E: FRST.txt Log:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by brianboyns (administrator) on BRIANBOYNS-PC on 19-01-2015 21:03:02
Running from C:\Users\brianboyns\Desktop
Loaded Profiles: brianboyns (Available profiles: brianboyns & Arborist)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Acer Incorporated) C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
(Memeo) C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
(Memeo) C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Memeo Inc.) C:\Program Files (x86)\Memeo\Memeo Send\MemeoSend.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
() C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13774040 2015-01-16] (Realtek Semiconductor)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [1858152 2012-03-30] (Microsoft Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3667472 2014-12-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Memeo Instant Backup] => C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe [136416 2010-04-22] (Memeo Inc.)
HKLM-x32\...\Run: [Memeo AutoSync] => C:\Program Files (x86)\Memeo\AutoSync\MemeoLauncher2.exe [144608 2010-04-16] (Memeo Inc.)
HKLM-x32\...\Run: [Memeo Send] => C:\Program Files (x86)\Memeo\Memeo Send\MemeoLauncher.exe [236816 2009-11-04] ()
HKLM-x32\...\Run: [Seagate Dashboard] => C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe [79112 2010-04-30] ()
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1852264 2014-05-23] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5562736 2014-07-22] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694048 2014-10-23] (Western Digital Technologies, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\Run: [Exetender] => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
HKU\S-1-5-20\...\Run: [Exetender] => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
HKU\S-1-5-21-2609911718-454996853-969934346-1001\...\MountPoints2: {23473b4d-77bc-11dc-9bf7-806e6f6e6963} - D:\SETUP.EXE
HKU\S-1-5-18\...\Run: [Exetender] => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
HKU\S-1-5-18\...\Run: [Advanced SystemCare 6] => "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-2609911718-454996853-969934346-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-2609911718-454996853-969934346-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://www.msn.com/?ocid=iehpSearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACGW
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2609911718-454996853-969934346-1001 -> OldDefaultScope {F29EB221-9A8B-464F-81A9-870718A085E9}
SearchScopes: HKU\S-1-5-21-2609911718-454996853-969934346-1001 -> {9D46F7F2-F30A-4F8A-A1F9-F090DE388418} URL =
https://www.google.com/search?q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKU\S-1-5-21-2609911718-454996853-969934346-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4}
http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocxDPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabHandler: livecall - No CLSID Value
Handler: msnim - No CLSID Value
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 75.75.75.75 75.75.76.76
FireFox:
========
FF ProfilePath: C:\Users\brianboyns\AppData\Roaming\Mozilla\Firefox\Profiles\9sm9rnun.default
FF DefaultSearchEngine: Bing
FF SelectedSearchEngine: Bing
FF SearchEngineOrder.3: Bing
FF Keyword.URL:
hxxp://www.bing.com/search?FORM=U164DF&PC=U164&q=FF Homepage:
hxxp://www.bing.com/?pc=U159FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @exent.com/npExentCtl,version=7.0.0.0 -> C:\Program Files (x86)\Free Ride Games\npExentCtl.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.72.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.72.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.2.206 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.5.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.5.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.5.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.2.206 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-11-09]
FF HKLM-x32\...\Firefox\Extensions: [{56D10AE9-6227-455E-95C3-73CD63A091EC}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: No Name - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-05-26]
FF Extension: No Name - C:\Users\brianboyns\AppData\Roaming\Mozilla\Firefox\Profiles\9sm9rnun.default\extensions\ascsurfingprotection@iobit.com [Not Found]
FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]
FF Extension: No Name - C:\Users\brianboyns\AppData\Roaming\Mozilla\Firefox\Profiles\9sm9rnun.default\extensions\adremoveext@adremoveext.net [Not Found]
FF Extension: No Name - C:\Users\brianboyns\AppData\Roaming\Mozilla\Firefox\Profiles\9sm9rnun.default\extensions\iobitascsurfingprotection@iobit.com [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
Chrome:
=======
CHR HomePage: Default ->
hxxp://www.facebook.com/CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSearchURL: Default ->
https://www.bing.com/search?setmkt=en-US&q={searchTerms}
CHR DefaultNewTabURL: Default ->
https://www.bing.com/chrome/newtab?setmkt=en-USCHR DefaultSuggestURL: Default ->
http://api.bing.com/osjson.aspx?query={searchTerms}&language={language}
CHR Profile: C:\Users\brianboyns\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\brianboyns\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-27]
CHR Extension: (Google Docs) - C:\Users\brianboyns\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-27]
CHR Extension: (Google Drive) - C:\Users\brianboyns\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-27]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\brianboyns\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-27]
CHR Extension: (YouTube) - C:\Users\brianboyns\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-27]
CHR Extension: (Google Search) - C:\Users\brianboyns\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-27]
CHR Extension: (Google Sheets) - C:\Users\brianboyns\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-27]
CHR Extension: (RealPlayer Downloader) - C:\Users\brianboyns\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-12-27]
CHR Extension: (Google Wallet) - C:\Users\brianboyns\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-27]
CHR Extension: (Gmail) - C:\Users\brianboyns\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-27]
CHR HKLM-x32\...\Chrome\Extension: [cfgeokpcndgebnmfhfnmjnlkjgeehika] - Extensions\chromePlugin.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-10-17]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3432976 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-12-18] (AVG Technologies CZ, s.r.o.)
S3 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [151656 2012-03-30] (Microsoft Corp.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MSSQL$MICROSOFTBCM; C:\Program Files (x86)\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe [7544916 2003-05-31] (Microsoft Corporation) [File not signed]
S3 MSSQLServerADHelper; C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [66112 2002-12-17] (Microsoft Corporation) [File not signed]
S4 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-10-17] ()
S4 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [29320 2013-10-25] ()
S3 SQLAgent$MICROSOFTBCM; C:\Program Files (x86)\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlagent.EXE [311872 2002-12-17] (Microsoft Corporation) [File not signed]
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-07-22] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-05-23] (Western Digital Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S3 ACDaemon; No ImagePath
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [260888 2014-12-08] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-10-10] (AVG Technologies CZ, s.r.o.)
S3 cpuz134; No ImagePath
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [13088 2011-03-02] ()
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-14] (REALiX(tm))
R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-11-21] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [141384 2010-11-11] (MCCI Corporation)
S3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [39104 2013-12-02] (Spotflux, Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]
S2 X5XSEx; \??\C:\Program Files (x86)\Free Ride Games\X5XSEx.Sys [X]
========================== Drivers MD5 =======================
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys 80B9412C4DE09147581FC935FB4C97AB
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\avgdiska.sys 54FE1CAFA3B3029B282E6A05EA672031
C:\Windows\System32\DRIVERS\avgidsdrivera.sys A3124AC9C0AF30ABD000A7CB5779C101
C:\Windows\System32\DRIVERS\avgidsha.sys 68070AEEE757ACC6EC5BC291B1E8EA1A
C:\Windows\System32\DRIVERS\avgldx64.sys 7C9E8FD2BFCE60BDF9B5944C0BE47C87
C:\Windows\System32\DRIVERS\avgloga.sys 734DCC05A7F327FDCE43A18BA011FD4E
C:\Windows\System32\DRIVERS\avgmfx64.sys B4D589C734D796B5B76E0A0E5DA50397
C:\Windows\System32\DRIVERS\avgrkx64.sys 3CE824D46BA1871713ABF147E6BAD556
C:\Windows\System32\DRIVERS\avgtdia.sys 0BB7ECAC81554D83A66A0B9F961BB9D0
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\system32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868
C:\Windows\System32\DRIVERS\e1y62x64.sys 11D0ECA73AB25135F65656B93ADBCB3D
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys DF96C3CD6AE15F6D0A6BCB70F9C1E88D
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fssfltr.sys 6C06701BF1DB05405804D7EB610991CE
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS E5805896A55D4166C20F216249F40FA3
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStor.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\igdkmd64.sys 8814F0B9A09C647D3D7BE735450E7B4C
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHD64.sys D2B1DA73B6E8769A1BE1A55693B7F1B3
C:\Windows\System32\drivers\IntcHdmi.sys B014CE58F0A8048D3924BA8D5CCBC5F1
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 353009DEDF918B2A51414F330CF72DEC
C:\Windows\System32\Drivers\ksecpkg.sys 41774FF331F609EF442B7398EE6202B1
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mbamchameleon.sys 478CC94C937D235CB0A96AB8F2359D81
C:\Windows\system32\drivers\mbam.sys CA43F8904E24BBE49982E4C0B29E6579
C:\Windows\system32\drivers\mwac.sys A646C2DDB8C46E9B20A326FAF566646C
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys AE3334958D8F631FF14A0AEB3D7EFB3A
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\system32\drivers\NTIDrvr.sys 64DDD0DEE976302F4BD93E5EFCC2F013
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\Drivers\pcouffin.sys AF7CE12C4F3DC8CB2B07685C916BBCFE
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys 946010CDFA91469351B22E2620CEBCD8
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\System32\DRIVERS\sscdbus.sys ED161B91FDF7EAA39469D72D463D5F4E
C:\Windows\System32\DRIVERS\sscdmdfl.sys 4CB09E77593DBD8D7AF33B37375CA715
C:\Windows\System32\DRIVERS\sscdmdm.sys C7B4CF53497A6E5363F3439427663882
C:\Windows\System32\DRIVERS\sscdserd.sys 05FFA552F578E27AB2D41B6828DB477F
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tapSF0901.sys 185C2170CFD84F9D708276FBB5ABD77D
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys 70988118145F5F10EF24720B97F35F65
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys E232A3B43A894BB327FC161529BD9ED1
C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\system32\drivers\UBHelper.sys 2E22C1FD397A5A9FFEF55E9D1FC96C00
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl64.sys C9E9D59C0099A9FF51697E9306A44240
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\System32\DRIVERS\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\System32\DRIVERS\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wdcsam64.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-19 21:03 - 2015-01-19 21:03 - 00035990 _____ () C:\Users\brianboyns\Desktop\FRST.txt
2015-01-19 20:59 - 2015-01-19 20:59 - 00002280 _____ () C:\Users\brianboyns\Desktop\JRT.txt
2015-01-19 19:30 - 2015-01-19 20:50 - 00008192 _____ () C:\Windows\SysWOW64\WDPABKP.dat
2015-01-19 18:19 - 2015-01-19 21:03 - 00000000 ____D () C:\FRST
2015-01-19 18:18 - 2015-01-19 18:18 - 00000000 ____D () C:\Windows\ERUNT
2015-01-19 18:16 - 2015-01-19 18:16 - 02126848 _____ (Farbar) C:\Users\brianboyns\Desktop\FRST64.exe
2015-01-19 18:15 - 2015-01-19 18:15 - 01707939 _____ (Thisisu) C:\Users\brianboyns\Desktop\JRT.exe
2015-01-19 18:13 - 2015-01-19 18:37 - 00000000 ____D () C:\AdwCleaner
2015-01-19 18:13 - 2015-01-19 18:13 - 02186752 _____ () C:\Users\brianboyns\Desktop\adwcleaner_4.108.exe
2015-01-18 21:14 - 2015-01-18 21:14 - 00000000 ____D () C:\_OTL
2015-01-18 21:09 - 2015-01-19 20:50 - 00003360 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2609911718-454996853-969934346-1001
2015-01-18 04:12 - 2015-01-19 18:39 - 00000224 _____ () C:\Windows\setupact.log
2015-01-18 04:12 - 2015-01-19 18:38 - 01028232 _____ () C:\Windows\PFRO.log
2015-01-18 04:12 - 2015-01-18 04:12 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-18 03:37 - 2015-01-18 03:37 - 00067210 _____ () C:\Users\brianboyns\Desktop\Extras.Txt
2015-01-18 03:34 - 2015-01-18 03:34 - 00129326 _____ () C:\Users\brianboyns\Desktop\OTL.Txt
2015-01-18 03:22 - 2015-01-18 03:22 - 00602112 _____ (OldTimer Tools) C:\Users\brianboyns\Desktop\OTL scanner.exe
2015-01-17 17:52 - 2015-01-18 04:11 - 00000000 ____D () C:\Analytics
2015-01-17 17:52 - 2015-01-17 17:52 - 00000000 ____D () C:\Windows\System32\Tasks\Western Digital
2015-01-17 17:49 - 2015-01-17 17:49 - 00000000 ____D () C:\Users\brianboyns\AppData\Local\Western_Digital_Technolog
2015-01-17 17:49 - 2015-01-17 17:49 - 00000000 ____D () C:\Users\brianboyns\AppData\Local\Western Digital
2015-01-17 17:48 - 2015-01-17 17:48 - 00001142 _____ () C:\Users\Public\Desktop\WD Security.lnk
2015-01-17 17:48 - 2015-01-17 17:48 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-17 17:41 - 2015-01-17 17:41 - 00001154 _____ () C:\Users\Public\Desktop\WD SmartWare.lnk
2015-01-17 17:40 - 2015-01-17 17:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
2015-01-17 17:40 - 2015-01-17 17:40 - 00001087 _____ () C:\Users\Public\Desktop\WD Drive Utilities.lnk
2015-01-17 17:40 - 2015-01-17 17:40 - 00000000 ____D () C:\Program Files\Western Digital
2015-01-17 17:40 - 2015-01-17 17:40 - 00000000 ____D () C:\Program Files\Common Files\Western Digital
2015-01-17 17:39 - 2015-01-17 17:40 - 00000000 ____D () C:\Program Files (x86)\Western Digital
2015-01-17 17:38 - 2015-01-17 17:41 - 00000000 ____D () C:\ProgramData\Western Digital
2015-01-16 23:49 - 2015-01-16 23:49 - 00000000 ____D () C:\ProgramData\MemeoCommon
2015-01-16 23:48 - 2015-01-18 03:16 - 00000000 ____D () C:\Users\brianboyns\AppData\Roaming\Memeo
2015-01-16 23:48 - 2015-01-16 23:48 - 00001203 _____ () C:\Users\brianboyns\Desktop\Seagate Dashboard.lnk
2015-01-16 23:48 - 2015-01-16 23:48 - 00001138 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Memeo Send.lnk
2015-01-16 23:48 - 2015-01-16 23:48 - 00000162 _____ () C:\MemeoSendAddin
2015-01-16 23:48 - 2015-01-16 23:48 - 00000000 ____D () C:\Users\brianboyns\AppData\Roaming\Seagate
2015-01-16 23:48 - 2015-01-16 23:48 - 00000000 ____D () C:\Users\brianboyns\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Seagate Dashboard
2015-01-16 23:47 - 2015-01-16 23:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Memeo
2015-01-16 23:46 - 2015-01-16 23:47 - 00000000 ____D () C:\Program Files (x86)\Memeo
2015-01-16 23:45 - 2015-01-16 23:46 - 00000000 ____D () C:\Program Files (x86)\Seagate
2015-01-16 23:44 - 2015-01-16 23:44 - 00000000 ____D () C:\Windows\System32\Tasks\Leader Technologies
2015-01-16 23:44 - 2015-01-16 23:44 - 00000000 ____D () C:\Users\brianboyns\AppData\Roaming\Leadertech
2015-01-16 23:14 - 2015-01-16 23:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-16 23:14 - 2015-01-16 23:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-16 23:13 - 2015-01-16 23:13 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-16 23:13 - 2015-01-16 23:13 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-16 23:13 - 2015-01-16 23:13 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-16 23:13 - 2015-01-16 23:13 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-16 23:13 - 2015-01-16 23:13 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-16 22:25 - 2015-01-16 22:25 - 00022343 _____ () C:\Users\brianboyns\Desktop\dds.txt
2015-01-16 22:25 - 2015-01-16 22:25 - 00007642 _____ () C:\Users\brianboyns\Desktop\attach.txt
2015-01-16 22:23 - 2015-01-16 22:23 - 00688992 ____R (Swearware) C:\Users\brianboyns\Downloads\dds.scr
2015-01-16 21:19 - 2015-01-16 21:19 - 00000935 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2015-01-16 21:19 - 2015-01-16 21:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-01-16 21:14 - 2015-01-16 21:14 - 04641208 _____ (AVG Technologies) C:\Users\brianboyns\Downloads\avg_avc_stb_all_2015_5645.exe
2015-01-16 20:54 - 2015-01-16 20:54 - 71040000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2015-01-16 20:54 - 2015-01-16 20:54 - 14048512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2015-01-16 20:54 - 2015-01-16 20:54 - 12967680 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2015-01-16 20:54 - 2015-01-16 20:54 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2015-01-16 20:54 - 2015-01-16 20:54 - 05234952 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2015-01-16 20:54 - 2015-01-16 20:54 - 04263128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-01-16 20:54 - 2015-01-16 20:54 - 03186544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-01-16 20:54 - 2015-01-16 20:54 - 02860760 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-01-16 20:54 - 2015-01-16 20:54 - 02827120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2015-01-16 20:54 - 2015-01-16 20:54 - 01550528 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll
2015-01-16 20:54 - 2015-01-16 20:54 - 01499984 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2015-01-16 20:54 - 2015-01-16 20:54 - 01443340 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-01-16 20:54 - 2015-01-16 20:54 - 01411096 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2015-01-16 20:54 - 2015-01-16 20:54 - 01353472 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2015-01-16 20:54 - 2015-01-16 20:54 - 01287384 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-01-16 20:54 - 2015-01-16 20:54 - 00995120 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
2015-01-16 20:54 - 2015-01-16 20:54 - 00979280 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2015-01-16 20:54 - 2015-01-16 20:54 - 00959704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-01-16 20:54 - 2015-01-16 20:54 - 00922880 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2015-01-16 20:54 - 2015-01-16 20:54 - 00856992 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2015-01-16 20:54 - 2015-01-16 20:54 - 00629464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-01-16 20:54 - 2015-01-16 20:54 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-01-16 20:54 - 2015-01-16 20:54 - 00451096 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2015-01-16 20:54 - 2015-01-16 20:54 - 00366104 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2015-01-16 20:54 - 2015-01-16 20:54 - 00326680 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
2015-01-16 20:54 - 2015-01-16 20:54 - 00326680 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2015-01-16 20:54 - 2015-01-16 20:54 - 00303776 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2015-01-16 20:54 - 2015-01-16 20:54 - 00096568 _____ () C:\Windows\system32\audioLibVc.dll
2015-01-16 20:45 - 2014-12-18 19:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-16 20:45 - 2014-12-18 17:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-16 20:45 - 2014-12-11 09:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-16 20:45 - 2014-12-05 20:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-16 20:45 - 2014-12-05 19:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-16 20:45 - 2014-12-05 19:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2014-12-27 20:06 - 2015-01-18 04:11 - 00000000 ____D () C:\Program Files (x86)\trend micro
2014-12-27 20:05 - 2014-12-27 20:08 - 00000000 ____D () C:\rsit
2014-12-27 20:03 - 2014-12-27 20:03 - 00000000 ____D () C:\Users\brianboyns\AppData\Roaming\Curiolab
2014-12-27 20:00 - 2015-01-16 18:39 - 00000000 ____D () C:\Program Files (x86)\Exterminate It!
2014-12-27 14:38 - 2014-12-27 14:38 - 00000000 ____D () C:\Program Files\Quick Heal
2014-12-27 11:04 - 2015-01-16 18:38 - 00000000 ____D () C:\Users\Arborist.brianboyns-PC\AppData\Roaming\ProductData
2014-12-27 11:03 - 2014-12-27 11:03 - 00000000 ____D () C:\Users\Arborist.brianboyns-PC\AppData\Local\Google
2014-12-27 11:03 - 2014-12-27 11:03 - 00000000 ____D () C:\Users\Arborist.brianboyns-PC\AppData\Local\Avg2015
2014-12-27 03:33 - 2015-01-16 18:38 - 00000000 ____D () C:\Users\brianboyns\AppData\Roaming\Avg_Update_1014av
2014-12-27 03:33 - 2015-01-16 18:38 - 00000000 ____D () C:\ProgramData\Avg_Update_1014av
2014-12-27 03:23 - 2014-12-27 03:23 - 00000000 ____D () C:\Users\brianboyns\AppData\Roaming\AVG2015
2014-12-27 03:21 - 2014-12-27 03:22 - 00000000 ____D () C:\ProgramData\AVG2015
2014-12-27 03:21 - 2014-12-27 03:21 - 00000000 ___HD () C:\$AVG
2014-12-27 03:21 - 2014-12-27 03:21 - 00000000 ____D () C:\Users\brianboyns\AppData\Roaming\TuneUp Software
2014-12-27 03:20 - 2015-01-16 18:31 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-12-27 03:05 - 2014-12-27 03:35 - 00000000 ____D () C:\Users\brianboyns\AppData\Local\Avg2015
2014-12-27 03:05 - 2014-12-27 03:05 - 00000000 ____D () C:\Users\brianboyns\AppData\Local\MFAData
2014-12-26 23:02 - 2015-01-16 23:27 - 00000000 ____D () C:\Users\brianboyns\AppData\Roaming\LavasoftStatistics
2014-12-26 23:02 - 2014-12-26 23:02 - 00004616 _____ () C:\Windows\SysWOW64\LavasoftTcpService.ini
2014-12-26 23:02 - 2014-12-26 23:02 - 00002448 _____ () C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
2014-12-26 23:02 - 2014-12-26 23:02 - 00002448 _____ () C:\Windows\system32\LavasoftTcpServiceOff.ini
2014-12-26 23:02 - 2014-12-16 12:10 - 00358736 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2014-12-26 23:02 - 2014-12-16 12:10 - 00312424 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
2014-12-26 21:12 - 2014-12-26 21:12 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-12-26 20:43 - 2015-01-19 18:00 - 00000474 _____ () C:\Windows\Tasks\SparkTrust Registration3.job
2014-12-26 20:43 - 2014-12-26 20:43 - 00003148 _____ () C:\Windows\System32\Tasks\SparkTrust Registration3
2014-12-26 20:42 - 2015-01-19 02:15 - 00000655 _____ () C:\Windows\Tasks\SparkTrust PC Cleaner Plus_sch_CA20018C-8D82-11E4-A0AF-00262D2C942F.job
2014-12-26 20:42 - 2014-12-26 21:21 - 00000432 _____ () C:\Windows\Tasks\SparkTrust Update Version3_triggeronce.job
2014-12-26 20:42 - 2014-12-26 21:21 - 00000432 _____ () C:\Windows\Tasks\SparkTrust Update Version3.job
2014-12-26 20:42 - 2014-12-26 20:42 - 00004108 _____ () C:\Windows\System32\Tasks\SparkTrust PC Cleaner Plus_sch_CA20018C-8D82-11E4-A0AF-00262D2C942F
2014-12-26 20:42 - 2014-12-26 20:42 - 00003256 _____ () C:\Windows\System32\Tasks\SparkTrust Update Version3
2014-12-26 20:42 - 2014-12-26 20:42 - 00002920 _____ () C:\Windows\System32\Tasks\SparkTrust Update Version3_triggeronce
2014-12-26 20:42 - 2014-12-26 20:42 - 00001323 _____ () C:\Users\brianboyns\Desktop\SparkTrust PC Cleaner Plus.lnk
2014-12-26 19:41 - 2015-01-16 18:33 - 00000000 ___RD () C:\Users\brianboyns\Documents\Dropbox
2014-12-26 13:05 - 2014-12-26 13:05 - 00000197 _____ () C:\Windows\system32\2014-12-26-21-05-42.068-AvastVBoxSVC.exe-2872.log
2014-12-26 06:51 - 2014-12-26 06:51 - 00000197 _____ () C:\Windows\system32\2014-12-26-14-51-58.073-AvastVBoxSVC.exe-2932.log
2014-12-26 04:16 - 2015-01-16 18:33 - 00000000 ____D () C:\Users\brianboyns\Documents\.swt
2014-12-26 04:10 - 2014-12-26 04:10 - 00000247 _____ () C:\Windows\system32\2014-12-26-12-10-09.063-aswFe.exe-6028.log
2014-12-26 04:05 - 2014-12-26 04:10 - 00000247 _____ () C:\Windows\system32\2014-12-26-12-05-06.091-aswFe.exe-5756.log
2014-12-26 04:05 - 2014-12-26 04:05 - 00000197 _____ () C:\Windows\system32\2014-12-26-12-05-01.098-AvastVBoxSVC.exe-5924.log
2014-12-26 03:58 - 2014-12-26 03:58 - 00000197 _____ () C:\Windows\system32\2014-12-26-11-58-51.052-AvastVBoxSVC.exe-3520.log
2014-12-26 03:40 - 2014-12-26 03:40 - 00000197 _____ () C:\Windows\system32\2014-12-26-11-40-07.077-AvastVBoxSVC.exe-3500.log
2014-12-26 01:30 - 2015-01-16 18:40 - 00000000 ____D () C:\Users\Arborist.brianboyns-PC
2014-12-26 01:30 - 2015-01-16 18:33 - 00000000 ____D () C:\Users\Arborist.brianboyns-PC\AppData\Roaming\IObit
2014-12-26 01:30 - 2014-12-26 03:35 - 00000000 ___RD () C:\Users\Arborist.brianboyns-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-12-26 01:30 - 2014-12-26 03:35 - 00000000 ___RD () C:\Users\Arborist.brianboyns-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-26 01:30 - 2014-12-26 01:30 - 00001423 _____ () C:\Users\Arborist.brianboyns-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-26 01:30 - 2014-12-26 01:30 - 00000020 ___SH () C:\Users\Arborist.brianboyns-PC\ntuser.ini
2014-12-26 01:30 - 2014-12-26 01:30 - 00000000 ____D () C:\Users\Arborist.brianboyns-PC\AppData\Roaming\Adobe
2014-12-26 01:30 - 2014-12-26 01:30 - 00000000 ____D () C:\Users\Arborist.brianboyns-PC\AppData\Local\VirtualStore
2014-12-26 01:30 - 2010-09-15 02:03 - 00000000 ____D () C:\Users\Arborist.brianboyns-PC\AppData\Local\Microsoft Help
2014-12-26 01:30 - 2010-05-27 13:07 - 00000000 ____D () C:\Users\Arborist.brianboyns-PC\AppData\Roaming\Macromedia
2014-12-26 01:16 - 2014-12-26 01:16 - 00096760 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT
2014-12-26 00:53 - 2014-12-26 00:53 - 00096760 _____ () C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2014-12-26 00:53 - 2014-12-26 00:53 - 00000197 _____ () C:\Windows\system32\2014-12-26-08-53-40.052-AvastVBoxSVC.exe-3188.log
2014-12-26 00:21 - 2014-12-26 00:21 - 00000197 _____ () C:\Windows\system32\2014-12-26-08-21-03.089-AvastVBoxSVC.exe-1576.log
2014-12-25 23:20 - 2014-12-25 23:20 - 00000197 _____ () C:\Windows\system32\2014-12-26-07-20-39.047-AvastVBoxSVC.exe-368.log
2014-12-25 21:08 - 2014-12-25 21:08 - 00000197 _____ () C:\Windows\system32\2014-12-26-05-08-01.026-AvastVBoxSVC.exe-3032.log
2014-12-25 03:03 - 2014-12-25 03:03 - 00000197 _____ () C:\Windows\system32\2014-12-25-11-03-07.093-AvastVBoxSVC.exe-800.log
2014-12-24 18:41 - 2014-12-24 18:41 - 00000197 _____ () C:\Windows\system32\2014-12-25-02-41-53.018-AvastVBoxSVC.exe-2520.log
2014-12-22 16:50 - 2014-12-22 16:51 - 00000197 _____ () C:\Windows\system32\2014-12-23-00-50-46.056-AvastVBoxSVC.exe-3632.log
2014-12-22 00:04 - 2014-12-22 00:04 - 00000197 _____ () C:\Windows\system32\2014-12-22-08-04-06.081-AvastVBoxSVC.exe-3600.log
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-19 21:00 - 2014-11-19 12:50 - 01290184 _____ () C:\Windows\WindowsUpdate.log
2015-01-19 20:50 - 2013-11-20 17:37 - 00003236 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2609911718-454996853-969934346-1001
2015-01-19 20:15 - 2013-11-07 18:53 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-19 19:45 - 2011-04-07 16:57 - 00000000 ____D () C:\ProgramData\MFAData
2015-01-19 18:46 - 2009-07-13 20:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-19 18:46 - 2009-07-13 20:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-19 18:39 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-19 18:37 - 2012-11-21 14:42 - 00003966 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{D96155D4-8005-4B9B-8A69-8B47057DF86D}
2015-01-19 16:46 - 2014-04-14 11:00 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-19 14:14 - 2014-12-03 03:00 - 00003258 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2609911718-454996853-969934346-1001
2015-01-19 14:14 - 2014-12-03 02:59 - 00003382 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2609911718-454996853-969934346-1001
2015-01-17 18:05 - 2011-03-14 19:14 - 00000464 _____ () C:\Windows\BRWMARK.INI
2015-01-17 17:40 - 2009-07-13 21:13 - 00006750 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-16 23:29 - 2010-05-25 16:36 - 00000000 ____D () C:\ProgramData\Lavasoft
2015-01-16 23:24 - 2014-04-17 17:08 - 00002864 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (brianboyns)
2015-01-16 23:02 - 2011-04-11 18:22 - 00000000 ____D () C:\Program Files (x86)\Safari
2015-01-16 22:23 - 2010-05-25 12:20 - 00000000 ____D () C:\Users\brianboyns
2015-01-16 21:05 - 2013-09-01 02:02 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-16 21:00 - 2010-05-26 04:35 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-16 20:59 - 2013-11-07 18:53 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-16 20:59 - 2013-11-07 18:53 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-16 20:59 - 2013-11-07 18:53 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-16 20:56 - 2009-10-29 21:07 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2015-01-16 18:46 - 2013-11-04 18:16 - 00000000 ____D () C:\ProgramData\ProductData
2015-01-16 18:40 - 2009-07-13 23:45 - 00000000 ____D () C:\Program Files\Windows Journal
2015-01-16 18:40 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2015-01-16 18:40 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2015-01-16 18:40 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-01-16 18:40 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files\Windows Defender
2015-01-16 18:40 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files\DVD Maker
2015-01-16 18:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\com
2015-01-16 18:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\system32\Setup
2015-01-16 18:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\system32\com
2015-01-16 18:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-01-16 18:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\servicing
2015-01-16 18:39 - 2014-09-04 23:40 - 00000000 ____D () C:\Program Files (x86)\Angry Birds
2015-01-16 18:39 - 2014-04-13 23:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-16 18:39 - 2013-12-13 20:45 - 00000000 ____D () C:\Windows\Thief 2 - The Metal Age
2015-01-16 18:39 - 2013-11-29 18:13 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-16 18:39 - 2012-06-07 09:39 - 00000000 ____D () C:\Users\brianboyns\AppData\Roaming\IObit
2015-01-16 18:39 - 2011-06-05 22:51 - 00000000 ____D () C:\Program Files (x86)\Plants vs Zombies
2015-01-16 18:39 - 2011-06-05 22:49 - 00000000 ____D () C:\Program Files (x86)\bfgclient
2015-01-16 18:39 - 2011-04-07 17:46 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-01-16 18:39 - 2011-04-07 17:46 - 00000000 ____D () C:\Program Files\AVAST Software
2015-01-16 18:39 - 2011-04-06 18:25 - 00000000 ____D () C:\Program Files (x86)\Xvid
2015-01-16 18:39 - 2010-08-20 16:03 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2015-01-16 18:39 - 2010-05-25 16:13 - 00000000 ____D () C:\Program Files (x86)\Registry Patrol
2015-01-16 18:39 - 2010-05-25 15:10 - 00000000 ____D () C:\Program Files\Easy CD-DA Extractor 2010
2015-01-16 18:39 - 2010-05-25 13:10 - 00000000 ____D () C:\Program Files (x86)\DVD Decrypter
2015-01-16 18:39 - 2009-10-29 21:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2015-01-16 18:39 - 2009-07-13 21:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-01-16 18:39 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\Speech
2015-01-16 18:39 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\system32\Speech
2015-01-16 18:39 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\AppCompat
2015-01-16 18:39 - 2007-10-10 21:53 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2015-01-16 18:39 - 2007-10-10 21:52 - 00000000 ____D () C:\Program Files (x86)\Gateway Photo Frame
2015-01-16 18:38 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\registration
2015-01-16 18:36 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2015-01-16 18:36 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2015-01-16 18:36 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2015-01-16 18:36 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2015-01-16 18:36 - 2009-07-13 21:32 - 00000000 ____D () C:\Windows\SysWOW64\WindowsPowerShell
2015-01-16 18:36 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\Web
2015-01-16 18:36 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\Vss
2015-01-16 18:36 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\spp
2015-01-16 18:36 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2015-01-16 18:35 - 2013-03-14 18:23 - 00000000 __SHD () C:\Windows\SysWOW64\%APPDATA%
2015-01-16 18:35 - 2011-03-07 19:33 - 00000000 ____D () C:\Windows\system32\SPReview
2015-01-16 18:35 - 2010-06-23 17:24 - 00000000 ____D () C:\Windows\SysWOW64\Backup
2015-01-16 18:35 - 2009-10-29 21:33 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2015-01-16 18:35 - 2009-10-29 21:17 - 00000000 ____D () C:\Windows\SysWOW64\Drivers\nti
2015-01-16 18:35 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\system32\winrm
2015-01-16 18:35 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\system32\WCN
2015-01-16 18:35 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\system32\slmgr
2015-01-16 18:35 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2015-01-16 18:35 - 2009-07-13 21:32 - 00000000 ____D () C:\Windows\system32\WindowsPowerShell
2015-01-16 18:35 - 2009-07-13 21:32 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2015-01-16 18:35 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2015-01-16 18:35 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\InstallShield
2015-01-16 18:35 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\IME
2015-01-16 18:35 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-01-16 18:35 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\system32\sysprep
2015-01-16 18:35 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\system32\spp
2015-01-16 18:35 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\system32\spool
2015-01-16 18:35 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\system32\SMI
2015-01-16 18:35 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\system32\oobe
2015-01-16 18:35 - 2007-10-10 21:39 - 00000000 ____D () C:\Windows\SysWOW64\Lang
2015-01-16 18:34 - 2014-04-25 21:17 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-01-16 18:34 - 2013-12-14 21:25 - 00000000 ____D () C:\Users\Public\Documents\Thief - Deadly Shadows
2015-01-16 18:34 - 2013-12-11 21:28 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2015-01-16 18:34 - 2013-03-14 18:25 - 00000000 __SHD () C:\Windows\system32\%APPDATA%
2015-01-16 18:34 - 2011-10-11 23:07 - 00000000 ____D () C:\Windows\system32\Macromed
2015-01-16 18:34 - 2011-03-07 19:33 - 00000000 ____D () C:\Windows\system32\EventProviders
2015-01-16 18:34 - 2009-10-29 21:23 - 00000000 ____D () C:\Windows\oem
2015-01-16 18:34 - 2009-10-29 21:12 - 00000000 ____D () C:\Windows\OOBEOffer
2015-01-16 18:34 - 2009-07-13 21:32 - 00000000 ____D () C:\Windows\Performance
2015-01-16 18:34 - 2009-07-13 20:45 - 00000000 ____D () C:\Windows\Setup
2015-01-16 18:34 - 2009-07-13 19:20 - 00000000 __RSD () C:\Windows\Media
2015-01-16 18:34 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\system32\MUI
2015-01-16 18:34 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\system32\migwiz
2015-01-16 18:34 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\system32\IME
2015-01-16 18:34 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-01-16 18:34 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\Speech
2015-01-16 18:34 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\security
2015-01-16 18:34 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\schemas
2015-01-16 18:34 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\Resources
2015-01-16 18:34 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2015-01-16 18:34 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-01-16 18:34 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\PLA
2015-01-16 18:34 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\IME
2015-01-16 18:34 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\Help
2015-01-16 18:34 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\Globalization
2015-01-16 18:34 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\Branding
2015-01-16 18:34 - 2007-10-10 21:50 - 00000000 ____D () C:\Windows\Driver Cache
2015-01-16 18:33 - 2014-09-04 23:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rovio Entertainment Ltd
2015-01-16 18:33 - 2014-09-04 23:38 - 00000000 ____D () C:\Users\brianboyns\AppData\Roaming\Rovio Entertainment Ltd
2015-01-16 18:33 - 2014-09-04 23:37 - 00000000 ____D () C:\Users\brianboyns\AppData\Roaming\Rovio
2015-01-16 18:33 - 2014-07-31 02:00 - 00000000 ____D () C:\ProgramData\Ubisoft
2015-01-16 18:33 - 2014-05-28 22:38 - 00000000 ____D () C:\Users\brianboyns\AppData\Roaming\Dropbox
2015-01-16 18:33 - 2014-04-14 21:51 - 00000000 ____D () C:\Users\brianboyns\AppData\Local\Downloaded Installations
2015-01-16 18:33 - 2014-04-14 19:11 - 00000000 ____D () C:\Users\brianboyns\AppData\Roaming\Skype
2015-01-16 18:33 - 2014-04-14 19:11 - 00000000 ____D () C:\Users\brianboyns\AppData\Local\Skype
2015-01-16 18:33 - 2014-04-14 19:11 - 00000000 ____D () C:\ProgramData\Skype
2015-01-16 18:33 - 2014-04-13 23:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-16 18:33 - 2013-12-11 22:11 - 00000000 ____D () C:\ProgramData\Cerber AntiVirus
2015-01-16 18:33 - 2013-12-11 21:55 - 00000000 ____D () C:\Users\brianboyns\.swt
2015-01-16 18:33 - 2013-12-11 21:29 - 00000000 ____D () C:\Users\brianboyns\AppData\Local\SlimWare Utilities Inc
2015-01-16 18:33 - 2013-12-03 17:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft DirectX SDK (June 2010)
2015-01-16 18:33 - 2013-11-09 19:55 - 00000000 ____D () C:\Users\brianboyns\AppData\Roaming\RealNetworks
2015-01-16 18:33 - 2013-11-09 19:55 - 00000000 ____D () C:\ProgramData\RealNetworks
2015-01-16 18:33 - 2013-10-29 21:06 - 00000000 ____D () C:\Users\brianboyns\AppData\Roaming\Mozilla
2015-01-16 18:33 - 2012-09-27 19:27 - 00000000 ____D () C:\Users\brianboyns\AppData\Local\Geckofx
2015-01-16 18:33 - 2012-06-07 09:40 - 00000000 ____D () C:\ProgramData\IObit
2015-01-16 18:33 - 2011-11-25 14:05 - 00000000 ____D () C:\Users\brianboyns\AppData\Local\The Weather Channel
2015-01-16 18:33 - 2011-06-05 22:50 - 00000000 ____D () C:\ProgramData\Big Fish Games
2015-01-16 18:33 - 2011-03-20 22:02 - 00000000 ____D () C:\Users\brianboyns\AppData\Roaming\DivX
2015-01-16 18:33 - 2011-03-20 22:01 - 00000000 ____D () C:\ProgramData\DivX
2015-01-16 18:33 - 2011-02-21 02:45 - 00000000 ____D () C:\ProgramData\InstallMate
2015-01-16 18:33 - 2011-02-02 17:47 - 00000000 ____D () C:\Users\brianboyns\Documents\PIMEX Data
2015-01-16 18:33 - 2011-01-06 22:17 - 00000000 ____D () C:\Users\brianboyns\AppData\Roaming\Arcsoft
2015-01-16 18:33 - 2011-01-06 22:17 - 00000000 ____D () C:\ProgramData\ArcSoft
2015-01-16 18:33 - 2011-01-06 22:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodak
2015-01-16 18:33 - 2011-01-06 22:08 - 00000000 ____D () C:\ProgramData\Kodak
2015-01-16 18:33 - 2010-10-23 06:47 - 00000000 ____D () C:\Program Files\Windows Live
2015-01-16 18:33 - 2010-05-28 01:22 - 00000000 ____D () C:\Users\brianboyns\AppData\Roaming\Real
2015-01-16 18:33 - 2010-05-28 01:22 - 00000000 ____D () C:\ProgramData\Real
2015-01-16 18:33 - 2010-05-27 13:07 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2015-01-16 18:33 - 2010-05-27 13:07 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2015-01-16 18:33 - 2010-05-25 15:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy CD-DA Extractor 2010
2015-01-16 18:33 - 2010-05-25 15:08 - 00000000 ____D () C:\ProgramData\Alwil Software
2015-01-16 18:33 - 2010-05-25 15:05 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-16 18:33 - 2010-05-25 13:20 - 00000000 ____D () C:\Users\brianboyns\AppData\Local\Apple Computer
2015-01-16 18:33 - 2010-05-25 13:20 - 00000000 ____D () C:\Users\brianboyns\AppData\Local\Apple
2015-01-16 18:33 - 2010-05-25 13:20 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-01-16 18:33 - 2010-05-25 12:28 - 00000000 ____D () C:\Users\brianboyns\AppData\Roaming\Adobe
2015-01-16 18:33 - 2010-05-25 12:22 - 00000000 ____D () C:\Users\brianboyns\AppData\Roaming\Macromedia
2015-01-16 18:33 - 2010-05-25 12:22 - 00000000 ____D () C:\Users\brianboyns\AppData\Local\VirtualStore
2015-01-16 18:33 - 2010-05-25 12:20 - 00000000 ___RD () C:\Users\brianboyns\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-16 18:33 - 2010-05-25 12:20 - 00000000 ____D () C:\ProgramData\OEM_E471269A730D
2015-01-16 18:33 - 2009-10-29 21:36 - 00000000 ____D () C:\ProgramData\OEM
2015-01-16 18:33 - 2009-10-29 21:33 - 00000000 ____D () C:\ProgramData\Norton
2015-01-16 18:33 - 2009-10-29 21:32 - 00000000 ____D () C:\ProgramData\Adobe
2015-01-16 18:33 - 2009-10-29 21:27 - 00000000 ____D () C:\ProgramData\Nero
2015-01-16 18:33 - 2009-10-29 21:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2015-01-16 18:33 - 2009-10-29 21:27 - 00000000 ____D () C:\ProgramData\Google
2015-01-16 18:33 - 2009-10-29 21:24 - 00000000 ____D () C:\ProgramData\Gateway
2015-01-16 18:33 - 2009-10-29 21:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-01-16 18:33 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-01-16 18:33 - 2009-07-13 19:20 - 00000000 __RHD () C:\Users\Default
2015-01-16 18:33 - 2009-07-13 19:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-16 18:33 - 2009-07-13 19:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-16 18:33 - 2009-07-13 19:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-16 18:33 - 2009-07-13 19:20 - 00000000 ____D () C:\Program Files\Windows NT
2015-01-16 18:32 - 2013-03-14 18:25 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-01-16 18:32 - 2011-04-07 21:37 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-01-16 18:32 - 2011-03-20 22:02 - 00000000 ____D () C:\Program Files\DivX
2015-01-16 18:32 - 2011-03-09 17:30 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-01-16 18:32 - 2009-10-29 21:24 - 00000000 ____D () C:\Program Files\Gateway
2015-01-16 18:32 - 2009-10-29 21:07 - 00000000 ____D () C:\Program Files\Realtek
2015-01-16 18:32 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files\MSBuild
2015-01-16 18:32 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files\Microsoft Games
2015-01-16 18:32 - 2009-07-13 19:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-01-16 18:32 - 2009-07-13 19:20 - 00000000 ____D () C:\Program Files\Common Files\SpeechEngines
2015-01-16 18:32 - 2009-07-13 19:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-01-16 18:31 - 2014-02-03 18:41 - 00000000 ____D () C:\Program Files (x86)\Thief2
2015-01-16 18:31 - 2013-12-13 21:15 - 00000000 ____D () C:\Games
2015-01-16 18:31 - 2013-12-11 21:07 - 00000000 ____D () C:\Program Files (x86)\Mpath
2015-01-16 18:31 - 2013-12-03 17:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft DirectX SDK (June 2010)
2015-01-16 18:31 - 2013-11-09 19:55 - 00000000 ____D () C:\Program Files (x86)\RealNetworks
2015-01-16 18:31 - 2011-11-09 12:05 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2015-01-16 18:31 - 2011-03-20 22:01 - 00000000 ____D () C:\Program Files (x86)\DivX
2015-01-16 18:31 - 2011-01-06 22:15 - 00000000 ____D () C:\Program Files (x86)\Kodak
2015-01-16 18:31 - 2010-11-25 02:05 - 00000000 ____D () C:\Program Files (x86)\real
2015-01-16 18:31 - 2010-06-23 17:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio .NET 2003
2015-01-16 18:31 - 2010-06-23 17:21 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2015-01-16 18:31 - 2010-05-26 08:55 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-16 18:31 - 2010-05-25 15:40 - 00000000 ____D () C:\Program Files (x86)\Enigma Software Group
2015-01-16 18:31 - 2010-05-25 15:08 - 00000000 ____D () C:\Program Files\Alwil Software
2015-01-16 18:31 - 2009-10-29 21:44 - 00000000 ___HD () C:\OEM
2015-01-16 18:31 - 2009-10-29 21:32 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-01-16 18:31 - 2009-10-29 21:27 - 00000000 ____D () C:\Program Files (x86)\Nero
2015-01-16 18:31 - 2009-10-29 21:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-01-16 18:31 - 2009-10-29 21:23 - 00000000 ____D () C:\Program Files (x86)\Gateway
2015-01-16 18:31 - 2009-10-29 21:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
2015-01-16 18:31 - 2009-10-29 21:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-01-16 18:31 - 2009-10-29 21:17 - 00000000 ____D () C:\Program Files (x86)\NewTech Infosystems
2015-01-16 18:31 - 2009-10-29 21:07 - 00000000 ____D () C:\Program Files (x86)\Realtek
2015-01-16 18:31 - 2009-10-29 21:04 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-16 18:31 - 2009-10-29 20:59 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-01-16 18:31 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2015-01-16 18:31 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-01-16 18:31 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-01-16 18:31 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-01-16 18:31 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-01-16 18:31 - 2009-07-13 19:20 - 00000000 ____D () C:\Program Files (x86)\Windows NT
2015-01-16 18:31 - 2007-10-10 21:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-01-08 09:55 - 2010-07-25 19:20 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-27 15:14 - 2010-05-25 15:40 - 00000000 _____ () C:\AUTOEXEC.BAT
2014-12-27 03:22 - 2010-05-25 12:28 - 00000000 ____D () C:\Users\brianboyns\AppData\Local\Google
2014-12-27 03:22 - 2009-10-29 21:27 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-26 22:39 - 2009-10-29 21:27 - 00000000 ____D () C:\Program Files\Google
2014-12-26 21:43 - 2014-06-18 11:56 - 00000000 ____D () C:\Users\Public\Documents\Screensaver
2014-12-26 21:43 - 2010-06-23 17:24 - 00000000 ____D () C:\Windows\SQLHotfix
2014-12-26 21:43 - 2010-06-13 17:45 - 00000000 ____D () C:\ProgramData\1click dvd copy pro
2014-12-26 21:42 - 2013-11-03 14:48 - 00000000 ____D () C:\temp
2014-12-26 03:35 - 2014-12-14 19:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-26 03:35 - 2014-12-09 00:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-12-26 03:35 - 2014-05-28 22:42 - 00000000 ___RD () C:\Users\brianboyns\Dropbox
2014-12-26 03:35 - 2014-05-28 22:41 - 00000000 ____D () C:\Users\brianboyns\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-26 03:35 - 2014-05-21 16:49 - 00000000 ____D () C:\Users\brianboyns\AppData\Roaming\ProductData
2014-12-26 03:35 - 2013-12-11 21:00 - 00000000 ____D () C:\Users\brianboyns\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2014-12-26 03:35 - 2013-12-11 20:59 - 00000000 ____D () C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-12-26 03:35 - 2013-11-29 18:18 - 00000000 ____D () C:\Users\brianboyns\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-26 03:35 - 2013-11-29 18:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-26 03:35 - 2013-11-27 18:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2014-12-26 03:35 - 2013-11-09 17:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2014-12-26 03:35 - 2013-10-29 22:12 - 00000000 ____D () C:\Users\brianboyns\AppData\Roaming\vlc
2014-12-26 03:35 - 2013-10-01 11:06 - 00000000 ____D () C:\Users\brianboyns\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-12-26 03:35 - 2012-03-21 00:28 - 00000000 ____D () C:\Windows\918F6C1486984231BA242DEE161D007E.TMP
2014-12-26 03:35 - 2011-06-05 22:51 - 00000000 ____D () C:\Users\brianboyns\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plants vs Zombies
2014-12-26 03:35 - 2011-06-05 22:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plants vs Zombies
2014-12-26 03:35 - 2011-05-25 01:30 - 00000000 ____D () C:\Windows\930C05E277684ED6AF82CA2EA90192CE.TMP
2014-12-26 03:35 - 2011-04-26 22:34 - 00000000 ____D () C:\Windows\779979C214934EC292E5D154AE0580D4.TMP
2014-12-26 03:35 - 2011-04-06 18:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
2014-12-26 03:35 - 2011-03-23 21:10 - 00000000 ____D () C:\Windows\6A4A9CD15DF54902ADE898CB01C5FE72.TMP
2014-12-26 03:35 - 2011-03-09 17:24 - 00000000 ____D () C:\Windows\7BA4D682D09C4B2483C06293EAE995D8.TMP
2014-12-26 03:35 - 2010-12-10 19:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-12-26 03:35 - 2010-11-25 02:03 - 00000000 ____D () C:\Windows\4E97AE4712934669BBF34BDE52501A1A.TMP
2014-12-26 03:35 - 2010-10-04 22:43 - 00000000 ____D () C:\Windows\6239C519FFFD4F0A938A78C6F2FA0BFA.TMP
2014-12-26 03:35 - 2010-06-23 17:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Outlook with Business Contact Manager
2014-12-26 03:35 - 2010-06-04 02:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-12-26 03:35 - 2010-05-25 15:39 - 00000000 ____D () C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2014-12-26 03:35 - 2010-05-25 13:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Decrypter
2014-12-26 03:35 - 2010-05-25 12:20 - 00000000 ___RD () C:\Users\brianboyns\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-12-26 03:35 - 2009-10-29 21:23 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gateway
2014-12-26 03:35 - 2009-10-29 21:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gateway MyBackup
2014-12-26 03:35 - 2009-10-29 21:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Matrix Storage Manager
2014-12-26 03:35 - 2009-07-13 23:45 - 00000000 ____D () C:\Windows\ShellNew
2014-12-26 03:35 - 2009-07-13 21:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-26 03:35 - 2009-07-13 19:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-12-26 03:35 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-12-26 03:35 - 2007-10-10 21:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
2014-12-26 03:35 - 2007-10-10 21:53 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-12-25 03:10 - 2010-05-25 13:19 - 00000000 ____D () C:\ProgramData\Apple
2014-12-24 21:19 - 2014-09-04 23:12 - 00000000 ____D () C:\Users\brianboyns\Desktop\Amanda Hug and Kiss' Awesome
2014-12-24 17:28 - 2014-10-23 02:21 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-12-20 18:51 - 2010-05-25 13:20 - 00000000 ____D () C:\Users\brianboyns\AppData\Roaming\Apple Computer
==================== Files in the root of some directories =======
2011-11-09 12:18 - 2011-11-09 12:18 - 0000235 ____R () C:\Users\brianboyns\AppData\Roaming\devices.xml
2010-06-13 17:21 - 2010-08-11 15:36 - 0099384 ____R () C:\Users\brianboyns\AppData\Roaming\inst.exe
2014-12-26 20:42 - 2015-01-18 04:15 - 0000115 _____ () C:\Users\brianboyns\AppData\Roaming\LogFile.txt
2010-06-13 17:21 - 2010-08-11 15:36 - 0007859 ____R () C:\Users\brianboyns\AppData\Roaming\pcouffin.cat
2010-06-13 17:21 - 2010-08-11 15:36 - 0001167 ____R () C:\Users\brianboyns\AppData\Roaming\pcouffin.inf
2010-06-13 17:21 - 2010-08-11 15:36 - 0082816 ____R (VSO Software) C:\Users\brianboyns\AppData\Roaming\pcouffin.sys
2011-11-09 12:18 - 2011-11-09 12:18 - 0000012 ____R () C:\Users\brianboyns\AppData\Roaming\settings.xml
2010-05-25 19:29 - 2010-05-25 19:29 - 0025003 ____R () C:\Users\brianboyns\AppData\Roaming\UserTile.png
2010-06-12 16:24 - 2012-01-06 20:27 - 0000992 ____R () C:\Users\brianboyns\AppData\Roaming\wklnhst.dat
2010-06-24 20:04 - 2014-06-12 11:43 - 0008192 ____R () C:\Users\brianboyns\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-01-06 22:23 - 2011-01-06 22:23 - 0000022 ____R () C:\Users\brianboyns\AppData\Local\kodakpcd.ini
2010-05-25 21:39 - 2014-11-26 23:47 - 0007599 ____R () C:\Users\brianboyns\AppData\Local\Resmon.ResmonCfg
2013-02-07 20:53 - 2013-02-07 20:53 - 0000063 _____ () C:\ProgramData\6431861.bat
2013-02-07 20:53 - 2013-02-07 20:53 - 0000153 _____ () C:\ProgramData\6431861.reg
2013-11-02 16:14 - 2013-11-02 16:14 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Files to move or delete:
====================
C:\ProgramData\6431861.bat
C:\ProgramData\6431861.reg
Some content of TEMP:
====================
C:\Users\brianboyns\AppData\Local\Temp\Quarantine.exe
C:\Users\brianboyns\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
==================== BCD ================================
Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=\Device\HarddiskVolume2
description Windows Boot Manager
locale en-US
inherit {globalsettings}
default {current}
resumeobject {1ceb0ce6-77c4-11dc-8553-d47fee6b0c34}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Windows Boot Loader
-------------------
identifier {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale en-US
inherit {bootloadersettings}
recoverysequence {1ceb0ce8-77c4-11dc-8553-d47fee6b0c34}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {1ceb0ce6-77c4-11dc-8553-d47fee6b0c34}
nx OptIn
Windows Boot Loader
-------------------
identifier {1ceb0ce8-77c4-11dc-8553-d47fee6b0c34}
device ramdisk=[C:]\Recovery\1ceb0ce8-77c4-11dc-8553-d47fee6b0c34\Winre.wim,{1ceb0ce9-77c4-11dc-8553-d47fee6b0c34}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\1ceb0ce8-77c4-11dc-8553-d47fee6b0c34\Winre.wim,{1ceb0ce9-77c4-11dc-8553-d47fee6b0c34}
systemroot \windows
nx OptIn
winpe Yes
Resume from Hibernate
---------------------
identifier {1ceb0ce6-77c4-11dc-8553-d47fee6b0c34}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale en-US
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No
Windows Memory Tester
---------------------
identifier {memdiag}
device partition=\Device\HarddiskVolume2
path \boot\memtest.exe
description Windows Memory Diagnostic
locale en-US
inherit {globalsettings}
badmemoryaccess Yes
Real-mode Boot Sector
---------------------
identifier {1ceb0cea-77c4-11dc-8553-d47fee6b0c34}
device partition=C:
path \shldr.mbr
description SpyHunter Rescue
Real-mode Boot Sector
---------------------
identifier {1ceb0ceb-77c4-11dc-8553-d47fee6b0c34}
device partition=C:
path \shldr.mbr
description SpyHunter Rescue
EMS Settings
------------
identifier {emssettings}
bootems Yes
Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
RAM Defects
-----------
identifier {badmemory}
Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}
Device options
--------------
identifier {1ceb0ce9-77c4-11dc-8553-d47fee6b0c34}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\1ceb0ce8-77c4-11dc-8553-d47fee6b0c34\boot.sdi
LastRegBack: 2015-01-17 10:54
==================== End Of Log ============================