Jump to content

Laptop security proble,


Recommended Posts

Lately my 9 months old laptop has become very sluggish and I cannot download any new security programs or update. my current security programs. I started in safe mode, scanned with AVG 2014 Internet Security Suite and Malwarebytes 5-6 times also several other root kill programs. I went back into normal mode and nothing has changed, so I'm back to where I started. Thanks.

Link to post
Share on other sites

Hello and post-32477-1261866970.gif

 

P2P/Piracy Warning:

 

   

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.


Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Next,

 

Please download RogueKiller and save it to your desktop from the following link: http://www.bleepingcomputer.com/download/roguekiller/

 


Quit all running programs.
For Windows XP, double-click to start.
For Vista,Windows 7/8, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
Read and accept the EULA (End User Licene Agreement)
Click Scan to scan the system.
When the scan completes Close the program > Don't Fix anything!
Post back the report which should be located on your desktop.

 

Let me see those logs in your next reply..

 

Kevin..

Link to post
Share on other sites

Thanks Kevin, as you can see I got the Farbar scan report ok but when I tried to download Rogue Killer after a few minutes I got the message " this program has been disrupted, so I resumed and a few minutes later again I got the message " this program maybe corrupt" Lately this has happenend everytime I've tried to download other security programs or tried to download updates for my current securty programs. Once again thanks very much.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-06-2014 02

Ran by Aspire (administrator) on ACER on 15-06-2014 15:41:11

Running from C:\Users\Aspire\Downloads

Platform: Windows 8 (X64) OS Language: English(US)

Internet Explorer Version 10

Boot Mode: Normal

The only official download link for FRST:

Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/

Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/

Download link from any site other than Bleeping Computer is unpermitted or outdated.

See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

() C:\ProgramData\Aircard Connection\OnlineUpdate\ouc.exe

(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe

(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe

() C:\ProgramData\DatacardService\HWDeviceService64.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

(McAfee, Inc.) C:\Windows\System32\mfevtps.exe

(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe

(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe

(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe

(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe

(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe

(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMMsg.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe

() C:\Program Files (x86)\Aircard Connection\Aircard Connection.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe

(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe

(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe

(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe

() C:\Program Files (x86)\Aircard Connection\eap\wifimansvc.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe

(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe

(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Microsoft Corporation) C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16921_none_421682c720aee408\iexplore.exe

(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe

() C:\ProgramData\Aircard Connection\OnlineUpdate\LiveUpd.exe

==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5181456 2014-05-13] (AVG Technologies CZ, s.r.o.)

HKU\S-1-5-21-2569229807-465856810-1703829547-1001\...\Run: [WinPatrol] => C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [1128000 2014-06-04] (BillP Studios)

BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com.au/

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US,en-AU;q=0.7,en;q=0.3

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

SearchScopes: HKLM - DefaultScope {EA342FE4-4EE0-4F20-B00F-882ADDAFDEFA} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS

SearchScopes: HKLM - {EA342FE4-4EE0-4F20-B00F-882ADDAFDEFA} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS

SearchScopes: HKLM-x32 - DefaultScope value is missing.

SearchScopes: HKLM-x32 - {EA342FE4-4EE0-4F20-B00F-882ADDAFDEFA} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS

SearchScopes: HKCU - DefaultScope {EA342FE4-4EE0-4F20-B00F-882ADDAFDEFA} URL =

SearchScopes: HKCU - {13832EB2-651D-4E04-946D-E7B40FED52DB} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1424524&CUI=UN24592029051973782&UM=1

SearchScopes: HKCU - {EA342FE4-4EE0-4F20-B00F-882ADDAFDEFA} URL =

BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)

Tcpip\..\Interfaces\{57F0FEAA-EA71-48E1-BB9A-D09C4FD625E7}: [NameServer]115.178.58.26 115.178.58.10

Tcpip\..\Interfaces\{E6442087-1721-494B-8CB7-23B46D55A13D}: [NameServer]115.178.58.26 115.178.58.10

FireFox:

========

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()

FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

FF StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:

=======

CHR HomePage: hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_7&idate=2013-12-04&ent=hp&u=81FDB55DEF166FE15F454C529F2A8DE8

CHR RestoreOnStartup: "hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_7&idate=2013-12-04&ent=hp&u=81FDB55DEF166FE15F454C529F2A8DE8",

"hxxp://www.google.com"

CHR DefaultSearchKeyword: google.co.th

CHR Extension: (Docs) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-01]

CHR Extension: (Google Drive) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-01]

CHR Extension: (YouTube) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-01]

CHR Extension: (Google Search) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-01]

CHR Extension: (Google Wallet) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-01]

CHR Extension: (Gmail) - C:\Users\Aspire\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-01]

==================== Services (Whitelisted) =================

S2 Aircard Connection. RunOuc; C:\Program Files (x86)\Aircard Connection\UpdateDog\ouc.exe [657504 2012-11-12] ()

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [228480 2013-04-16] (Qualcomm Atheros Commnucations)

R2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1473792 2014-05-13] (AVG Technologies CZ, s.r.o.)

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3644432 2014-05-13] (AVG Technologies CZ, s.r.o.)

R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [292424 2014-05-13] (AVG Technologies CZ, s.r.o.)

R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-20] (Acer Incorporated)

R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-16] (Acer Incorporated)

R2 ETDService; C:\Program Files\Elantech\ETDService.exe [100752 2013-04-10] (ELAN Microelectronics Corp.)

R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2013-12-17] (WildTangent)

R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()

R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-03-15] (Acer Incorporate)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-09-24] (McAfee, Inc.)

R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2185528 2014-04-15] (AVG)

R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [42808 2014-04-15] (AVG)

R3 wifimansvc; C:\Program Files (x86)\Aircard Connection\eap\wifimansvc.exe [605696 2012-11-23] () [File not signed]

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)

S2 HPSLPSVC; C:\Users\Aspire\AppData\Local\Temp\7zS5BFD\hpslpsvc64.dll [X]

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2013-04-21] (Microsoft Corporation)

R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [94208 2013-02-14] (Advanced Micro Devices)

S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-05-13] (AVG Technologies CZ, s.r.o.)

R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [236312 2014-05-13] (AVG Technologies CZ, s.r.o.)

R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [191768 2014-05-13] (AVG Technologies CZ, s.r.o.)

R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-05-13] (AVG Technologies CZ, s.r.o.)

R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [323352 2014-05-13] (AVG Technologies CZ, s.r.o.)

R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130328 2014-05-13] (AVG Technologies CZ, s.r.o.)

R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-05-13] (AVG Technologies CZ, s.r.o.)

R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [274712 2014-03-31] (AVG Technologies CZ, s.r.o.)

S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [104960 2012-07-07] (ASIX Electronics Corp.)

R1 BprotectEx; C:\Windows\System32\drivers\BprotectEx.sys [83264 2014-01-09] (Baidu, Inc.)

S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-04-16] (Qualcomm Atheros)

S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)

R3 huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [241152 2012-12-03] (Huawei Technologies Co., Ltd.)

R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated)

S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [88280 2014-06-10] (Malwarebytes Corporation)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

S3 mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [179664 2013-09-24] (McAfee, Inc.)

R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [781312 2013-09-24] (McAfee, Inc.)

R3 NPF; C:\Windows\System32\drivers\NPF.sys [35344 2012-06-06] (CACE Technologies, Inc.)

R3 NPF; C:\Windows\SysWOW64\drivers\NPF.sys [35344 2012-06-06] (CACE Technologies, Inc.)

R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated)

R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2013-09-18] (TuneUp Software)

S3 catchme; \??\C:\ComboFix_14_4_30_1\catchme.sys [X]

S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\3.7.0.0\PCFApiUtil64.sys [X]

========================== Drivers MD5 =======================

C:\Windows\System32\drivers\1394ohci.sys E890C46E4754F0DF51BAFCC8D2E07498

C:\Windows\System32\drivers\3ware.sys 4F18D4C7EA14F11A7211F60D553C03DB

C:\Windows\System32\drivers\ACPI.sys 975AABEB243B800C23626D6B652C5A9C

C:\Windows\System32\Drivers\acpiex.sys DC968C37822117E576B933F34A2D130C

C:\Windows\System32\drivers\acpipagr.sys 0CA9F7C3A78227C21A0A7854E245CFB2

C:\Windows\System32\drivers\acpipmi.sys 8EB8DA03B142D3DD1EB9ED8107A76C43

C:\Windows\System32\drivers\acpitime.sys CBCE725C5D86ABA7D2604E22951AA9B8

C:\Windows\System32\drivers\adp94xx.sys 93C6388592B99925C1D1576E465BC80F

C:\Windows\System32\drivers\adpahci.sys D27763E0247292654E7F7D16444C7C72

C:\Windows\System32\drivers\adpu320.sys 67B90070FF48F794AF19F9FCF0080D75

C:\Windows\system32\drivers\afd.sys 7C0E0EDF18D6CC565D7BFBB451709FA5

C:\Windows\System32\drivers\agp440.sys 01590377A5AB19E792528C628A2A68F9

C:\Windows\System32\drivers\amdk8.sys 5A81054B824004B1ECC04F0034A1CDF9

C:\Windows\system32\DRIVERS\atikmdag.sys A2ED708BE8ECB88C039565631B88BF90

C:\Windows\system32\DRIVERS\atikmpag.sys 0E56EB2F21CFC9AB62990CC2ACE5ABD2

C:\Windows\System32\drivers\amdppm.sys B849D453E644FAB9BC8EF6DC8CA9C4C6

C:\Windows\System32\drivers\amdsata.sys 35A0EB5AECB0FA3C41A2FB514A562304

C:\Windows\System32\drivers\amdsbs.sys 00452671904F5EE94B50BF0219C97164

C:\Windows\System32\drivers\amdxata.sys EA3FFE53E92E59C87E3ECA9BEB20D9B7

C:\Windows\system32\drivers\appid.sys 83B3682CE922FB0F415734B26D9D6233

C:\Windows\System32\drivers\arc.sys E933401B392387F4BE34DE8BAF1722A7

C:\Windows\System32\drivers\arcsas.sys 07CA323EF2E8247A568AB0F3662AD644

C:\Windows\System32\DRIVERS\asyncmac.sys 74DBAEC35366C4EE7670428808715A6A

C:\Windows\System32\drivers\atapi.sys A721FF570C2387E383BDDEA9632863C9

C:\Windows\system32\DRIVERS\btath_flt.sys 1E71A166547A110CD66EA44326DB4552

C:\Windows\system32\DRIVERS\athw8x.sys B21B37989D3B6E8A54A703DFE13A42D6

C:\Windows\system32\drivers\AtihdW86.sys 005D1AA28FFAA7FB327842B3CAFF726E

C:\Windows\System32\DRIVERS\avgboota.sys 4EB2E8EE8BA47B58E08B67139C31CB41

C:\Windows\System32\DRIVERS\avgdiska.sys D89F8E4E025DAA0C39FF61AC0199E101

C:\Windows\system32\DRIVERS\avgfwd6a.sys CA10D51653068DB6A0ADEEDDC4946C47

C:\Windows\System32\DRIVERS\avgidsdrivera.sys F9984B8432204D000E15DE0A40D6F9AD

C:\Windows\System32\DRIVERS\avgidsha.sys 73B684F26AD82BABC2A1B3E539ED027A

C:\Windows\System32\DRIVERS\avgldx64.sys 18A542A22A31DFFEA51666E75393E7A5

C:\Windows\System32\DRIVERS\avgloga.sys EC0E347F6C95541504CCF1B85D74F91F

C:\Windows\System32\DRIVERS\avgmfx64.sys ADC65C6074A994D91CA9C6339C3DC978

C:\Windows\System32\DRIVERS\avgrkx64.sys 7D206FA06603E95984EFF9822C9FC958

C:\Windows\system32\DRIVERS\avgwfpa.sys AE2B554B1A12A7737158B96E050C8A2E

C:\Windows\system32\DRIVERS\ax88772.sys 555C879F7CD2A5E476F2F46D3FBD5537

C:\Windows\System32\drivers\bxvbda.sys 87AB5BB072A3F128541D5B815F82FFDD

C:\Windows\System32\drivers\BasicDisplay.sys 81703BC5D68DEDBB086C2368FBE7B334

C:\Windows\System32\drivers\BasicRender.sys 5EC68164E14D25675C98BBB5F09E8606

C:\Windows\System32\Drivers\Beep.sys 9E7AEA59776D904607985AFFE7E5E183

C:\Windows\System32\DRIVERS\bowser.sys B17AC10B47C7FCB44D22A1F06415840E

C:\Windows\System32\drivers\BprotectEx.sys 90FC18CBEFCD54BE4288541558E5187E

C:\Windows\system32\drivers\btath_a2dp.sys 5ED7B1EE371751CF2ACAE89E7FC566FA

C:\Windows\system32\drivers\btath_avdt.sys 31BDF24D1C9213A0E891568FE643C79C

C:\Windows\System32\drivers\btath_bus.sys C6978F7EBA6F37D626482AC6B9390630

C:\Windows\System32\drivers\btath_hcrp.sys 4AF7C20F94DAC343C01ED671C82DCB99

C:\Windows\system32\DRIVERS\btath_lwflt.sys 785C38070043BEEE9E9D591DE4067244

C:\Windows\System32\drivers\btath_rcp.sys 31EC5FC3FC5CB273F2709AAF4AD88ED4

C:\Windows\system32\DRIVERS\btfilter.sys 0D70E980F91FDBF3DB55922CECCE4616

C:\Windows\System32\drivers\BthAvrcpTg.sys 6695200F455E251F0BCC9CE4D0978D59

C:\Windows\System32\drivers\BthEnum.sys A8B20D852B07AE19A13B5D47EC4E4C3B

C:\Windows\System32\drivers\bthhfenum.sys 616EB8748C988AEE98D93DA141C3D3B4

C:\Windows\System32\drivers\BthHFHid.sys DCB4EBD928A6FB368BE6CAE522412DE1

C:\Windows\system32\DRIVERS\BthLEEnum.sys 42201C346F0B8C458E1E9CDE04D68A2C

C:\Windows\System32\drivers\bthmodem.sys 033916CE8784A848B9A3D686B7F66D97

C:\Windows\system32\DRIVERS\bthpan.sys 091BB978E9504D0AD14586929431A957

C:\Windows\System32\Drivers\BTHport.sys 13795CAA34239D97A7211E7F9D96E012

C:\Windows\System32\Drivers\BTHUSB.sys 1F715957F5236D30B6020A19A4271F6A

C:\Windows\System32\DRIVERS\cdfs.sys 990B1BABE6E81FB18E65A87EBEFB1772

C:\Windows\System32\drivers\cdrom.sys 339BFF85D788268752DA8C9644B188EE

C:\Windows\System32\drivers\circlass.sys F64B7D1A37CC1D5F421D5359EEC81E2E

C:\Windows\System32\drivers\CLFS.sys 9905168708DB68849B879B5548F68AB3

C:\Windows\System32\drivers\CmBatt.sys 2DC8538A2260647484A6C921CA837313

C:\Windows\System32\Drivers\cng.sys DBF9E5346431557BF56F41E7F8EC0DC1

C:\Windows\System32\drivers\CompositeBus.sys 0E5B1E9E7122EDAAF1F6CE047965CA92

C:\Windows\System32\drivers\condrv.sys D9CB0782AF819548072AA45B70F8B22D

C:\Windows\System32\drivers\dam.sys FAEF4C245BE832DB41B15DAAC336AFB7

C:\Windows\System32\Drivers\dfsc.sys 431141C6859990824D17F71C30A78728

C:\Windows\System32\drivers\discache.sys 3C736FAE17BA6F91BA37594AAB139CD0

C:\Windows\System32\drivers\disk.sys AE3786294CC246A5403783E1B86A0168

C:\Windows\System32\drivers\dmvsc.sys 82A7C72593793FE1EADA7A305BD1567A

C:\Windows\system32\drivers\drmkaud.sys 9C7C183F937951AE17C5B8B3259CF3FF

C:\Windows\System32\drivers\dxgkrnl.sys E6AF4DF1817953D73C519B17CF849756

C:\Windows\System32\drivers\evbda.sys 5AB97B3282D7D6114949D1EB5C8598E4

C:\Windows\System32\drivers\EhStorClass.sys 66D60BD9A4C05616ABECA2A901475098

C:\Windows\System32\drivers\EhStorTcgDrv.sys A61D0F543024E458C0FE32352E1978E2

C:\Windows\System32\drivers\errdev.sys D790D058D67582DB9C84C2D33695FE6B

C:\Windows\system32\DRIVERS\ETD.sys 9CB5DAEDEC3C7CCD5FAFA263A75B363C

C:\Windows\system32\DRIVERS\ew_hwusbdev.sys 86F7951BBCEE4A86E79A97306BD14318

C:\Windows\System32\drivers\ew_usbenumfilter.sys FF82FE59664304F75FC56EC0E92796F0

C:\Windows\System32\Drivers\exfat.sys 7A4D6FEB8C52B3FE855E4DCDF9107E03

C:\Windows\System32\Drivers\fastfat.sys 60996602A7111FD2D086E803F33E4282

C:\Windows\System32\drivers\fdc.sys 73B2D11DF0B6E03A0CB0323218ACB3E4

C:\Windows\System32\drivers\fileinfo.sys 88A9EBACD1058ABB237A6B4E96E7F397

C:\Windows\System32\drivers\filetrace.sys 9E4EE3A0B00FF7D5F42A4AF9744CBA02

C:\Windows\System32\drivers\flpydisk.sys B1D4C168FF7B8579E3745888658FFB1D

C:\Windows\System32\drivers\fltmgr.sys B33EC133AE4E6C1881D2302D93D2467D

C:\Windows\System32\drivers\FsDepends.sys A5F7873A39E4E9FAAAE59B7E9E36B705

C:\Windows\System32\Drivers\Fs_Rec.sys A6DD7D491F587F4BC13FB972977DC8E8

C:\Windows\System32\DRIVERS\fvevol.sys C1646A95EAC515F60CDB2A7A8A013C1E

C:\Windows\System32\drivers\fxppm.sys A969D92973DFA895E7776B4BFE36DBB2

C:\Windows\System32\drivers\gagp30kx.sys 52BC441E07A827EBAB70CDC7EAEDB28D

C:\Windows\System32\drivers\vmgencounter.sys 721F8EEF5E9747F32670DEFF7FB92541

C:\Windows\System32\Drivers\msgpioclx.sys FC2B8B06BDBD3B6457F5A3DA9AD2410E

C:\Windows\system32\drivers\HdAudio.sys 630555943E5A3FE21010CE91EC7FC84F

C:\Windows\System32\drivers\HDAudBus.sys 3865C4E388B31940C8BB9F73D9738E93

C:\Windows\System32\drivers\HidBatt.sys 3F76BBA53D65E85A7F53E7A71082082C

C:\Windows\System32\drivers\hidbth.sys 085F150D002B7F0153D3C06DDF33A143

C:\Windows\System32\drivers\hidi2c.sys CC4A07E51D89575CAB6F4EB590D87CD4

C:\Windows\System32\drivers\hidir.sys DC96F7DACB777CDEAEF9958A50BFDA06

C:\Windows\System32\drivers\hidusb.sys 012C354B4AB48E9A7A657DF39E3A2073

C:\Windows\System32\drivers\HpSAMD.sys 64DB7A8D97CA53DCCF93D0A1E08342CF

C:\Windows\System32\drivers\HTTP.sys F4A91D985EB9D1D2717D538F3424603C

C:\Windows\system32\DRIVERS\ew_jucdcacm.sys 4205571B46BAF3A43D43A9804810DF9A

C:\Windows\System32\drivers\ew_jubusenum.sys F6C1661C55EAAD2DD9FBB37D5DF1A011

C:\Windows\System32\drivers\ew_juextctrl.sys F7D991E5EA0433DBAEEE186CAD2BEBC9

C:\Windows\system32\DRIVERS\ew_juwwanecm.sys 06D9644E6BD7AD1C18B78D4D4EE87586

C:\Windows\System32\drivers\hwpolicy.sys 2A98301068801700906C06649860FE94

C:\Windows\System32\drivers\hyperkbd.sys DC76901D82097C9E297F20C287CB9A27

C:\Windows\system32\DRIVERS\HyperVideo.sys 716413AB3CA12DE0A7222D28C1C9352C

C:\Windows\System32\drivers\i8042prt.sys C9E9CBF73AFFBFE3E801EFB516787BA3

C:\Windows\System32\drivers\iaStorV.sys 5E394EBD26FD68AA9300332C46BEDD62

C:\Windows\System32\drivers\iirsp.sys 24847A06B84339FEEDE5CABF3D27D320

C:\Windows\system32\drivers\RTKVHD64.sys 7D7711B0F972C73AE46105B42092D82E

C:\Windows\System32\drivers\intelide.sys 4F37726CF764CA18A8A84F85EF3A7F24

C:\Windows\System32\drivers\intelppm.sys E15CDF68DD73423F15D4AC404793AF0D

C:\Windows\System32\DRIVERS\ipfltdrv.sys 8FCA66234A0933D796BB780B7953BAB9

C:\Windows\System32\drivers\IPMIDrv.sys A4071DA3AE419F9694BFCB267C7DB8D7

C:\Windows\System32\drivers\ipnat.sys 3969B9C218DD3FAA9F4ED2FFC3651C02

C:\Windows\System32\drivers\irenum.sys 25CD7C4BB2863FFC2B0B311F0AEBF77C

C:\Windows\System32\drivers\isapnp.sys D940C5BB9DC92E588533C19ABCC3D2C2

C:\Windows\System32\drivers\msiscsi.sys E6530FD4F61B40F338BF4355A21B9A09

C:\Windows\System32\drivers\kbdclass.sys 8FBD94B69D6423E20ABCD59D86368B21

C:\Windows\System32\drivers\kbdhid.sys E88C932ABDF8185A62C8F2FC7B051FB6

C:\Windows\system32\DRIVERS\kdnic.sys FB6C185092E18011EF49989425C2AA87

C:\Windows\System32\Drivers\ksecdd.sys 8B3EB6372436195B8EA8AE09A184BCE2

C:\Windows\System32\Drivers\ksecpkg.sys 3DD9C86EA88E8B5A51904AD87E1F2E78

C:\Windows\system32\drivers\ksthunk.sys 81492FEEBF2F26455B00EE8DBAE8A1B0

C:\Windows\system32\DRIVERS\lltdio.sys CEEFD29FC551F289810B0B9381B321DC

C:\Windows\System32\drivers\LMDriver.sys 95DD1E89A772A383E0FDC677A2E2ED44

C:\Windows\System32\drivers\lsi_sas.sys 022CDD12161B063D7852B1075BF3FFF2

C:\Windows\System32\drivers\lsi_sas2.sys 07AD59D669B996F29F91817F0ECFA34F

C:\Windows\System32\drivers\lsi_scsi.sys 216FB796AA4E252ACCE93B1BCB80B5EC

C:\Windows\System32\drivers\lsi_sss.sys 5E80530AF37102488EE980B4A92AF99F

C:\Windows\system32\drivers\luafv.sys 2BDC5D711FA61307CE6190D47C956368

C:\Windows\system32\drivers\mbamchameleon.sys 12C1D2B46EB98B08AB573A8EC8AF84AD

C:\Windows\system32\drivers\mbam.sys 0BB97D43299910CBFBA59C461B99B910

C:\Windows\System32\drivers\megasas.sys 9B0D829C3BE4E7472DB9DD2B79908E3C

C:\Windows\System32\drivers\MegaSR.sys ECC3F54C7AFC318271C4F0B4606D8DB0

C:\Windows\system32\drivers\mfeapfk.sys 3D7E3F388680F1F854599C73D8AAF535

C:\Windows\System32\drivers\mfehidk.sys 514EC1C14BA51CE6B8F60AEFE390CA3E

C:\Windows\System32\drivers\modem.sys 780098AD5DA8A4822E2563984C85EF7B

C:\Windows\System32\drivers\monitor.sys EA8EAD3F5B762F889CC7F3966625B48B

C:\Windows\System32\drivers\mouclass.sys 618446B98C79776654340CE27C73485E

C:\Windows\System32\drivers\mouhid.sys C0ADEBED913295803B579ED288936CBB

C:\Windows\System32\drivers\mountmgr.sys 89D263DBF08119CE16273991C120D6DD

C:\Windows\System32\drivers\mpsdrv.sys 4CCBBD4944777CA100B9A6C2F149A46F

C:\Windows\system32\drivers\mrxdav.sys 3D70147F55F1EC84EB9139ED7FFE48BC

C:\Windows\System32\DRIVERS\mrxsmb.sys 7A761AEE58658378BBA45D360F874CB0

C:\Windows\System32\DRIVERS\mrxsmb10.sys 06D5F2FA3C61E8EA91648EA8E9F99FD3

C:\Windows\System32\DRIVERS\mrxsmb20.sys 697B78CE3925E4FBFC544232A5E9E2EB

C:\Windows\system32\DRIVERS\bridge.sys 98487487D6B3797CA927E9D7B030AE13

C:\Windows\System32\Drivers\Msfs.sys 3886F1F2A4D2900ABAA7E4486BEEE6A2

C:\Windows\System32\drivers\msgpiowin32.sys C32A7A39B960A42BA9D4FBE47213CA03

C:\Windows\System32\drivers\mshidkmdf.sys D3857A767B91A061B408CCAB02DA4F40

C:\Windows\System32\drivers\mshidumdf.sys 839B48910FB1E887635C48F3EC11A05E

C:\Windows\System32\drivers\msisadrv.sys 55C0DB741E3AB7463242B185B1C2997C

C:\Windows\system32\drivers\MSKSSRV.sys 509809566E49F4411055864EA8D437CD

C:\Windows\system32\DRIVERS\mslldp.sys 63145201D6458E4958E572E7D6FC2604

C:\Windows\system32\drivers\MSPCLOCK.sys 99D526E803DB6D7FF290FD98B6204641

C:\Windows\system32\drivers\MSPQM.sys 06FA77C3E2A491ADCD704C5E73006269

C:\Windows\System32\Drivers\MsRPC.sys E134EC4DE11CF78CB01432D180710D84

C:\Windows\System32\drivers\mssmbios.sys B5AECF12F09DEE97C9FCAA5BA016CE1E

C:\Windows\system32\drivers\MSTEE.sys 72D66A05E0F99F2528F6C6204FD22AA1

C:\Windows\System32\drivers\MTConfig.sys 8AAAE399FC255FA105D4158CBA289001

C:\Windows\System32\Drivers\mup.sys 3BCB702F3E6CC622DCAFCAA45D7CDE0A

C:\Windows\System32\drivers\mvumis.sys 3A1E095277BBD406CEA8EA6B76950664

C:\Windows\system32\DRIVERS\nwifi.sys 43D7388A90A4C6EA346A4D6FF0377479

C:\Windows\System32\drivers\ndis.sys A10E176F3B2BF83EDE7B5C4658C93B66

C:\Windows\system32\DRIVERS\ndiscap.sys 39C8A1D9D46F5E83A016BCAB72455284

C:\Windows\system32\DRIVERS\NdisImPlatform.sys 762941932B7E4C588E48A577BA9D6440

C:\Windows\system32\DRIVERS\ndistapi.sys 7A6F8A6D0E01432EBA294EF29CDD0FA7

C:\Windows\system32\DRIVERS\ndisuio.sys 79AB68BB3FFF974AD4F41FA559F4EC67

C:\Windows\system32\DRIVERS\ndiswan.sys 62C7DBF4F9301F76CF87D4B9D8F57BF8

C:\Windows\system32\DRIVERS\ndiswan.sys 62C7DBF4F9301F76CF87D4B9D8F57BF8

C:\Windows\System32\Drivers\NDProxy.sys 3730942D7DB2F8BB5F84542B7FF6F650

C:\Windows\System32\drivers\Ndu.sys D3F60A4345FCA9C1BE68AD7D0D6DE770

C:\Windows\System32\DRIVERS\netbios.sys 7C203A76394F9AE68F69EEE5F9612C4A

C:\Windows\System32\DRIVERS\netbt.sys 7CEC25C682D319D484630B3952C31A11

C:\Windows\System32\drivers\nfrd960.sys 12DD2800E4EEA37DC9AE256AD62423B4

C:\Windows\System32\drivers\NPF.sys ==> MD5 is legit

C:\Windows\SysWOW64\drivers\NPF.sys ==> MD5 is legit

C:\Windows\System32\Drivers\Npfs.sys 17E19A742FB30C002F8B43575451DBE1

C:\Windows\System32\drivers\npsvctrig.sys 8ED299C30792544264E558BEA79F0947

C:\Windows\System32\drivers\nsiproxy.sys 689B3B1E95C70ABF7AFF29F9406EF1E0

C:\Windows\System32\Drivers\Ntfs.sys 7BE3EDFFA3216F989A6BDCB14795DD08

C:\Windows\System32\Drivers\Null.sys 4163ADE07DB51843AE31F65B94F5398D

C:\Windows\System32\drivers\nvraid.sys D6D34118263412D3AAA8348A9572B7F2

C:\Windows\System32\drivers\nvstor.sys 27AFC428D1D32ABD04A86763A4EDDEA9

C:\Windows\System32\drivers\nv_agp.sys 051CFB5107BAAE510419BDC41F8C4036

C:\Windows\System32\drivers\parport.sys 4563DAF8C6A740AD7F501E219BD10766

C:\Windows\System32\drivers\partmgr.sys D6ACCF9F2EEEEA711C14EFD976E573F3

C:\Windows\System32\drivers\pci.sys 4A003E8F718C1E6A2050CA98CD53E3E2

C:\Windows\System32\drivers\pciide.sys F9908D274D458220F91E89B54D78D837

C:\Windows\System32\drivers\pcmcia.sys 84D19CB6102627932DCB5DFDF89FE269

C:\Windows\System32\drivers\pcw.sys CEBBAD5391C2644560C55628A40BFD27

C:\Windows\System32\drivers\pdc.sys 0698DEDEAD6A00AD0D468C687D830FBF

C:\Windows\System32\drivers\peauth.sys 61FE70659CD43E07F94DA4DC31DEC493

C:\Windows\system32\DRIVERS\raspptp.sys 362D47E5B4D67270DE4B8606036F4ADD

C:\Windows\System32\drivers\processr.sys DD979EB6A7212F60E4AFBE96EDC7AE6D

C:\Windows\system32\DRIVERS\pacer.sys EB8034147D4820CD31BFCB11A2A652DF

C:\Windows\system32\drivers\qwavedrv.sys 13D47BB0CCA2FC51BD15F8E85C6A078E

C:\Windows\System32\drivers\RadioShim.sys E94067155C8AA4EF134CB2528E0C9CD7

C:\Windows\System32\DRIVERS\rasacd.sys 873C60F8178100557740A832FCE10B5F

C:\Windows\system32\DRIVERS\AgileVpn.sys 69B93F623B130976243ECA3D84CC99CA

C:\Windows\system32\DRIVERS\rasl2tp.sys A14D625C5AEE5FFE0F47D1A1D419FAAE

C:\Windows\system32\DRIVERS\raspppoe.sys 00695B9C2DB6111064499C529E90C042

C:\Windows\system32\DRIVERS\rassstp.sys A7F24D8CD1956B0A1FDCB86CC5114DE4

C:\Windows\System32\DRIVERS\rdbss.sys CA03D642ACE58E1BA54E4B383F91CD69

C:\Windows\System32\drivers\rdpbus.sys CA7DF5EC95D8DE0DD24BE7FF97369F68

C:\Windows\System32\drivers\rdpdr.sys B2A3AD74FF2E2FFA73AF2567108231B3

C:\Windows\System32\drivers\rdpvideominiport.sys 57F4787E4602A3FCA719C0A33137C6DA

C:\Windows\System32\Drivers\RDPWD.sys B3CB0721E81E30419CE7D837EF4EA151

C:\Windows\System32\drivers\rdyboost.sys 62C1F8A0685FE07E998AA296C4F697C4

C:\Windows\System32\drivers\rfcomm.sys CCBFCABDFE2BC22F0645CEAADDB36004

C:\Windows\system32\DRIVERS\rspndr.sys E04E770DD198B9399640717145E79EBF

C:\Windows\System32\drivers\vms3cap.sys 752EC7DCD2F96871A3857EEE6AFE965A

C:\Windows\System32\drivers\sbp2port.sys 9C7B28CE0D136DB226E24DB3BC817F92

C:\Windows\System32\DRIVERS\scfilter.sys 5D7733A12756B267FCA021672B26BC9E

C:\Windows\System32\drivers\sdbus.sys F58B030A0664385C707B8C1C63682041

C:\Windows\System32\drivers\sdstor.sys BB107AA9980B0DA4E19A3A90C3BD4460

C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit

C:\Windows\System32\drivers\SerCx.sys 87C46B239A7EEF30FDFDD5E9BD46130C

C:\Windows\System32\drivers\serenum.sys 7A1F9347C85FD55E39B8A76B3A25C5AD

C:\Windows\System32\drivers\serial.sys F640A0A218BBF857F1D04A15D7D939F6

C:\Windows\System32\drivers\sermouse.sys F1A5F56B2620B862CC28FF96A0A6DAAB

C:\Windows\System32\drivers\sfloppy.sys 7EE65419B29302C795714FF8073969A1

C:\Windows\System32\drivers\SiSRaid2.sys 2560721D6F16D5B611C36A3A9D28C1B2

C:\Windows\System32\drivers\sisraid4.sys 3AA8FDE1DBF65BB8B88B053529554A0D

C:\Windows\System32\drivers\spaceport.sys 9110193D93960E38B8692E4519C75D72

C:\Windows\System32\drivers\SpbCx.sys 3D8679C8DF52EB26EB7583A4E0A29202

C:\Windows\System32\DRIVERS\srv.sys 0F1FCD575A03ABDE13FCA9D0ADE4DDA6

C:\Windows\System32\DRIVERS\srv2.sys 8504ADDE9C146C6295B16D13A0007560

C:\Windows\System32\DRIVERS\srvnet.sys BB0F9E19C5CE4DC765B263E2A5561DE1

C:\Windows\System32\drivers\stexstor.sys 4E85355B94CFCB67C135F6521A4895A7

C:\Windows\System32\drivers\storahci.sys B240874B2CA0CD02E8CD11E140B14C57

C:\Windows\System32\DRIVERS\vmstorfl.sys F74DBC95A57B1EE866D3732EB5F79BE2

C:\Windows\System32\drivers\storvsc.sys 543CD3CC0E05B8D8815E0D4F040B6F59

C:\Windows\System32\drivers\swenum.sys 4AFD66AAE74FFB5986BC240744DC5FC9

C:\Windows\System32\drivers\tcpip.sys 0E0C16EE82E2F4EBC2FBCA24C8F00D9E

C:\Windows\system32\DRIVERS\tcpip.sys 0E0C16EE82E2F4EBC2FBCA24C8F00D9E

C:\Windows\System32\drivers\tcpipreg.sys 8F2A13A5DF99D72FDDE87F502A66F989

C:\Windows\System32\DRIVERS\tdx.sys 73DC722CE5DF26D7638CE2446F2655C7

C:\Windows\System32\drivers\terminpt.sys F7C8AB5D8AFFAA318D6A21093D139BF4

C:\Windows\system32\drivers\tpm.sys E94F7A7B48C7638D1F3F8089344C97B7

C:\Windows\System32\drivers\tsusbflt.sys 4E7C5FB10A50435523DE0CAA37DE2BD3

C:\Windows\System32\drivers\TsUsbGD.sys 16D684A820872EE54F6370703AC0B513

C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys 45427C4B8CAC6B241478F149B935CD80

C:\Windows\system32\DRIVERS\tunnel.sys 78C9EE193AC2B4CBDBC48B620314D740

C:\Windows\System32\drivers\uagp35.sys 6D4F67CA56ACA2085DFA2CD89EAFBC1A

C:\Windows\System32\drivers\uaspstor.sys 6FD6D03B7752C78712E5CFF29A305026

C:\Windows\System32\drivers\ucx01000.sys 061BA3EE0D2BE17944990544008CF190

C:\Windows\System32\DRIVERS\udfs.sys 25C50F4EDF70D0A831E0566BD181CCF2

C:\Windows\System32\drivers\uliagpkx.sys 07FEBCDF24FABA0D47B635D85A0FFB7A

C:\Windows\System32\drivers\umbus.sys 02CEB3FE6152668A7BA420B93B664860

C:\Windows\System32\drivers\umpass.sys 991EE6B5FC41EAEF99C8AF5B92F2CA09

C:\Windows\System32\drivers\usbccgp.sys C976C4306F9AE133D6BBD47FDFC3BF92

C:\Windows\System32\drivers\usbcir.sys 427B6DB8C05A5A977E8C3525370A2595

C:\Windows\System32\drivers\usbehci.sys B24FDEB1B18496F1B463782235AA3AF1

C:\Windows\system32\DRIVERS\usbfilter.sys 504901430B6E03B99EBB6BF26E0868C6

C:\Windows\System32\drivers\usbhub.sys F8C2A832DF9403F5EA8080CBDBDA95FB

C:\Windows\System32\drivers\UsbHub3.sys E5F7328B1D29BCE791862CD3C0DD382A

C:\Windows\System32\drivers\usbohci.sys 325F6179009B5A7F6118951A5BA422AB

C:\Windows\System32\drivers\usbprint.sys 9FDBA6982582A6F2354144980F641E7B

C:\Windows\System32\drivers\usbscan.sys AD91D1BBE5D3CF4501887DC1C09384FD

C:\Windows\System32\drivers\USBSTOR.SYS BFC7FE4AAEB61317A921871B4085EF4B

C:\Windows\System32\drivers\usbuhci.sys 1ABF657259DB57F7E5558E4DF1357C0C

C:\Windows\System32\Drivers\usbvideo.sys 9EF7C01D3ACCBC243B5CB1A95865B2FF

C:\Windows\System32\drivers\USBXHCI.SYS 8DC398D7B8E02C929A2096E74A170970

C:\Windows\System32\drivers\vdrvroot.sys BACECBFF9C97F7627A60B0E0F1FE7EE8

C:\Windows\System32\drivers\VerifierExt.sys 74FA2D4368DE6F6CE14393EDF1F342BE

C:\Windows\System32\drivers\vhdmp.sys 500BE6B2E49883720D0AE8BB859ED7A3

C:\Windows\System32\drivers\viaide.sys F5B4A14B00E89250C50982AC762DDD1D

C:\Windows\System32\drivers\vmbus.sys 78DB50F7329F6D1311658DABFFFC8BE0

C:\Windows\System32\drivers\VMBusHID.sys ECFEE2F2BA3932C7880D1A8F67D68F91

C:\Windows\System32\drivers\volmgr.sys CB60FAAED8B49B812EBBF77EB87D9B18

C:\Windows\System32\drivers\volmgrx.sys A74101DA9809251BCD0E5A26BAE0F824

C:\Windows\System32\drivers\volsnap.sys 78A5BBA3819FFFC62FFEC3E2220D102D

C:\Windows\System32\drivers\vpci.sys A8DA1C1B52ECEA3726DEBED4FF1B700D

C:\Windows\System32\drivers\vsmraid.sys 38A60CD9C009C55C6D3B5586F8E6A353

C:\Windows\System32\drivers\vstxraid.sys A0F6FE0FC2F647C22BBFD6BD4249DBCC

C:\Windows\System32\drivers\vwifibus.sys 62460A45435A26A334907E3F2EA45611

C:\Windows\system32\DRIVERS\vwififlt.sys 095E943D27025E4D588AF0A72CC2318F

C:\Windows\system32\DRIVERS\vwifimp.sys 73FA1A41A97A5C34ADC03B3577FF1A86

C:\Windows\System32\drivers\wacompen.sys 6B806E893714019969E2B50D7EF6A4D9

C:\Windows\system32\DRIVERS\wanarp.sys 61F6972FF9AC9A8D0B4D62076DC30051

C:\Windows\system32\DRIVERS\wanarp.sys 61F6972FF9AC9A8D0B4D62076DC30051

C:\Windows\System32\drivers\wd.sys B3A4D918DAB90505B6BC7B70632913CB

C:\Windows\system32\drivers\WdBoot.sys 3772FF85F0098686B0DCD77076AE0786

C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8

C:\Windows\system32\drivers\WdFilter.sys AB6F7DE8BFBF61A42F8764D9A621BD8B

C:\Windows\System32\DRIVERS\wfplwfs.sys 44BB9C31E6242C4BD1CE7C2B440C2533

C:\Windows\System32\drivers\wimmount.sys A3C7624A42A3447EF5EDD1ED37FE4E60

C:\Windows\System32\drivers\wmiacpi.sys E2A596CACFC6504306CDB7B593B90084

C:\Windows\System32\DRIVERS\wpcfltr.sys C6FF953D5D6F2EAE3B8883474D5076B3

C:\Windows\System32\drivers\WpdUpFltr.sys 0346CAFC181C91C6E2330332EB332ED6

C:\Windows\system32\drivers\ws2ifsl.sys BC8B5CB336E63BB25EAD1CE8EDD34B81

C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F

C:\Windows\System32\drivers\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

C:\Windows\system32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

C:\Windows\system32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-06-15 15:07 - 2014-06-15 15:10 - 01333465 _____ () C:\Users\Aspire\Downloads\AdwCleaner.exe

2014-06-15 13:45 - 2014-06-15 13:47 - 00038882 _____ () C:\Users\Aspire\Downloads\Addition.txt

2014-06-15 13:43 - 2014-06-15 15:42 - 00036659 _____ () C:\Users\Aspire\Downloads\FRST.txt

2014-06-15 13:43 - 2014-06-15 15:41 - 00000000 ____D () C:\FRST

2014-06-15 13:40 - 2014-06-15 15:40 - 02081792 _____ (Farbar) C:\Users\Aspire\Downloads\FRST64.exe

2014-06-15 10:07 - 2014-06-15 11:12 - 00010374 _____ () C:\Users\Aspire\Desktop\avgrep.txt

2014-06-15 09:51 - 2014-06-15 09:51 - 00000241 _____ () C:\Users\Aspire\Desktop\How To Boot Into Safe Mode On Windows 8 (The Easy Way).url

2014-06-15 09:51 - 2014-06-15 09:51 - 00000000 ____D () C:\Windows\pss

2014-06-15 08:34 - 2014-06-15 08:34 - 00000193 _____ () C:\Users\Aspire\Desktop\yahoo answers - Google Search.url

2014-06-15 08:10 - 2014-06-15 08:19 - 00849064 _____ () C:\Users\Aspire\Downloads\tdsskiller.zip

2014-06-15 08:06 - 2014-06-15 08:09 - 02195988 _____ () C:\Users\Aspire\Desktop\tdsskiller-2-8-14-0.zip

2014-06-13 18:53 - 2014-06-14 05:06 - 109501208 _____ (Microsoft Corporation) C:\Users\Aspire\Downloads\msert.exe

2014-06-12 20:51 - 2014-05-03 13:34 - 06974808 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2014-06-12 20:51 - 2014-05-03 13:33 - 01824808 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2014-06-12 20:51 - 2014-05-03 11:51 - 01408976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll

2014-06-12 20:51 - 2014-05-02 05:37 - 01023488 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll

2014-06-12 20:51 - 2014-04-30 05:32 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe

2014-06-12 20:51 - 2014-04-30 05:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe

2014-06-12 20:51 - 2014-04-24 06:51 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll

2014-06-12 20:51 - 2014-04-24 06:51 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

2014-06-12 20:51 - 2014-04-24 06:38 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll

2014-06-12 20:51 - 2014-04-24 06:38 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2014-06-12 20:51 - 2014-02-08 11:34 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys

2014-06-12 19:47 - 2014-06-12 19:47 - 00280752 _____ () C:\Windows\Minidump\061214-43087-01.dmp

2014-06-12 19:46 - 2014-06-12 19:46 - 435089771 _____ () C:\Windows\MEMORY.DMP

2014-06-12 19:45 - 2014-06-12 19:45 - 00016712 _____ () C:\Windows\system32\Drivers\PROCEXP113.SYS

2014-06-12 19:44 - 2014-06-12 19:45 - 00000000 ___SD () C:\32788R22FWJFW

2014-06-12 19:23 - 2014-05-24 09:48 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-06-12 19:23 - 2014-05-24 09:47 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-06-12 19:23 - 2014-05-24 09:47 - 01366016 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-06-12 19:23 - 2014-05-24 09:47 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll

2014-06-12 19:23 - 2014-05-24 09:47 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll

2014-06-12 19:23 - 2014-05-24 09:46 - 19290112 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-06-12 19:23 - 2014-05-24 09:46 - 15368704 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-06-12 19:23 - 2014-05-24 09:46 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2014-06-12 19:23 - 2014-05-24 09:46 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-06-12 19:23 - 2014-05-24 09:46 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-06-12 19:23 - 2014-05-24 09:46 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2014-06-12 19:23 - 2014-05-24 09:46 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-06-12 19:23 - 2014-05-24 09:46 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-06-12 19:23 - 2014-05-24 09:46 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-06-12 19:23 - 2014-05-24 09:46 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-06-12 19:23 - 2014-05-24 09:45 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-06-12 19:23 - 2014-05-24 09:45 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-06-12 19:23 - 2014-05-24 09:45 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-06-12 19:23 - 2014-05-24 08:26 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-06-12 19:23 - 2014-05-24 08:26 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-06-12 19:23 - 2014-05-24 08:26 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-06-12 19:23 - 2014-05-24 08:26 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-06-12 19:23 - 2014-05-24 08:26 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll

2014-06-12 19:23 - 2014-05-24 08:25 - 13731328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-06-12 19:23 - 2014-05-24 08:25 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-06-12 19:23 - 2014-05-24 08:25 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-06-12 19:23 - 2014-05-24 08:25 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-06-12 19:23 - 2014-05-24 08:25 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2014-06-12 19:23 - 2014-05-24 08:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-06-12 19:23 - 2014-05-24 08:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-06-12 19:23 - 2014-05-24 08:25 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-06-12 19:23 - 2014-05-24 08:09 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-06-12 19:23 - 2014-05-24 08:03 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-06-12 19:23 - 2014-05-24 05:37 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll

2014-06-12 19:22 - 2014-05-24 09:46 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-06-12 19:22 - 2014-05-24 09:46 - 02650112 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-06-12 19:22 - 2014-05-24 08:26 - 14365696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-06-12 19:22 - 2014-05-24 08:26 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-06-12 19:22 - 2014-05-24 08:25 - 02862080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-06-12 19:22 - 2014-05-24 08:25 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-06-12 19:22 - 2014-05-24 08:25 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2014-06-12 18:14 - 2014-06-15 15:16 - 00002688 _____ () C:\Windows\PFRO.log

2014-06-12 17:47 - 2014-06-12 17:57 - 00886288 _____ (Microsoft Corporation) C:\Users\Aspire\Downloads\mssstool64.exe

2014-06-12 17:47 - 2014-04-03 18:19 - 00328024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys

2014-06-12 17:47 - 2014-04-03 10:44 - 00619008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys

2014-06-12 17:47 - 2014-04-01 05:08 - 00387268 _____ () C:\Windows\system32\ApnDatabase.xml

2014-06-12 17:47 - 2014-03-25 06:42 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe

2014-06-12 17:47 - 2014-03-25 05:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe

2014-06-12 17:40 - 2014-04-30 05:32 - 01301504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2014-06-12 17:40 - 2014-04-30 05:22 - 01023488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2014-06-12 17:38 - 2014-04-03 18:22 - 02233176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

2014-06-12 17:35 - 2014-05-03 12:47 - 03246592 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll

2014-06-12 17:35 - 2014-05-03 10:34 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll

2014-06-12 17:34 - 2014-03-07 07:47 - 01419264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll

2014-06-12 17:34 - 2014-03-07 07:08 - 01845760 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2014-06-12 12:43 - 2014-06-12 17:52 - 02898547 _____ (Malwarebytes Corp.) C:\Users\Aspire\Downloads\mbar-1.07.0.1012 (2).exe

2014-06-11 13:54 - 2014-06-11 14:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol

2014-06-11 13:54 - 2014-06-11 13:59 - 00000000 ____D () C:\ProgramData\InstallMate

2014-06-11 13:54 - 2014-06-11 13:54 - 00000000 ____D () C:\Users\Aspire\AppData\Roaming\WinPatrol

2014-06-11 13:54 - 2014-06-11 13:54 - 00000000 ____D () C:\Program Files (x86)\BillP Studios

2014-06-11 13:52 - 2014-06-11 13:53 - 01064488 _____ (BillP Studios) C:\Users\Aspire\Downloads\wpsetup.exe

2014-06-11 13:22 - 2014-06-15 15:32 - 01021845 _____ () C:\Windows\WindowsUpdate.log

2014-06-11 12:41 - 2014-06-11 12:43 - 01676518 _____ (Malwarebytes Corp.) C:\Users\Aspire\Downloads\mbar-1.07.0.1012 (1).exe

2014-06-11 12:20 - 2014-06-11 12:29 - 07807057 _____ (Malwarebytes Corp.) C:\Users\Aspire\Downloads\mbar-1.07.0.1012.exe

2014-06-11 07:23 - 2014-06-11 07:23 - 00194823 _____ () C:\Users\Aspire\Documents\MLC Update.oxps

2014-06-11 06:02 - 2014-06-11 06:02 - 00307584 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-06-10 11:00 - 2014-06-10 11:00 - 00009402 _____ () C:\Users\Aspire\Documents\cc_20140610_110053.reg

2014-06-10 09:08 - 2014-06-10 09:08 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-06-10 09:08 - 2014-06-10 09:08 - 00000000 ____D () C:\Users\Aspire\AppData\Roaming\Malwarebytes

2014-06-10 09:08 - 2014-06-10 09:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

2014-06-10 09:08 - 2014-06-10 09:08 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-06-10 09:08 - 2014-06-10 09:08 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-06-10 09:08 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-06-10 08:04 - 2014-06-10 08:07 - 01823074 _____ (Crawler, LLC ) C:\Users\Aspire\Downloads\SpywareTerminatorSetup.exe

2014-06-10 07:11 - 2014-06-10 07:16 - 01940216 _____ (Bleeping Computer, LLC) C:\Users\Aspire\Downloads\rkill.com

2014-06-10 06:58 - 2014-06-10 06:58 - 00000189 _____ () C:\Users\Aspire\Desktop\Malwarebytes Forum.url

2014-06-10 06:24 - 2014-06-10 06:24 - 00000000 ____D () C:\Users\Aspire\Downloads\mbam-chameleon-2.0.26.0 (1)

2014-06-10 06:11 - 2014-06-10 06:11 - 00315392 _____ (Malwarebytes Corporation) C:\Users\Aspire\Downloads\mbam-clean-2.0.2.0 (1).exe

2014-06-09 20:10 - 2014-06-09 20:10 - 00018271 _____ () C:\combo fix.txt

2014-06-09 20:08 - 2014-06-15 15:42 - 00000000 ____D () C:\Users\Aspire\AppData\Local\temp

2014-06-09 20:08 - 2014-06-09 20:08 - 00018271 _____ () C:\ComboFix.txt

2014-06-09 20:08 - 2014-06-09 20:08 - 00000000 ____D () C:\Users\Public\AppData\Local\temp

2014-06-09 20:08 - 2014-06-09 20:08 - 00000000 ____D () C:\Users\Default\AppData\Local\temp

2014-06-09 20:08 - 2014-06-09 20:08 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp

2014-06-09 19:28 - 2014-06-10 05:58 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-06-09 19:25 - 2014-06-09 19:25 - 04793000 _____ () C:\Users\Aspire\Downloads\mbam-chameleon-2.0.26.0.zip

2014-06-09 19:07 - 2014-06-09 19:07 - 00001205 _____ () C:\Users\Aspire\Downloads\FixNCR.reg

2014-06-09 08:07 - 2014-06-09 08:07 - 00000974 _____ () C:\Users\Aspire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ComboFix_14_4_30_1.lnk

2014-06-09 08:07 - 2014-06-09 08:07 - 00000974 _____ () C:\Users\Aspire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ComboFix_14_4_30_1 (2).lnk

2014-06-09 07:22 - 2011-06-26 13:45 - 00256000 _____ () C:\Windows\PEV.exe

2014-06-09 07:22 - 2010-11-08 00:20 - 00208896 _____ () C:\Windows\MBR.exe

2014-06-09 07:22 - 2009-04-20 11:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe

2014-06-09 07:22 - 2000-08-31 07:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe

2014-06-09 07:22 - 2000-08-31 07:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe

2014-06-09 07:22 - 2000-08-31 07:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe

2014-06-09 07:22 - 2000-08-31 07:00 - 00098816 _____ () C:\Windows\sed.exe

2014-06-09 07:22 - 2000-08-31 07:00 - 00080412 _____ () C:\Windows\grep.exe

2014-06-09 07:22 - 2000-08-31 07:00 - 00068096 _____ () C:\Windows\zip.exe

2014-06-09 07:21 - 2014-06-09 20:08 - 00000000 ____D () C:\Qoobox

2014-06-09 07:21 - 2014-06-09 19:57 - 00000000 ____D () C:\Windows\erdnt

2014-06-09 07:12 - 2014-06-09 07:18 - 05197895 ____R (Swearware) C:\Users\Aspire\Downloads\ComboFix_14_4_30_1.exe

2014-06-08 17:22 - 2014-06-13 19:10 - 00000000 ____D () C:\Users\Aspire\AppData\Roaming\Wise Disk Cleaner

2014-06-08 17:21 - 2014-06-08 17:21 - 00001208 _____ () C:\Users\Public\Desktop\Wise Disk Cleaner.lnk

2014-06-08 17:21 - 2014-06-08 17:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Disk Cleaner

2014-06-08 17:21 - 2014-06-08 17:21 - 00000000 ____D () C:\Program Files (x86)\Wise

2014-06-08 17:17 - 2014-06-08 17:21 - 02439904 _____ (WiseCleaner.com ) C:\Users\Aspire\Downloads\WDCFree (1).exe

2014-06-08 09:23 - 2014-06-08 09:23 - 00000000 ____D () C:\Users\Aspire\Downloads\mbam-chameleon-3.1.4.0

2014-06-08 09:08 - 2014-06-08 09:09 - 00000000 ____D () C:\Users\Aspire\AppData\Roaming\GetRightToGo

2014-06-08 07:40 - 2014-06-08 07:40 - 00000000 ____D () C:\Users\Aspire\AppData\Roaming\Nico Mak Computing

2014-06-08 07:39 - 2014-06-08 07:40 - 00000000 ____D () C:\ProgramData\Nico Mak Computing

2014-06-08 07:39 - 2013-03-15 17:10 - 00020480 _____ () C:\Windows\system32\wsusnative64.exe

2014-06-06 06:04 - 2014-06-06 06:04 - 00000452 _____ () C:\Users\Aspire\Documents\AER BANKING.txt

2014-06-02 19:56 - 2014-06-06 08:01 - 00000184 _____ () C:\Users\Aspire\Desktop\forum-.url

2014-06-02 06:52 - 2014-06-02 06:52 - 00000085 _____ () C:\Windows\wininit.ini

2014-05-31 16:55 - 2014-06-02 06:54 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2

2014-05-31 16:55 - 2014-06-02 06:52 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy

2014-05-31 16:55 - 2014-05-31 16:55 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking

2014-05-31 12:58 - 2014-05-31 13:06 - 00771306 _____ ( ) C:\Users\Aspire\Downloads\PDF_Creator.exe.mtughlu.partial

2014-05-30 08:06 - 2014-06-11 08:23 - 00002993 _____ () C:\Users\Aspire\Documents\AUSTRALIAN TOURIST VISA EXTRA DETAILS.txt

2014-05-30 06:14 - 2014-05-30 06:14 - 00000549 _____ () C:\Users\Aspire\Documents\PERSONAL DETAILS.txt

2014-05-26 17:28 - 2014-05-26 17:28 - 00000176 _____ () C:\Users\Aspire\Desktop\NSW GREYS.url

2014-05-24 15:06 - 2014-05-24 16:27 - 00000171 _____ () C:\Users\Aspire\Downloads\playlist.m3u8

2014-05-20 15:12 - 2014-05-20 15:12 - 00000291 _____ () C:\Users\Aspire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RECYCLE (2).lnk

2014-05-20 14:03 - 2014-05-20 14:03 - 00000299 _____ () C:\Users\Aspire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MY COMPUTER (2).lnk

2014-05-18 12:19 - 2014-05-18 16:15 - 00000222 _____ () C:\Users\Aspire\Desktop\VIC GREYS.url

2014-05-17 06:46 - 2014-05-31 12:16 - 00703992 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-05-17 06:46 - 2014-05-31 12:16 - 00105464 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-05-16 18:48 - 2014-04-12 16:27 - 00172888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2014-05-16 18:48 - 2014-04-12 16:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe

2014-05-16 18:48 - 2014-04-12 16:09 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll

2014-05-16 18:48 - 2014-04-12 16:09 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll

2014-05-16 18:48 - 2014-04-12 16:09 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2014-05-16 18:48 - 2014-04-12 16:09 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2014-05-16 18:48 - 2014-04-12 16:08 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2014-05-16 18:48 - 2014-04-12 16:08 - 00827904 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2014-05-16 18:48 - 2014-04-12 16:08 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll

2014-05-16 18:48 - 2014-04-12 16:08 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2014-05-16 18:48 - 2014-04-12 16:07 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2014-05-16 18:48 - 2014-04-12 14:23 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll

2014-05-16 18:48 - 2014-04-12 14:23 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll

2014-05-16 18:48 - 2014-04-12 14:23 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2014-05-16 18:48 - 2014-04-12 14:23 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2014-05-16 18:48 - 2014-04-12 14:23 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2014-05-16 18:48 - 2014-04-12 14:22 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2014-05-16 18:48 - 2014-04-12 14:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2014-05-16 18:48 - 2014-04-12 13:58 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\workerdd.dll

2014-05-16 18:48 - 2014-03-11 10:25 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2014-05-16 18:48 - 2014-03-11 07:41 - 00559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll

2014-05-16 18:48 - 2014-03-11 07:41 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2014-05-16 18:48 - 2014-03-11 07:41 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll

2014-05-16 18:48 - 2014-03-11 07:39 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2014-05-16 18:48 - 2014-03-11 07:38 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2014-05-16 18:48 - 2014-03-11 07:38 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll

2014-05-16 18:48 - 2014-03-11 07:38 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2014-05-16 18:48 - 2014-03-11 07:38 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll

2014-05-16 18:48 - 2014-03-11 07:38 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2014-05-16 18:48 - 2014-03-11 07:38 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll

2014-05-16 18:48 - 2014-03-11 07:38 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2014-05-16 18:48 - 2014-03-10 10:05 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

2014-05-16 18:48 - 2014-03-10 08:27 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2014-05-16 18:48 - 2014-03-04 06:07 - 00570216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys

2014-05-16 18:28 - 2014-03-28 15:23 - 19759104 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2014-05-16 18:28 - 2014-03-28 13:18 - 17562112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2014-05-16 18:27 - 2014-03-01 16:47 - 01258496 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2014-05-16 18:27 - 2014-03-01 16:47 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll

2014-05-16 18:27 - 2014-03-01 15:07 - 01075200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll

2014-05-16 18:27 - 2014-03-01 13:59 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll

2014-05-16 18:27 - 2014-02-27 06:18 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys

2014-05-16 18:27 - 2014-02-27 06:18 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys

2014-05-16 18:27 - 2014-02-27 06:18 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys

2014-05-16 18:27 - 2014-02-15 11:15 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys

2014-05-16 18:09 - 2014-03-29 02:19 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys

2014-05-16 18:09 - 2014-03-24 05:11 - 00269592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys

2014-05-16 18:06 - 2014-03-28 15:23 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll

2014-05-16 16:03 - 2014-05-20 10:14 - 00062271 _____ () C:\Users\Aspire\Downloads\Steward's Report - Bendigo, 16 May 2014

2014-05-16 16:03 - 2014-05-16 16:03 - 00062281 _____ () C:\Users\Aspire\Downloads\Steward's Report - Bendigo, 16 May 2014 (1)

==================== One Month Modified Files and Folders =======

2014-06-15 15:42 - 2014-06-15 13:43 - 00036659 _____ () C:\Users\Aspire\Downloads\FRST.txt

2014-06-15 15:42 - 2014-06-09 20:08 - 00000000 ____D () C:\Users\Aspire\AppData\Local\temp

2014-06-15 15:41 - 2014-06-15 13:43 - 00000000 ____D () C:\FRST

2014-06-15 15:40 - 2014-06-15 13:40 - 02081792 _____ (Farbar) C:\Users\Aspire\Downloads\FRST64.exe

2014-06-15 15:40 - 2014-02-28 11:12 - 00003914 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{7D9A4385-7D7A-4C74-B44E-D25F18242854}

2014-06-15 15:32 - 2014-06-11 13:22 - 01021845 _____ () C:\Windows\WindowsUpdate.log

2014-06-15 15:25 - 2012-07-26 14:28 - 00848230 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-06-15 15:22 - 2013-11-19 20:29 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2569229807-465856810-1703829547-1001

2014-06-15 15:19 - 2013-12-03 15:11 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-06-15 15:19 - 2013-12-03 15:11 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-06-15 15:17 - 2012-07-26 14:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-06-15 15:16 - 2014-06-12 18:14 - 00002688 _____ () C:\Windows\PFRO.log

2014-06-15 15:16 - 2012-07-26 12:26 - 00524288 ___SH () C:\Windows\system32\config\BBI

2014-06-15 15:15 - 2014-04-30 06:17 - 00000000 ____D () C:\AdwCleaner

2014-06-15 15:10 - 2014-06-15 15:07 - 01333465 _____ () C:\Users\Aspire\Downloads\AdwCleaner.exe

2014-06-15 15:10 - 2013-12-06 14:24 - 00000000 ____D () C:\ProgramData\MFAData

2014-06-15 15:00 - 2012-07-26 15:12 - 00000000 ____D () C:\Windows\system32\sru

2014-06-15 13:47 - 2014-06-15 13:45 - 00038882 _____ () C:\Users\Aspire\Downloads\Addition.txt

2014-06-15 11:12 - 2014-06-15 10:07 - 00010374 _____ () C:\Users\Aspire\Desktop\avgrep.txt

2014-06-15 09:51 - 2014-06-15 09:51 - 00000241 _____ () C:\Users\Aspire\Desktop\How To Boot Into Safe Mode On Windows 8 (The Easy Way).url

2014-06-15 09:51 - 2014-06-15 09:51 - 00000000 ____D () C:\Windows\pss

2014-06-15 08:34 - 2014-06-15 08:34 - 00000193 _____ () C:\Users\Aspire\Desktop\yahoo answers - Google Search.url

2014-06-15 08:19 - 2014-06-15 08:10 - 00849064 _____ () C:\Users\Aspire\Downloads\tdsskiller.zip

2014-06-15 08:09 - 2014-06-15 08:06 - 02195988 _____ () C:\Users\Aspire\Desktop\tdsskiller-2-8-14-0.zip

2014-06-14 17:36 - 2013-05-21 03:39 - 00065536 _____ () C:\Windows\system32\spu_storage.bin

2014-06-14 10:09 - 2012-07-26 15:12 - 00000000 ____D () C:\Windows\rescache

2014-06-14 09:59 - 2012-07-26 12:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM

2014-06-14 05:06 - 2014-06-13 18:53 - 109501208 _____ (Microsoft Corporation) C:\Users\Aspire\Downloads\msert.exe

2014-06-13 19:10 - 2014-06-08 17:22 - 00000000 ____D () C:\Users\Aspire\AppData\Roaming\Wise Disk Cleaner

2014-06-12 21:27 - 2012-07-26 15:12 - 00000000 ____D () C:\Windows\WinStore

2014-06-12 20:52 - 2012-07-26 14:59 - 00000000 ____D () C:\Windows\CbsTemp

2014-06-12 19:47 - 2014-06-12 19:47 - 00280752 _____ () C:\Windows\Minidump\061214-43087-01.dmp

2014-06-12 19:47 - 2013-12-05 12:37 - 00000000 ____D () C:\Windows\Minidump

2014-06-12 19:46 - 2014-06-12 19:46 - 435089771 _____ () C:\Windows\MEMORY.DMP

2014-06-12 19:45 - 2014-06-12 19:45 - 00016712 _____ () C:\Windows\system32\Drivers\PROCEXP113.SYS

2014-06-12 19:45 - 2014-06-12 19:44 - 00000000 ___SD () C:\32788R22FWJFW

2014-06-12 18:10 - 2013-12-02 17:46 - 00000000 ____D () C:\Windows\system32\MRT

2014-06-12 18:07 - 2013-12-02 17:46 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-06-12 17:57 - 2014-06-12 17:47 - 00886288 _____ (Microsoft Corporation) C:\Users\Aspire\Downloads\mssstool64.exe

2014-06-12 17:52 - 2014-06-12 12:43 - 02898547 _____ (Malwarebytes Corp.) C:\Users\Aspire\Downloads\mbar-1.07.0.1012 (2).exe

2014-06-11 14:00 - 2014-06-11 13:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol

2014-06-11 14:00 - 2014-02-21 13:47 - 00000000 ___RD () C:\Users\Aspire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2014-06-11 13:59 - 2014-06-11 13:54 - 00000000 ____D () C:\ProgramData\InstallMate

2014-06-11 13:54 - 2014-06-11 13:54 - 00000000 ____D () C:\Users\Aspire\AppData\Roaming\WinPatrol

2014-06-11 13:54 - 2014-06-11 13:54 - 00000000 ____D () C:\Program Files (x86)\BillP Studios

2014-06-11 13:53 - 2014-06-11 13:52 - 01064488 _____ (BillP Studios) C:\Users\Aspire\Downloads\wpsetup.exe

2014-06-11 12:43 - 2014-06-11 12:41 - 01676518 _____ (Malwarebytes Corp.) C:\Users\Aspire\Downloads\mbar-1.07.0.1012 (1).exe

2014-06-11 12:29 - 2014-06-11 12:20 - 07807057 _____ (Malwarebytes Corp.) C:\Users\Aspire\Downloads\mbar-1.07.0.1012.exe

2014-06-11 09:20 - 2013-11-20 06:44 - 00000348 _____ () C:\Users\Aspire\Desktop\OUTLOOK.url

2014-06-11 08:23 - 2014-05-30 08:06 - 00002993 _____ () C:\Users\Aspire\Documents\AUSTRALIAN TOURIST VISA EXTRA DETAILS.txt

2014-06-11 07:23 - 2014-06-11 07:23 - 00194823 _____ () C:\Users\Aspire\Documents\MLC Update.oxps

2014-06-11 06:02 - 2014-06-11 06:02 - 00307584 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-06-10 16:12 - 2013-11-29 13:48 - 00000000 ____D () C:\Users\Aspire\AppData\Roaming\HpUpdate

2014-06-10 11:00 - 2014-06-10 11:00 - 00009402 _____ () C:\Users\Aspire\Documents\cc_20140610_110053.reg

2014-06-10 09:08 - 2014-06-10 09:08 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-06-10 09:08 - 2014-06-10 09:08 - 00000000 ____D () C:\Users\Aspire\AppData\Roaming\Malwarebytes

2014-06-10 09:08 - 2014-06-10 09:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

2014-06-10 09:08 - 2014-06-10 09:08 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-06-10 09:08 - 2014-06-10 09:08 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-06-10 08:07 - 2014-06-10 08:04 - 01823074 _____ (Crawler, LLC ) C:\Users\Aspire\Downloads\SpywareTerminatorSetup.exe

2014-06-10 07:16 - 2014-06-10 07:11 - 01940216 _____ (Bleeping Computer, LLC) C:\Users\Aspire\Downloads\rkill.com

2014-06-10 06:58 - 2014-06-10 06:58 - 00000189 _____ () C:\Users\Aspire\Desktop\Malwarebytes Forum.url

2014-06-10 06:24 - 2014-06-10 06:24 - 00000000 ____D () C:\Users\Aspire\Downloads\mbam-chameleon-2.0.26.0 (1)

2014-06-10 06:11 - 2014-06-10 06:11 - 00315392 _____ (Malwarebytes Corporation) C:\Users\Aspire\Downloads\mbam-clean-2.0.2.0 (1).exe

2014-06-10 05:58 - 2014-06-09 19:28 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-06-09 20:10 - 2014-06-09 20:10 - 00018271 _____ () C:\combo fix.txt

2014-06-09 20:08 - 2014-06-09 20:08 - 00018271 _____ () C:\ComboFix.txt

2014-06-09 20:08 - 2014-06-09 20:08 - 00000000 ____D () C:\Users\Public\AppData\Local\temp

2014-06-09 20:08 - 2014-06-09 20:08 - 00000000 ____D () C:\Users\Default\AppData\Local\temp

2014-06-09 20:08 - 2014-06-09 20:08 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp

2014-06-09 20:08 - 2014-06-09 07:21 - 00000000 ____D () C:\Qoobox

2014-06-09 19:59 - 2012-07-26 12:26 - 00000215 _____ () C:\Windows\system.ini

2014-06-09 19:57 - 2014-06-09 07:21 - 00000000 ____D () C:\Windows\erdnt

2014-06-09 19:57 - 2012-07-26 12:26 - 70516736 _____ () C:\Windows\system32\config\software.bak

2014-06-09 19:57 - 2012-07-26 12:26 - 14155776 _____ () C:\Windows\system32\config\system.bak

2014-06-09 19:57 - 2012-07-26 12:26 - 00311296 _____ () C:\Windows\system32\config\default.bak

2014-06-09 19:57 - 2012-07-26 12:26 - 00061440 _____ () C:\Windows\system32\config\sam.bak

2014-06-09 19:57 - 2012-07-26 12:26 - 00024576 _____ () C:\Windows\system32\config\security.bak

2014-06-09 19:25 - 2014-06-09 19:25 - 04793000 _____ () C:\Users\Aspire\Downloads\mbam-chameleon-2.0.26.0.zip

2014-06-09 19:07 - 2014-06-09 19:07 - 00001205 _____ () C:\Users\Aspire\Downloads\FixNCR.reg

2014-06-09 08:22 - 2012-07-26 15:12 - 00000000 ____D () C:\Windows\Help

2014-06-09 08:07 - 2014-06-09 08:07 - 00000974 _____ () C:\Users\Aspire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ComboFix_14_4_30_1.lnk

2014-06-09 08:07 - 2014-06-09 08:07 - 00000974 _____ () C:\Users\Aspire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ComboFix_14_4_30_1 (2).lnk

2014-06-09 07:52 - 2012-07-26 12:37 - 00000000 __RHD () C:\Users\Default

2014-06-09 07:18 - 2014-06-09 07:12 - 05197895 ____R (Swearware) C:\Users\Aspire\Downloads\ComboFix_14_4_30_1.exe

2014-06-08 17:25 - 2013-04-27 12:38 - 00000000 ____D () C:\Windows\Panther

2014-06-08 17:21 - 2014-06-08 17:21 - 00001208 _____ () C:\Users\Public\Desktop\Wise Disk Cleaner.lnk

2014-06-08 17:21 - 2014-06-08 17:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Disk Cleaner

2014-06-08 17:21 - 2014-06-08 17:21 - 00000000 ____D () C:\Program Files (x86)\Wise

2014-06-08 17:21 - 2014-06-08 17:17 - 02439904 _____ (WiseCleaner.com ) C:\Users\Aspire\Downloads\WDCFree (1).exe

2014-06-08 09:23 - 2014-06-08 09:23 - 00000000 ____D () C:\Users\Aspire\Downloads\mbam-chameleon-3.1.4.0

2014-06-08 09:09 - 2014-06-08 09:08 - 00000000 ____D () C:\Users\Aspire\AppData\Roaming\GetRightToGo

2014-06-08 07:40 - 2014-06-08 07:40 - 00000000 ____D () C:\Users\Aspire\AppData\Roaming\Nico Mak Computing

2014-06-08 07:40 - 2014-06-08 07:39 - 00000000 ____D () C:\ProgramData\Nico Mak Computing

2014-06-06 08:01 - 2014-06-02 19:56 - 00000184 _____ () C:\Users\Aspire\Desktop\forum-.url

2014-06-06 06:04 - 2014-06-06 06:04 - 00000452 _____ () C:\Users\Aspire\Documents\AER BANKING.txt

2014-06-02 12:23 - 2012-07-26 15:12 - 00000000 ____D () C:\Windows\AUInstallAgent

2014-06-02 10:15 - 2013-11-19 10:45 - 00000000 ____D () C:\Users\Aspire

2014-06-02 10:14 - 2014-03-29 05:47 - 00000000 ____D () C:\Program Files (x86)\Porn Terminator

2014-06-02 06:54 - 2014-05-31 16:55 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2

2014-06-02 06:52 - 2014-06-02 06:52 - 00000085 _____ () C:\Windows\wininit.ini

2014-06-02 06:52 - 2014-05-31 16:55 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy

2014-06-01 11:28 - 2013-11-29 16:15 - 00000000 ____D () C:\Users\Aspire\AppData\Local\CrashDumps

2014-05-31 16:55 - 2014-05-31 16:55 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking

2014-05-31 13:06 - 2014-05-31 12:58 - 00771306 _____ ( ) C:\Users\Aspire\Downloads\PDF_Creator.exe.mtughlu.partial

2014-05-31 12:16 - 2014-05-17 06:46 - 00703992 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-05-31 12:16 - 2014-05-17 06:46 - 00105464 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-05-30 06:14 - 2014-05-30 06:14 - 00000549 _____ () C:\Users\Aspire\Documents\PERSONAL DETAILS.txt

2014-05-26 17:28 - 2014-05-26 17:28 - 00000176 _____ () C:\Users\Aspire\Desktop\NSW GREYS.url

2014-05-24 16:27 - 2014-05-24 15:06 - 00000171 _____ () C:\Users\Aspire\Downloads\playlist.m3u8

2014-05-24 11:55 - 2014-04-01 12:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2014-05-24 11:55 - 2013-12-06 15:39 - 00000969 _____ () C:\Users\Public\Desktop\AVG 2014.lnk

2014-05-24 09:48 - 2014-06-12 19:23 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-05-24 09:47 - 2014-06-12 19:23 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-05-24 09:47 - 2014-06-12 19:23 - 01366016 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-05-24 09:47 - 2014-06-12 19:23 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll

2014-05-24 09:47 - 2014-06-12 19:23 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll

2014-05-24 09:46 - 2014-06-12 19:23 - 19290112 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-05-24 09:46 - 2014-06-12 19:23 - 15368704 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-05-24 09:46 - 2014-06-12 19:23 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2014-05-24 09:46 - 2014-06-12 19:23 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-05-24 09:46 - 2014-06-12 19:23 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-05-24 09:46 - 2014-06-12 19:23 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2014-05-24 09:46 - 2014-06-12 19:23 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-05-24 09:46 - 2014-06-12 19:23 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-05-24 09:46 - 2014-06-12 19:23 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-05-24 09:46 - 2014-06-12 19:23 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-05-24 09:46 - 2014-06-12 19:22 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-05-24 09:46 - 2014-06-12 19:22 - 02650112 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-05-24 09:45 - 2014-06-12 19:23 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-05-24 09:45 - 2014-06-12 19:23 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-05-24 09:45 - 2014-06-12 19:23 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-05-24 08:26 - 2014-06-12 19:23 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-05-24 08:26 - 2014-06-12 19:23 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-05-24 08:26 - 2014-06-12 19:23 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-05-24 08:26 - 2014-06-12 19:23 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-05-24 08:26 - 2014-06-12 19:23 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll

2014-05-24 08:26 - 2014-06-12 19:22 - 14365696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-05-24 08:26 - 2014-06-12 19:22 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-05-24 08:25 - 2014-06-12 19:23 - 13731328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-05-24 08:25 - 2014-06-12 19:23 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-05-24 08:25 - 2014-06-12 19:23 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-05-24 08:25 - 2014-06-12 19:23 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-05-24 08:25 - 2014-06-12 19:23 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2014-05-24 08:25 - 2014-06-12 19:23 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-05-24 08:25 - 2014-06-12 19:23 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-05-24 08:25 - 2014-06-12 19:23 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-05-24 08:25 - 2014-06-12 19:22 - 02862080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-05-24 08:25 - 2014-06-12 19:22 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-05-24 08:25 - 2014-06-12 19:22 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2014-05-24 08:09 - 2014-06-12 19:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-05-24 08:03 - 2014-06-12 19:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-05-24 05:37 - 2014-06-12 19:23 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll

2014-05-20 15:12 - 2014-05-20 15:12 - 00000291 _____ () C:\Users\Aspire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RECYCLE (2).lnk

2014-05-20 14:42 - 2013-12-09 18:45 - 00000204 _____ () C:\Users\Aspire\Desktop\REAL ESTATE.url

2014-05-20 14:03 - 2014-05-20 14:03 - 00000299 _____ () C:\Users\Aspire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MY COMPUTER (2).lnk

2014-05-20 13:48 - 2014-04-07 10:27 - 00000000 ____D () C:\Program Files\CCleaner

2014-05-20 10:14 - 2014-05-16 16:03 - 00062271 _____ () C:\Users\Aspire\Downloads\Steward's Report - Bendigo, 16 May 2014

2014-05-19 06:08 - 2014-05-14 14:14 - 00000561 _____ () C:\Users\Aspire\Documents\visa and licence.txt

2014-05-18 16:15 - 2014-05-18 12:19 - 00000222 _____ () C:\Users\Aspire\Desktop\VIC GREYS.url

2014-05-17 06:46 - 2014-03-13 05:56 - 00000000 ___RD () C:\Users\Aspire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

2014-05-17 06:46 - 2013-11-19 10:47 - 00000363 _____ () C:\Users\Aspire\Downloads\RecentPlaces.lnk

2014-05-16 20:40 - 2012-07-26 15:12 - 00000000 ___RD () C:\Windows\ToastData

2014-05-16 20:40 - 2012-07-26 15:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2014-05-16 20:40 - 2012-07-26 15:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2014-05-16 20:40 - 2012-07-26 15:12 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates

2014-05-16 20:40 - 2012-07-26 15:12 - 00000000 ____D () C:\Program Files\Windows Defender

2014-05-16 20:40 - 2012-07-26 15:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender

2014-05-16 16:03 - 2014-05-16 16:03 - 00062281 _____ () C:\Users\Aspire\Downloads\Steward's Report - Bendigo, 16 May 2014 (1)

Some content of TEMP:

====================

C:\Users\Aspire\AppData\Local\temp\Quarantine.exe

C:\Users\Aspire\AppData\Local\temp\stn_515_TH.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

==================== BCD ================================

Firmware Boot Manager

---------------------

identifier {fwbootmgr}

displayorder {bootmgr}

{6bd2d5ce-c1a3-11e2-9dfb-206a8a5bcb22}

{6bd2d5cf-c1a3-11e2-9dfb-206a8a5bcb22}

{6bd2d5d0-c1a3-11e2-9dfb-206a8a5bcb22}

timeout 2

Windows Boot Manager

--------------------

identifier {bootmgr}

device partition=\Device\HarddiskVolume2

path \EFI\Microsoft\Boot\bootmgfw.efi

description Windows Boot Manager

locale en-US

inherit {globalsettings}

integrityservices Enable

default {current}

resumeobject {6bd2d5d7-c1a3-11e2-9dfb-206a8a5bcb22}

displayorder {current}

toolsdisplayorder {memdiag}

timeout 30

Firmware Application (101fffff)

-------------------------------

identifier {6bd2d5ce-c1a3-11e2-9dfb-206a8a5bcb22}

description EFI USB Device

Firmware Application (101fffff)

-------------------------------

identifier {6bd2d5cf-c1a3-11e2-9dfb-206a8a5bcb22}

description EFI DVD/CDROM

Firmware Application (101fffff)

-------------------------------

identifier {6bd2d5d0-c1a3-11e2-9dfb-206a8a5bcb22}

description EFI Network

Windows Boot Loader

-------------------

identifier {6bd2d5d5-c1a3-11e2-9dfb-206a8a5bcb22}

device ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{6bd2d5d6-c1a3-11e2-9dfb-206a8a5bcb22}

path \windows\system32\winload.efi

description Windows Recovery Environment

locale en-us

inherit {bootloadersettings}

displaymessage Recovery

osdevice ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{6bd2d5d6-c1a3-11e2-9dfb-206a8a5bcb22}

systemroot \windows

nx OptIn

bootmenupolicy Standard

winpe Yes

Windows Boot Loader

-------------------

identifier {current}

device partition=C:

path \Windows\system32\winload.efi

description Windows 8

locale en-US

inherit {bootloadersettings}

recoverysequence {6bd2d5d5-c1a3-11e2-9dfb-206a8a5bcb22}

integrityservices Enable

recoveryenabled Yes

isolatedcontext Yes

allowedinmemorysettings 0x15000075

osdevice partition=C:

systemroot \Windows

resumeobject {6bd2d5d7-c1a3-11e2-9dfb-206a8a5bcb22}

nx OptIn

bootmenupolicy Standard

detecthal Yes

Resume from Hibernate

---------------------

identifier {6bd2d5d7-c1a3-11e2-9dfb-206a8a5bcb22}

device partition=C:

path \Windows\system32\winresume.efi

description Windows Resume Application

locale en-US

inherit {resumeloadersettings}

recoverysequence {6bd2d5d5-c1a3-11e2-9dfb-206a8a5bcb22}

recoveryenabled Yes

isolatedcontext Yes

allowedinmemorysettings 0x15000075

filedevice partition=C:

filepath \hiberfil.sys

bootmenupolicy Standard

debugoptionenabled No

Windows Memory Tester

---------------------

identifier {memdiag}

device partition=\Device\HarddiskVolume2

path \EFI\Microsoft\Boot\memtest.efi

description Windows Memory Diagnostic

locale en-US

inherit {globalsettings}

badmemoryaccess Yes

EMS Settings

------------

identifier {emssettings}

bootems No

Debugger Settings

-----------------

identifier {dbgsettings}

debugtype Serial

debugport 1

baudrate 115200

RAM Defects

-----------

identifier {badmemory}

Global Settings

---------------

identifier {globalsettings}

inherit {dbgsettings}

{emssettings}

{badmemory}

Boot Loader Settings

--------------------

identifier {bootloadersettings}

inherit {globalsettings}

{hypervisorsettings}

Hypervisor Settings

-------------------

identifier {hypervisorsettings}

hypervisordebugtype Serial

hypervisordebugport 1

hypervisorbaudrate 115200

Resume Loader Settings

----------------------

identifier {resumeloadersettings}

inherit {globalsettings}

Device options

--------------

identifier {6bd2d5d6-c1a3-11e2-9dfb-206a8a5bcb22}

description Windows Recovery

ramdisksdidevice partition=\Device\HarddiskVolume1

ramdisksdipath \Recovery\WindowsRE\boot.sdi

LastRegBack: 2014-06-09 06:42

==================== End Of Log ============================

Link to post
Share on other sites

Can I also see the second log from FRST "Addition.txt" it will also be saved in this folder "C:\FRST\Logs"

 

Also I can see several major scan tools have been run on your system, are you receiving helps elsewhere?

 

Post the log produced by Combofix, C:\ComboFix.txt

 

Kevin...

Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-06-2014 02

Ran by Aspire at 2014-06-15 15:44:17

Running from C:\Users\Aspire\Downloads

=======================================================

==================== Security Center ========================

AV: AVG Internet Security 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: AVG Internet Security 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

FW: AVG Internet Security 2014 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}

==================== Installed Programs ======================

clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden

clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden

Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.3003 - Acer Incorporated)

Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3013 - Acer Incorporated)

Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)

AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)

AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2021 - Acer Incorporated)

Aircard Connection (HKLM-x32\...\Aircard Connection) (Version: 23.009.09.00.935 - Wireless Device Supply Co., LTD.)

AMD Accelerated Video Transcoding (Version: 12.10.100.30322 - Advanced Micro Devices, Inc.) Hidden

AMD Catalyst Install Manager (HKLM\...\{DC22DA79-9D24-68F6-E801-A59CFBCDC41D}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)

AMD VISION Engine Control Center (x32 Version: 2013.0322.413.5642 - Advanced Micro Devices, Inc.) Hidden

AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4592 - AVG Technologies)

AVG 2014 (Version: 14.0.3964 - AVG Technologies) Hidden

AVG 2014 (Version: 14.0.4592 - AVG Technologies) Hidden

AVG PC TuneUp 2014 (en-US) (x32 Version: 14.0.1001.423 - AVG) Hidden

AVG PC TuneUp 2014 (HKLM-x32\...\AVG PC TuneUp) (Version: 14.0.1001.423 - AVG)

AVG PC TuneUp 2014 (x32 Version: 14.0.1001.423 - AVG) Hidden

Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0322.413.5642 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center InstallProxy (x32 Version: 2013.0322.413.5642 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Localization All (x32 Version: 2013.0322.413.5642 - Advanced Micro Devices, Inc.) Hidden

CCC Help Chinese Standard (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden

CCC Help Chinese Traditional (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden

CCC Help Czech (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden

CCC Help Danish (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden

CCC Help Dutch (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden

CCC Help English (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden

CCC Help Finnish (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden

CCC Help French (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden

CCC Help German (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden

CCC Help Greek (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden

CCC Help Hungarian (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden

CCC Help Italian (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden

CCC Help Japanese (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden

CCC Help Korean (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden

CCC Help Norwegian (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden

CCC Help Polish (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden

CCC Help Portuguese (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden

CCC Help Russian (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden

CCC Help Spanish (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden

CCC Help Swedish (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden

CCC Help Thai (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden

CCC Help Turkish (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden

ccc-utility64 (Version: 2013.0322.413.5642 - Advanced Micro Devices, Inc.) Hidden

CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)

clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.2012 - Acer Incorporated)

clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.2016 - Acer Incorporated)

ETDWare PS/2-X64 11.6.22.201_WHQL (HKLM\...\Elantech) (Version: 11.6.22.201 - ELAN Microelectronic Corp.)

Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden

HP Deskjet 1050 J410 series Basic Device Software (HKLM\...\{F294770E-F869-400F-81C3-614B5F13CA54}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)

HP Deskjet 1050 J410 series Help (HKLM-x32\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard)

HP Deskjet 1050 J410 series Product Improvement Study (HKLM\...\{D638A23C-5C5F-4B71-A354-EC78B2BDD320}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)

HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)

HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)

Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated)

Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated)

Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)

Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden

Nero BackItUp (x32 Version: 12.5.5000 - Nero AG) Hidden

Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)

Nero BackItUp Help (CHM) (x32 Version: 12.0.10000 - Nero AG) Hidden

Nero ControlCenter (x32 Version: 11.0.15600 - Nero AG) Hidden

Nero ControlCenter Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden

Nero Core Components (x32 Version: 11.0.20200 - Nero AG) Hidden

Nero Launcher (x32 Version: 12.2.7000 - Nero AG) Hidden

Nero RescueAgent (x32 Version: 12.0.3001 - Nero AG) Hidden

Nero RescueAgent Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden

Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden

OEM Application Profile (HKLM-x32\...\{C89A97B6-F991-EBB5-77B7-927BCF420EBE}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)

Popup-Ad-Shield (HKLM-x32\...\ST6UNST #1) (Version: - )

Porn Terminator (HKLM-x32\...\{6180CB20-64F9-4148-BFD6-4012D04D15B6}) (Version: 3.0.0 - )

Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden

Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.224 - Qualcomm Atheros Communications)

Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.49 - Qualcomm Atheros)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6865 - Realtek Semiconductor Corp.)

Realtek USB Ethernet Controller Driver (HKLM-x32\...\{D2B61BE0-B18B-4091-81B4-F234F4C30DFD}) (Version: 8.7.227.2013 - Realtek)

Recuva (HKLM\...\Recuva) (Version: 1.50 - Piriform)

Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)

Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)

Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden

Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)

Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)

Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)

Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden

Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)

WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden

WinPatrol (HKLM\...\{84481A87-2316-4923-8FAB-3BA8CA29323D}) (Version: 31.0.2014.0 - BillP Studios)

Wise Disk Cleaner 8.11 (HKLM-x32\...\Wise Disk Cleaner_is1) (Version: 8.11 - WiseCleaner.com, Inc.)

Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)

Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )

Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - Yahoo! Inc.)

==================== Restore Points =========================

09-06-2014 01:21:09 Created by Wise Disk Cleaner

12-06-2014 11:06:24 Windows Update

==================== Hosts content: ==========================

2012-07-26 12:26 - 2014-06-09 19:59 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {001770EE-7B98-4B67-9F8B-AB9BC3025A60} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2014-04-15] (AVG)

Task: {1439A7AE-5B75-4D7E-8C17-F73CE031DDD0} - \SomotoUpdateCheckerAutoStart No Task File <==== ATTENTION

Task: {181BBBAA-8DFF-412F-8715-5D53FB33F984} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)

Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask

Task: {238F3CB6-6186-4948-90E7-433DF84DAE8E} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-03-15] (Acer Incorporate)

Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList

Task: {42F4F808-9F0D-4236-BF9B-6D891BA34188} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-03-16] (Acer Incorporated)

Task: {4E2FC917-65B9-4F9C-935D-187C8282581C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-06-12] (Microsoft Corporation)

Task: {5B0B5478-FA74-4121-BE7C-C09C4236FBA7} - System32\Tasks\HP online update program => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28] (Hewlett-Packard)

Task: {6307CD76-19D1-42A8-A66E-2C5835FA3D11} - System32\Tasks\{2B469948-9917-4A71-AF93-06DFC574D195} => Iexplore.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=6.10.0.104&LastError=12002

Task: {9D433B54-A9C0-44A0-8E0D-3404E27DE2CA} - System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)

Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing

Task: {C2905E80-E226-4AE4-BCD4-094FCB17AD84} - System32\Tasks\{C959F489-0D4F-4137-B459-586939B1537A} => Iexplore.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=6.10.0.104&LastError=12007

Task: {C68DF3D3-2F70-48A0-9BF8-834EDBE3CB1C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-03] (Google Inc.)

Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState

Task: {DCB3BB61-5DAA-40DC-8EDB-FDBC8F9456CC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-03] (Google Inc.)

Task: {E17A3F4B-D5F1-42D0-8278-71D30EA35D5D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)

Task: {E5C36A0F-DE9D-4834-8232-A2D0155F4FDD} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()

Task: {E614A083-9048-4378-A728-CB40005D72FA} - \BackgroundContainer Startup Task No Task File <==== ATTENTION

Task: {E87583E8-6A10-4473-8295-0FB1AC466704} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()

Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask

Task: {EF440F96-6DE0-481A-B849-EFA51D5A086C} - System32\Tasks\{C5907A2C-3AB2-4314-B8E8-C8EE1896CE56} => Iexplore.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=6.11.0.102&LastError=12002

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-11-19 21:02 - 2012-11-12 12:59 - 00657504 _____ () C:\ProgramData\Aircard Connection\OnlineUpdate\ouc.exe

2011-03-14 22:27 - 2011-03-14 22:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe

2014-04-15 21:23 - 2014-04-15 21:23 - 00675640 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\avgrepliba.dll

2013-05-21 04:22 - 2013-02-21 12:58 - 00111176 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll

2013-11-19 20:59 - 2013-11-19 21:01 - 00516096 _____ () C:\Program Files (x86)\Aircard Connection\Aircard Connection.exe

2013-11-19 20:59 - 2012-11-23 15:40 - 00605696 _____ () C:\Program Files (x86)\Aircard Connection\eap\wifimansvc.exe

2013-11-19 19:47 - 2012-11-12 12:59 - 01546848 _____ () C:\ProgramData\Aircard Connection\OnlineUpdate\LiveUpd.exe

2013-11-19 21:03 - 2009-01-11 01:32 - 00011362 _____ () C:\ProgramData\Aircard Connection\OnlineUpdate\mingwm10.dll

2013-11-19 21:03 - 2009-06-23 09:42 - 00043008 _____ () C:\ProgramData\Aircard Connection\OnlineUpdate\libgcc_s_dw2-1.dll

2013-11-19 21:03 - 2012-10-31 16:11 - 02417152 _____ () C:\ProgramData\Aircard Connection\OnlineUpdate\QtCore4.dll

2013-11-19 21:03 - 2012-10-31 16:14 - 01148416 _____ () C:\ProgramData\Aircard Connection\OnlineUpdate\QtNetwork4.dll

2013-11-19 21:03 - 2012-11-12 10:48 - 00843264 _____ () C:\ProgramData\Aircard Connection\OnlineUpdate\QueryStrategy.dll

2013-11-19 21:03 - 2012-10-31 16:11 - 00398336 _____ () C:\ProgramData\Aircard Connection\OnlineUpdate\QtXml4.dll

2013-11-19 20:58 - 2013-01-11 21:59 - 00596480 _____ () C:\Program Files (x86)\Aircard Connection\core.dll

2013-11-19 20:59 - 2012-11-23 13:13 - 00288256 _____ () C:\Program Files (x86)\Aircard Connection\sdk.dll

2013-11-19 21:01 - 2012-10-31 16:11 - 02417152 _____ () C:\Program Files (x86)\Aircard Connection\QtCore4.dll

2013-11-19 21:01 - 2012-10-31 16:33 - 09562624 _____ () C:\Program Files (x86)\Aircard Connection\QtGui4.dll

2013-11-19 21:01 - 2009-01-11 01:32 - 00011362 _____ () C:\Program Files (x86)\Aircard Connection\mingwm10.dll

2013-11-19 21:01 - 2009-06-23 09:42 - 00043008 _____ () C:\Program Files (x86)\Aircard Connection\libgcc_s_dw2-1.dll

2013-11-19 20:59 - 2012-11-23 13:12 - 00407040 _____ () C:\Program Files (x86)\Aircard Connection\Proxy.DLL

2013-11-19 20:58 - 2012-11-23 13:12 - 00628224 _____ () C:\Program Files (x86)\Aircard Connection\Common.dll

2013-11-19 20:59 - 2012-11-23 13:12 - 00158208 _____ () C:\Program Files (x86)\Aircard Connection\Trace.dll

2013-11-19 20:59 - 2012-11-23 13:13 - 00583168 _____ () C:\Program Files (x86)\Aircard Connection\PluginContainer.dll

2013-11-19 20:58 - 2012-11-23 13:13 - 00646144 _____ () C:\Program Files (x86)\Aircard Connection\AtCodec.dll

2013-11-19 20:58 - 2013-01-15 17:42 - 00729088 _____ () C:\Program Files (x86)\Aircard Connection\DeviceSrvPlugin.dll

2013-11-19 20:59 - 2012-11-23 13:13 - 00195584 _____ () C:\Program Files (x86)\Aircard Connection\XCodec.dll

2013-11-19 20:59 - 2012-11-23 13:13 - 00247296 _____ () C:\Program Files (x86)\Aircard Connection\NetSrvPlugin.dll

2013-11-19 20:59 - 2012-11-23 13:13 - 00166400 _____ () C:\Program Files (x86)\Aircard Connection\OSDialup.dll

2013-11-19 20:58 - 2012-11-23 13:12 - 00155136 _____ () C:\Program Files (x86)\Aircard Connection\DataServicePlugin.dll

2013-11-19 20:58 - 2012-11-23 13:13 - 00177152 _____ () C:\Program Files (x86)\Aircard Connection\CallSrvPlugin.dll

2013-11-19 20:58 - 2012-11-23 13:13 - 00672768 _____ () C:\Program Files (x86)\Aircard Connection\AddrBookSrvPlugin.dll

2013-11-19 20:59 - 2012-11-23 13:13 - 00219648 _____ () C:\Program Files (x86)\Aircard Connection\SmsSrvPlugin.dll

2013-11-19 20:59 - 2012-11-23 13:13 - 00142336 _____ () C:\Program Files (x86)\Aircard Connection\USSDSrvPlugin.dll

2013-11-19 20:59 - 2012-11-23 13:13 - 00157184 _____ () C:\Program Files (x86)\Aircard Connection\STKSrvPlugin.dll

2013-11-19 20:58 - 2013-01-15 17:42 - 00730624 _____ () C:\Program Files (x86)\Aircard Connection\DeviceAppPlugin.dll

2013-11-19 20:59 - 2012-11-23 13:13 - 00065536 _____ () C:\Program Files (x86)\Aircard Connection\OSPowerMgr.dll

2013-11-19 20:59 - 2012-06-06 08:22 - 00155648 _____ () C:\Program Files (x86)\Aircard Connection\Win7Support.dll

2013-11-19 20:58 - 2012-11-23 13:13 - 01124352 _____ () C:\Program Files (x86)\Aircard Connection\AddrBookPlugin.dll

2013-11-19 20:59 - 2012-11-23 13:13 - 00704000 _____ () C:\Program Files (x86)\Aircard Connection\SmsAppPlugin.dll

2013-11-19 20:58 - 2012-11-23 13:13 - 00187392 _____ () C:\Program Files (x86)\Aircard Connection\CallAppPlugin.dll

2013-11-19 20:58 - 2012-11-23 13:13 - 00569344 _____ () C:\Program Files (x86)\Aircard Connection\CallLogSrvPlugin.dll

2013-11-19 20:59 - 2012-11-23 13:12 - 00158720 _____ () C:\Program Files (x86)\Aircard Connection\NetConnectSrvPlugin.dll

2013-11-19 20:58 - 2012-11-23 13:13 - 00236032 _____ () C:\Program Files (x86)\Aircard Connection\DialUpPlugin.dll

2013-11-19 20:59 - 2012-11-23 13:13 - 00102400 _____ () C:\Program Files (x86)\Aircard Connection\OSAdapt.dll

2013-11-19 20:59 - 2012-11-23 15:43 - 00851968 _____ () C:\Program Files (x86)\Aircard Connection\WLANPlugin.dll

2013-11-19 20:59 - 2012-11-23 15:43 - 00207360 _____ () C:\Program Files (x86)\Aircard Connection\WiFiMan.dll

2013-11-19 20:59 - 2012-11-23 13:13 - 00201216 _____ () C:\Program Files (x86)\Aircard Connection\NDISPlugin.dll

2013-11-19 20:59 - 2012-11-23 13:13 - 00131584 _____ () C:\Program Files (x86)\Aircard Connection\OSNDIS.dll

2013-11-19 20:59 - 2012-07-27 13:53 - 01114112 _____ () C:\Program Files (x86)\Aircard Connection\NDISAPI.dll

2013-11-19 20:59 - 2012-11-23 13:13 - 00702464 _____ () C:\Program Files (x86)\Aircard Connection\NetInfoSrvPlugin.dll

2013-11-19 20:59 - 2012-11-23 13:13 - 00062976 _____ () C:\Program Files (x86)\Aircard Connection\OSCall.dll

2013-11-19 20:59 - 2012-06-06 08:22 - 00224256 _____ () C:\Program Files (x86)\Aircard Connection\tdpcvoice.dll

2013-11-19 20:58 - 2012-11-23 13:14 - 00581120 _____ () C:\Program Files (x86)\Aircard Connection\DeviceMgrUIPlugin.dll

2013-11-19 21:01 - 2012-10-31 16:11 - 00398336 _____ () C:\Program Files (x86)\Aircard Connection\QtXml4.dll

2013-11-19 20:59 - 2012-11-23 13:14 - 00270848 _____ () C:\Program Files (x86)\Aircard Connection\XFramePlugin.dll

2013-11-19 20:58 - 2012-11-23 13:13 - 00168960 _____ () C:\Program Files (x86)\Aircard Connection\ATR2SMgr.dll

2013-11-19 20:59 - 2012-11-23 13:13 - 00323584 _____ () C:\Program Files (x86)\Aircard Connection\StatusBarMgrPlugin.dll

2013-11-19 20:59 - 2012-11-23 13:14 - 00391168 _____ () C:\Program Files (x86)\Aircard Connection\NetConnectPlugin.dll

2013-11-19 20:58 - 2013-01-18 14:36 - 00604160 _____ () C:\Program Files (x86)\Aircard Connection\DialupUIPlugin.dll

2013-11-19 20:59 - 2013-01-11 20:10 - 00646144 _____ () C:\Program Files (x86)\Aircard Connection\WLANUIPlugin.dll

2013-11-19 21:01 - 2012-10-31 16:14 - 01148416 _____ () C:\Program Files (x86)\Aircard Connection\QtNetwork4.dll

2013-11-19 20:59 - 2013-01-11 20:10 - 00195584 _____ () C:\Program Files (x86)\Aircard Connection\PriorityPlugin.dll

2013-11-19 20:59 - 2012-11-23 13:13 - 00097792 _____ () C:\Program Files (x86)\Aircard Connection\NotifyServicePlugin.dll

2013-11-19 20:59 - 2012-11-23 13:14 - 00117248 _____ () C:\Program Files (x86)\Aircard Connection\LayoutPlugin.dll

2013-11-19 20:59 - 2012-11-23 13:14 - 00330752 _____ () C:\Program Files (x86)\Aircard Connection\MenuMgrPlugin.dll

2013-11-19 20:59 - 2013-01-11 19:51 - 00513024 _____ () C:\Program Files (x86)\Aircard Connection\USSDUIPlugin.dll

2013-11-19 20:58 - 2012-11-23 13:14 - 00302592 _____ () C:\Program Files (x86)\Aircard Connection\DiagnosisPlugin.dll

2013-11-19 20:59 - 2012-11-23 13:14 - 00493568 _____ () C:\Program Files (x86)\Aircard Connection\NetInfoUIExPlugin.dll

2013-11-19 20:59 - 2013-01-11 19:51 - 00854528 _____ () C:\Program Files (x86)\Aircard Connection\SMSUIPlugin.dll

2013-11-19 20:58 - 2012-11-23 13:13 - 00818688 _____ () C:\Program Files (x86)\Aircard Connection\AddrBookUIPlugin.dll

2013-11-19 20:59 - 2013-01-11 19:51 - 00222208 _____ () C:\Program Files (x86)\Aircard Connection\ToolBarMgrPlugin.dll

2013-11-19 20:59 - 2012-11-12 10:48 - 00694272 _____ () C:\Program Files (x86)\Aircard Connection\LiveUpdateInterface.DLL

2013-11-19 21:00 - 2012-11-01 19:10 - 00082944 _____ () C:\Program Files (x86)\Aircard Connection\plugins\imageformats\qgif4.dll

2013-11-19 21:00 - 2012-11-01 19:10 - 00081920 _____ () C:\Program Files (x86)\Aircard Connection\plugins\imageformats\qico4.dll

2013-11-19 21:00 - 2012-11-01 19:10 - 00192000 _____ () C:\Program Files (x86)\Aircard Connection\plugins\imageformats\qjpeg4.dll

2013-11-19 21:00 - 2012-11-01 19:10 - 00350720 _____ () C:\Program Files (x86)\Aircard Connection\plugins\imageformats\qmng4.dll

2013-11-19 21:00 - 2012-11-01 19:10 - 00370176 _____ () C:\Program Files (x86)\Aircard Connection\plugins\imageformats\qtiff4.dll

2013-11-19 21:03 - 2012-10-31 16:33 - 09562624 _____ () C:\ProgramData\Aircard Connection\OnlineUpdate\QtGui4.dll

2013-11-19 19:47 - 2012-11-01 19:10 - 00082944 _____ () C:\ProgramData\Aircard Connection\OnlineUpdate\plugins\imageformats\qgif4.dll

2013-11-19 19:47 - 2012-11-01 19:10 - 00081920 _____ () C:\ProgramData\Aircard Connection\OnlineUpdate\plugins\imageformats\qico4.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============

==================== MSCONFIG/TASK MANAGER disabled items =========

HKLM\...\StartupApproved\Run32: => "HP Software Update"

==================== Faulty Device Manager Devices =============

Name: Bluetooth USB Adapter

Description: Bluetooth USB Adapter

Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}

Manufacturer: Qualcomm Atheros Communications

Service: BTHUSB

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:

==================

Error: (06/15/2014 09:38:35 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Acer)

Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (06/15/2014 09:38:35 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program LiveComm.exe version 17.0.1119.516 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: fd4

Start Time: 01cf883f027b2ff1

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: 22d3eb6e-f436-11e3-80b1-81aa3a602ea7

Faulting package full name: microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe

Faulting package-relative application ID: Microsoft.WindowsLive.Mail

Error: (06/15/2014 09:38:28 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Acer)

Description: App microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail did not launch within its allotted time.

Error: (06/15/2014 09:04:45 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program wwahost.exe version 6.2.9200.16420 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 3dc

Start Time: 01cf882f67caa48b

Termination Time: 4294967295

Application Path: C:\Windows\system32\wwahost.exe

Report Id: 632f0ed4-f431-11e3-80b1-81aa3a602ea7

Faulting package full name: microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe

Faulting package-relative application ID: Microsoft.WindowsLive.Mail

Error: (06/15/2014 09:04:28 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Acer)

Description: Package microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe was terminated because it took too long to suspend.

Error: (06/15/2014 08:04:28 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (06/15/2014 08:04:08 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (06/14/2014 01:39:38 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program IEXPLORE.EXE version 10.0.9200.16921 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: ed8

Start Time: 01cf879b0801a028

Termination Time: 90

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: 9166a4a5-f38e-11e3-80af-d23f3a98e680

Faulting package full name:

Faulting package-relative application ID:

Error: (06/14/2014 00:45:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Acer)

Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (06/14/2014 00:45:37 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program LiveComm.exe version 17.0.1119.516 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: dfc

Start Time: 01cf878f84a30ede

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: 1617cd68-f387-11e3-80af-d23f3a98e680

Faulting package full name: microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe

Faulting package-relative application ID: Microsoft.WindowsLive.Mail

System errors:

=============

Error: (06/15/2014 03:20:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The HP Network Devices Support service terminated with the following error:

%%126

Error: (06/15/2014 03:18:47 PM) (Source: DCOM) (EventID: 10005) (User: Acer)

Description: 1053WSearchUnavailable{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (06/15/2014 03:18:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Windows Search service failed to start due to the following error:

%%1053

Error: (06/15/2014 03:18:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

Error: (06/15/2014 03:17:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Aircard Connection. OUC service failed to start due to the following error:

%%1053

Error: (06/15/2014 03:17:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Aircard Connection. OUC service to connect.

Error: (06/15/2014 00:51:46 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The HP Network Devices Support service terminated with the following error:

%%126

Error: (06/15/2014 00:48:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Aircard Connection. OUC service failed to start due to the following error:

%%1053

Error: (06/15/2014 00:48:05 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Aircard Connection. OUC service to connect.

Error: (06/15/2014 00:45:44 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)

Description: 1084WSearchUnavailable{9E175B68-F52A-11D8-B9A5-505054503030}

Microsoft Office Sessions:

=========================

Error: (06/15/2014 09:38:35 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Acer)

Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2144927142

Error: (06/15/2014 09:38:35 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: LiveComm.exe17.0.1119.516fd401cf883f027b2ff14294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe22d3eb6e-f436-11e3-80b1-81aa3a602ea7microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbweMicrosoft.WindowsLive.Mail

Error: (06/15/2014 09:38:28 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Acer)

Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail

Error: (06/15/2014 09:04:45 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: wwahost.exe6.2.9200.164203dc01cf882f67caa48b4294967295C:\Windows\system32\wwahost.exe632f0ed4-f431-11e3-80b1-81aa3a602ea7microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbweMicrosoft.WindowsLive.Mail

Error: (06/15/2014 09:04:28 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Acer)

Description: microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe

Error: (06/15/2014 08:04:28 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\Aspire\Downloads\SoftonicDownloader_for_kaspersky-tdsskiller.exe

Error: (06/15/2014 08:04:08 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\Aspire\Downloads\SoftonicDownloader_for_kaspersky-tdsskiller.exe

Error: (06/14/2014 01:39:38 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: IEXPLORE.EXE10.0.9200.16921ed801cf879b0801a02890C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE9166a4a5-f38e-11e3-80af-d23f3a98e680

Error: (06/14/2014 00:45:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Acer)

Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2144927142

Error: (06/14/2014 00:45:37 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: LiveComm.exe17.0.1119.516dfc01cf878f84a30ede4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe1617cd68-f387-11e3-80af-d23f3a98e680microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbweMicrosoft.WindowsLive.Mail

CodeIntegrity Errors:

===================================

Date: 2014-06-09 07:38:43.144

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix_14_4_30_1\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Link to post
Share on other sites

Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into.

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST and press the Fix button just once and wait.

The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

 

Next,

 

Right click on RogueKiller select "Rename" change the name from roguekiller.exe to iexplore.exe See if it will run now....

 

Kevin

fixlist.txt

Link to post
Share on other sites

Start
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-09-24] (McAfee, Inc.)
C:\Windows\system32\mfevtps.exe
R1 BprotectEx; C:\Windows\System32\drivers\BprotectEx.sys [83264 2014-01-09] (Baidu, Inc.)
C:\Windows\System32\drivers\BprotectEx.sys
S3 mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [179664 2013-09-24] (McAfee, Inc.)
C:\Windows\system32\drivers\mfeapfk.sys
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [781312 2013-09-24] (McAfee, Inc.)
C:\Windows\System32\drivers\mfehidk.sys
C:\Users\Aspire\AppData\Local\temp\Quarantine.exe
C:\Users\Aspire\AppData\Local\temp\stn_515_TH.exe
End

Link to post
Share on other sites

  • 3 weeks later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.