.exe [31232 2011-07-15] (SoftwareForMe Inc) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S4 QBPOSDBServiceV6; C:\Program Files (x86)\Intuit\QuickBooks Point of Sale 6.0\DatabaseServer\QBPOSDBServiceV6.exe [1464832 2006-09-18] (Intuit Inc.) [File not signed]
S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
S4 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [292568 2014-12-11] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [2065808 2016-01-04] (SoftThinks SAS)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31704 2016-09-09] (Dell Inc.)
S4 VolumeCtlSrv; C:\Program Files\DELLOSD\VolumeCtlSrv.exe [221696 2012-07-20] (Wistron Corporation) [File not signed]
S2 vToolbarUpdater40.3.6; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.6\ToolbarUpdater.exe [1349704 2017-01-20] (AVG Secure Search)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [980552 2017-01-20] ()
S4 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2012-12-26] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [24240 2016-01-05] (Dell Computer Corporation)
S3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2012-08-04] (OSR Open Systems Resources, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 ITECIRfilter; C:\WINDOWS\system32\DRIVERS\ITECIRfilter.sys [18064 2012-06-20] (ITE Tech. Inc. )
S3 LVPr2M64; C:\WINDOWS\system32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 LVPr2Mon; C:\WINDOWS\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-19] (Intel Corporation)
S3 PQAWRwa; C:\Program Files\DELLOSD\PQAWDrv.sys [12384 2008-03-01] () [File not signed]
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Apple, Inc.) [File not signed]
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 AndnetBus; \SystemRoot\system32\DRIVERS\lgandnetbus64.sys [X]
S3 AndNetDiag; \SystemRoot\system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; \SystemRoot\system32\DRIVERS\lgandnetmodem64.sys [X]
S3 BTATH_LWFLT; \SystemRoot\system32\DRIVERS\btath_lwflt.sys [X]
R3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; \??\c:\program files\dell\supportassist\pcdsrvc_x64.pkms [X]

========================== Drivers MD5 =======================

C:\WINDOWS\System32\drivers\1394ohci.sys E1832BD9FD7E0FC2DC9FA5935DE3E8C1
C:\WINDOWS\System32\drivers\3ware.sys AD508A1A46EC21B740AB31C28EFDFDB1
C:\WINDOWS\System32\drivers\ACPI.sys E796AE43DDD1844281DB4D57294D17C0
C:\WINDOWS\System32\Drivers\acpiex.sys AC8279D229398BCF05C3154ADCA86813
C:\WINDOWS\System32\drivers\acpipagr.sys A8970D9BF23CD309E0403978A1B58F3F
C:\WINDOWS\System32\drivers\acpipmi.sys 111A89C99C5B4F1A7BCE5F643DD86F65
C:\WINDOWS\System32\drivers\acpitime.sys 5758387D68A20AE7D3245011B07E36E7
C:\WINDOWS\System32\drivers\ADP80XX.SYS 7C1FDF1B48298CBA7CE4BDD4978951AD
C:\Windows\SysWow64\drivers\Afc.sys 6CCD1135320109D6B219F1A6E04AD9F6
C:\WINDOWS\system32\drivers\afd.sys A460C3AF3755A2A79A3C8EFE72E147B5
C:\WINDOWS\System32\drivers\agp440.sys 7DFAEBA9AD62D20102B576D5CAC45EC8
C:\WINDOWS\System32\DRIVERS\ahcache.sys FE14D249D39368CA62D8DA6BC94AC694
C:\WINDOWS\System32\drivers\amdk8.sys 7589DE749DB6F71A68489DCE04158729
C:\WINDOWS\System32\drivers\amdppm.sys B46D2D89AFF8A9490FA8C98C7A5616E3
C:\WINDOWS\System32\drivers\amdsata.sys D2BF2F94A47D332814910FD47C6BBCD2
C:\WINDOWS\System32\drivers\amdsbs.sys A8E04943C7BBA7219AA50400272C3C6E
C:\WINDOWS\System32\drivers\amdxata.sys CEA5F4F27CFC08E3A44D576811B35F50
C:\WINDOWS\system32\drivers\appid.sys 415DD71628795197F7AFC176CBADC74E
C:\WINDOWS\System32\drivers\arcsas.sys 65045784366F7EC5FB4E71BCF923187B
C:\WINDOWS\System32\drivers\atapi.sys 74B14192CF79A72F7536B27CB8814FBD
C:\WINDOWS\system32\DRIVERS\athw8x.sys 2C7676F892E88FD190F08D98048C7C6C
C:\WINDOWS\System32\drivers\bxvbda.sys A4A73F631FE2AA2826FBE4A399B04DEF
C:\WINDOWS\System32\drivers\BasicDisplay.sys 8CC7F7E4AFCBA605921B137ED7992C68
C:\WINDOWS\System32\drivers\BasicRender.sys 38A82F4EE8C416A6744B6D30381ED768
C:\WINDOWS\System32\drivers\bcmfn2.sys C1ABB0F7E3BEA48A0417BDF6FF14AB21
C:\Windows\System32\Drivers\Beep.sys EC19013E4CF87609534165DF897274D6
C:\WINDOWS\System32\DRIVERS\bowser.sys 4938A9236300A356F97E378491EE4844
C:\WINDOWS\system32\DRIVERS\BrSerIb.sys 63A00CDBEB300522C49EC7CA77324060
C:\WINDOWS\system32\DRIVERS\BrUsbSIb.sys BBCFD6C6EF66449F55AF1BFDB08C9B12
C:\WINDOWS\system32\DRIVERS\btfilter.sys 25B35FDD5FE5666DC49CCC0BC6A9AD81
C:\WINDOWS\System32\drivers\BthAvrcpTg.sys A8F23D453A424FF4DE04989C4727ECC7
C:\WINDOWS\System32\drivers\BthEnum.sys 12418846B057E4F92FC621F5C6CF737D
C:\WINDOWS\System32\drivers\bthhfenum.sys 272A62B660A48AEF366F8A1836CED19F
C:\WINDOWS\System32\drivers\BthHFHid.sys 71FE2A48E4C93DDB9798C024880B6C07
C:\WINDOWS\System32\drivers\BthLEEnum.sys D30C67473A2E229662D21F27EAA9AAA5
C:\WINDOWS\System32\drivers\bthmodem.sys 07E33226AD218A2A162662A05CAFB52F
C:\WINDOWS\System32\drivers\bthpan.sys FEA8FC81431AD93F44D5FBFBBF096AA7
C:\WINDOWS\System32\Drivers\BTHport.sys B810B2B39CCA90DC6BF42AF1658AE0D1
C:\WINDOWS\System32\Drivers\BTHUSB.sys 52A1B7ECAB4C9EF70FD41241691E09D3
C:\WINDOWS\System32\DRIVERS\cdfs.sys 2FA6510E33F7DEFEC03658B74101A9B9
C:\WINDOWS\System32\drivers\cdrom.sys C6796EA22B513E3457514D92DCDB1A3D
C:\WINDOWS\System32\drivers\circlass.sys BE9936EDD3267FAAFF94A7835867F00B
C:\WINDOWS\System32\drivers\CLFS.sys 9DA497AEAF35AA7BF7710132FC2A9906
C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys 075CCE75090786F124573A788C8656E6
C:\WINDOWS\System32\drivers\CmBatt.sys EF6EF85DADC3184A10D8F2F7159973CB
C:\WINDOWS\System32\Drivers\cng.sys EFC79D3224D19FD926FFEA0A24729FEF
C:\WINDOWS\System32\drivers\CompositeBus.sys 03AAED827C36F35D70900558B8274905
C:\WINDOWS\System32\drivers\condrv.sys A1FF7DFBFBE164CF92603C651D304DD2
C:\WINDOWS\System32\drivers\dam.sys 389C998C64319CD97625B0550E52ECFA
C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys B56714DED87E29377F1EE930691DADA2
C:\WINDOWS\system32\drivers\DellProf.sys DC3BD578642252FD9569B9CD75CEF81E
C:\WINDOWS\System32\drivers\DellRbtn.sys DC253191A553DACA7684CFB5B03A4268
C:\WINDOWS\System32\Drivers\dfsc.sys FBFF94FC1FE0699A6BC5ACE270AB9EA1
C:\WINDOWS\system32\DRIVERS\ssudbus.sys 9593475FBC857A05D93BFF4FA7323C2B
C:\WINDOWS\System32\drivers\disk.sys 8B1E62881D5AC68E673CD94B136B34AC
C:\WINDOWS\System32\drivers\dmvsc.sys EB70A894708D1BC176AFD690FF06085F
C:\WINDOWS\system32\DRIVERS\Dot4.sys 27069CFFF29B7F04F4B1BB10154BE52B
C:\WINDOWS\System32\drivers\Dot4Prt.sys 0BD906A79F9CE3013F7D9D0AC45F9F9D
C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys B1C63BBF395499AD3BFB64A4F2FA0CE4
C:\WINDOWS\system32\DRIVERS\dot4usb.sys B7D595F2F464F7B628AD53F06547792C
C:\WINDOWS\system32\drivers\drmkaud.sys 00C594D5A1DBD22AD8B2902B9F6EFF94
C:\WINDOWS\System32\drivers\dxgkrnl.sys F74B839FA0F4E6060CA1DA6B8DA17941
C:\WINDOWS\System32\drivers\evbda.sys 114BCFDF367FF37C3F1B0A96AF542E4D
C:\WINDOWS\System32\drivers\EhStorClass.sys 43531A5993380CC5113242C29D265FD9
C:\WINDOWS\System32\drivers\EhStorTcgDrv.sys 6F8E738A9505A388B1157FDDE7B3101B
C:\WINDOWS\System32\drivers\errdev.sys DFFFAE1442BA4076E18EED5E406FA0D3
C:\Windows\System32\Drivers\exfat.sys 7729D294A555C7AEB281ED8E4D0E01E4
C:\Windows\System32\Drivers\fastfat.sys 7C4E0D5900B2A1D11EDD626D6DDB937B
C:\WINDOWS\System32\drivers\fdc.sys 5D8402613E778B3BD45E687A8372710B
C:\WINDOWS\System32\drivers\fileinfo.sys BCFD8B149B3ADF92D0DB1E909CAF0265
C:\WINDOWS\System32\drivers\filetrace.sys A1A66C4FDAFD6B0289523232AFB7D8AF
C:\WINDOWS\System32\drivers\flpydisk.sys BE743083CF7063C486A4398E3AEFE59A
C:\WINDOWS\System32\drivers\fltmgr.sys C1FB505A73FA2E9019D32444AB33B75A
C:\WINDOWS\System32\drivers\FsDepends.sys A7C31B168F371E8E6796219F23E354DB
C:\Windows\System32\Drivers\Fs_Rec.sys 09F460AFEDCA03F3BF6E07D1CCC9AC42
C:\WINDOWS\System32\DRIVERS\fvevol.sys D4AB6EE3D715BC44C00277FD934FAACF
C:\WINDOWS\System32\drivers\fxppm.sys 9591D0B9351ED489EAFD9D1CE52A8015
C:\WINDOWS\System32\drivers\gagp30kx.sys FC3EF65EE20D39F8749C2218DBA681CA
C:\WINDOWS\System32\drivers\vmgencounter.sys 0BF5CAD281E25F1418E5B8875DC5ADD1
C:\WINDOWS\System32\Drivers\msgpioclx.sys 8DF1254093B5C354CE725EB6B9B0DE19
C:\WINDOWS\system32\drivers\HdAudio.sys 56F69F7C25FB67C970997D7066DBC593
C:\WINDOWS\System32\drivers\HDAudBus.sys D4B7ED39C7900384D9E5C1283F1E7926
C:\WINDOWS\System32\drivers\HidBatt.sys 10A70BC1871CD955D85CD88372724906
C:\WINDOWS\System32\drivers\hidbth.sys 42F88B57CAE42FC10059C887B3FCFCEA
C:\WINDOWS\System32\drivers\hidi2c.sys C241A8BAFBBFC90176EA0F5240EACC17
C:\WINDOWS\System32\drivers\hidir.sys 9BDDEE26255421017E161CCB9D5EDA95
C:\WINDOWS\System32\drivers\hidusb.sys 49676FEC898AB2A11B157F848269A56E
C:\WINDOWS\System32\drivers\HpSAMD.sys A6AACEA4C785789BDA5912AD1FEDA80D
C:\WINDOWS\System32\drivers\HTTP.sys 76A6FDA32A21515B67633497D8FDB1E4
C:\WINDOWS\System32\drivers\hwpolicy.sys 90656C0B3864804B090434EFC582404F
C:\WINDOWS\System32\drivers\hyperkbd.sys 6D6F9E3BF0484967E52F7E846BFF1CA1
C:\WINDOWS\system32\DRIVERS\HyperVideo.sys 907C870F8C31F8DDD6F090857B46AB25
C:\WINDOWS\System32\drivers\i8042prt.sys 49EE0AE9E5B64FFBBD06D55C4984B598
C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys 5D90E32E36CE5D4C535D17CE08AEAF05
C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys DD05E7E80F52ADE9AEB292819920F32C
C:\WINDOWS\System32\drivers\iaStorAV.sys 08BFE413B0B4AA8DFA4B5684CE06D3DC
C:\WINDOWS\System32\drivers\iaStorV.sys A2200C3033FA4EF249FC096A7A7D02A2
C:\WINDOWS\system32\DRIVERS\igdkmd64.sys CEFA6BDB4789F3DA003ACBDCC64F5877
C:\WINDOWS\system32\drivers\intelaud.sys B1F193AB8FB72E9FC34B3A39314ED872
C:\WINDOWS\system32\drivers\RTKVHD64.sys CC279B89A16615B8DD13422544F6B478
C:\WINDOWS\System32\drivers\intelide.sys 4E448FCFFD00E8D657CD9E48D3E47157
C:\WINDOWS\System32\drivers\intelpep.sys 7AA01AB1C110916825E6E1389F1B9AF2
C:\WINDOWS\System32\drivers\intelppm.sys 47E74A8E53C7C24DCE38311E1451C1D9
C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys 9DB76D7F9E4E53EFE5DD8C53DE837514
C:\WINDOWS\System32\drivers\IPMIDrv.sys C800DCD904016B2BF6AB541083770A3A
C:\WINDOWS\System32\drivers\ipnat.sys B7342B3C58E91107F6E946A93D9D4EFD
C:\WINDOWS\System32\drivers\irenum.sys AE44C526AB5F8A487D941CEB57B10C97
C:\WINDOWS\System32\drivers\isapnp.sys 8AFEEA3955AA43616A60F133B1D25F21
C:\WINDOWS\System32\drivers\msiscsi.sys AD3C1F4BD9167420F04052FDA197CF29
C:\WINDOWS\system32\DRIVERS\itecir.sys 7940C1782C703D8305F81B0449072B7B
C:\WINDOWS\system32\DRIVERS\ITECIRfilter.sys 0C70C2127D01CAD333DDF5EFE4B308AB
C:\WINDOWS\System32\drivers\iwdbus.sys DD1F43B86AD84E53203F92FD3EF3AEB6
C:\WINDOWS\System32\drivers\kbdclass.sys 5917AFE4A3F695A54B99C1849C8207FE
C:\WINDOWS\System32\drivers\kbdhid.sys 8CD840A062F6BDF41DDE3ACB96164B72
C:\WINDOWS\system32\DRIVERS\kdnic.sys 813871C7D402A05F2E3A7075F9584A05
C:\WINDOWS\System32\Drivers\ksecdd.sys 304DA394D958BC3B62AF6DF514005B01
C:\WINDOWS\System32\Drivers\ksecpkg.sys 3D4AE520CD6F6FFE549DD195C1F515BE
C:\WINDOWS\system32\drivers\ksthunk.sys 11AFB527AA370B1DAFD5C36F35F6D45F
C:\WINDOWS\system32\DRIVERS\lltdio.sys C09010B3680860131631F53E8FE7BAD8
C:\WINDOWS\System32\drivers\lsi_sas.sys C755AE4635457AA2A11F79C0DF857ABC
C:\WINDOWS\System32\drivers\lsi_sas2.sys ADAC09CBE7A2040B7F68B5E5C9A75141
C:\WINDOWS\System32\drivers\lsi_sas3.sys 04D1274BB9BBCCF12BD12374002AA191
C:\WINDOWS\System32\drivers\lsi_sss.sys 327469EEF3833D0C584B7E88A76AEC0C
C:\WINDOWS\system32\drivers\luafv.sys DDEE191AB32DFC22C6465002ECDF5EE4
C:\WINDOWS\system32\DRIVERS\lv302a64.sys 4A503882318BB2F59218D401614E6AF6
C:\WINDOWS\system32\DRIVERS\LVPr2M64.sys DED333DBDBBCC3555A6E6244522E2F1A
C:\WINDOWS\System32\DRIVERS\LVPr2M64.sys DED333DBDBBCC3555A6E6244522E2F1A
C:\WINDOWS\system32\DRIVERS\lvrs64.sys 125AE13C293889001B8456CF3EB04A40
C:\WINDOWS\system32\DRIVERS\LVUSBS64.sys 5C3FF68267A5D242EE79EE01B993D6CE
C:\WINDOWS\System32\drivers\megasas.sys EB5C03A070F30D64A6DF80E53B22F53F
C:\WINDOWS\System32\drivers\megasr.sys F6F13533196DE7A582D422B0241E4363
C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys 18B9AD128EC84E8D16A83F70CF36594F
C:\WINDOWS\System32\drivers\modem.sys 8B38C44F69259987C95135C9627E2378
C:\WINDOWS\System32\drivers\monitor.sys 601589000CC90F0DF8DA2CC254A3CCC9
C:\WINDOWS\System32\drivers\mouclass.sys 08374E4E5B8914DE6067CBA99F61E930
C:\WINDOWS\System32\drivers\mouhid.sys 5FCBAB60598AE119E02B4C27DE6B99EA
C:\WINDOWS\System32\drivers\mountmgr.sys 24DABC0A77FAFDC0E379AB3B30F61BB6
C:\WINDOWS\System32\drivers\mpsdrv.sys 6FC047578785B0435F4E2660946D1ADC
C:\WINDOWS\system32\drivers\mrxdav.sys 3F818C1518DA702C8F10259095C9BDE0
C:\WINDOWS\System32\DRIVERS\mrxsmb.sys C3B0566DE49265AE98405825938C20A1
C:\WINDOWS\System32\DRIVERS\mrxsmb10.sys 15D7AF1A26CCEBA32DF21A8E2098F463
C:\WINDOWS\System32\DRIVERS\mrxsmb20.sys 0790EEB1EC199F8BE8259E47B373ED23
C:\WINDOWS\system32\DRIVERS\bridge.sys F3C060444777A59FC63D920719E43CCD
C:\Windows\System32\Drivers\Msfs.sys D13329FBF8345B28AB30F44CC247DC08
C:\WINDOWS\System32\drivers\msgpiowin32.sys C6B474E46F9E543B875981ED3FFE6ADD
C:\WINDOWS\System32\drivers\mshidkmdf.sys 65C92EB9D08DB5C69F28C7FFD4E84E31
C:\WINDOWS\System32\drivers\mshidumdf.sys 52299F086AC2DAFD100DD5DC4A8614BA
C:\WINDOWS\System32\drivers\msisadrv.sys 36D92AF3343C3A3E57FEF11C449AEA4C
C:\WINDOWS\system32\drivers\MSKSSRV.sys A9BBBD2BAE6142253B9195E949AC2E8D
C:\WINDOWS\system32\DRIVERS\mslldp.sys 51B3AC0560848CD6D65AC2033E293113
C:\WINDOWS\system32\drivers\MSPCLOCK.sys 7B2128EB875DCBC006E6A913211006D6
C:\WINDOWS\system32\drivers\MSPQM.sys 1E88171579B218115C7A772F8DE04BD8
C:\Windows\System32\Drivers\MsRPC.sys BBE2A455053E63BECBF42C2F9B21FAE0
C:\WINDOWS\System32\drivers\mssmbios.sys 8D6B7D515C5CBCDB75B928A0B73C3C5E
C:\WINDOWS\system32\drivers\MSTEE.sys 115019AE01E0EB9C048530D2928AB4A2
C:\WINDOWS\System32\drivers\MTConfig.sys 96D604A35070360F0DD4A7A8AF410B5E
C:\WINDOWS\System32\Drivers\mup.sys 438EA7A2D8D4F9B8AFB64748ACA70BA8
C:\WINDOWS\System32\drivers\mvumis.sys B8C35C94DCB2DFEAF03BB42131F2F77F
C:\WINDOWS\system32\DRIVERS\nwifi.sys 008F7CED69FD5B30CBDE1E03C6F36A27
C:\WINDOWS\System32\drivers\ndis.sys 97DC5967F65503213FD1F1B3E4A6F983
C:\WINDOWS\system32\DRIVERS\ndiscap.sys 8CECC8DA55F3274181FD1EA28AD76664
C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys 269882812E9A68FFF1AFE1283D428322
C:\WINDOWS\system32\DRIVERS\ndistapi.sys DC1D9F692C2AD84C214584C28501C1F7
C:\WINDOWS\system32\DRIVERS\ndisuio.sys B832B35055BA2B7B4181861FF94D8E59
C:\WINDOWS\System32\drivers\NdisVirtualBus.sys 1F58E48EF75F34C35D8E93A0DC535CFE
C:\WINDOWS\system32\DRIVERS\ndiswan.sys C3755FCF9A0B5C6FE8ED9E873B85D3CE
C:\WINDOWS\system32\DRIVERS\ndiswan.sys C3755FCF9A0B5C6FE8ED9E873B85D3CE
C:\Windows\System32\Drivers\NDProxy.sys B8F36CBC72FC5C8B8A30AD850165EA8E
C:\WINDOWS\System32\drivers\Ndu.sys 3083926D1CC5B56EA0786527B557DD1B
C:\WINDOWS\System32\DRIVERS\netbios.sys 42FF4975D032CAE558AE4BB8448F6E5A
C:\WINDOWS\System32\DRIVERS\netbt.sys 9DC17B7D9D84C37C102D379FCC7D4942
C:\WINDOWS\System32\drivers\netvsc63.sys D4DCE03870314D3354F3501F9DDD4123
C:\Windows\System32\Drivers\Npfs.sys 8F44A2F57C9F1A19AC9C6288C10FB351
C:\WINDOWS\System32\drivers\npsvctrig.sys CBDB4F0871C88DF930FC0E8588CA67FC
C:\WINDOWS\System32\drivers\nsiproxy.sys 0E046FF5823B95326D10CF1B4AF23541
C:\Windows\System32\Drivers\Ntfs.sys 9980B262DBE439AE6BDC91AA985F19EE
C:\Windows\System32\Drivers\Null.sys EF1B290FC9F0E47CC0B537292BEE5904
C:\WINDOWS\System32\drivers\nvraid.sys BC6B5942AFF25EBAF62DE43C3807EDF8
C:\WINDOWS\System32\drivers\nvstor.sys 1F43ABFFAC3D6CA356851D517392966E
C:\WINDOWS\System32\drivers\nv_agp.sys 6934A936A7369DFE37B7DBA93F5E5E49
C:\WINDOWS\System32\drivers\parport.sys 57DCE4FB0467986AE78E1C6FC5240D32
C:\WINDOWS\System32\drivers\partmgr.sys BAFF6122CFC9F95CA175AD8C348179A4
C:\WINDOWS\System32\drivers\pci.sys 91ED124E261EA8FAA1C0FFDF2A71B0C4
C:\WINDOWS\System32\drivers\pciide.sys 346E38FCC6859A727DD28AFAD1F0AFF4
C:\WINDOWS\System32\drivers\pcmcia.sys 4D3BDCC1C7B40C9D7B6AD990E6DEC397
C:\WINDOWS\System32\drivers\pcw.sys BF28771D1436C88BE1D297D3098B0F7D
C:\WINDOWS\System32\drivers\pdc.sys ED54A75050211DC77F9B98C41E026858
C:\WINDOWS\System32\drivers\peauth.sys 0ECEE590F2E2EF969FB74A6FC583A1E6
C:\WINDOWS\system32\DRIVERS\LV302V64.SYS AE0B94363DA0F60D42B9D05B352F61ED
C:\Program Files\DELLOSD\PQAWDrv.sys 3191D910590F6210089498F536CFC25F
C:\WINDOWS\System32\drivers\processr.sys ECD373F9571C745894367CC2635EA44F
C:\WINDOWS\system32\DRIVERS\pacer.sys FC0141B4A5AD6D637D883C1A89FC45C5
C:\WINDOWS\system32\drivers\qwavedrv.sys 83868EB2924E6BC21A54337C65D614D1
C:\WINDOWS\System32\DRIVERS\rasacd.sys B337B1F1E82A83E20A1743E008E25C0F
C:\WINDOWS\system32\DRIVERS\raspppoe.sys 5247F308C4103CDC4FE12AE1D235800A
C:\WINDOWS\system32\DRIVERS\rassstp.sys 41F631007A158FEBB67F0E2AD1601BBA
C:\WINDOWS\System32\DRIVERS\rdbss.sys D67ED4AB59D1EF66B05AD1A81AC28B26
C:\WINDOWS\System32\drivers\rdpbus.sys 6B21EBF892CD8CACB71669B35AB5DE32
C:\WINDOWS\System32\drivers\rdpdr.sys 680C1DAE268B6FB67FA21B389A8B79EF
C:\WINDOWS\System32\drivers\rdpvideominiport.sys BC8A79C625568DDB7DCA49D0C2741A64
C:\WINDOWS\System32\drivers\rdyboost.sys A26AEC49F318FEE141DDDB2C5F99B3E6
C:\Windows\System32\Drivers\ReFS.sys 2D39BCFA4DD1081B8F282B623456B858
C:\WINDOWS\System32\drivers\rfcomm.sys DC66AE45816614D2999DCD3834DCCC4E
C:\WINDOWS\system32\DRIVERS\rspndr.sys 2D05A5508F4685412F2B89E8C2189ABC
C:\WINDOWS\system32\DRIVERS\Rt630x64.sys 19764658C1468C2C0CEF133D28414A6B
C:\WINDOWS\System32\drivers\vms3cap.sys 1A063730F221B2746FF00457AE17E4F0
C:\WINDOWS\System32\drivers\sbp2port.sys C624A1B32211C3166EDB3F4AB02A30B7
C:\WINDOWS\System32\DRIVERS\scfilter.sys 13BEA6C882D4D877A5A85CA149C86BC1
C:\WINDOWS\System32\drivers\sdbus.sys C54B6B2170BF628FD42F799A66956D75
C:\WINDOWS\System32\drivers\sdstor.sys 0B1E929D11A8E358106955603FAC65E8
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\WINDOWS\System32\drivers\SerCx.sys DB2FF24CE0BDD15FE75870AFE312BA89
C:\WINDOWS\System32\drivers\SerCx2.sys 0044B31F93946D5D41982314381FE431
C:\WINDOWS\System32\drivers\serenum.sys 1F0135949A6AD6025F363F80FE268251
C:\WINDOWS\System32\drivers\serial.sys 81633C87B42B63BA484A6177179AC750
C:\WINDOWS\System32\drivers\sermouse.sys 148195AE95D9BC7375A08846439FDAC1
C:\WINDOWS\System32\drivers\sfloppy.sys 472B7A5AC181C050888DB454663DD764
C:\WINDOWS\System32\drivers\SiSRaid2.sys 2F518D13DD6F3053837FE606F1A2EA1F
C:\WINDOWS\System32\drivers\sisraid4.sys 1AC9A200A9C49C4508F04AAFFCA34A3F
C:\WINDOWS\System32\drivers\spaceport.sys 546B88E6906EE9813EFE314DC95E3488
C:\WINDOWS\System32\drivers\SpbCx.sys F337BE11071818FC3F5DC2940B6BDE34
C:\WINDOWS\System32\DRIVERS\srv.sys 36B082C7A764A34FB1DC72D975870B61
C:\WINDOWS\System32\DRIVERS\srv2.sys F5849909D4B29B4E3D4445F943E5C7E3
C:\WINDOWS\System32\DRIVERS\srvnet.sys FABC49666708EA562549E78E6FBF3191
C:\WINDOWS\system32\DRIVERS\ssudmdm.sys 592FF34A2FD6C6351B8A3AA76B2C0A9E
C:\WINDOWS\System32\drivers\stexstor.sys 366DEA74BBA65B362BCCFC6FC2ADFD8B
C:\WINDOWS\System32\drivers\storahci.sys 0ED2E318ABB68C1A35A8B8038BDB4C90
C:\WINDOWS\System32\drivers\vmstorfl.sys 8B9486B64E5FC17FB9CC04CA10B77A34
C:\WINDOWS\System32\drivers\stornvme.sys 0EDD1F4D470C775740625B06A60C9DD5
C:\WINDOWS\System32\drivers\storvsc.sys 548759755BC73DAD663250239D7E0B9F
C:\WINDOWS\System32\drivers\swenum.sys 65454187E0F8B6C0DCECB0287D06EC43
C:\WINDOWS\System32\drivers\tcpip.sys 2F10C145F517419E17203632FCDA0A13
C:\WINDOWS\system32\DRIVERS\tcpip.sys 2F10C145F517419E17203632FCDA0A13
C:\WINDOWS\System32\drivers\tcpipreg.sys 41CF802064F72E55F50CA0A221FD36D4
C:\WINDOWS\system32\DRIVERS\tdx.sys E0BD2D83875464FEEEB242CBA8B7E073
C:\WINDOWS\System32\drivers\terminpt.sys 232D185D2337F141311D0CF1983E1431
C:\WINDOWS\system32\drivers\tpm.sys 80A2FC1A089A71F2DBE5D8394FFB009F
C:\WINDOWS\System32\drivers\tsusbflt.sys BF8F54CA37E9C9D6582C31C5761F8C93
C:\WINDOWS\System32\drivers\TsUsbGD.sys 20185BEB7512EDE4EFECDFA148AC9F99
C:\WINDOWS\system32\DRIVERS\tunnel.sys E85916632CD3B9E9B546968DB950BF42
C:\WINDOWS\System32\drivers\uagp35.sys F6EEAD052943B5A3104C1405BB856C54
C:\WINDOWS\System32\drivers\uaspstor.sys FE6067B1FD4E63650C667B33D080565B
C:\WINDOWS\System32\drivers\ucx01000.sys 807F8CF3E973305FC435C61CBBEE2A49
C:\WINDOWS\System32\DRIVERS\udfs.sys C61EAF8E1E4B2F62BA4FDF457440B2C6
C:\WINDOWS\System32\drivers\UEFI.sys 9578691F297E1B1F519970FE6D47CB21
C:\WINDOWS\System32\drivers\uliagpkx.sys 5EAB5117DDB24FC4D39E6FFFCF1837B9
C:\WINDOWS\System32\drivers\umbus.sys DA34C39A18E60E7C3FA0630566408034
C:\WINDOWS\System32\drivers\umpass.sys AE8294875E5446E359B1E8035D40C05E
C:\WINDOWS\System32\Drivers\usbaapl64.sys F957092C63CD71D85903CA0D8370F473
C:\WINDOWS\system32\drivers\usbaudio.sys DF355EB0199198728027962DCFCDE5FB
C:\WINDOWS\System32\drivers\usbccgp.sys FF78D053A05E5A394F4E3C1816CC65A8
C:\WINDOWS\System32\drivers\usbcir.sys 0139248F6B95CF0D837B5B46A2722D40
C:\WINDOWS\System32\drivers\usbehci.sys C996CBEF922B5653A01E3F50DDCE2F86
C:\WINDOWS\System32\drivers\usbhub.sys CD81683F4553677B9BF5163A922153EB
C:\WINDOWS\System32\drivers\UsbHub3.sys 5C90D5379B53590FBB24BBAD4FA682EE
C:\WINDOWS\System32\drivers\usbohci.sys A0F0484C97D6441ED6A75D7426ECCC9E
C:\WINDOWS\System32\drivers\usbprint.sys 4D655E3B684BE9B0F7FFD8A2935C348C
C:\WINDOWS\System32\drivers\usbscan.sys 0F030491BA4A27BD46F8B8ACEEE83F1A
C:\WINDOWS\System32\drivers\USBSTOR.SYS 9D168BFA334D47BE404367EB58D4E130
C:\WINDOWS\System32\drivers\usbuhci.sys FC974B03C8B87455F44F734C8F31A3C8
C:\WINDOWS\System32\Drivers\usbvideo.sys 5C8F604F6DC74177CDD8372D7B1ADFF0
C:\WINDOWS\System32\drivers\USBXHCI.SYS 44603DA5A87FB491EF59C889EBBB4DDB
C:\WINDOWS\system32\DRIVERS\usb8023x.sys 3CAAB947B1F247A570DE15983BEDEBCF
C:\WINDOWS\System32\drivers\vdrvroot.sys FEB26E3B8345A7E8D62F945C4AE86562
C:\WINDOWS\System32\drivers\VerifierExt.sys A026EDEAA5EECAE0B08E2748B616D4BD
C:\WINDOWS\System32\drivers\vhdmp.sys 8ABB4BABF59F092DF0B43778D8FD1884
C:\WINDOWS\System32\drivers\viaide.sys 06D38968028E9AB19DE9B618C7B6D199
C:\WINDOWS\System32\drivers\vmbus.sys 511AD3FF957A0127E6BD336FF6F89C38
C:\WINDOWS\System32\drivers\VMBusHID.sys DA40BEA0A863CE768C940CA9723BF81F
C:\WINDOWS\System32\drivers\volmgr.sys 436E1A724E7E683F6B612D3D58F04241
C:\WINDOWS\System32\drivers\volmgrx.sys CCB9E901F7254BF96D28EB1B0E5329B7
C:\WINDOWS\System32\drivers\volsnap.sys 17F7B0F2298D97F4B6C7A69511033D3D
C:\WINDOWS\System32\drivers\vpci.sys DAC438FB5FF85A9E72806E2341D5D732
C:\WINDOWS\System32\drivers\vsmraid.sys 4539F45F9F4C9757A86A56C949421E07
C:\WINDOWS\System32\drivers\vstxraid.sys 0849B7260F26FE05EA56DED0672E2F4B
C:\WINDOWS\System32\drivers\vwifibus.sys 71066FF95C487327E44C8AF1B72EBE8B
C:\WINDOWS\system32\DRIVERS\vwififlt.sys 29AB43937FFDA0B0FB56984226E698C6
C:\WINDOWS\system32\DRIVERS\vwifimp.sys 8B8624A93E3F88CB923AEB05B6313227
C:\WINDOWS\System32\drivers\wacompen.sys 0910AB9ED404C1434E2D0376C2AD5D8B
C:\WINDOWS\System32\drivers\WdBoot.sys 81285DDC994F03379DB46419300B2DCB
C:\WINDOWS\System32\drivers\Wdf01000.sys CB6C63FF8342B467E2EF76E98D5B934D
C:\WINDOWS\System32\drivers\WdFilter.sys 26B8FED3F3B85F5F0C4BD03FD00B9941
C:\WINDOWS\System32\Drivers\WdNisDrv.sys CE67080F00E0AF32755096CEA6430ABA
C:\WINDOWS\System32\DRIVERS\wfplwfs.sys 715ABA3DD164D06457A2A3C92F6EA9D5
C:\WINDOWS\System32\drivers\wimmount.sys 5F66B7BB330AA80067FC66149A692620
C:\WINDOWS\System32\drivers\WinUsb.sys 3AF1FA17F1C4ACBDB660D8F98B1A9C13
C:\WINDOWS\System32\drivers\wmiacpi.sys 2834D9D3B4F554A39C72F00EA3F0E128
C:\Windows\System32\Drivers\Wof.sys 7FC5667DF73D4B04AA457CC3A4180E09
C:\WINDOWS\System32\DRIVERS\wpcfltr.sys A2468CC3509394A33C4C32F99563D845
C:\WINDOWS\System32\drivers\WpdUpFltr.sys 9F2904B55F6CECCD1A8D986B5CE2609A
C:\WINDOWS\system32\drivers\ws2ifsl.sys AE072B0339D0A18E455DC21666CAD572
C:\WINDOWS\System32\drivers\WSDPrint.sys F586F3F1BF962FE9AE4316E0D896B22F
C:\WINDOWS\system32\DRIVERS\WSDScan.sys 58035FD3369879E02D65989C44D27450
C:\WINDOWS\System32\drivers\WudfPf.sys 481286719402E4BAEFEA0604AB1B5113
C:\WINDOWS\System32\drivers\WUDFRd.sys D7B4859227B02BCC1055B279A63C937F
C:\WINDOWS\System32\drivers\WUDFRd.sys D7B4859227B02BCC1055B279A63C937F
C:\WINDOWS\System32\drivers\WUDFRd.sys D7B4859227B02BCC1055B279A63C937F

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-30 16:34 - 2017-01-30 16:35 - 00053091 _____ C:\Users\Janet\Downloads\FRST.txt
2017-01-30 16:33 - 2017-01-30 16:34 - 00000000 ____D C:\FRST
2017-01-30 16:33 - 2017-01-30 16:33 - 02420736 _____ (Farbar) C:\Users\Janet\Downloads\FRST64.exe
2017-01-28 13:39 - 2017-01-28 14:07 - 00064898 _____ C:\WINDOWS\ntbtlog.txt
2017-01-28 09:46 - 2017-01-28 09:46 - 00497432 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-01-27 20:48 - 2017-01-30 16:11 - 00000000 ____D C:\Users\Janet\AppData\Local\ElevatedDiagnostics
2017-01-27 20:47 - 2017-01-27 20:47 - 00165671 _____ C:\Users\Janet\Downloads\latestwu.diagcab
2017-01-27 20:47 - 2017-01-27 20:47 - 00165671 _____ C:\Users\Janet\Downloads\latestwu (1).diagcab
2017-01-26 10:16 - 2017-01-26 10:16 - 00066744 _____ C:\Users\Janet\Desktop\vp222.pdf
2017-01-26 09:03 - 2017-01-27 16:14 - 00004974 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for HOMEOFFICE-Vapor 2 HomeOffice
2017-01-26 08:49 - 2017-01-26 08:49 - 03666416 _____ (Microsoft Corporation) C:\Users\Janet\Downloads\gkall2013-kb2760544-fullfile-x64-glb.exe
2017-01-26 08:42 - 2017-01-26 08:43 - 460681368 _____ (Microsoft Corporation) C:\Users\Janet\Downloads\projectsp2013-kb2817433-fullfile-x64-en-us.exe
2017-01-26 08:27 - 2017-01-26 08:27 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2017-01-26 08:27 - 2017-01-26 08:27 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2017-01-25 13:19 - 2017-01-25 13:19 - 21681421 _____ C:\Users\Janet\Downloads\handy-pro-1.13.1 (1).apk
2017-01-23 16:16 - 2017-01-28 10:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-01-23 16:15 - 2017-01-23 16:15 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-01-23 16:15 - 2017-01-23 16:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2017-01-23 16:14 - 2017-01-23 16:15 - 00000000 ____D C:\Program Files\Microsoft Office
2017-01-23 16:14 - 2017-01-23 16:14 - 00000000 __RHD C:\MSOCache
2017-01-23 16:12 - 2017-01-23 16:12 - 339799344 _____ (Microsoft Corporation) C:\Users\Janet\Downloads\sharepointdesigner_64bit.exe
2017-01-23 16:00 - 2017-01-23 16:00 - 00002479 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2017-01-23 16:00 - 2017-01-23 16:00 - 00002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2017-01-23 16:00 - 2017-01-23 16:00 - 00002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2017-01-23 16:00 - 2017-01-23 16:00 - 00002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2017-01-23 16:00 - 2017-01-23 16:00 - 00002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2017-01-23 16:00 - 2017-01-23 16:00 - 00002400 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2017-01-23 16:00 - 2017-01-23 16:00 - 00002394 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2017-01-23 16:00 - 2017-01-23 16:00 - 00002388 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2017-01-23 16:00 - 2017-01-23 16:00 - 00002380 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2017-01-23 16:00 - 2017-01-23 16:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2017-01-23 16:00 - 2017-01-23 16:00 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-01-23 15:48 - 2017-01-23 15:48 - 03907384 _____ (Microsoft Corporation) C:\Users\Janet\Downloads\Setup.X86.en-us_O365ProPlusRetail_092a201a-fb23-4698-b52b-2efc73b17ccb_TX_PR_b_32_.exe
2017-01-23 12:21 - 2017-01-23 12:21 - 21681421 _____ C:\Users\Janet\Downloads\handy-pro-1.13.1.apk
2017-01-21 19:34 - 2017-01-21 19:34 - 00007149 _____ C:\Users\Janet\Downloads\resume (1).pdf
2017-01-21 13:39 - 2016-12-22 14:42 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-01-21 13:39 - 2016-12-22 14:42 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-01-21 13:22 - 2016-12-01 06:13 - 00869576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2017-01-21 13:22 - 2016-12-01 06:13 - 00678592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2017-01-21 13:22 - 2016-12-01 06:11 - 00875720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2017-01-21 13:22 - 2016-12-01 06:11 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2017-01-21 13:22 - 2016-10-20 05:14 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2017-01-21 13:22 - 2016-10-20 05:10 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2017-01-21 13:20 - 2016-11-19 13:24 - 00567152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-01-21 13:20 - 2016-11-19 13:24 - 00152856 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2017-01-21 13:20 - 2016-11-19 11:29 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-01-21 13:20 - 2016-11-19 10:44 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2017-01-21 13:20 - 2016-11-19 09:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2017-01-21 13:20 - 2016-11-19 09:22 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2017-01-21 13:20 - 2016-11-16 13:49 - 00377176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-01-21 13:20 - 2016-11-12 13:06 - 00738104 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2017-01-21 13:20 - 2016-11-12 11:38 - 00613632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2017-01-21 13:20 - 2016-11-12 11:25 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-01-21 13:20 - 2016-11-12 11:08 - 25759744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-01-21 13:20 - 2016-11-12 11:07 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-01-21 13:20 - 2016-11-12 10:53 - 06049280 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-01-21 13:20 - 2016-11-12 10:29 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-01-21 13:20 - 2016-11-12 10:23 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2017-01-21 13:20 - 2016-11-12 10:17 - 20302848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-01-21 13:20 - 2016-11-12 10:14 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-01-21 13:20 - 2016-11-12 10:10 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-01-21 13:20 - 2016-11-12 09:45 - 00880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2017-01-21 13:20 - 2016-11-12 09:41 - 15257088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-01-21 13:20 - 2016-11-12 09:38 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-01-21 13:20 - 2016-11-12 09:37 - 04608000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-01-21 13:20 - 2016-11-12 09:35 - 02920960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-01-21 13:20 - 2016-11-12 09:21 - 13653504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-01-21 13:20 - 2016-11-12 09:20 - 01543680 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-01-21 13:20 - 2016-11-12 09:11 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-01-21 13:20 - 2016-11-12 09:05 - 02444800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-01-21 13:20 - 2016-11-12 09:02 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-01-21 13:20 - 2016-11-12 09:02 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-01-21 13:20 - 2016-11-10 18:33 - 01541240 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-01-21 13:20 - 2016-11-09 09:25 - 01376768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-01-21 13:20 - 2016-11-05 12:46 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-01-21 13:20 - 2016-11-05 10:35 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-01-21 13:20 - 2016-11-05 09:57 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2017-01-21 13:20 - 2016-11-05 09:11 - 03606528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2017-01-21 13:20 - 2016-11-05 07:56 - 02778624 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2017-01-21 13:20 - 2016-11-05 07:46 - 02463744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2017-01-21 13:20 - 2016-11-02 12:48 - 00372568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-01-21 13:20 - 2016-11-02 12:48 - 00315224 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-01-21 13:20 - 2016-11-02 06:03 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-01-21 13:20 - 2016-11-02 06:00 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-01-21 13:20 - 2016-10-27 18:56 - 01380048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2017-01-21 13:20 - 2016-10-27 10:51 - 02896384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-01-21 13:20 - 2016-10-27 10:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-01-21 13:20 - 2016-10-27 10:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-01-21 13:20 - 2016-10-27 10:05 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-01-21 13:20 - 2016-10-27 09:49 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-01-21 13:20 - 2016-10-27 09:47 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-01-21 13:20 - 2016-10-27 09:46 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-01-21 13:20 - 2016-10-27 09:44 - 02131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-01-21 13:20 - 2016-10-27 06:28 - 01097728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2017-01-21 13:20 - 2016-10-22 09:34 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-01-21 13:20 - 2016-10-22 09:27 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-01-21 13:20 - 2016-10-22 08:58 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-01-21 13:20 - 2016-10-22 08:57 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-01-21 13:20 - 2016-10-22 08:56 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-01-21 13:20 - 2016-10-22 08:46 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-01-21 13:20 - 2016-10-22 08:45 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-01-21 13:20 - 2016-10-22 08:43 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-01-21 13:20 - 2016-10-13 11:06 - 01385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-01-21 13:20 - 2016-10-13 11:06 - 01124376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-01-21 13:20 - 2016-10-12 13:49 - 00379224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-01-21 13:20 - 2016-10-12 13:11 - 00922968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2017-01-21 13:20 - 2016-10-11 12:21 - 00497448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-01-21 13:20 - 2016-10-11 12:21 - 00399776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-01-21 13:20 - 2016-10-11 10:34 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2017-01-21 13:20 - 2016-10-11 09:47 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2017-01-21 13:20 - 2016-10-11 08:55 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2017-01-21 13:20 - 2016-10-11 08:45 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-01-21 13:20 - 2016-10-10 15:31 - 00990040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-01-21 13:20 - 2016-10-10 13:17 - 00444248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-01-21 13:20 - 2016-10-10 13:17 - 00333656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-01-21 13:20 - 2016-10-10 10:18 - 00069976 _____ (Microsoft Corporation) C:\WINDOWS\system32\apisetschema.dll
2017-01-21 13:20 - 2016-10-10 10:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cmimcext.sys
2017-01-21 13:20 - 2016-10-09 14:59 - 00551256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-01-21 13:20 - 2016-10-09 06:17 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionQueue.dll
2017-01-21 13:20 - 2016-10-09 06:08 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2017-01-21 13:20 - 2016-10-09 06:08 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll
2017-01-21 13:20 - 2016-10-08 14:53 - 03754496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2017-01-21 13:20 - 2016-10-08 14:24 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-01-21 13:20 - 2016-10-08 14:21 - 01445376 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-01-21 13:20 - 2016-10-08 14:18 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-01-21 13:20 - 2016-10-08 14:07 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll
2017-01-21 13:20 - 2016-10-08 13:49 - 02410496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2017-01-21 13:20 - 2016-10-08 13:31 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-01-21 13:20 - 2016-10-08 13:21 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll
2017-01-21 13:20 - 2016-10-08 13:10 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-01-21 13:20 - 2016-10-07 17:34 - 01660040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-01-21 13:20 - 2016-10-07 17:34 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-01-21 13:20 - 2016-10-05 06:01 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-01-21 13:20 - 2016-10-05 06:00 - 00868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-01-21 13:20 - 2016-10-05 06:00 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2017-01-21 13:20 - 2016-10-05 05:52 - 00513456 _____ C:\WINDOWS\SysWOW64\locale.nls
2017-01-21 13:20 - 2016-10-05 05:52 - 00513456 _____ C:\WINDOWS\system32\locale.nls
2017-01-21 13:20 - 2016-10-04 20:15 - 01969944 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-01-21 13:20 - 2016-10-04 20:15 - 01613528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-01-21 13:20 - 2016-10-04 20:15 - 00324896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2017-01-21 13:20 - 2016-10-04 20:15 - 00245320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2017-01-21 13:20 - 2016-10-04 12:39 - 00101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2017-01-21 13:20 - 2016-10-04 12:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-01-21 13:20 - 2016-10-04 12:08 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-01-21 13:20 - 2016-10-04 12:08 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-01-21 13:20 - 2016-09-30 16:22 - 07444312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-01-21 13:20 - 2016-09-27 12:16 - 00445873 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-01-21 13:20 - 2016-09-20 14:30 - 02462040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-01-21 13:20 - 2016-09-17 10:16 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsmsext.dll
2017-01-21 13:20 - 2016-09-17 09:21 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsmsext.dll
2017-01-21 13:20 - 2016-09-13 17:53 - 01663184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-01-21 13:20 - 2016-09-13 17:53 - 01523208 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-01-21 13:20 - 2016-09-13 17:53 - 01490112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-01-21 13:20 - 2016-09-13 17:53 - 01358952 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-01-21 13:20 - 2016-09-12 14:03 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-01-21 13:20 - 2016-09-12 13:01 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-01-21 13:20 - 2016-09-09 14:14 - 00275800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-01-21 13:20 - 2016-09-09 06:15 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2017-01-21 13:20 - 2016-09-09 06:09 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2017-01-21 13:20 - 2016-09-09 06:04 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-01-21 13:20 - 2016-09-09 06:03 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll
2017-01-21 13:20 - 2016-09-09 06:02 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll
2017-01-21 13:20 - 2016-09-08 12:41 - 00121176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-01-21 13:20 - 2016-09-08 06:00 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2017-01-21 13:20 - 2016-09-08 06:00 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2017-01-21 13:20 - 2016-09-07 14:07 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-01-21 13:20 - 2016-09-07 13:59 - 01754112 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-01-21 13:20 - 2016-09-07 13:59 - 01377792 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-01-21 13:20 - 2016-09-07 13:57 - 01560064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-01-21 13:20 - 2016-09-07 13:56 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-01-21 13:20 - 2016-09-03 10:20 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsidsc.dll
2017-01-21 13:20 - 2016-09-03 10:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiexe.dll
2017-01-21 13:20 - 2016-09-03 09:21 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsidsc.dll
2017-01-21 13:20 - 2016-09-03 08:12 - 00512512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-01-21 13:20 - 2016-09-03 08:05 - 01094656 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-01-21 13:20 - 2016-09-03 07:58 - 00397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-01-21 13:20 - 2016-09-02 06:05 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2017-01-21 13:20 - 2016-09-02 06:05 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2017-01-21 13:20 - 2016-09-01 06:33 - 00377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2017-01-21 13:20 - 2016-09-01 06:33 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2017-01-21 13:20 - 2016-09-01 06:31 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2017-01-21 13:20 - 2016-08-30 06:11 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2017-01-21 13:20 - 2016-08-29 18:45 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xolehlp.dll
2017-01-21 13:20 - 2016-08-29 18:18 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2017-01-21 13:20 - 2016-08-29 18:18 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2017-01-21 13:20 - 2016-08-29 18:03 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2017-01-21 13:20 - 2016-08-25 12:50 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2017-01-21 13:20 - 2016-08-25 11:40 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2017-01-21 13:20 - 2016-08-22 05:34 - 01628672 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-01-21 13:20 - 2016-08-12 16:05 - 09323008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2017-01-21 13:20 - 2016-08-12 16:03 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifibus.sys
2017-01-21 13:20 - 2016-08-12 16:02 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2017-01-21 13:20 - 2016-08-12 16:01 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-01-21 13:20 - 2016-08-12 14:35 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2017-01-21 13:20 - 2016-08-12 14:19 - 09323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2017-01-21 13:20 - 2016-08-12 13:47 - 15431168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-01-21 13:20 - 2016-08-12 13:17 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2017-01-21 13:20 - 2016-08-12 12:52 - 13317120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-01-21 13:20 - 2016-08-11 17:58 - 02315496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-01-21 13:20 - 2016-08-11 17:58 - 01946176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-01-21 13:20 - 2016-08-11 10:33 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\parport.sys
2017-01-21 13:20 - 2016-08-11 10:33 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2017-01-21 13:20 - 2016-08-11 10:33 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serenum.sys
2017-01-21 13:20 - 2016-08-11 09:17 - 01574912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2017-01-21 13:20 - 2016-08-03 07:42 - 01317888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-01-21 13:20 - 2016-08-03 07:36 - 01102848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-01-21 13:20 - 2016-08-03 07:36 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-01-21 13:20 - 2016-08-03 07:33 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-01-21 13:20 - 2016-07-30 09:12 - 02896384 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2017-01-21 13:20 - 2016-07-30 08:36 - 02537472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2017-01-21 13:20 - 2016-07-26 05:40 - 00162850 _____ C:\WINDOWS\SysWOW64\C_932.NLS
2017-01-21 13:20 - 2016-07-26 05:40 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS
2017-01-21 13:20 - 2016-07-23 10:18 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-01-21 13:20 - 2016-07-23 10:12 - 00954880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-01-21 13:19 - 2016-08-20 15:22 - 00435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2017-01-21 13:19 - 2016-08-20 14:50 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2017-01-21 13:19 - 2016-08-09 14:47 - 00803176 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-01-21 13:19 - 2016-08-09 14:47 - 00611576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-01-21 13:19 - 2016-08-04 06:17 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-01-21 13:19 - 2016-08-03 10:06 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-01-21 13:19 - 2016-08-03 10:05 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-01-21 13:18 - 2016-08-27 11:44 - 22360288 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-01-21 13:18 - 2016-08-27 11:44 - 02755504 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-01-21 13:18 - 2016-08-27 11:44 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\RestoreOptIn.exe
2017-01-21 13:18 - 2016-08-27 10:26 - 19789232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-01-21 13:18 - 2016-08-27 10:26 - 02411048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-01-21 13:18 - 2016-08-27 10:26 - 00113656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RestoreOptIn.exe
2017-01-21 13:18 - 2016-08-27 08:33 - 02881536 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-01-21 13:18 - 2016-08-27 08:11 - 01049600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-01-21 13:18 - 2016-08-27 08:09 - 14466560 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-01-21 13:18 - 2016-08-27 07:55 - 12879360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-01-21 13:18 - 2016-08-22 08:06 - 00179248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-01-21 13:18 - 2016-08-22 08:06 - 00100184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-01-21 13:18 - 2016-08-20 17:03 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-01-21 13:18 - 2016-08-20 17:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-01-21 13:18 - 2016-08-20 14:55 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-01-21 13:18 - 2016-08-12 23:40 - 01737080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-01-21 13:18 - 2016-08-12 16:04 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2017-01-21 13:18 - 2016-08-11 08:26 - 01156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2017-01-21 13:18 - 2016-08-11 08:17 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-01-21 13:18 - 2016-08-11 08:16 - 00455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2017-01-21 12:39 - 2016-08-20 15:45 - 07076864 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2017-01-21 12:39 - 2016-08-20 15:05 - 05273600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2017-01-21 12:39 - 2016-08-20 14:42 - 07795712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-01-21 12:39 - 2016-08-20 14:27 - 05268480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-01-21 11:57 - 2017-01-21 12:26 - 00021504 _____ C:\WINDOWS\system32\umstartup.etl
2017-01-20 06:09 - 2017-01-20 06:09 - 00000000 ____D C:\Users\Janet\AppData\Local\Avg2015
2017-01-19 13:33 - 2017-01-19 13:33 - 00252104 _____ (Facebook) C:\Users\Janet\Downloads\FacebookGameroom.exe
2017-01-19 13:33 - 2017-01-19 13:33 - 00252104 _____ (Facebook) C:\Users\Janet\Downloads\FacebookGameroom (2).exe
2017-01-19 13:33 - 2017-01-19 13:33 - 00252104 _____ (Facebook) C:\Users\Janet\Downloads\FacebookGameroom (1).exe
2017-01-18 09:28 - 2017-01-18 09:34 - 00000000 ____D C:\Users\Vapor 2\Documents\Profile1
2017-01-15 20:49 - 2017-01-15 20:49 - 00003505 _____ C:\Users\Janet\Desktop\ltr resume.txt
2017-01-15 19:44 - 2017-01-15 19:50 - 00000000 ____D C:\Users\Janet\Desktop\Cover ltr & Resume
2017-01-13 16:47 - 2017-01-15 20:14 - 00000000 ____D C:\Users\Janet\Documents\Janet
2017-01-12 22:38 - 2017-01-12 22:38 - 00099987 _____ C:\Users\Janet\Desktop\OHClaim.pdf
2017-01-12 21:59 - 2017-01-12 21:59 - 00130170 _____ C:\Users\Janet\Desktop\faith background.pdf
2017-01-10 16:15 - 2017-01-10 16:15 - 21639159 _____ C:\Users\Janet\Desktop\Printing Your Coupons _ Coupons.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-30 16:35 - 2013-07-14 00:09 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-01-30 16:33 - 2015-04-25 20:19 - 00000428 _____ C:\WINDOWS\Tasks\HP Photo Creations Communicator.job
2017-01-30 16:22 - 2013-07-13 23:45 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2419766067-897465512-1457611607-1001
2017-01-30 16:17 - 2014-06-15 21:55 - 00002217 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-01-30 16:11 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-01-30 16:05 - 2016-01-14 22:05 - 00000296 _____ C:\WINDOWS\Tasks\UpdateTask.job
2017-01-30 15:27 - 2015-06-23 19:57 - 00000000 ____D C:\ProgramData\softthinks
2017-01-30 15:27 - 2013-04-27 07:42 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2017-01-30 15:23 - 2015-07-25 16:32 - 00002836 _____ C:\WINDOWS\System32\Tasks\Optimize Push Notification Data File-S-1-5-21-2419766067-897465512-1457611607-1001
2017-01-30 15:22 - 2014-03-13 14:13 - 00000000 ___DO C:\Users\Janet\SkyDrive
2017-01-30 15:19 - 2012-07-25 23:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-28 15:14 - 2016-06-24 07:24 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2017-01-28 14:36 - 2013-08-22 06:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-28 10:01 - 2013-09-29 20:04 - 01005208 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-28 10:01 - 2013-08-22 05:36 - 00000000 ____D C:\WINDOWS\Inf
2017-01-28 09:43 - 2013-08-22 07:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-01-27 11:22 - 2016-05-06 23:37 - 00000000 ____D C:\Users\Janet\AppData\Roaming\Kodi
2017-01-27 05:38 - 2013-12-11 13:48 - 00000000 ____D C:\Users\Janet
2017-01-26 13:57 - 2015-10-12 12:29 - 00000000 ____D C:\ProgramData\Avg
2017-01-26 13:57 - 2015-10-06 10:32 - 00000000 ____D C:\Users\Janet\AppData\Local\AvgSetupLog
2017-01-26 13:57 - 2015-07-14 10:29 - 00000000 ____D C:\Program Files (x86)\AVG
2017-01-26 13:56 - 2013-09-21 14:10 - 00000000 ____D C:\Users\Janet\AppData\Local\Facebook
2017-01-26 13:54 - 2015-03-21 21:54 - 00000000 ____D C:\ProgramData\iolo
2017-01-26 09:53 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-26 09:32 - 2016-05-10 03:38 - 00000000 ____D C:\found.000
2017-01-26 08:58 - 2016-01-14 22:24 - 00014576 _____ C:\WINDOWS\System32\Tasks\Driver Support-RTMScan
2017-01-26 08:58 - 2016-01-14 22:24 - 00009238 _____ C:\WINDOWS\System32\Tasks\Driver Support-RTMUpdater
2017-01-26 08:58 - 2016-01-14 22:24 - 00009224 _____ C:\WINDOWS\System32\Tasks\Driver Support-RTMRules
2017-01-26 08:56 - 2014-06-17 11:13 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2017-01-26 08:54 - 2013-08-22 05:25 - 01048576 ___SH C:\WINDOWS\system32\config\BBI
2017-01-26 08:32 - 2013-08-22 07:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-26 08:32 - 2013-07-13 23:36 - 00000000 ____D C:\Users\Janet\AppData\Local\Packages
2017-01-26 07:58 - 2015-08-13 11:21 - 00000000 ____D C:\Users\Janet\AppData\Local\Avg
2017-01-26 07:58 - 2015-07-14 10:17 - 00000000 ____D C:\ProgramData\MFAData
2017-01-26 07:53 - 2012-07-26 00:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-01-26 07:49 - 2013-12-11 14:18 - 00000000 ____D C:\Users\Janet\AppData\Local\Deployment
2017-01-26 07:48 - 2014-06-15 19:36 - 00000000 ____D C:\ProgramData\Citrix
2017-01-26 07:48 - 2014-06-15 19:35 - 00000000 ____D C:\Program Files (x86)\Citrix
2017-01-26 07:47 - 2014-06-15 19:35 - 00000000 ____D C:\Users\Janet\AppData\Local\Citrix
2017-01-26 05:14 - 2016-10-13 00:18 - 00000374 _____ C:\WINDOWS\Tasks\PC Health Advisor Update.job
2017-01-24 12:25 - 2015-07-14 10:49 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2017-01-24 06:37 - 2013-07-31 13:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-01-23 16:16 - 2013-08-22 07:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-01-21 13:37 - 2013-07-15 20:02 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-01-21 13:37 - 2013-07-15 20:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-01-21 13:34 - 2013-08-22 07:36 - 00000000 ___RD C:\WINDOWS\ToastData
2017-01-21 13:34 - 2013-08-22 05:36 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-01-21 13:29 - 2013-08-07 11:16 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-01-21 13:25 - 2015-07-15 10:56 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-01-21 13:25 - 2013-07-15 20:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-01-21 12:32 - 2016-06-24 07:24 - 00003864 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-01-21 12:32 - 2014-07-27 14:45 - 00000000 ____D C:\Users\Janet\AppData\Local\Adobe
2017-01-21 12:32 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-01-21 12:32 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-01-21 12:32 - 2013-07-14 00:09 - 00003582 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-01-21 12:10 - 2016-02-03 13:27 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-21 12:10 - 2015-05-21 12:07 - 00004476 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-01-21 11:50 - 2013-08-22 05:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2017-01-21 04:31 - 2016-09-07 08:13 - 00001315 _____ C:\Users\Janet\Desktop\jlmid 001.jpg - Shortcut.lnk
2017-01-20 06:09 - 2015-07-14 10:49 - 00000000 ____D C:\Program Files\AVG Web TuneUp
2017-01-20 06:09 - 2015-07-14 10:49 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2017-01-18 09:34 - 2013-04-27 09:06 - 00000000 __SHD C:\System Recovery
2017-01-18 07:29 - 2016-12-07 15:00 - 00003180 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-01-18 07:29 - 2016-04-20 17:44 - 00002342 _____ C:\Users\Janet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2017-01-18 07:29 - 2014-02-20 04:36 - 00003188 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2419766067-897465512-1457611607-1001
2017-01-18 07:24 - 2016-01-14 22:24 - 00003484 _____ C:\WINDOWS\System32\Tasks\Driver Support
2017-01-18 07:24 - 2016-01-14 22:24 - 00000000 ____D C:\ProgramData\UAB
2017-01-18 07:24 - 2016-01-14 22:20 - 00000000 ____D C:\Program Files (x86)\Driver Support
2017-01-15 23:23 - 2014-08-08 11:51 - 00000000 ____D C:\Users\DefaultAppPool
2017-01-15 23:23 - 2014-01-11 13:34 - 00000000 ____D C:\Users\QBPOSDBSrvUser
2017-01-15 23:22 - 2016-08-26 00:03 - 00000000 ____D C:\Users\Janet\AppData\Roaming\ICAClient
2017-01-15 23:22 - 2014-04-09 13:35 - 00000000 ____D C:\Users\Janet\AppData\Local\Microsoft Help
2017-01-15 23:22 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\SystemResources
2017-01-15 23:22 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\Globalization
2017-01-15 23:22 - 2013-08-22 05:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-01-15 23:22 - 2013-08-22 05:36 - 00000000 ____D C:\WINDOWS\servicing
2017-01-15 23:14 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\registration
2017-01-15 23:08 - 2013-04-27 07:38 - 00000000 ____D C:\ProgramData\PCDr
2017-01-13 16:55 - 2015-08-31 01:02 - 00000000 ____D C:\Users\Janet\Documents\David Mich
2017-01-13 16:55 - 2013-07-31 17:21 - 00000000 ____D C:\Users\Janet\Documents\Custom Office Templates

==================== Files in the root of some directories =======

2014-01-11 13:55 - 2014-01-11 13:55 - 0000093 _____ () C:\Users\Janet\AppData\Local\fusioncache.dat
2014-07-24 16:52 - 2016-03-02 14:48 - 0007608 _____ () C:\Users\Janet\AppData\Local\resmon.resmoncfg
2015-07-12 11:35 - 2015-07-12 11:35 - 0000000 _____ () C:\Users\Janet\AppData\Local\Temp.dat
2015-04-23 19:34 - 2015-04-23 19:34 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-06-15 22:00 - 2014-06-15 22:00 - 6696936 _____ (Dell ) C:\ProgramData\Dell Click 2 Fix+-64-bit-V2546.exe
2014-06-15 19:38 - 2014-06-15 19:41 - 6729688 _____ (Dell ) C:\ProgramData\Dell Click 2 Fix-64-bit-V2546.exe
2014-04-10 11:43 - 2016-07-03 17:38 - 0005740 _____ () C:\ProgramData\hpzinstall.log
2016-01-15 23:44 - 2016-01-15 23:44 - 1134080 _____ () C:\ProgramData\TrezaaSetupx30039.msi
2013-04-27 07:42 - 2013-04-27 07:42 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2013-04-27 07:39 - 2013-04-27 07:40 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2013-04-27 07:40 - 2013-04-27 07:41 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2013-04-27 07:39 - 2013-04-27 07:39 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2013-04-27 07:41 - 2013-04-27 07:42 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log

Files to move or delete:
====================
C:\ProgramData\Dell Click 2 Fix+-64-bit-V2546.exe
C:\ProgramData\Dell Click 2 Fix-64-bit-V2546.exe


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== BCD ================================

Firmware Boot Manager
---------------------
identifier {fwbootmgr}
displayorder {bootmgr}
{513644df-dc41-11e6-bf2f-806e6f6e6963}
{513644e0-dc41-11e6-bf2f-806e6f6e6963}
timeout 1

Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale en-US
inherit {globalsettings}
integrityservices Enable
default {current}
resumeobject {d9419594-af62-11e2-8eeb-a41f7275f882}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30

Firmware Application (101fffff)
-------------------------------
identifier {513644df-dc41-11e6-bf2f-806e6f6e6963}
description SATA PM: ST1000DM003-1CH162

Firmware Application (101fffff)
-------------------------------
identifier {513644e0-dc41-11e6-bf2f-806e6f6e6963}
description SATA SM: PLDS DVD+/-RW DS-8A9SH

Windows Boot Loader
-------------------
identifier {88d41bea-af4e-11e2-901a-a41f7275f882}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{88d41beb-af4e-11e2-901a-a41f7275f882}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale en-us
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{88d41beb-af4e-11e2-901a-a41f7275f882}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Windows Boot Loader
-------------------
identifier {d9419591-af62-11e2-8eeb-a41f7275f882}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{d9419592-af62-11e2-8eeb-a41f7275f882}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale en-us
inherit {bootloadersettings}
displaymessage Recovery
displaymessageoverride Recovery
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{d9419592-af62-11e2-8eeb-a41f7275f882}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Windows Boot Loader
-------------------
identifier {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 8.1
locale en-US
inherit {bootloadersettings}
recoverysequence {d9419596-af62-11e2-8eeb-a41f7275f882}
integrityservices Enable
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {d9419594-af62-11e2-8eeb-a41f7275f882}
nx OptIn
bootmenupolicy Standard

Windows Boot Loader
-------------------
identifier {d9419596-af62-11e2-8eeb-a41f7275f882}
device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{d9419597-af62-11e2-8eeb-a41f7275f882}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale en-US
inherit {bootloadersettings}
displaymessage Recovery
displaymessageoverride Recovery
osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{d9419597-af62-11e2-8eeb-a41f7275f882}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Resume from Hibernate
---------------------
identifier {88d41be8-af4e-11e2-901a-a41f7275f882}
device partition=C:
path \Windows\system32\winresume.efi
description Windows Resume Application
locale en-US
inherit {resumeloadersettings}
recoverysequence {d9419591-af62-11e2-8eeb-a41f7275f882}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No

Resume from Hibernate
---------------------
identifier {d9419594-af62-11e2-8eeb-a41f7275f882}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale en-US
inherit {resumeloadersettings}
recoverysequence {d9419596-af62-11e2-8eeb-a41f7275f882}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No

Windows Memory Tester
---------------------
identifier {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Windows Memory Diagnostic
locale en-US
inherit {globalsettings}
badmemoryaccess Yes

EMS Settings
------------
identifier {emssettings}
bootems No

Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

RAM Defects
-----------
identifier {badmemory}

Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}

Device options
--------------
identifier {88d41beb-af4e-11e2-901a-a41f7275f882}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi

Device options
--------------
identifier {d9419592-af62-11e2-8eeb-a41f7275f882}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi

Device options
--------------
identifier {d9419593-af62-11e2-8eeb-a41f7275f882}
description Windows Setup
ramdisksdidevice partition=C:
ramdisksdipath \$WINDOWS.~BT\Sources\SafeOS\boot.sdi

Device options
--------------
identifier {d9419597-af62-11e2-8eeb-a41f7275f882}
description Windows Recovery
ramdisksdidevice unknown
ramdisksdipath \Recovery\WindowsRE\boot.sdi


LastRegBack: 2016-03-10 12:00

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-01-2017
Ran by Vapor 2 (30-01-2017 16:36:15)
Running from C:\Users\Janet\Downloads
Windows 8.1 (Update) (X64) (2013-12-11 22:16:46)
Boot Mode: Normal
==========================================================
You do not have the required permissions to view the files attached to this post.
vaportrailz
Active Member
 
Posts: 2
Joined: January 31st, 2017, 1:56 am
Advertisement
Register to Remove

Re: So I need help with my PC I will start here first.

Unread postby pgmigg » February 8th, 2017, 2:16 pm

Hello vaportrailz,

Apologies for the delay in getting to your topic.

I am pgmigg and I'll be helping you with any malware problems.

Before we begin, please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. You must have Administrator rights, permissions for this computer.
  3. DO NOT run any other fix or removal tools unless instructed to do so!
  4. DO NOT install any other software (or hardware) during the cleaning process until we are done as well as
    DO NOT Remove, or Scan with anything on your system unless I ask. This adds more items to be researched.
    Extra Additions and Removals of files make the analysis more difficult.
  5. Only post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  6. Print each set of instructions if possible - your Internet connection will not be available during some fix processes.
  7. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  8. Only reply to this thread, do not start another one. Please, continue responding, until I give you the "All Clean!" :cheers:
    Absence of symptoms does not mean that everything is clear.

I am currently reviewing your logs and will return, as soon as possible, with additional instructions. In the meantime...

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.

Please read all instructions carefully before executing and perform the steps, in the order given.
lf you have any questions or problems executing these instructions, <<STOP>> do not proceed, post back with the question or problem.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start


Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 4584
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: So I need help with my PC I will start here first.

Unread postby pgmigg » February 8th, 2017, 6:21 pm

Hello vaportrailz,

From the moment of your first call to the forum it has been more than a week and I need to ask you to run FRST scan again to have refreshed most recent information from your computer - now I need FRST.txt and Addition.txt logs only - but this time please do it without attachments - one log means one post.

So please run the following:

Step 1.
Fresh FRST64 Scan
You should still have FRST64.exe on your Desktop.
  1. Right-click FRST64.exe and select "Run as administrator..." to run it.
  2. When the tool opens click Yes to the disclaimer if it is occurred.
  3. Please be sure that 90 Days Files check box under Optional Scan section is unchecked.
  4. Please be sure that Addition.txt check box under Optional Scan section is checked.
  5. Press Scan button. When finished a log will be created, FRST.txt.
  6. Please post the content of the FRST.txt in your next reply.

Step 2.
Run CKScanner
  1. Please download CKScanner from here
  2. Important: - Save it to your Desktop.
  3. Double-click CKScanner.exe and click Search For Files.
  4. After a very short time, when the cursor hourglass disappears, click Save List To File.
  5. A message box will verify the file saved.
  6. Double-click the CKFiles.txt icon on your Desktop and copy/paste the contents in your next reply.

Step 3.
TSG - SysInfo utility
  1. Please download SysInfo.exe and save it to your Desktop.
  2. Right click SysInfo.exe and select "Run As Administrator" to run it... if UAC prompts, please allow it.
  3. The small square window will be opened with already highlighted text - please right click on it, select Copy and then paste it in your next post.

Then:
Please tell me is this computer used for business or educational purposes and/or connected to a business or educational network?
I need to know it - so I can provide the proper instructions.

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections...

Don't post anything as attachments unless I will ask you about it specifically!

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of the FRST.txt log file after fresh FRST scan
  3. Contents of the Addition.txt log file after fresh FRST scan
  4. Contents of CKFiles.txt log file
  5. Contents of TSG - SysInfo utility
  6. Answer to my question related to type of using of your computer
  7. Do you see any changes in computer behavior?

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 4584
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: So I need help with my PC I will start here first.

Unread postby pgmigg » February 12th, 2017, 2:53 pm

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 4584
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 101 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware