Thanks for your help
Ralph
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016
Ran by start_000 (administrator) on RALPH (08-02-2016 15:22:29)
Running from C:\Users\start_000\Downloads
Loaded Profiles: start_000 (Available Profiles: start_000 & Administrator & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Brother Industries Ltd.) C:\Brother\BPRSP\resources\BrSupSsp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.201.11370.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139768 2016-02-06] (AVAST Software)
HKLM-x32\...\Run: [PowerDVD14Agent] => C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe [795672 2014-08-12] (CyberLink Corp.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5893920 2015-11-12] (IObit)
HKLM-x32\...\Run: [BrHelp] => c:\program files (x86)\brother\brother help\brotherhelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-4239315751-2608994865-2960470113-1008\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2015-07-13] (TomTom)
HKU\S-1-5-21-4239315751-2608994865-2960470113-1008\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-4239315751-2608994865-2960470113-1008\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7935904 2016-01-22] (SUPERAntiSpyware)
HKU\S-1-5-21-4239315751-2608994865-2960470113-1008\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd)
HKU\S-1-5-21-4239315751-2608994865-2960470113-1008\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe [10566352 2015-09-02] ()
HKU\S-1-5-21-4239315751-2608994865-2960470113-1008\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1403304 2016-01-28] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-4239315751-2608994865-2960470113-1008\...\RunOnce: [Uninstall C:\Users\start_000\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\start_000\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
HKU\S-1-5-21-4239315751-2608994865-2960470113-1008\...\Policies\Explorer: [NoInstrumentation] 0
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1403304 2016-01-28] (Garmin Ltd. or its subsidiaries)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-02-04] (AVAST Software)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll [2015-10-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll [2015-10-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-01-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-01-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-01-22] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Brother BPRSP.lnk [2015-08-28]
ShortcutTarget: Brother BPRSP.lnk -> C:\Windows\Installer\{8040527F-DD74-4B45-8A06-C4BF145B6C76}\BrSupSsp.exe_6861D01CB00C428FAA7298BB572A9511.exe (Flexera Software LLC)
Startup: C:\Users\Ralph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2014-03-17]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{8def33c9-d402-4c1f-b94b-3b2aca53daa6}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{aa55db39-edac-4607-a04d-bf2130a2cd71}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKU\S-1-5-21-4239315751-2608994865-2960470113-1008\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/
SearchScopes: HKU\S-1-5-21-4239315751-2608994865-2960470113-1008 -> {729582B7-CDB9-4D1F-A6EA-3CE1F3F03E02} URL =
SearchScopes: HKU\S-1-5-21-4239315751-2608994865-2960470113-1008 -> {96CAAC3F-DDAC-429C-8D64-745C19A15013} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12] (IObit)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-12-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_72\bin\ssv.dll [2016-01-22] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-02-04] (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-01-22] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_72\bin\jp2ssv.dll [2016-01-22] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-12-18] (Microsoft Corporation)
BHO-x32: Protect My Choices (Beta) -> {3DFCDCA1-AEAC-4302-A690-BFB683568BAA} -> C:\Program Files (x86)\DigitalAdvertisingAlliance\Protect My Choices\pmc.dll [2015-09-16] (Digital Advertising Alliance)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-04] (AVAST Software)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-01-22] (Microsoft Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKU\S-1-5-21-4239315751-2608994865-2960470113-1008 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/pub/sh ... tor/sw.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.co ... 5.22.0.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-4239315751-2608994865-2960470113-1008 -> hxxp://www.yahoo.com/
FireFox:
========
FF ProfilePath: C:\Users\start_000\AppData\Roaming\Mozilla\Firefox\Profiles\fcly5hd4.default
FF NewTab: about:home
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Google
FF DefaultSearchUrl: hxxps://search.yahoo.com/yhs/search
FF SearchEngineOrder.1: Yahoo! (Avast)
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.yahoo.com
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-20] ()
FF Plugin: @java.com/DTPlugin,version=11.72.2 -> C:\Program Files\Java\jre1.8.0_72\bin\dtplugin\npDeployJava1.dll [2016-01-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.72.2 -> C:\Program Files\Java\jre1.8.0_72\bin\plugin2\npjp2.dll [2016-01-22] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1223183.dll [2015-12-21] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-03-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4239315751-2608994865-2960470113-1008: @citrixonline.com/appdetectorplugin -> C:\Users\start_000\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-11-07] (Citrix Online)
FF SearchPlugin: C:\Users\start_000\AppData\Roaming\Mozilla\Firefox\Profiles\fcly5hd4.default\searchplugins\bing-lavasoft.xml [2016-01-03]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-02-04]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-02-04]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2016-02-04]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-02-04]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [446240 2016-01-05] (IObit)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-02-04] (AVAST Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2787512 2015-12-22] (Microsoft Corporation)
S3 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [803856 2016-01-28] (Garmin Ltd. or its subsidiaries)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [882464 2015-11-04] (IObit)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-25] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
S3 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-03-26] (CyberLink)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
S4 WysePocketCloud; C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe [16176 2013-06-21] ()
S4 WyseRemoteAccess; C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe [1436160 2012-11-29] (Wyse Technology.) [File not signed]
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [77824 2012-06-19] (Atheros) [File not signed]
U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-02-04] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-02-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-02-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-02-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-02-04] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1065720 2016-02-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-02-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-02-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [286440 2016-02-04] (AVAST Software)
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4341424 2016-01-06] (Qualcomm Atheros Communications, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-08-29] (CyberLink)
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2015-03-25] (IObit)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-03-22] (REALiX(tm))
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [185088 2015-12-04] (Intel Corporation)
S0 ngvss; no ImagePath
R1 RawDisk3; C:\WINDOWS\system32\drivers\rawdsk3.sys [32912 2015-03-25] (EldoS Corporation)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2015-03-25] (IObit.com)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [935168 2015-12-20] (Realtek )
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [407768 2015-12-04] (Realsil Semiconductor Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2015-03-25] (IObit.com)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [32456 2014-08-11] (CyberLink Corp.)
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-02-08 15:22 - 2016-02-08 15:22 - 00021762 _____ C:\Users\start_000\Downloads\FRST.txt
2016-02-08 15:21 - 2016-02-08 15:22 - 00000000 ____D C:\FRST
2016-02-08 15:20 - 2016-02-08 15:21 - 02370560 _____ (Farbar) C:\Users\start_000\Downloads\FRST64.exe
2016-02-08 10:53 - 2016-02-08 10:53 - 00631383 _____ C:\Users\start_000\Downloads\Statement_Jan 2016.pdf
2016-02-08 10:13 - 2016-02-08 10:13 - 00388608 _____ (Trend Micro Inc.) C:\Users\start_000\Downloads\HijackThis.exe
2016-02-06 14:20 - 2016-02-06 14:20 - 00001886 _____ C:\Users\start_000\Desktop\Intel(R) HD Graphics 2500 Saturday, February 6, 2016 .txt
2016-02-05 17:19 - 2016-02-05 17:20 - 00000022 _____ C:\Users\start_000\Downloads\Attachments_201625 (7).zip
2016-02-05 17:16 - 2016-02-05 17:17 - 00000022 _____ C:\Users\start_000\Downloads\Attachments_201625 (6).zip
2016-02-05 17:16 - 2016-02-05 17:16 - 00000022 _____ C:\Users\start_000\Downloads\Attachments_201625 (5).zip
2016-02-05 17:15 - 2016-02-05 17:16 - 00000022 _____ C:\Users\start_000\Downloads\Attachments_201625 (4).zip
2016-02-05 17:14 - 2016-02-05 17:15 - 00000022 _____ C:\Users\start_000\Downloads\Attachments_201625 (3).zip
2016-02-05 17:13 - 2016-02-05 17:14 - 00000022 _____ C:\Users\start_000\Downloads\Attachments_201625 (2).zip
2016-02-05 17:13 - 2016-02-05 17:13 - 01131054 _____ C:\Users\start_000\Downloads\Attachments_201625 (1).zip
2016-02-05 17:11 - 2016-02-05 17:12 - 00000022 _____ C:\Users\start_000\Downloads\Attachments_201625.zip
2016-02-04 09:18 - 2016-02-04 09:18 - 00004006 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-02-04 09:18 - 2016-02-04 09:18 - 00003156 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1454594977
2016-02-04 09:18 - 2016-02-04 09:18 - 00001987 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2016-02-04 09:18 - 2016-02-04 09:18 - 00001090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-02-04 09:18 - 2016-02-04 09:05 - 01065720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2016-02-04 09:18 - 2016-02-04 09:05 - 00463744 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2016-02-04 09:18 - 2016-02-04 09:05 - 00398152 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-02-04 09:18 - 2016-02-04 09:05 - 00286440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2016-02-04 09:18 - 2016-02-04 09:05 - 00165344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-02-04 09:18 - 2016-02-04 09:05 - 00107792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-02-04 09:18 - 2016-02-04 09:05 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-02-04 09:18 - 2016-02-04 09:05 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-02-04 09:18 - 2016-02-04 09:05 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-02-04 09:18 - 2016-02-04 09:05 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2016-02-04 09:10 - 2016-02-06 16:31 - 00000258 _____ C:\WINDOWS\Tasks\ASC9_SkipUac_start_000.job
2016-02-04 09:10 - 2016-02-04 09:10 - 00003306 _____ C:\WINDOWS\System32\Tasks\ASC9_PerformanceMonitor
2016-02-04 09:10 - 2016-02-04 09:10 - 00002446 _____ C:\WINDOWS\System32\Tasks\ASC9_SkipUac_start_000
2016-02-04 09:05 - 2016-02-04 09:05 - 00052184 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-02-02 09:04 - 2016-02-02 09:04 - 00002500 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_start_000
2016-02-02 09:04 - 2016-02-02 09:04 - 00000298 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_start_000.job
2016-02-02 09:03 - 2016-02-02 09:03 - 00003622 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2016-02-02 09:03 - 2016-02-02 09:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2016-01-29 09:11 - 2016-01-29 09:11 - 00003428 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler
2016-01-29 09:11 - 2016-01-29 09:11 - 00003084 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (start_000)
2016-01-29 09:10 - 2016-01-29 09:11 - 14423632 _____ (IObit ) C:\Users\start_000\Downloads\driver_booster_setup (1).exe
2016-01-29 09:09 - 2016-01-16 01:37 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-01-29 09:09 - 2016-01-16 01:36 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-29 09:09 - 2016-01-16 01:36 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-29 09:09 - 2016-01-16 01:34 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-29 09:09 - 2016-01-16 01:24 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-01-29 09:09 - 2016-01-16 01:23 - 08728920 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-01-29 09:09 - 2016-01-16 01:23 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-29 09:09 - 2016-01-16 01:23 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-29 09:09 - 2016-01-16 01:23 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-01-29 09:09 - 2016-01-16 01:23 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-01-29 09:09 - 2016-01-16 01:23 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-01-29 09:09 - 2016-01-16 01:21 - 22572624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-01-29 09:09 - 2016-01-16 01:21 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-01-29 09:09 - 2016-01-16 01:20 - 06971752 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-01-29 09:09 - 2016-01-16 01:20 - 06600904 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-01-29 09:09 - 2016-01-16 01:20 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-29 09:09 - 2016-01-16 01:20 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-01-29 09:09 - 2016-01-16 01:20 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-01-29 09:09 - 2016-01-16 01:19 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-29 09:09 - 2016-01-16 01:19 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-01-29 09:09 - 2016-01-16 01:17 - 21125400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-01-29 09:09 - 2016-01-16 01:16 - 05238360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-01-29 09:09 - 2016-01-16 01:13 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-01-29 09:09 - 2016-01-16 01:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-01-29 09:09 - 2016-01-16 01:12 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-01-29 09:09 - 2016-01-16 01:09 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-01-29 09:09 - 2016-01-16 01:08 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-01-29 09:09 - 2016-01-16 01:08 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-01-29 09:09 - 2016-01-16 00:46 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-01-29 09:09 - 2016-01-16 00:45 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-29 09:09 - 2016-01-16 00:44 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-01-29 09:09 - 2016-01-16 00:44 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-01-29 09:09 - 2016-01-16 00:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
2016-01-29 09:09 - 2016-01-16 00:44 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2016-01-29 09:09 - 2016-01-16 00:43 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2016-01-29 09:09 - 2016-01-16 00:42 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-01-29 09:09 - 2016-01-16 00:42 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll
2016-01-29 09:09 - 2016-01-16 00:41 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-01-29 09:09 - 2016-01-16 00:40 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-01-29 09:09 - 2016-01-16 00:40 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2016-01-29 09:09 - 2016-01-16 00:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-01-29 09:09 - 2016-01-16 00:40 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe
2016-01-29 09:09 - 2016-01-16 00:39 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2016-01-29 09:09 - 2016-01-16 00:38 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-01-29 09:09 - 2016-01-16 00:38 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-01-29 09:09 - 2016-01-16 00:38 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-01-29 09:09 - 2016-01-16 00:38 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2016-01-29 09:09 - 2016-01-16 00:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-01-29 09:09 - 2016-01-16 00:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-01-29 09:09 - 2016-01-16 00:37 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-01-29 09:09 - 2016-01-16 00:37 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-01-29 09:09 - 2016-01-16 00:36 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-01-29 09:09 - 2016-01-16 00:36 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2016-01-29 09:09 - 2016-01-16 00:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-01-29 09:09 - 2016-01-16 00:36 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-01-29 09:09 - 2016-01-16 00:36 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2016-01-29 09:09 - 2016-01-16 00:35 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-01-29 09:09 - 2016-01-16 00:35 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-01-29 09:09 - 2016-01-16 00:35 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll
2016-01-29 09:09 - 2016-01-16 00:34 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-01-29 09:09 - 2016-01-16 00:34 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-01-29 09:09 - 2016-01-16 00:34 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2016-01-29 09:09 - 2016-01-16 00:34 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-01-29 09:09 - 2016-01-16 00:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2016-01-29 09:09 - 2016-01-16 00:33 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-01-29 09:09 - 2016-01-16 00:33 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-01-29 09:09 - 2016-01-16 00:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-01-29 09:09 - 2016-01-16 00:32 - 24602624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-01-29 09:09 - 2016-01-16 00:32 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-01-29 09:09 - 2016-01-16 00:32 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2016-01-29 09:09 - 2016-01-16 00:31 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-01-29 09:09 - 2016-01-16 00:31 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-01-29 09:09 - 2016-01-16 00:31 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-01-29 09:09 - 2016-01-16 00:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-01-29 09:09 - 2016-01-16 00:31 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe
2016-01-29 09:09 - 2016-01-16 00:30 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-01-29 09:09 - 2016-01-16 00:30 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-01-29 09:09 - 2016-01-16 00:30 - 01053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-01-29 09:09 - 2016-01-16 00:30 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-01-29 09:09 - 2016-01-16 00:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-01-29 09:09 - 2016-01-16 00:30 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2016-01-29 09:09 - 2016-01-16 00:29 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-01-29 09:09 - 2016-01-16 00:29 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-01-29 09:09 - 2016-01-16 00:28 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-01-29 09:09 - 2016-01-16 00:28 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-01-29 09:09 - 2016-01-16 00:28 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-01-29 09:09 - 2016-01-16 00:28 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2016-01-29 09:09 - 2016-01-16 00:28 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-01-29 09:09 - 2016-01-16 00:27 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-01-29 09:09 - 2016-01-16 00:26 - 19338752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-01-29 09:09 - 2016-01-16 00:26 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-01-29 09:09 - 2016-01-16 00:26 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-01-29 09:09 - 2016-01-16 00:26 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll
2016-01-29 09:09 - 2016-01-16 00:26 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-01-29 09:09 - 2016-01-16 00:25 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2016-01-29 09:09 - 2016-01-16 00:25 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-01-29 09:09 - 2016-01-16 00:25 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-01-29 09:09 - 2016-01-16 00:24 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-01-29 09:09 - 2016-01-16 00:24 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-01-29 09:09 - 2016-01-16 00:24 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-01-29 09:09 - 2016-01-16 00:24 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-01-29 09:09 - 2016-01-16 00:24 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-01-29 09:09 - 2016-01-16 00:23 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-01-29 09:09 - 2016-01-16 00:23 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-01-29 09:09 - 2016-01-16 00:21 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-01-29 09:09 - 2016-01-16 00:20 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-01-29 09:09 - 2016-01-16 00:20 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-01-29 09:09 - 2016-01-16 00:20 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-01-29 09:09 - 2016-01-16 00:20 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2016-01-29 09:09 - 2016-01-16 00:19 - 12126208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-01-29 09:09 - 2016-01-16 00:19 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-01-29 09:09 - 2016-01-16 00:19 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-01-29 09:09 - 2016-01-16 00:19 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-01-29 09:09 - 2016-01-16 00:19 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-01-29 09:09 - 2016-01-16 00:18 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-01-29 09:09 - 2016-01-16 00:18 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-29 09:09 - 2016-01-16 00:17 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-01-29 09:09 - 2016-01-16 00:16 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-01-29 09:09 - 2016-01-16 00:16 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-29 09:09 - 2016-01-16 00:15 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-01-29 09:09 - 2016-01-16 00:14 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-01-29 09:09 - 2016-01-16 00:14 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-01-29 09:09 - 2016-01-16 00:11 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-01-29 09:09 - 2016-01-16 00:09 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-01-26 09:15 - 2016-01-26 09:15 - 06828320 _____ (Piriform Ltd) C:\Users\start_000\Downloads\ccsetup514.exe
2016-01-22 17:00 - 2016-01-22 17:00 - 00110176 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-01-21 15:28 - 2016-01-21 15:28 - 02006715 _____ C:\Users\start_000\Downloads\DivineEats_Chicken.pdf
2016-01-21 15:28 - 2016-01-21 15:28 - 02006715 _____ C:\Users\start_000\Downloads\DivineEats_Chicken (2).pdf
2016-01-21 15:28 - 2016-01-21 15:28 - 02006715 _____ C:\Users\start_000\Downloads\DivineEats_Chicken (1).pdf
2016-01-21 07:33 - 2016-01-21 07:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2016-01-21 07:32 - 2016-01-21 07:32 - 41171496 _____ (IObit ) C:\Users\start_000\Downloads\advanced-systemcare-setup.exe
2016-01-21 07:27 - 2016-01-21 07:28 - 00003626 _____ C:\WINDOWS\System32\Tasks\SmartDefrag4_Defrag
2016-01-19 09:18 - 2016-02-05 17:16 - 00000000 ____D C:\Users\start_000\Desktop\Upstate NY Pics
2016-01-12 16:38 - 2016-01-12 16:38 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-01-12 16:37 - 2016-01-12 16:37 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-12 16:20 - 2016-01-12 16:20 - 05074496 _____ (Intel) C:\Users\start_000\Downloads\Intel Driver Update Utility Installer (1).exe
2016-01-12 15:36 - 2016-01-04 21:51 - 07477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-12 15:36 - 2016-01-04 21:51 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-01-12 15:36 - 2016-01-04 21:51 - 01141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-01-12 15:36 - 2016-01-04 21:50 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-12 15:36 - 2016-01-04 21:48 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-12 15:36 - 2016-01-04 21:45 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-01-12 15:36 - 2016-01-04 21:42 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-01-12 15:36 - 2016-01-04 21:37 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-12 15:36 - 2016-01-04 21:37 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-12 15:36 - 2016-01-04 21:37 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-12 15:36 - 2016-01-04 21:37 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-12 15:36 - 2016-01-04 21:37 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-01-12 15:36 - 2016-01-04 21:36 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-01-12 15:36 - 2016-01-04 21:33 - 02180128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-12 15:36 - 2016-01-04 21:33 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-12 15:36 - 2016-01-04 21:33 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-12 15:36 - 2016-01-04 21:33 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-01-12 15:36 - 2016-01-04 21:33 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-12 15:36 - 2016-01-04 21:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-01-12 15:36 - 2016-01-04 21:27 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-12 15:36 - 2016-01-04 21:24 - 00796352 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-01-12 15:36 - 2016-01-04 21:23 - 01804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-12 15:36 - 2016-01-04 21:23 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-01-12 15:36 - 2016-01-04 21:23 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-12 15:36 - 2016-01-04 21:23 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-12 15:36 - 2016-01-04 21:21 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-12 15:36 - 2016-01-04 21:17 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-12 15:36 - 2016-01-04 21:16 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-12 15:36 - 2016-01-04 20:57 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll
2016-01-12 15:36 - 2016-01-04 20:57 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-01-12 15:36 - 2016-01-04 20:56 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-01-12 15:36 - 2016-01-04 20:54 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-01-12 15:36 - 2016-01-04 20:53 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2016-01-12 15:36 - 2016-01-04 20:52 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-12 15:36 - 2016-01-04 20:51 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-01-12 15:36 - 2016-01-04 20:51 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-01-12 15:36 - 2016-01-04 20:50 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-01-12 15:36 - 2016-01-04 20:50 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-01-12 15:36 - 2016-01-04 20:49 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-01-12 15:36 - 2016-01-04 20:49 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-12 15:36 - 2016-01-04 20:49 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-01-12 15:36 - 2016-01-04 20:49 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-01-12 15:36 - 2016-01-04 20:49 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
2016-01-12 15:36 - 2016-01-04 20:48 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-12 15:36 - 2016-01-04 20:48 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-12 15:36 - 2016-01-04 20:48 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-01-12 15:36 - 2016-01-04 20:47 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-01-12 15:36 - 2016-01-04 20:47 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-12 15:36 - 2016-01-04 20:47 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-12 15:36 - 2016-01-04 20:45 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-12 15:36 - 2016-01-04 20:45 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-01-12 15:36 - 2016-01-04 20:44 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2016-01-12 15:36 - 2016-01-04 20:43 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-01-12 15:36 - 2016-01-04 20:43 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-12 15:36 - 2016-01-04 20:43 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-01-12 15:36 - 2016-01-04 20:42 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-01-12 15:36 - 2016-01-04 20:41 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-12 15:36 - 2016-01-04 20:41 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-01-12 15:36 - 2016-01-04 20:40 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-12 15:36 - 2016-01-04 20:40 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-01-12 15:36 - 2016-01-04 20:39 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-01-12 15:36 - 2016-01-04 20:39 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-12 15:36 - 2016-01-04 20:39 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-01-12 15:36 - 2016-01-04 20:39 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-12 15:36 - 2016-01-04 20:38 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-12 15:36 - 2016-01-04 20:36 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-12 15:36 - 2016-01-04 20:36 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-12 15:36 - 2016-01-04 20:30 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-01-12 15:36 - 2016-01-04 20:30 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-01-12 15:36 - 2016-01-04 20:29 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-01-12 15:36 - 2016-01-04 20:28 - 07826432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-01-12 15:36 - 2016-01-04 20:28 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-01-12 15:36 - 2016-01-04 20:25 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-02-08 15:07 - 2014-08-08 14:54 - 00004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{0B596711-D62E-4C9A-A60C-AE56F81F2B11}
2016-02-08 11:24 - 2014-12-22 11:11 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-02-08 10:14 - 2014-07-22 13:58 - 00000000 ____D C:\Users\start_000\AppData\Local\VirtualStore
2016-02-08 08:04 - 2015-03-22 09:07 - 00000000 ____D C:\ProgramData\ProductData
2016-02-07 17:30 - 2015-10-30 02:21 - 00000000 ____D C:\WINDOWS\INF
2016-02-07 17:24 - 2015-11-23 16:11 - 00917148 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-07 17:19 - 2014-07-22 13:58 - 00000000 __SHD C:\Users\start_000\IntelGraphicsProfiles
2016-02-07 17:18 - 2015-11-23 15:58 - 00000000 ____D C:\Users\start_000
2016-02-07 17:17 - 2015-11-23 16:13 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-07 14:47 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-07 11:15 - 2014-07-23 03:27 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-02-07 10:36 - 2014-07-22 18:27 - 00000000 ___RD C:\Users\start_000\OneDrive
2016-02-06 14:11 - 2014-12-27 09:07 - 00000000 ____D C:\Users\start_000\Downloads\Intel Components
2016-02-06 14:07 - 2015-10-30 02:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-06 14:04 - 2015-11-23 15:58 - 00000000 ____D C:\Users\DefaultAppPool
2016-02-05 17:19 - 2014-07-22 13:58 - 00000000 ____D C:\Users\start_000\AppData\Local\Packages
2016-02-05 10:22 - 2014-03-11 15:44 - 00007891 _____ C:\WINDOWS\BRRBCOM.INI
2016-02-05 08:52 - 2015-10-30 01:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-02-05 08:45 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\registration
2016-02-05 08:24 - 2014-12-17 15:24 - 00000000 ____D C:\Users\start_000\AppData\Local\ElevatedDiagnostics
2016-02-04 09:21 - 2015-11-23 08:13 - 00000000 ___RD C:\Users\start_000\Desktop\Performance
2016-02-04 09:05 - 2015-01-11 09:42 - 00000000 ____D C:\ProgramData\AVAST Software
2016-02-04 09:02 - 2015-06-12 18:10 - 00000000 ____D C:\Users\start_000\Documents\My Filehippo Downloads
2016-02-02 09:04 - 2014-03-11 16:01 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-02 09:03 - 2015-11-07 16:00 - 00000000 ____D C:\Program Files (x86)\Garmin
2016-01-31 10:48 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\rescache
2016-01-30 10:14 - 2013-12-05 12:58 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-01-30 10:13 - 2015-11-09 15:31 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-01-30 10:13 - 2014-12-22 10:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-30 10:12 - 2015-10-30 02:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-01-30 10:12 - 2015-10-30 02:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-01-30 10:12 - 2015-10-30 02:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-01-30 10:12 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-01-30 10:12 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-01-30 10:12 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-30 10:12 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-01-30 10:04 - 2014-11-26 13:50 - 00000178 _____ C:\Users\start_000\Desktop\Yahoo.url
2016-01-29 10:39 - 2015-10-30 02:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-29 09:11 - 2015-10-22 14:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2016-01-29 09:03 - 2014-12-22 10:55 - 00001240 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-01-29 09:03 - 2014-12-22 10:55 - 00001228 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-01-29 09:02 - 2015-11-03 15:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-26 09:16 - 2015-12-21 09:23 - 00000867 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-01-22 17:00 - 2015-08-21 14:17 - 00000000 ____D C:\Users\start_000\.oracle_jre_usage
2016-01-22 17:00 - 2014-03-11 18:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-01-22 16:59 - 2014-07-23 03:17 - 00000000 ____D C:\Program Files\Java
2016-01-22 13:02 - 2015-10-30 02:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-01-22 13:01 - 2014-03-12 15:25 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-01-21 07:33 - 2015-12-04 14:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2016-01-21 07:33 - 2015-10-22 14:41 - 00000000 ____D C:\Program Files (x86)\IObit
2016-01-21 07:33 - 2015-03-22 09:07 - 00000000 ____D C:\Users\start_000\AppData\Roaming\IObit
2016-01-19 08:03 - 2015-11-23 15:58 - 00000000 ____D C:\Users\Ralph
2016-01-19 08:03 - 2015-11-23 15:58 - 00000000 ____D C:\Users\Administrator
2016-01-14 16:38 - 2014-03-11 17:31 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-14 16:35 - 2014-03-11 17:31 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-12 16:21 - 2015-11-05 15:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2016-01-12 16:20 - 2015-11-05 15:36 - 00000000 ____D C:\Program Files (x86)\Intel Driver Update Utility
==================== Files in the root of some directories =======
2014-07-22 16:09 - 2014-07-22 16:09 - 0000017 _____ () C:\Users\start_000\AppData\Local\resmon.resmoncfg
2013-10-09 14:46 - 2013-10-09 14:46 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2013-10-09 14:43 - 2013-10-09 14:43 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2013-10-09 14:43 - 2013-10-09 14:44 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2013-10-09 14:42 - 2013-10-09 14:42 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2013-10-09 14:45 - 2013-10-09 14:46 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-02-05 09:07
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-02-2016
Ran by start_000 (2016-02-08 15:23:09)
Running from C:\Users\start_000\Downloads
Windows 10 Home (X64) (2015-11-23 21:20:35)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4239315751-2608994865-2960470113-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-4239315751-2608994865-2960470113-503 - Limited - Disabled)
Guest (S-1-5-21-4239315751-2608994865-2960470113-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4239315751-2608994865-2960470113-1007 - Limited - Enabled)
start_000 (S-1-5-21-4239315751-2608994865-2960470113-1008 - Administrator - Enabled) => C:\Users\start_000
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.3.183 - Adobe Systems, Inc.)
Advanced SystemCare 9 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 9.1.0 - IObit)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2253 - AVAST Software)
Brother MFL-Pro Suite MFC-J475DW (HKLM-x32\...\{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}) (Version: 1.0.3.0 - Brother Industries, Ltd.)
Brother Product Research and Support Program (HKLM-x32\...\{8040527F-DD74-4B45-8A06-C4BF145B6C76}) (Version: 2.1.1.0002 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
Combined Community Codec Pack 2014-07-13 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2014.07.13.0 - CCCP Project)
Conexant HD Audio (HKLM-x32\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 1.0.50.0 - Conexant)
Conexant SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.50.12.0 - Conexant)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 11.0 - CyberLink Corp.)
CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.4412.58 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.5.0.0 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.5.0.0 - Dell Inc.)
Dell System Detect (HKU\S-1-5-21-4239315751-2608994865-2960470113-1008\...\73f463568823ebbe) (Version: 5.13.0.1 - Dell)
Dell Wireless Driver Installation (HKLM-x32\...\{451517F1-7E41-400B-AA36-FB7E2563526D}) (Version: 10.0 - Dell)
Digital Advertising Alliance Protect My Choices (Beta) (HKLM-x32\...\{B0E895EC-AF4D-48EB-A03B-18DA8ACF5F9A}) (Version: 1.6.0.0 - Digital Advertising Alliance)
Driver Booster 3.2 (HKLM-x32\...\Driver Booster_is1) (Version: 3.2 - IObit)
DSC/AA Factory Installer (Version: 3.3.6261.27 - PC-Doctor, Inc.) Hidden
Elevated Installer (x32 Version: 4.1.16.0 - Garmin Ltd or its subsidiaries) Hidden
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version: - FileHippo.com)
Garmin Express (x32 Version: 4.1.16.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.1.16.0 - Garmin Ltd or its subsidiaries) Hidden
Intel Driver Update Utility (HKLM-x32\...\{a699b395-cd93-4135-85ec-828113841355}) (Version: 2.2.0.6 - Intel)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Driver Update Utility 2.2.0.6 (x32 Version: 2.2.0.1 - Intel) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
IObit Malware Fighter 3 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 3.4 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.2.1.126 - IObit)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.17 - Oracle Corporation)
Java 8 Update 72 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418072F0}) (Version: 8.0.720.15 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4787.1002 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 44.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 44.0 (x86 en-US)) (Version: 44.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.3.6261.27 - PC-Doctor, Inc.)
Nuance PaperPort 12 (HKLM-x32\...\{869FCC6C-5669-4B0B-827E-2BBAACD88A87}) (Version: 12.1.0006 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4787.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4787.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4787.1002 - Microsoft Corporation) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PocketCloud (HKLM-x32\...\{AAF1E996-6AE6-4684-88A8-41F4E98E2899}) (Version: 2.6.21 - Wyse Technology)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
SafeZone Stable 1.48.2066.44 (x32 Version: 1.48.2066.44 - Avast Software) Hidden
Scansoft PDF Professional (x32 Version: - ) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Smart Defrag 4 (HKLM-x32\...\Smart Defrag 4_is1) (Version: 4.3 - IObit)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1208 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC)
TomTom HOME (HKLM-x32\...\{0E09BE17-EDEA-42CA-8974-42A587F51510}) (Version: 2.9.8 - TomTom)
TomTom HOME (HKLM-x32\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - TomTom)
TomTom HOME (HKLM-x32\...\{BB05590A-6602-43F3-A400-77EA0976BC0A}) (Version: 2.9.8 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WModem Driver Installer (HKLM-x32\...\HTC_WModemDriver) (Version: 3.0.9.0 - HTC)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4239315751-2608994865-2960470113-1008_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\start_000\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4239315751-2608994865-2960470113-1008_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0AE30774-2E87-4745-8D50-C923A8791957} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {16777BE2-E394-4E04-85C6-751F5A790E48} - \ProfessionalCleaningSoftware_Popup -> No File <==== ATTENTION
Task: {2366C53B-764F-4A67-96E0-374D1BAA0F0D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {2895AD02-C3A3-4CDF-B3AD-61B36D6B6E66} - System32\Tasks\SmartDefrag4_Update => C:\Program Files (x86)\IObit\Smart Defrag 4\AutoUpdate.exe [2015-08-21] (IObit)
Task: {3C460CBE-1321-4B77-976A-BCDFE0A4D011} - System32\Tasks\ASC9_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [2016-01-15] (IObit)
Task: {3F66089B-EF64-45AF-AA9D-1D7161B4782A} - \ProPCCleaner_Start -> No File <==== ATTENTION
Task: {416C35DB-11E1-416B-BB02-D43ACA7B80AF} - System32\Tasks\SafeZone scheduled Autoupdate 1454594977 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-02-01] (Avast Software)
Task: {43706976-862E-470D-A13D-F89954D98F51} - \SystemToolsDailyTest -> No File <==== ATTENTION
Task: {468AF792-E386-481A-8CEF-A2B8F84ABC49} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {472A5C5A-078A-4E1D-809D-5416712A162B} - System32\Tasks\Uninstaller_SkipUac_start_000 => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-01-12] (IObit)
Task: {47F550B7-EDF7-4828-9C2A-907D8E694CCD} - System32\Tasks\PocketCloudVirtualChannel => C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\WPCRDPVirtualChannelServer.exe
Task: {4EFC3408-8DC0-48FE-9322-B9210341B79F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-12-22] (Microsoft Corporation)
Task: {504BD9DC-D44A-4B7C-9A29-2D62386F14AC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation)
Task: {506E8EA5-3088-46D8-A599-475966FE7BC4} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-02-04] (AVAST Software)
Task: {51B2365D-1F26-43B0-9AFB-38DC6F9000E5} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-04] (CyberLink)
Task: {568D2607-2E95-4D32-82E0-0BC464E51599} - \PCDoctorBackgroundMonitorTask -> No File <==== ATTENTION
Task: {5C1E17B6-33A6-4B92-85A1-08BF5196D5F1} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {5D277F32-B4A8-4C34-AD42-B65329D0630C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {69144A40-0124-430B-B3F8-B22DCE590922} - \ProPCCleaner_Popup -> No File <==== ATTENTION
Task: {6C71B6A5-9904-484E-93D6-0B8537CCA0D0} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-22] (CyberLink Corp.)
Task: {71C9B2DE-7999-4745-B97B-A5399F3AB7F8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {73D0AE3A-2612-466D-8829-B4319C9F9230} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-14] (Microsoft Corporation)
Task: {7964398A-221B-4809-AC53-40ED00D8ED85} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-15] (Piriform Ltd)
Task: {7F7B6BB1-A4ED-4587-95BF-1343A39A74B7} - \ProfessionalCleaningSoftware_Start -> No File <==== ATTENTION
Task: {8080D58F-F969-48BD-9B6E-EA6DFA8CFD76} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {8B11685A-5AB6-499F-846B-49950141DD1D} - System32\Tasks\SmartDefrag4_Startup => C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe [2015-10-27] (IObit)
Task: {8C28909C-9E73-4A32-961F-57FA1083BCC0} - System32\Tasks\SmartDefrag4_Defrag => C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe [2015-10-27] (IObit)
Task: {8C726201-EFB2-45A5-8213-3ED0C8E42C15} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {8E9C390E-B679-44BC-975F-8E9954E01EFC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {96C39582-E10C-4B38-BA54-2CE39A50A06B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation)
Task: {9DAC99AF-40EB-4E23-B19B-F5E8D748B054} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {A2791BBA-30B1-4CF1-8DA8-3B7E91892AC0} - \PCDEventLauncherTask -> No File <==== ATTENTION
Task: {AC058D1D-1242-4C4B-A303-A5875B9DA709} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2016-01-13] (IObit)
Task: {AC7A934C-97E9-4D72-BCE7-C9235A09283D} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-01-28] ()
Task: {B357D940-DADB-41F4-AAB1-2F0833166F51} - System32\Tasks\PocketCloud => C:\Program
Task: {BCC5E87D-2245-47E2-B38C-1DBCC5C8AE05} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-20] (Adobe Systems Incorporated)
Task: {CBECAE10-CCB7-4E4B-8994-FF26BDE300C2} - System32\Tasks\JetBoost_AutoUpdate => C:\Program Files (x86)\BlueSprig\JetBoost\AutoUpdate.exe
Task: {CEE6A43F-6131-4E7E-AF16-356FCE6F3105} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-12-22] (Microsoft Corporation)
Task: {CFC78AED-C551-4E41-975A-6071343F4BE8} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {D980C5EA-9D4A-498A-AA76-F972309D9970} - System32\Tasks\PocketCloudUpdater => C:\Program
Task: {E5922A1D-0931-4A72-B93E-9FB13D09BA68} - System32\Tasks\ASC9_SkipUac_start_000 => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [2016-01-18] (IObit)
Task: {EE05D4C9-6234-4612-8442-C9CE60CD2F75} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {FCE193D0-57BE-4CD6-8ABB-9E513576A30D} - System32\Tasks\Driver Booster SkipUAC (start_000) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2016-01-18] (IObit)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\ASC9_SkipUac_start_000.job => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_start_000.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-10-30 02:18 - 2015-10-30 02:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-01-22 12:58 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-10-17 14:27 - 2013-10-17 14:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2014-03-11 15:41 - 2005-04-21 23:36 - 00143360 _____ () C:\WINDOWS\system32\BrSNMP64.dll
2015-12-03 14:11 - 2015-11-22 05:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-03 14:11 - 2015-11-22 05:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-28 16:26 - 2015-09-01 11:04 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2016-01-12 15:36 - 2016-01-04 20:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-29 09:09 - 2016-01-16 00:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-22 12:53 - 2016-01-22 12:53 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-18 07:58 - 2015-12-06 23:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-18 07:58 - 2015-12-06 23:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-12 15:36 - 2016-01-04 20:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-12 15:36 - 2016-01-04 20:24 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-01-29 09:09 - 2016-01-16 00:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-10-30 02:17 - 2015-10-30 02:17 - 01813504 _____ () C:\Windows\System32\speech_onecore\engines\tts\MSTTSEngine_OneCore.dll
2016-02-05 08:28 - 2016-02-05 08:28 - 00015872 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.201.11370.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-02-05 08:28 - 2016-02-05 08:28 - 14869504 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.201.11370.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2015-11-24 08:11 - 2015-11-24 08:11 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.201.11370.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-02-04 09:05 - 2016-02-04 09:05 - 00113496 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-02-04 09:05 - 2016-02-04 09:05 - 00133768 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-02-07 12:58 - 2016-02-07 12:58 - 02819072 _____ () C:\Program Files\AVAST Software\Avast\defs\16020701\algo.dll
2016-02-04 09:05 - 2016-02-04 09:05 - 00480760 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-02-04 09:05 - 2016-02-04 09:05 - 00307808 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-02-08 15:19 - 2016-02-08 15:19 - 02819072 _____ () C:\Program Files\AVAST Software\Avast\defs\16020803\algo.dll
2015-11-24 07:44 - 2015-01-09 18:46 - 00517408 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\sqlite3.dll
2015-11-08 09:13 - 2014-10-16 10:26 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2016-01-22 12:53 - 2016-01-22 12:53 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-22 12:53 - 2016-01-22 12:53 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-01-21 07:33 - 2015-12-23 18:32 - 00355616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madExcept_.bpl
2016-01-21 07:33 - 2015-12-23 18:32 - 00190240 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madBasic_.bpl
2016-01-21 07:33 - 2015-12-23 18:32 - 00057632 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madDisAsm_.bpl
2015-12-30 08:19 - 2015-10-27 14:05 - 00618784 _____ () C:\Program Files (x86)\IObit\Smart Defrag 4\ProductStatistics.dll
2015-12-30 08:19 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Smart Defrag 4\webres.dll
2015-12-04 08:54 - 2015-12-04 08:54 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-01-21 07:33 - 2015-12-23 18:32 - 00355616 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2016-01-21 07:33 - 2015-12-23 18:32 - 00190240 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2016-01-21 07:33 - 2015-12-23 18:32 - 00057632 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2015-11-24 07:44 - 2015-03-27 15:39 - 00182080 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\unrar.dll
2015-11-24 07:44 - 2015-01-09 18:46 - 00145184 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll
2015-11-24 07:45 - 2014-10-16 10:26 - 00622880 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\ProductStatistics.dll
2015-06-16 14:22 - 2013-03-04 22:40 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-03-05 10:41 - 2013-03-05 10:41 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-12-23 11:32 - 2013-09-04 05:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-4239315751-2608994865-2960470113-1008\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-4239315751-2608994865-2960470113-1008\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-4239315751-2608994865-2960470113-1008\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\S-1-5-21-4239315751-2608994865-2960470113-1008\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4239315751-2608994865-2960470113-1008\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-4239315751-2608994865-2960470113-1008\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-4239315751-2608994865-2960470113-1008\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-4239315751-2608994865-2960470113-1008\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-4239315751-2608994865-2960470113-1008\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-4239315751-2608994865-2960470113-1008\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-4239315751-2608994865-2960470113-1008\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-4239315751-2608994865-2960470113-1008\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-4239315751-2608994865-2960470113-1008\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-4239315751-2608994865-2960470113-1008\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-4239315751-2608994865-2960470113-1008\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-4239315751-2608994865-2960470113-1008\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-4239315751-2608994865-2960470113-1008\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-4239315751-2608994865-2960470113-1008\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4239315751-2608994865-2960470113-1008\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-4239315751-2608994865-2960470113-1008\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-4239315751-2608994865-2960470113-1008\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-4239315751-2608994865-2960470113-1008\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-4239315751-2608994865-2960470113-1008\...\100sexlinks.com -> 100sexlinks.com
There are 4790 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4239315751-2608994865-2960470113-1008\Control Panel\Desktop\\Wallpaper -> C:\Users\start_000\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\desktop background.bmp
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: WysePocketCloud => 2
MSCONFIG\Services: WyseRemoteAccess => 2
MSCONFIG\startupreg: BrHelp =>
HKLM\...\StartupApproved\Run32: => "BrHelp"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "IndexSearch"
HKLM\...\StartupApproved\Run32: => "PaperPort PTD"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "F-Secure Hoster (53784)"
HKLM\...\StartupApproved\Run32: => "F-Secure Manager"
HKLM\...\StartupApproved\Run32: => "PowerDVD14Agent"
HKU\S-1-5-21-4239315751-2608994865-2960470113-1008\...\StartupApproved\StartupFolder: => "Content Anywhere.lnk"
HKU\S-1-5-21-4239315751-2608994865-2960470113-1008\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-4239315751-2608994865-2960470113-1008\...\StartupApproved\Run: => "TomTomHOME.exe"
HKU\S-1-5-21-4239315751-2608994865-2960470113-1008\...\StartupApproved\Run: => "ISUSPM"
HKU\S-1-5-21-4239315751-2608994865-2960470113-1008\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-4239315751-2608994865-2960470113-1008\...\StartupApproved\Run: => "Itibiti.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [{31D76E43-1623-49C1-A52F-16193788A73C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6024DDEF-A88F-4210-9CCC-C7AA6B7244EF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0A367021-57DA-41DB-BB45-B5E248D7274E}] => (Allow) LPort=54925
FirewallRules: [{B22FE7CE-E6BC-4179-9050-61414BF6E6C7}] => (Allow) C:\Program Files (x86)\Brother\Brmfl13b\FAXRX.EXE
FirewallRules: [{66CD6CE6-02A2-4C0A-AFBF-04E41D97588A}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{FF80914C-0A38-4B5D-AA25-2D9F5B5D34EF}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{9528A3B1-F3DC-47F4-9860-DD41BB68DF3C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{4B35E4D6-B875-499D-8100-37888DF01721}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{718A6E7D-462F-40F3-97F7-5DD609C5F5FD}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{3C99700C-C51E-4ADA-AC61-0284AAA6197F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{C4F407F2-05BE-487A-A960-E3D3C38EC2F9}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{BFAB4BF0-1742-4B5D-8D88-B9202D85A153}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{6FEA035A-B718-442B-BEF9-9E2062C15298}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{083EA1E7-9E50-4298-8DA5-BDE5A7428DA3}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{935B70A3-F6FE-4C80-A69D-1D8E92E5A88A}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{BBC61E43-0536-4629-8F95-A22A8A5683D0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B858A7E8-6B0D-44A2-8D57-442BA2453252}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Restore Points =========================
17-01-2016 11:14:17 Windows Update
29-01-2016 10:38:10 Windows Update
02-02-2016 09:02:50 Garmin Express
05-02-2016 08:30:22 Restore Operation
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/08/2016 10:59:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: microsoftedgecp.exe, version: 11.0.10586.20, time stamp: 0x56540c35
Faulting module name: edgehtml.dll, version: 11.0.10586.71, time stamp: 0x5699d8b6
Exception code: 0xc0000602
Fault offset: 0x00000000009b7126
Faulting process id: 0x1a90
Faulting application start time: 0xmicrosoftedgecp.exe0
Faulting application path: microsoftedgecp.exe1
Faulting module path: microsoftedgecp.exe2
Report Id: microsoftedgecp.exe3
Faulting package full name: microsoftedgecp.exe4
Faulting package-relative application ID: microsoftedgecp.exe5
Error: (02/07/2016 05:30:46 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (02/07/2016 05:21:01 PM) (Source: ESENT) (EventID: 455) (User: )
Description: SettingSyncHost (4996) {54CEC810-326D-4203-93D7-F162FE8DBE8C}: Error -1811 (0xfffff8ed) occurred while opening logfile C:\Users\start_000\AppData\Local\Microsoft\Windows\SettingSync\metastore\edb00023.log.
Error: (02/07/2016 05:21:01 PM) (Source: ESENT) (EventID: 455) (User: )
Description: SettingSyncHost (4996) {F1FBED5A-7FDF-4DF6-B143-5FA74DC2D90A}: Error -1811 (0xfffff8ed) occurred while opening logfile C:\Users\start_000\AppData\Local\Microsoft\Windows\SettingSync\remotemetastore\v1\edb00010.log.
Error: (02/07/2016 05:19:37 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
Error: (02/07/2016 05:19:19 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -550.
Error: (02/07/2016 05:18:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RALPH)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (02/07/2016 05:18:44 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.
Details:
The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06)
Error: (02/07/2016 05:18:44 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.
Context: Windows Application
Details:
The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06)
Error: (02/07/2016 05:18:44 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.
Context: Windows Application, SystemIndex Catalog
Details:
The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06)
System errors:
=============
Error: (02/08/2016 11:56:08 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (02/08/2016 09:02:23 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (02/07/2016 06:20:33 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (02/07/2016 05:25:24 PM) (Source: DCOM) (EventID: 10016) (User: RALPH)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Ralphstart_000S-1-5-21-4239315751-2608994865-2960470113-1008LocalHost (Using LRPC)Microsoft.WindowsStore_2015.25.24.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157
Error: (02/07/2016 05:22:20 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Delivery Optimization service hung on starting.
Error: (02/07/2016 05:21:38 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (02/07/2016 05:19:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Search service failed to start due to the following error:
%%1053
Error: (02/07/2016 05:19:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
Error: (02/07/2016 05:19:09 PM) (Source: DCOM) (EventID: 10005) (User: RALPH)
Description: 1053WSearchUnavailable{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error: (02/07/2016 05:19:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Search service failed to start due to the following error:
%%1053
CodeIntegrity:
===================================
Date: 2016-01-30 10:17:20.553
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-12 16:27:28.721
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-10 17:02:02.045
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-07 15:01:36.542
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-03 15:20:15.793
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-12-31 09:44:17.931
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-12-20 09:58:15.378
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-12-11 08:56:33.635
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-12-10 10:00:32.967
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-12-06 12:54:30.991
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3330 CPU @ 3.00GHz
Percentage of memory in use: 33%
Total physical RAM: 8063.52 MB
Available physical RAM: 5391.01 MB
Total Virtual: 9343.52 MB
Available Virtual: 6260.94 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:917.83 GB) (Free:848.95 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 80870621)
Partition: GPT.
==================== End of Addition.txt ============================