Jump to content

Search the Community

Showing results for tags 'googledrivesync'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 1 result

  1. Ever since I migrated to Windows 10 I have had a virus. I've tried everything to remove it, including full scans with AVG and Malwarebytes but it keeps coming back. AVG detects it as Trojan Horse php/Backdoor.cz and HTML/Framer Would be great if anyone can help me? Its driving me crazy. Many thanks! The Farbar logs are: FRST.txt Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-11-2015Ran by Mike (administrator) on MIKE-HP (18-11-2015 20:38:18)Running from G:\Mike\DownloadsLoaded Profiles: Mike (Available Profiles: Mike & Eli & Mcx1-MIKE-HP & DefaultAppPool)Platform: Windows 10 Home (X64) Language: English (United States)Internet Explorer Version 11 (Default browser: Edge)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/==================== Processes (Whitelisted) =================(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe(AMD) C:\Windows\System32\atiesrxx.exe(AMD) C:\Windows\System32\atieclxx.exe(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe(Microsoft Corporation) C:\Windows\System32\mqsvc.exe(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe(Logitech, Inc.) C:\Program Files\Common Files\logishrd\KHAL3\KHALMNPR.exe(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.226\SSScheduler.exe(Mozy, Inc.) C:\Program Files\MozyHome\mozystat.exe(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe(Dropbox, Inc.) C:\Users\Mike\AppData\Roaming\Dropbox\bin\Dropbox.exe(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe() C:\Program Files (x86)\Common Files\logishrd\LQCVFX\COCIManager.exe(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe(Mozy, Inc.) C:\Program Files\MozyHome\mozybackup.exe(Mozy, Inc.) C:\Program Files\MozyHome\mozybackup.exe(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe(Microsoft Corporation) C:\Windows\System32\browser_broker.exe(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe==================== Registry (Whitelisted) ===========================(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1258504 2013-12-27] (Easybits)HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)HKLM-x32\...\Run: [HP Remote Solution] => %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exeHKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3826600 2015-10-30] (AVG Technologies CZ, s.r.o.)HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [518496 2015-06-24] (Citrix Systems, Inc.)HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [231776 2015-06-24] (Citrix Systems, Inc.)HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1136552 2015-11-12] (AVG Technologies CZ, s.r.o.)Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)Winlogon\Notify\ScCertProp: wlnotify.dll [X]HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1HKU\S-1-5-21-722469699-1757417711-2172558454-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22568216 2015-10-12] (Google)HKU\S-1-5-21-722469699-1757417711-2172558454-1001\...\Run: [Dropbox Update] => C:\Users\Mike\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-19] (Dropbox, Inc.)HKU\S-1-5-21-722469699-1757417711-2172558454-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [48138880 2015-10-14] (Skype Technologies S.A.)HKU\S-1-5-21-722469699-1757417711-2172558454-1001\...\Run: [GoogleChromeAutoLaunch_A9A28D217F0AF6C0AE66A9006030A09A] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848 2015-11-07] (Google Inc.)HKU\S-1-5-21-722469699-1757417711-2172558454-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"HKU\S-1-5-21-722469699-1757417711-2172558454-1001\...\Policies\system: [DisableLockWorkstation] 0HKU\S-1-5-21-722469699-1757417711-2172558454-1001\...\Policies\system: [DisableChangePassword] 0HKU\S-1-5-21-722469699-1757417711-2172558454-1001\...\MountPoints2: {0cf0d44f-6b0c-11e0-b704-806e6f6e6963} - "E:\Install Navigator.exe" HKU\S-1-5-21-722469699-1757417711-2172558454-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [31232 2015-07-10] (Microsoft Corporation)ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google)ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google)ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google)ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-04] (Dropbox, Inc.)ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-04] (Dropbox, Inc.)ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-04] (Dropbox, Inc.)ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-04] (Dropbox, Inc.)ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No FileShellIconOverlayIdentifiers: [mozy] -> {b32a6748-f273-4546-b60a-3c5adc239de5} => C:\Program Files\MozyHome\mozyshell.dll [2015-02-02] (Mozy, Inc.)ShellIconOverlayIdentifiers: [mozy2] -> {747E722C-CB46-4a9d-BDFE-192AAD5099B1} => C:\Program Files\MozyHome\mozyshell.dll [2015-02-02] (Mozy, Inc.)ShellIconOverlayIdentifiers: [mozy3] -> {EE6F5A00-7898-40f7-AB77-51FF9D6DEB20} => C:\Program Files\MozyHome\mozyshell.dll [2015-02-02] (Mozy, Inc.)ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-04] (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-04] (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-04] (Dropbox, Inc.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-11-08]ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.226\SSScheduler.exe (McAfee, Inc.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MozyHome Status.lnk [2015-07-12]ShortcutTarget: MozyHome Status.lnk -> C:\Program Files\MozyHome\mozystat.exe (Mozy, Inc.)Startup: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-11-15]ShortcutTarget: Dropbox.lnk -> C:\Users\Mike\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)BootExecute: autocheck autochk * sdnclean64.exe==================== Internet (Whitelisted) ====================(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txtTcpip\Parameters: [DhcpNameServer] 192.168.0.1Tcpip\..\Interfaces\{18b82321-0b0c-4748-a585-cb06f8448ee8}: [DhcpNameServer] 192.168.0.1Internet Explorer:==================HKU\S-1-5-21-722469699-1757417711-2172558454-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.goldstart.co.uk/adv/goldAndSilver.htmSearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDFSearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDFSearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}SearchScopes: HKLM -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = hxxp://rover.ebay.com/rover/1/710-111095-2958-0/4?satitle={searchTerms}&mfe=DesktopsSearchScopes: HKLM -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBoxSearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDFSearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDFSearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}SearchScopes: HKLM-x32 -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = hxxp://rover.ebay.com/rover/1/710-111095-2958-0/4?satitle={searchTerms}&mfe=DesktopsSearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBoxSearchScopes: HKU\S-1-5-21-722469699-1757417711-2172558454-1001 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKU\S-1-5-21-722469699-1757417711-2172558454-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKU\S-1-5-21-722469699-1757417711-2172558454-1001 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = SearchScopes: HKU\S-1-5-21-722469699-1757417711-2172558454-1001 -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = SearchScopes: HKU\S-1-5-21-722469699-1757417711-2172558454-1001 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No FileBHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-13] (Advanced Micro Devices)BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => No FileBHO-x32: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No FileBHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-13] (Advanced Micro Devices)BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-06] (Oracle Corporation)BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-06] (Oracle Corporation)BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-05-06] (Hewlett-Packard)Toolbar: HKU\S-1-5-21-722469699-1757417711-2172558454-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No FileToolbar: HKU\S-1-5-21-722469699-1757417711-2172558454-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No FileDPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.0.cabDPF: HKLM-x32 {A2505C6C-6F17-456F-89D2-4301FBDC6EC7} hxxps://remote-uk-tc.rbc.com/nortel_cacheable/iewiper.cabDPF: HKLM-x32 {ACDB1787-986D-434D-9857-2172CDB2108D} hxxps://remote-uk-th.rbc.com/nortel_cacheable/punblock.cabHandler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No FileFilter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)FireFox:========FF ProfilePath: C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\stkwv5cl.defaultFF Homepage: hxxp://www.evertonlatest.co.uk/wp-admin/index.phphxxp://www.investorwords.co.uk/wp-admin/hxxp://www.cutthedebt.co.uk/wp-admin/index.phphxxp://www.blackburnlatest.co.uk/wp-admin/index.phphxxp://www.stokelatest.co.uk/wp-admin/hxxp://www.swansealatest.co.uk/wp-admin/hxxp://www.wolveslatest.co.uk/wp-admin/index.phphxxp://www.wiganlatest.co.uk/wp-admin/index.phphxxp://www.qprlatest.co.uk/wp-admin/hxxp://www.englandfootballlatest.co.uk/wp-admin/index.phphxxp://www.norwichlatest.co.uk/wp-admin/index.phphxxp://www.westbromlatest.co.uk/wp-admin/index.phphxxp://www.sunderlandlatest.co.uk/wp-admin/index.phpFF Session Restore: -> is enabled.FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2015-06-24] (Citrix Systems, Inc.)FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-06-06] (Google, Inc.)FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-06] (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-06] (Oracle Corporation)FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll [2011-04-25] (Citrix Systems, Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\cgpcfg.dll [2011-04-25] (Citrix Systems, Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll [2011-04-25] (Citrix Systems, Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll [2011-04-25] (Citrix Systems, Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll [2011-04-25] (Citrix Systems, Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxmui.dll [2011-04-25] (Citrix Systems, Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icafile.dll [2011-04-25] (Citrix Systems, Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icalogon.dll [2011-04-25] (Citrix Systems, Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll [2011-04-25] ()FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\sslsdk_b.dll [2011-04-25] (Citrix Systems, Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll [2011-04-25] (Citrix Systems, Inc.)FF Extension: Page Speed - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\stkwv5cl.default\extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97} [2012-09-23] [not signed]FF Extension: Property Bee - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\stkwv5cl.default\extensions\{da8bd68d-8e90-41cd-8345-a71b294e72e6}.xpi [2013-05-12] [not signed]FF Extension: Greasemonkey - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\stkwv5cl.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-09-05] [not signed]FF Extension: YSlow - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\stkwv5cl.default\extensions\yslow@yahoo-inc.com.xpi [2014-12-22] [not signed]FF Extension: Flash and Video Download - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\stkwv5cl.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2014-12-22] [not signed]FF Extension: No Name - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\stkwv5cl.default\Extensions\firebug@software.joehewitt.com.xpi [2015-07-04] [not signed]FF Extension: No Name - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\stkwv5cl.default\Extensions\wagerlogic.xpi [2010-02-02] [not signed]FF Extension: Microsoft .NET Framework Assistant - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\stkwv5cl.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-08-21] [not signed]FF Extension: Google Toolbar for Firefox - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\stkwv5cl.default\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2011-08-21] [not signed]FF Extension: No Name - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\stkwv5cl.default\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}-trash [2011-08-21] [not signed]FF Extension: DownThemAll! - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\stkwv5cl.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-07-04]FF Extension: OnlyWire - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\stkwv5cl.default\Extensions\{e26ba8db-a646-a44e-997c-2fafeadb50f2} [2011-08-21] [not signed]FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExtFF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-11-29] [not signed]Chrome: =======CHR HomePage: Default -> hxxp://www.google.com/CHR StartupUrls: Default -> "hxxp://www.gumtree.com/search?property_type=house&seller_type=private&min_beds=3&max_beds=&min_price=370%2C000&max_price=600%2C000&q=&search_location=South+East+London&category=local-property-for-sale&search_scope=title","hxxps://www.google.co.uk/webhp?source=search_app&gws_rd=cr","hxxp://www.google.com/"CHR Session Restore: Default -> is enabled.CHR Profile: C:\Users\Mike\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Drive) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-27]CHR Extension: (YouTube) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-17]CHR Extension: (Google Search) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]CHR Extension: (MightyText - SMS from PC & Text from Computer) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkfhfaphfkopdgpbfkebjfcblcafcmpi [2015-10-17]CHR Extension: (Gmail Offline) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2015-10-17]CHR Extension: (Chrome Remote Desktop) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2015-11-08]CHR Extension: (Financial News) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfcekbbpdkhlfomdhopicfopkkedfcam [2015-10-17]CHR Extension: (Google Docs Offline) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18]CHR Extension: (Pin It Button) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2015-10-17]CHR Extension: (Chrome Web Store Payments) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-17]CHR Extension: (Gmail) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-17]CHR HKU\S-1-5-21-722469699-1757417711-2172558454-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crxCHR HKU\S-1-5-21-722469699-1757417711-2172558454-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx==================== Services (Whitelisted) ========================(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [File not signed]S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [595376 2015-10-30] (AVG Technologies CZ, s.r.o.)R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3815648 2015-10-30] (AVG Technologies CZ, s.r.o.)R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1046952 2015-11-12] (AVG Technologies CZ, s.r.o.)R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [579776 2015-10-30] (AVG Technologies CZ, s.r.o.)R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.226\McCHSvc.exe [289256 2015-10-30] (McAfee, Inc.)R2 mozybackup; C:\Program Files\MozyHome\mozybackup.exe [54040 2011-08-04] (Mozy, Inc.)R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-09-21] (Microsoft Corporation)R2 RalinkRegistryWriter; C:\Program Files (x86)\Ralink\Common\RaRegistry.exe [372736 2012-07-04] (Ralink Technology, Corp.) [File not signed]R2 RalinkRegistryWriter64; C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe [447488 2012-07-04] (Ralink Technology, Corp.) [File not signed]S2 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [1859584 2012-07-04] (Ralink) [File not signed]R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2255128 2015-10-26] (IBM Corp.)S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-09-21] (Microsoft Corporation)S3 w3logsvc; C:\Windows\SysWOW64\inetsrv\w3logsvc.dll [72192 2015-09-21] (Microsoft Corporation)R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-09-21] (Microsoft Corporation)R2 W3SVC; C:\Windows\SysWOW64\inetsrv\iisw3adm.dll [504832 2015-09-21] (Microsoft Corporation)S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)===================== Drivers (Whitelisted) ==========================(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [23152 2015-09-09] (AVG Technologies CZ, s.r.o.)R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [197040 2015-08-10] (AVG Technologies CZ, s.r.o.)R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313776 2015-10-19] (AVG Technologies CZ, s.r.o.)R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [298416 2015-08-20] (AVG Technologies CZ, s.r.o.)R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.)R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [255408 2015-10-21] (AVG Technologies CZ, s.r.o.)R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-08-10] (AVG Technologies CZ, s.r.o.)R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [306608 2015-10-08] (AVG Technologies CZ, s.r.o.)S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] () [File not signed]R3 hcwD3bda; C:\Windows\system32\DRIVERS\hcwD3bda64.sys [121344 2011-10-26] (Mirics)R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)R1 mozyFilter; C:\Windows\System32\DRIVERS\mozy.sys [67808 2013-05-21] (Mozy, Inc.)R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-09-21] (Microsoft Corporation)R3 netr28x; C:\Windows\system32\DRIVERS\netr28x.sys [2554528 2015-06-12] (MediaTek Inc.)R1 RapportCerberus_1507072; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1507072.sys [959416 2015-11-16] (IBM Corp.)R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [500184 2015-10-26] (IBM Corp.)R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [139896 2015-10-26] (IBM Corp.)R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [394584 2015-10-26] (IBM Corp.)R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [489272 2015-10-26] (IBM Corp.)S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd)R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-06-18] (Realtek )S3 S3XXx64; C:\Windows\system32\DRIVERS\S3XXx64.sys [73856 2015-02-17] (Identiv)S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()U5 usbfilter; C:\Windows\System32\Drivers\usbfilter.sys [38456 2009-12-22] (Advanced Micro Devices)S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)U3 idsvc; no ImagePathS3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]U3 wpcsvc; no ImagePath==================== NetSvcs (Whitelisted) ===================(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)==================== One Month Created files and folders ========(If an entry is included in the fixlist, the file/folder will be moved.)2015-11-18 20:37 - 2015-11-18 20:38 - 00000000 ____D C:\FRST2015-11-18 20:21 - 2015-11-18 20:21 - 00016148 _____ C:\Windows\system32\MIKE-HP_Mike_HistoryPrediction.bin2015-11-18 20:02 - 2015-11-18 20:02 - 00003184 _____ C:\Windows\System32\Tasks\{BC444172-5895-4D29-9FAE-38C92D256289}2015-11-17 18:30 - 2015-11-17 18:30 - 00016148 _____ C:\Windows\system32\MIKE-HP_Eli_HistoryPrediction.bin2015-11-17 18:20 - 2015-11-17 18:21 - 23493437 _____ C:\Users\Eli\Downloads\fwdboda.zip2015-11-17 17:13 - 2015-11-17 17:13 - 00000000 ____D C:\Users\Eli\AppData\Local\CEF2015-11-17 17:12 - 2015-11-17 17:12 - 02756350 _____ C:\Users\Eli\Downloads\Archivos adjuntos_20151117.zip2015-11-16 22:24 - 2015-11-16 22:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection2015-11-16 22:24 - 2015-11-16 22:24 - 00000000 ____D C:\Program Files (x86)\Trusteer2015-11-16 22:24 - 2015-10-26 00:01 - 00394584 _____ (IBM Corp.) C:\Windows\system32\Drivers\RapportKE64.sys2015-11-16 22:24 - 2015-10-26 00:01 - 00139896 _____ (IBM Corp.) C:\Windows\system32\Drivers\RapportHades64.sys2015-11-16 22:22 - 2015-11-16 22:23 - 00436504 _____ (IBM Corp.) C:\Users\Eli\Downloads\RapportSetup (3).exe2015-11-16 22:16 - 2015-11-16 22:16 - 00000000 ____D C:\Windows\LastGood.Tmp2015-11-16 22:15 - 2015-11-16 22:15 - 01083880 _____ (Gemalto) C:\Windows\SysWOW64\axaltocm.dll2015-11-16 22:13 - 2015-11-16 22:23 - 00436504 _____ (IBM Corp.) C:\Users\Eli\Downloads\RapportSetup (1).exe2015-11-16 22:13 - 2015-11-16 22:14 - 00436504 _____ (IBM Corp.) C:\Users\Eli\Downloads\RapportSetup (2).exe2015-11-15 12:34 - 2015-11-15 12:34 - 00000000 ___HD C:\OneDriveTemp2015-11-15 11:17 - 2015-11-15 11:17 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox2015-11-11 22:53 - 2015-11-15 12:39 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2015-11-11 22:53 - 2015-11-11 22:53 - 00001173 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2015-11-11 22:53 - 2015-11-11 22:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2015-11-11 22:52 - 2015-11-11 22:52 - 00000000 ____D C:\ProgramData\Malwarebytes2015-11-11 22:52 - 2015-11-11 22:52 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware2015-11-11 22:52 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys2015-11-11 22:52 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2015-11-11 22:52 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys2015-11-10 21:14 - 2015-11-05 05:13 - 00577888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys2015-11-10 21:14 - 2015-11-05 05:06 - 03621248 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2015-11-10 21:14 - 2015-11-05 04:24 - 02878512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2015-11-10 21:14 - 2015-11-05 04:20 - 21873664 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll2015-11-10 21:14 - 2015-11-05 04:18 - 24597504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2015-11-10 21:14 - 2015-11-05 04:18 - 03248128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll2015-11-10 21:14 - 2015-11-05 04:10 - 02987520 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll2015-11-10 21:14 - 2015-11-05 04:03 - 02180608 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll2015-11-10 21:14 - 2015-11-05 03:59 - 02675200 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll2015-11-10 21:14 - 2015-11-05 03:58 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll2015-11-10 21:14 - 2015-11-05 03:56 - 01795072 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll2015-11-10 21:14 - 2015-11-05 03:47 - 19326464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2015-11-10 21:14 - 2015-11-05 03:42 - 02647040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll2015-11-10 21:14 - 2015-11-05 03:35 - 18803712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll2015-11-10 21:14 - 2015-11-05 03:35 - 02639872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll2015-11-10 21:14 - 2015-11-05 03:27 - 02049536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll2015-11-10 21:13 - 2015-11-05 05:15 - 08020832 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe2015-11-10 21:13 - 2015-11-05 05:15 - 00541024 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll2015-11-10 21:13 - 2015-11-05 05:14 - 00459104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys2015-11-10 21:13 - 2015-11-05 05:11 - 01392480 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll2015-11-10 21:13 - 2015-11-05 05:06 - 00966416 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll2015-11-10 21:13 - 2015-11-05 05:01 - 00607408 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe2015-11-10 21:13 - 2015-11-05 04:56 - 01083072 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll2015-11-10 21:13 - 2015-11-05 04:56 - 00116064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys2015-11-10 21:13 - 2015-11-05 04:56 - 00025280 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe2015-11-10 21:13 - 2015-11-05 04:30 - 00961376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll2015-11-10 21:13 - 2015-11-05 04:23 - 00762888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll2015-11-10 21:13 - 2015-11-05 04:23 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll2015-11-10 21:13 - 2015-11-05 04:18 - 00539728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe2015-11-10 21:13 - 2015-11-05 04:17 - 02418688 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll2015-11-10 21:13 - 2015-11-05 04:12 - 00515072 _____ (Microsoft Corporation) C:\Windows\system32\internetmail.dll2015-11-10 21:13 - 2015-11-05 04:11 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll2015-11-10 21:13 - 2015-11-05 04:10 - 12504064 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2015-11-10 21:13 - 2015-11-05 04:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll2015-11-10 21:13 - 2015-11-05 04:06 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Usb.dll2015-11-10 21:13 - 2015-11-05 04:05 - 01602560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2015-11-10 21:13 - 2015-11-05 04:05 - 00826880 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2015-11-10 21:13 - 2015-11-05 04:03 - 01015808 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll2015-11-10 21:13 - 2015-11-05 04:01 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll2015-11-10 21:13 - 2015-11-05 04:01 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll2015-11-10 21:13 - 2015-11-05 04:01 - 00579072 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe2015-11-10 21:13 - 2015-11-05 03:59 - 03587072 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys2015-11-10 21:13 - 2015-11-05 03:58 - 01383936 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys2015-11-10 21:13 - 2015-11-05 03:55 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll2015-11-10 21:13 - 2015-11-05 03:54 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\dlnashext.dll2015-11-10 21:13 - 2015-11-05 03:40 - 01918976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll2015-11-10 21:13 - 2015-11-05 03:34 - 00311296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Usb.dll2015-11-10 21:13 - 2015-11-05 03:33 - 01380864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2015-11-10 21:13 - 2015-11-05 03:33 - 00650240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2015-11-10 21:13 - 2015-11-05 03:30 - 00767488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll2015-11-10 21:13 - 2015-11-05 03:28 - 11262976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2015-11-10 21:13 - 2015-11-05 03:27 - 00464896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll2015-11-10 21:13 - 2015-11-05 03:23 - 00441344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dlnashext.dll2015-11-08 11:48 - 2015-11-08 11:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus2015-11-02 22:07 - 2015-11-02 22:07 - 00000000 ____D C:\Users\Mike\AppData\Roaming\KompoZer2015-11-02 22:06 - 2015-11-02 22:07 - 00000000 ____D C:\Program Files\KompoZer 0.7.102015-11-02 19:41 - 2015-11-02 19:41 - 00000000 ____D C:\Users\Eli\AppData\Roaming\WinRAR2015-11-02 19:40 - 2015-11-02 19:41 - 34633425 _____ C:\Users\Eli\Downloads\wetransfer-6956a2.zip2015-11-01 13:23 - 2015-11-02 19:46 - 16545096 _____ C:\Users\Eli\Desktop\Matrimonio Frailejones.odt2015-11-01 13:05 - 2015-11-01 13:05 - 00000162 ____H C:\Users\Eli\Desktop\~$mples fonts.odt2015-11-01 13:04 - 2015-11-01 13:05 - 00005122 _____ C:\Users\Eli\Desktop\samples fonts.odt2015-10-28 07:33 - 2015-10-28 07:33 - 00000085 _____ C:\Windows\wininit.ini2015-10-28 06:57 - 2015-10-28 06:57 - 00000000 ____D C:\Users\Eli\AppData\Roaming\AVG2015-10-27 23:10 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe2015-10-27 23:04 - 2015-10-27 23:04 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking2015-10-27 23:03 - 2015-10-28 07:34 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 22015-10-27 09:37 - 2015-11-08 07:22 - 00001011 _____ C:\Users\Public\Desktop\AVG Protection.lnk2015-10-27 09:32 - 2015-10-27 09:34 - 00000000 ____D C:\Users\Mike\AppData\Local\AvgSetupLog2015-10-26 19:36 - 2015-10-26 19:36 - 00504447 _____ C:\Users\Eli\Desktop\http.odt2015-10-26 14:27 - 2015-10-26 14:27 - 00000000 ____D C:\ProgramData\ATI2015-10-22 21:41 - 2015-10-22 21:41 - 00061917 _____ C:\Windows\SysWOW64\CCCInstall_201510222241121730.log2015-10-22 21:41 - 2015-10-22 21:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center2015-10-22 21:40 - 2015-10-22 21:40 - 00000000 ____D C:\Program Files\ATI Technologies2015-10-22 21:38 - 2015-10-22 21:38 - 00066655 _____ C:\Windows\SysWOW64\CCCInstall_201510222238562063.log2015-10-22 21:38 - 2015-10-22 21:38 - 00000000 ____D C:\Users\Default\AppData\Roaming\ATI2015-10-22 21:38 - 2015-10-22 21:38 - 00000000 ____D C:\Users\Default\AppData\Local\ATI2015-10-22 21:38 - 2015-10-22 21:38 - 00000000 ____D C:\Users\Default User\AppData\Roaming\ATI2015-10-22 21:38 - 2015-10-22 21:38 - 00000000 ____D C:\Users\Default User\AppData\Local\ATI2015-10-22 21:36 - 2015-10-22 21:36 - 47794160 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll2015-10-22 21:36 - 2015-10-22 21:36 - 39712768 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll2015-10-22 21:36 - 2015-10-22 21:36 - 30776304 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll2015-10-22 21:36 - 2015-10-22 21:36 - 27544560 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll2015-10-22 21:36 - 2015-10-22 21:36 - 25320432 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll2015-10-22 21:36 - 2015-10-22 21:36 - 22327280 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll2015-10-22 21:36 - 2015-10-22 21:36 - 15725552 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll2015-10-22 21:36 - 2015-10-22 21:36 - 14310896 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll2015-10-22 21:36 - 2015-10-22 21:36 - 09355016 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdxc64.dll2015-10-22 21:36 - 2015-10-22 21:36 - 08009360 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll2015-10-22 21:36 - 2015-10-22 21:36 - 07683096 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdxc32.dll2015-10-22 21:36 - 2015-10-22 21:36 - 07482552 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll2015-10-22 21:36 - 2015-10-22 21:36 - 06686192 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll2015-10-22 21:36 - 2015-10-22 21:36 - 05216240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll2015-10-22 21:36 - 2015-10-22 21:36 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap2015-10-22 21:36 - 2015-10-22 21:36 - 03437632 _____ C:\Windows\system32\atiumd6a.cap2015-10-22 21:36 - 2015-10-22 21:36 - 01196032 _____ C:\Windows\system32\amdocl_as64.exe2015-10-22 21:36 - 2015-10-22 21:36 - 01070592 _____ C:\Windows\system32\amdocl_ld64.exe2015-10-22 21:36 - 2015-10-22 21:36 - 01004032 _____ C:\Windows\SysWOW64\amdocl_as32.exe2015-10-22 21:36 - 2015-10-22 21:36 - 00935408 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll2015-10-22 21:36 - 2015-10-22 21:36 - 00935408 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll2015-10-22 21:36 - 2015-10-22 21:36 - 00833800 _____ C:\Windows\system32\amdicdxx.dat2015-10-22 21:36 - 2015-10-22 21:36 - 00807424 _____ C:\Windows\SysWOW64\amdocl_ld32.exe2015-10-22 21:36 - 2015-10-22 21:36 - 00662392 _____ C:\Windows\SysWOW64\atiapfxx.blb2015-10-22 21:36 - 2015-10-22 21:36 - 00662392 _____ C:\Windows\system32\atiapfxx.blb2015-10-22 21:36 - 2015-10-22 21:36 - 00631280 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll2015-10-22 21:36 - 2015-10-22 21:36 - 00524272 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll2015-10-22 21:36 - 2015-10-22 21:36 - 00471312 _____ C:\Windows\system32\amdmiracast.dll2015-10-22 21:36 - 2015-10-22 21:36 - 00375792 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe2015-10-22 21:36 - 2015-10-22 21:36 - 00341488 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODE.exe2015-10-22 21:36 - 2015-10-22 21:36 - 00243696 _____ C:\Windows\system32\clinfo.exe2015-10-22 21:36 - 2015-10-22 21:36 - 00213488 _____ C:\Windows\system32\amdgfxinfo64.dll2015-10-22 21:36 - 2015-10-22 21:36 - 00199664 _____ (AMD) C:\Windows\system32\atitmm64.dll2015-10-22 21:36 - 2015-10-22 21:36 - 00198640 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll2015-10-22 21:36 - 2015-10-22 21:36 - 00177344 _____ C:\Windows\system32\ativce03.dat2015-10-22 21:36 - 2015-10-22 21:36 - 00175648 _____ C:\Windows\system32\amde31a.dat2015-10-22 21:36 - 2015-10-22 21:36 - 00168944 _____ C:\Windows\system32\atieah64.exe2015-10-22 21:36 - 2015-10-22 21:36 - 00165360 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll2015-10-22 21:36 - 2015-10-22 21:36 - 00152560 _____ C:\Windows\SysWOW64\atieah32.exe2015-10-22 21:36 - 2015-10-22 21:36 - 00150512 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll2015-10-22 21:36 - 2015-10-22 21:36 - 00143344 _____ C:\Windows\system32\amdhdl64.dll2015-10-22 21:36 - 2015-10-22 21:36 - 00136176 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll2015-10-22 21:36 - 2015-10-22 21:36 - 00132080 _____ C:\Windows\SysWOW64\amdhdl32.dll2015-10-22 21:36 - 2015-10-22 21:36 - 00122352 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll2015-10-22 21:36 - 2015-10-22 21:36 - 00112360 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll2015-10-22 21:36 - 2015-10-22 21:36 - 00111600 _____ C:\Windows\system32\hsa-thunk64.dll2015-10-22 21:36 - 2015-10-22 21:36 - 00111088 _____ C:\Windows\SysWOW64\hsa-thunk.dll2015-10-22 21:36 - 2015-10-22 21:36 - 00103408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll2015-10-22 21:36 - 2015-10-22 21:36 - 00100816 _____ C:\Windows\system32\ativce02.dat2015-10-22 21:36 - 2015-10-22 21:36 - 00096752 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll2015-10-22 21:36 - 2015-10-22 21:36 - 00088000 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll2015-10-22 21:36 - 2015-10-22 21:36 - 00087992 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll2015-10-22 21:36 - 2015-10-22 21:36 - 00083952 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll2015-10-22 21:36 - 2015-10-22 21:36 - 00081168 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll2015-10-22 21:36 - 2015-10-22 21:36 - 00081160 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll2015-10-22 21:36 - 2015-10-22 21:36 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll2015-10-22 21:36 - 2015-10-22 21:36 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll2015-10-22 21:36 - 2015-10-22 21:36 - 00073712 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll2015-10-22 21:36 - 2015-10-22 21:36 - 00071152 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll2015-10-22 21:36 - 2015-10-22 21:36 - 00068080 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll2015-10-22 21:36 - 2015-10-22 21:36 - 00064496 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll2015-10-22 21:36 - 2015-10-22 21:36 - 00060912 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll2015-10-22 21:36 - 2015-10-22 21:36 - 00059888 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODCLI.exe2015-10-22 21:36 - 2015-10-22 21:36 - 00059376 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll2015-10-22 21:36 - 2015-10-22 21:36 - 00057840 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll2015-10-22 21:36 - 2015-10-22 21:36 - 00052208 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll2015-10-22 21:36 - 2015-10-22 21:36 - 00048112 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll2015-10-22 21:36 - 2015-10-22 21:36 - 00038384 _____ (AMD) C:\Windows\system32\atimuixx.dll2015-10-22 21:36 - 2015-10-22 21:36 - 00012784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll2015-10-22 21:36 - 2015-10-22 21:36 - 00012784 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll2015-10-21 16:16 - 2015-10-21 16:16 - 00284080 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys2015-10-21 16:15 - 2015-10-21 16:15 - 00255408 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys==================== One Month Modified files and folders ========(If an entry is included in the fixlist, the file/folder will be moved.)2015-11-18 20:39 - 2011-08-22 21:08 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2015-11-18 20:36 - 2011-08-23 20:48 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Skype2015-11-18 20:29 - 2015-06-19 23:11 - 00000914 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-722469699-1757417711-2172558454-1001UA.job2015-11-18 20:29 - 2015-06-19 23:11 - 00000862 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-722469699-1757417711-2172558454-1001Core.job2015-11-18 20:26 - 2015-09-20 17:27 - 01009666 _____ C:\Windows\system32\PerfStringBackup.INI2015-11-18 20:23 - 2015-09-20 17:28 - 00000000 ____D C:\Users\Eli2015-11-18 20:22 - 2015-07-30 22:42 - 00000000 ____D C:\Windows\AppReadiness2015-11-18 20:22 - 2012-07-07 12:24 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Dropbox2015-11-18 20:21 - 2015-09-20 18:47 - 00000000 ___RD C:\Users\Mike\OneDrive2015-11-18 20:21 - 2012-05-31 21:21 - 00000000 ___RD C:\Users\Mike\Google Drive2015-11-18 20:21 - 2011-08-22 21:08 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2015-11-18 20:21 - 2011-04-20 02:53 - 00000275 _____ C:\Windows\WindowsUpdate.log2015-11-18 20:20 - 2015-09-22 21:57 - 00144840 ____N C:\Windows\Minidump\111815-18906-01.dmp2015-11-18 20:20 - 2015-09-21 21:01 - 00000000 ____D C:\Windows\Minidump2015-11-18 20:20 - 2015-09-10 05:32 - 00055788 _____ C:\Windows\PFRO.log2015-11-18 20:20 - 2015-07-30 21:52 - 00000006 ____H C:\Windows\Tasks\SA.DAT2015-11-18 20:20 - 2014-11-10 21:07 - 00000344 _____ C:\Windows\Tasks\HPCeeScheduleForMike.job2015-11-18 20:06 - 2015-09-22 21:50 - 00004148 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{5F0ED98D-7354-4A01-B294-54AB7450A24E}2015-11-18 20:06 - 2015-04-01 21:26 - 00004146 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{4026B517-26E7-4767-8E9D-E443C9569FB9}2015-11-18 20:03 - 2011-08-22 17:26 - 00000000 ____D C:\ProgramData\MFAData2015-11-18 20:01 - 2015-07-30 22:42 - 00000000 ____D C:\Windows\system32\sru2015-11-17 17:44 - 2011-08-24 06:50 - 00000000 ____D C:\Users\Eli\AppData\Roaming\Adobe2015-11-17 17:13 - 2011-08-24 06:50 - 00000000 ____D C:\Users\Eli\AppData\Local\Adobe2015-11-16 23:11 - 2014-11-10 21:07 - 00003232 _____ C:\Windows\System32\Tasks\HPCeeScheduleForMike2015-11-16 23:11 - 2011-08-22 16:03 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log2015-11-16 22:15 - 2015-04-07 07:15 - 01432040 _____ (Gemalto) C:\Windows\system32\axaltocm.dll2015-11-15 15:59 - 2011-08-22 20:55 - 00000000 ____D C:\Users\Mike\AppData\Local\AMD2015-11-15 12:33 - 2015-09-22 21:57 - 00154760 ____N C:\Windows\Minidump\111515-11875-01.dmp2015-11-15 12:31 - 2015-09-20 17:28 - 00000000 ____D C:\Users\Mike2015-11-15 12:30 - 2015-07-30 22:42 - 00000000 ____D C:\Windows\Speech2015-11-15 12:30 - 2015-07-10 09:05 - 00786432 ___SH C:\Windows\system32\config\BBI2015-11-15 12:11 - 2015-07-30 22:42 - 00000000 ____D C:\Windows\rescache2015-11-11 22:09 - 2015-09-17 23:29 - 00000000 ____D C:\Program Files (x86)\Belarc2015-11-11 22:06 - 2011-12-01 23:21 - 00000000 ____D C:\Users\Mike\AppData\Roaming\SoundSpectrum2015-11-11 22:06 - 2011-12-01 23:20 - 00000000 ____D C:\Program Files (x86)\SoundSpectrum2015-11-11 22:06 - 2011-08-23 20:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE2015-11-11 21:19 - 2015-06-28 10:18 - 00000000 ____D C:\Program Files\Common Files\AV2015-11-11 20:50 - 2015-07-10 09:05 - 00032768 ___SH C:\Windows\system32\config\ELAM2015-11-11 08:44 - 2015-07-30 22:42 - 00000000 ____D C:\Windows\SysWOW64\en-GB2015-11-11 08:44 - 2015-07-30 22:42 - 00000000 ____D C:\Windows\system32\en-GB2015-11-11 08:44 - 2015-07-30 22:42 - 00000000 ____D C:\Windows\system32\appraiser2015-11-10 22:44 - 2011-08-23 20:37 - 00000000 ____D C:\ProgramData\Microsoft Help2015-11-10 22:42 - 2015-07-30 22:25 - 00000000 ____D C:\Windows\CbsTemp2015-11-10 22:28 - 2013-08-19 17:16 - 00000000 ____D C:\Windows\system32\MRT2015-11-10 22:19 - 2011-08-22 18:48 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2015-11-10 20:40 - 2015-10-17 17:18 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk2015-11-08 12:05 - 2011-04-20 03:01 - 00000000 ____D C:\Windows\System32\Tasks\Hewlett-Packard2015-11-08 12:05 - 2011-04-20 02:52 - 00000000 ____D C:\ProgramData\Hewlett-Packard2015-11-08 12:04 - 2015-09-20 21:18 - 00000000 ____D C:\Users\Mike\AppData\Local\Comms2015-11-08 12:03 - 2015-09-20 18:41 - 00000000 ____D C:\Users\Mike\AppData\Local\Packages2015-11-08 11:50 - 2011-08-23 20:47 - 00000000 ____D C:\ProgramData\Skype2015-11-08 11:48 - 2015-10-18 18:35 - 00001981 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk2015-11-08 11:48 - 2015-10-18 18:35 - 00000000 ____D C:\Program Files\McAfee Security Scan2015-11-08 11:25 - 2011-09-12 09:18 - 00005912 _____ C:\Windows\mozy.blk2015-11-08 11:25 - 2011-09-12 09:18 - 00000178 _____ C:\Windows\mozy.flt2015-11-08 07:22 - 2015-08-16 12:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG2015-11-08 07:21 - 2015-08-16 11:59 - 00000000 ___HD C:\$AVG2015-11-08 07:20 - 2015-05-25 09:32 - 00000000 ____D C:\Users\Mike\AppData\Local\Avg2015-11-08 07:20 - 2015-05-25 09:32 - 00000000 ____D C:\Users\Eli\AppData\Local\Avg2015-11-04 20:54 - 2015-09-20 20:41 - 00002369 _____ C:\Users\Eli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk2015-11-04 20:54 - 2015-09-20 20:41 - 00000000 ___RD C:\Users\Eli\OneDrive2015-11-03 18:20 - 2015-07-30 22:43 - 00810488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2015-11-03 18:20 - 2015-07-30 22:43 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2015-11-02 19:59 - 2015-09-20 18:47 - 00002372 _____ C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk2015-10-31 16:59 - 2011-10-23 18:45 - 00000000 ____D C:\Users\Eli\AppData\Local\Hewlett-Packard2015-10-31 16:58 - 2015-08-18 21:38 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk2015-10-31 16:56 - 2015-08-18 21:38 - 00003972 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task2015-10-28 07:33 - 2012-05-20 21:01 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy2015-10-28 07:01 - 2015-08-19 21:54 - 15736252 _____ C:\Users\Eli\Desktop\39 Dale Road.pptx2015-10-27 09:40 - 2015-08-16 11:57 - 00000000 ____D C:\Program Files (x86)\AVG2015-10-27 09:40 - 2014-10-19 12:51 - 00000000 ____D C:\ProgramData\AVG20152015-10-27 09:39 - 2015-08-30 12:38 - 00000000 ____D C:\Users\Mike\AppData\Roaming\AVG2015-10-27 09:37 - 2015-07-30 22:42 - 00000000 ___HD C:\Windows\ELAMBKUP2015-10-27 09:36 - 2015-08-30 12:26 - 00000000 ____D C:\ProgramData\AVG2015-10-22 21:40 - 2015-09-20 17:26 - 00000000 ____D C:\ProgramData\AMD2015-10-22 21:40 - 2015-09-20 17:25 - 00000000 ____D C:\Program Files (x86)\ATI Technologies2015-10-22 21:37 - 2015-09-20 17:25 - 00000000 ____D C:\AMD2015-10-22 21:36 - 2015-08-20 20:51 - 12088000 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll2015-10-22 21:36 - 2015-08-20 20:51 - 10211008 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll2015-10-22 21:36 - 2015-08-20 20:51 - 08982440 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll2015-10-22 21:36 - 2015-08-20 20:51 - 08864920 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll2015-10-22 21:36 - 2015-08-20 20:51 - 01479808 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll2015-10-22 21:36 - 2015-08-20 20:51 - 01223552 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll2015-10-22 21:36 - 2015-08-20 20:51 - 00162232 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll2015-10-22 21:36 - 2015-08-20 20:51 - 00143048 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll2015-10-22 21:36 - 2015-08-20 20:51 - 00130072 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll2015-10-22 21:36 - 2015-08-20 20:46 - 21648880 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys2015-10-22 21:36 - 2015-08-20 20:46 - 01256432 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll2015-10-22 21:36 - 2015-08-20 20:46 - 00874480 _____ (AMD) C:\Windows\system32\coinst_15.20.dll2015-10-22 21:36 - 2015-08-20 20:46 - 00683504 _____ (AMD) C:\Windows\system32\atieclxx.exe2015-10-22 21:36 - 2015-08-20 20:46 - 00674288 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys2015-10-22 21:36 - 2015-08-20 20:46 - 00451056 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll2015-10-22 21:36 - 2015-08-20 20:46 - 00255472 _____ (AMD) C:\Windows\system32\atiesrxx.exe2015-10-19 23:40 - 2012-05-31 21:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive2015-10-19 19:07 - 2011-11-17 20:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 32015-10-19 19:06 - 2011-11-17 20:25 - 00001181 _____ C:\Users\Public\Desktop\Picasa 3.lnk2015-10-19 08:03 - 2015-09-11 15:59 - 00313776 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys==================== Files in the root of some directories =======2015-02-06 10:56 - 2015-02-06 10:56 - 0000093 _____ () C:\Users\Mike\AppData\Roaming\ARCompanion.log2015-10-11 15:07 - 2015-10-11 15:07 - 0037837 _____ () C:\Users\Mike\AppData\Roaming\Comma Separated Values (Windows).ADR2011-09-12 09:20 - 2011-09-12 09:20 - 0001854 _____ () C:\Users\Mike\AppData\Roaming\GhostObjGAFix.xml2011-08-24 22:14 - 2015-02-10 20:28 - 0005159 _____ () C:\Users\Mike\AppData\Roaming\Rim.Desktop.Exception.log2011-08-22 16:32 - 2015-08-08 13:41 - 0002021 _____ () C:\Users\Mike\AppData\Roaming\Rim.Desktop.HttpServerSetup.log2011-08-24 22:14 - 2015-02-10 20:28 - 0005159 _____ () C:\Users\Mike\AppData\Roaming\Rim.DesktopHelper.Exception.log2011-08-24 22:15 - 2014-11-28 14:48 - 0059904 _____ () C:\Users\Mike\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini2013-12-30 19:25 - 2015-08-04 19:27 - 0000600 _____ () C:\Users\Mike\AppData\Local\PUTTY.RND2013-01-29 14:38 - 2013-01-29 14:38 - 0000008 ___SH () C:\Users\Mike\AppData\Local\systemCurUses2013-01-29 14:38 - 2013-01-29 14:38 - 0000006 ___SH () C:\Users\Mike\AppData\Local\systemHdIDSome files in TEMP:====================C:\Users\Eli\AppData\Local\Temp\avguirn_0861469464.exeC:\Users\Mike\AppData\Local\Temp\avguirn_081216781173.exeC:\Users\Mike\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp1mtwow.dll==================== Bamital & volsnap =================(There is no automatic fix for files that do not pass verification.)C:\Windows\system32\winlogon.exe => File is digitally signedC:\Windows\system32\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\system32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\system32\services.exe => File is digitally signedC:\Windows\system32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\system32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\system32\rpcss.dll => File is digitally signedC:\Windows\system32\dnsapi.dll => File is digitally signedC:\Windows\SysWOW64\dnsapi.dll => File is digitally signedC:\Windows\system32\Drivers\volsnap.sys => File is digitally signedLastRegBack: 2015-11-10 20:30==================== End of FRST.txt ============================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.