Thanks! Sorry about starting this thread in the wrong area. Junkware could not get past checking firefox on all three tries. Here are the rest.
OTL report
OTL logfile created on: 10/28/2015 1:46:29 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mitchell\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18053)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.44 Gb Total Physical Memory | 1.80 Gb Available Physical Memory | 52.24% Memory free
6.94 Gb Paging File | 4.91 Gb Available in Paging File | 70.72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 449.08 Gb Total Space | 245.45 Gb Free Space | 54.66% Space Free | Partition Type: NTFS
Drive D: | 15.20 Gb Total Space | 1.89 Gb Free Space | 12.41% Space Free | Partition Type: NTFS
Computer Name: THOMAS | User Name: Mitchell | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - File not found
PRC - C:\Users\Mitchell\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe (IObit)
PRC - C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe (Ventis Media Inc.)
PRC - C:\Windows\SysWOW64\WerFault.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe (DT Soft Ltd)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\DAEMON Tools Pro\BRD.dll ()
MOD - C:\Program Files (x86)\MediaMonkey\UPnP.dll ()
MOD - C:\Program Files (x86)\MediaMonkey\Plugins\in_wma.dll ()
MOD - C:\Program Files (x86)\MediaMonkey\Plugins\f_wave.dll ()
MOD - C:\Program Files (x86)\MediaMonkey\Plugins\in_vorbis.dll ()
MOD - C:\Program Files (x86)\MediaMonkey\Plugins\f_ogg.dll ()
MOD - C:\Program Files (x86)\MediaMonkey\Plugins\f_mpc.dll ()
MOD - C:\Program Files (x86)\MediaMonkey\Plugins\f_ape.dll ()
MOD - C:\Program Files (x86)\MediaMonkey\Plugins\d_iRiverH.dll ()
MOD - C:\Program Files (x86)\MediaMonkey\Plugins\out_WASAPI.dll ()
MOD - C:\Program Files (x86)\MediaMonkey\Plugins\out_MMDS.dll ()
MOD - C:\Program Files (x86)\MediaMonkey\Plugins\in_wmp3.dll ()
MOD - C:\Program Files (x86)\MediaMonkey\Plugins\in_wav.dll ()
MOD - C:\Program Files (x86)\MediaMonkey\Plugins\in_mfaudio.dll ()
MOD - C:\Program Files (x86)\MediaMonkey\Plugins\f_MP4.dll ()
MOD - C:\Program Files (x86)\MediaMonkey\Plugins\f_mkv.dll ()
MOD - C:\Program Files (x86)\MediaMonkey\Plugins\f_MPG.dll ()
MOD - C:\Program Files (x86)\MediaMonkey\Plugins\f_flac_codec.dll ()
MOD - C:\Program Files (x86)\MediaMonkey\Plugins\f_FLV.dll ()
MOD - C:\Program Files (x86)\MediaMonkey\Plugins\f_video.dll ()
MOD - C:\Program Files (x86)\MediaMonkey\Plugins\d_iPhone.dll ()
MOD - C:\Program Files (x86)\MediaMonkey\Plugins\d_iPod.dll ()
MOD - C:\Program Files (x86)\MediaMonkey\Plugins\d_WMDM.dll ()
MOD - C:\Program Files (x86)\MediaMonkey\Plugins\f_aac.dll ()
MOD - C:\Program Files (x86)\MediaMonkey\Plugins\f_AVI.dll ()
MOD - C:\Program Files (x86)\MediaMonkey\Plugins\f_flac.dll ()
MOD - C:\Program Files (x86)\MediaMonkey\WMAuth.dll ()
MOD - C:\Program Files (x86)\MediaMonkey\MMHelper.dll ()
MOD - C:\Program Files (x86)\MediaMonkey\Equalize.dll ()
MOD - C:\Program Files (x86)\MediaMonkey\iPhoneCalc.dll ()
MOD - C:\Program Files (x86)\MediaMonkey\Plugins\f_WMV.dll ()
MOD - C:\Program Files (x86)\MediaMonkey\SQLite3MM.dll ()
MOD - C:\Program Files (x86)\MediaMonkey\Plugins\out_wave.dll ()
MOD - C:\Program Files (x86)\MediaMonkey\Plugins\in_mpc.dll ()
========== Services (SafeList) ==========
SRV:
64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:
64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:
64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
SRV:
64bit: - (w3logsvc) -- C:\Windows\SysNative\inetsrv\w3logsvc.dll (Microsoft Corporation)
SRV:
64bit: - (RtkAudioService) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor)
SRV:
64bit: - (AERTFilters) -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Andrea Electronics Corporation)
SRV:
64bit: - (ClickToRunSvc) -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe (Microsoft Corporation)
SRV:
64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:
64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:
64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:
64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:
64bit: - (lfsvc) -- C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
SRV:
64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:
64bit: - (IEEtwCollectorService) -- C:\windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:
64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:
64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:
64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:
64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:
64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:
64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:
64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:
64bit: - (BthHFSrv) -- C:\Windows\SysNative\BthHFSrv.dll (Microsoft Corporation)
SRV:
64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:
64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:
64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:
64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:
64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:
64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:
64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:
64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:
64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:
64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:
64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:
64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:
64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:
64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:
64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:
64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:
64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:
64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:
64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:
64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:
64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:
64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:
64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:
64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:
64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com)
SRV:
64bit: - (omniserv) -- C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe (Softex Inc.)
SRV:
64bit: - (Cachedrv server) -- C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe ()
SRV - (AVP15.0.2) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe (Kaspersky Lab ZAO)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (w3logsvc) -- C:\Windows\SysWOW64\inetsrv\w3logsvc.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (TunngleService) -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)
SRV - (StartMenuService) -- C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe (IObit)
SRV - (AdvancedSystemCareService8) -- C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe (IObit)
SRV - (LiveUpdateSvc) -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (IObit)
SRV - (MbaeSvc) -- C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe (Malwarebytes Corporation)
SRV - (IMFservice) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
SRV - (HP Support Assistant Service) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard Company)
SRV - (lfsvc) -- C:\Windows\SysWOW64\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe (AVG Technologies)
SRV - (PrintNotify) -- C:\windows\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (RadeonPro Support Service) -- C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe (Mr. John aka japamd)
SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (CyberLink PowerDVD 12 Media Server Service) -- c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe (CyberLink)
SRV - (CyberLink PowerDVD 12 Media Server Monitor Service) -- c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe (CyberLink)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
========== Driver Services (SafeList) ==========
DRV:
64bit: - (MBAMSwissArmy) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys (Malwarebytes)
DRV:
64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:
64bit: - (kneps) -- C:\Windows\SysNative\drivers\kneps.sys (Kaspersky Lab ZAO)
DRV:
64bit: - (Klwtp) -- C:\Windows\SysNative\drivers\klwtp.sys (Kaspersky Lab ZAO)
DRV:
64bit: - (klwfp) -- C:\Windows\SysNative\drivers\klwfp.sys (Kaspersky Lab ZAO)
DRV:
64bit: - (klpd) -- C:\Windows\SysNative\drivers\klpd.sys (Kaspersky Lab ZAO)
DRV:
64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab ZAO)
DRV:
64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV:
64bit: - (klflt) -- C:\Windows\SysNative\drivers\klflt.sys (Kaspersky Lab ZAO)
DRV:
64bit: - (kldisk) -- C:\Windows\SysNative\drivers\kldisk.sys (Kaspersky Lab ZAO)
DRV:
64bit: - (kl1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV:
64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab ZAO)
DRV:
64bit: - (klkbdflt) -- C:\Windows\SysNative\drivers\klkbdflt.sys (Kaspersky Lab ZAO)
DRV:
64bit: - (klhk) -- C:\Windows\SysNative\drivers\klhk.sys (Kaspersky Lab ZAO)
DRV:
64bit: - (cm_km_w) -- C:\Windows\SysNative\drivers\cm_km_w.sys (Kaspersky Lab UK Ltd)
DRV:
64bit: - (athr) -- C:\Windows\SysNative\drivers\athwbx.sys (Qualcomm Atheros Communications, Inc.)
DRV:
64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
DRV:
64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes)
DRV:
64bit: - (qcusbser) -- C:\Windows\SysNative\drivers\qcusbser.sys (QUALCOMM Incorporated)
DRV:
64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:
64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:
64bit: - (amd_sata) -- C:\Windows\SysNative\drivers\amd_sata.sys (Advanced Micro Devices)
DRV:
64bit: - (amd_xata) -- C:\Windows\SysNative\drivers\amd_xata.sys (Advanced Micro Devices)
DRV:
64bit: - (RSP2STOR) -- C:\Windows\SysNative\drivers\RtsP2Stor.sys (Realtek Semiconductor Corp.)
DRV:
64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdWB6.sys (Advanced Micro Devices)
DRV:
64bit: - (RTL8168) -- C:\Windows\SysNative\drivers\Rt630x64.sys (Realtek )
DRV:
64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:
64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:
64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:
64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:
64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:
64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:
64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:
64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:
64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation)
DRV:
64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:
64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:
64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:
64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:
64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:
64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:
64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:
64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:
64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:
64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:
64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc63.sys (Microsoft Corporation)
DRV:
64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:
64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:
64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:
64bit: - (APXACC) -- C:\Windows\SysNative\drivers\appexDrv.sys (AppEx Networks Corporation)
DRV:
64bit: - (ReFS) -- C:\windows\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:
64bit: - (UCX01000) -- C:\Windows\SysNative\drivers\UCX01000.SYS (Microsoft Corporation)
DRV:
64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:
64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:
64bit: - (SmartDefragDriver) -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys (IObit)
DRV:
64bit: - (Wof) -- C:\windows\SysNative\drivers\wof.sys (Microsoft Corporation)
DRV:
64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:
64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:
64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:
64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:
64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:
64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:
64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:
64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:
64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:
64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:
64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:
64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:
64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:
64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:
64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:
64bit: - (LSI_SAS3) -- C:\Windows\SysNative\drivers\lsi_sas3.sys (LSI Corporation)
DRV:
64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:
64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:
64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:
64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:
64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:
64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:
64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:
64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:
64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:
64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:
64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:
64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:
64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:
64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:
64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:
64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:
64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:
64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:
64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:
64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:
64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:
64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:
64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:
64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:
64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:
64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:
64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:
64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:
64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:
64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:
64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:
64bit: - (FxPPM) -- C:\Windows\SysNative\drivers\fxppm.sys (Microsoft Corporation)
DRV:
64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV:
64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:
64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:
64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:
64bit: - (e1iexpress) -- C:\Windows\SysNative\drivers\e1i63x64.sys (Intel Corporation)
DRV:
64bit: - (amdkmpfd) -- C:\Windows\SysNative\drivers\amdkmpfd.sys (Advanced Micro Devices, Inc.)
DRV:
64bit: - (CLVirtualDrive) -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys (CyberLink)
DRV:
64bit: - (clwvd) -- C:\Windows\SysNative\drivers\clwvd.sys (CyberLink Corporation)
DRV:
64bit: - (amdkmafd) -- C:\Windows\SysNative\drivers\amdkmafd.sys (Advanced Micro Devices, Inc.)
DRV:
64bit: - (klelam) -- C:\Windows\SysNative\drivers\klelam.sys (Kaspersky Lab)
DRV:
64bit: - (MotioninJoyXFilter) -- C:\Windows\SysNative\drivers\MijXfilt.sys (MotioninJoy)
DRV:
64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:
64bit: - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:
64bit: - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:
64bit: - (tap0901t) -- C:\Windows\SysNative\drivers\tap0901t.sys (Tunngle.net)
DRV - (HWiNFO32) -- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS (REALiX(tm))
DRV - (ESProtectionDriver) -- C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys ()
DRV - (FileMonitor) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys (IObit)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (WinRing0_1_2_0) -- C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys (OpenLibSys.org)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://g.msn.com/HPDSK14/1
IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://g.msn.com/HPDSK14/1
IE:
64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:
64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
IE:
64bit: - HKLM\..\SearchScopes\{0B54DE0A-6431-41C0-B474-7A7988803D04}: "URL" =
http://www.amazon.com/s/ref=azs_osd...ode=qs&index=aps&field-keywords={searchTerms}
IE:
64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" =
http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://g.msn.com/HPDSK14/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://g.msn.com/HPDSK14/1
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" =
http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://g.msn.com/HPDSK14/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = google.com
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\y, =
http://yandex.ru/search/?win=195&clid=2100771-002&text=%s
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search
IE - HKCU\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" =
http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKCU\..\SearchScopes\A2A3FED8ACFC3815522BD8DD481C628C: "URL" =
http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.countryCode: "US"
FF - prefs.js..browser.search.defaultenginename.US: "Google"
FF - prefs.js..browser.search.region: "US"
FF - prefs.js..browser.search.useDBForOrder: false
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: %7Bb1df372d-8b32-4c7d-b6b4-9c5b78cf6fb1%7D:0.87.1-signed
FF - prefs.js..extensions.enabledAddons: imageblock%40hemantvats.com:2.1.1-signed
FF - prefs.js..extensions.enabledAddons: youtubemp3podcaster%40jeremy.d.gregorio.com:3.7.5
FF - prefs.js..extensions.enabledAddons: artur.dubovoy%40gmail.com:8.1.1
FF - prefs.js..extensions.enabledAddons: iobitascsurfingprotection%40iobit.com:2.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:41.0.2
FF - user.js - File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\windows\system32\C2MP\npdivx32.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.60.2: C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.60.2: C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\
[email protected] [2015/10/24 09:25:50 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\
[email protected] [2015/10/24 09:25:57 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Mitchell\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\
[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\
[email protected] [2015/10/24 09:25:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\
[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\
[email protected] [2015/10/24 09:25:57 | 000,000,000 | ---D | M]
[2015/03/24 10:09:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mitchell\AppData\Roaming\mozilla\Extensions
[2015/10/23 02:27:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mitchell\AppData\Roaming\mozilla\Firefox\Profiles\2purzlgc.default\extensions
[2015/09/24 22:23:59 | 000,000,000 | ---D | M] ("Flash Video Downloader - YouTube HD Download [4K]") -- C:\Users\Mitchell\AppData\Roaming\mozilla\Firefox\Profiles\2purzlgc.default\extensions\
[email protected]
[2015/10/02 06:34:31 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Users\Mitchell\AppData\Roaming\mozilla\Firefox\Profiles\2purzlgc.default\extensions\
[email protected]
[2015/06/07 07:29:24 | 000,000,000 | ---D | M] (Youtube MP3 Podcaster) -- C:\Users\Mitchell\AppData\Roaming\mozilla\Firefox\Profiles\2purzlgc.default\extensions\
[email protected]
[2015/07/17 08:33:58 | 000,470,468 | ---- | M] () (No name found) -- C:\Users\Mitchell\AppData\Roaming\mozilla\firefox\profiles\2purzlgc.default\extensions\
[email protected]
[2015/10/23 02:27:14 | 004,529,677 | ---- | M] () (No name found) -- C:\Users\Mitchell\AppData\Roaming\mozilla\firefox\profiles\2purzlgc.default\extensions\
[email protected]
[2015/05/28 22:42:24 | 000,022,699 | ---- | M] () (No name found) -- C:\Users\Mitchell\AppData\Roaming\mozilla\firefox\profiles\2purzlgc.default\extensions\
[email protected]
[2015/05/28 21:49:59 | 000,013,707 | ---- | M] () (No name found) -- C:\Users\Mitchell\AppData\Roaming\mozilla\firefox\profiles\2purzlgc.default\extensions\
[email protected]
[2015/09/27 02:30:24 | 000,471,265 | ---- | M] () (No name found) -- C:\Users\Mitchell\AppData\Roaming\mozilla\firefox\profiles\2purzlgc.default\extensions\
[email protected]
[2015/05/28 22:42:24 | 000,043,801 | ---- | M] () (No name found) -- C:\Users\Mitchell\AppData\Roaming\mozilla\firefox\profiles\2purzlgc.default\extensions\{b1df372d-8b32-4c7d-b6b4-9c5b78cf6fb1}.xpi
[2015/09/29 12:28:14 | 000,962,762 | ---- | M] () (No name found) -- C:\Users\Mitchell\AppData\Roaming\mozilla\firefox\profiles\2purzlgc.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2015/09/27 02:28:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015/10/17 22:07:59 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2015/09/30 22:04:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions
[2015/09/30 22:04:34 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - homepage:
http://www.yandex.ru/?win=195&clid=2100767-002
O1 HOSTS File: ([2015/10/02 06:40:08 | 000,002,347 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 0.0.0.0.0
O1 - Hosts: 127.0.0.1 0.0.0.0.0
O1 - Hosts: 127.0.0.1 0.0.0.0.0
O1 - Hosts: 127.0.0.1 0.0.0.0.0
O1 - Hosts: 127.0.0.1 0.0.0.0.0
O1 - Hosts: 127.0.0.1 0.0.0.0.0
O1 - Hosts: 127.0.0.1 0.0.0.0.0
O1 - Hosts: 127.0.0.1 0.0.0.0.0
O1 - Hosts: 127.0.0.1 0.0.0.0.0
O1 - Hosts: 127.0.0.1 m.fr.a2dfp.net
O1 - Hosts: 127.0.0.1 mfr.a2dfp.net
O1 - Hosts: 127.0.0.1 ad.a8.net
O1 - Hosts: 127.0.0.1 asy.a8ww.net
O1 - Hosts: 127.0.0.1 static.a-ads.com
O1 - Hosts: 127.0.0.1 atlas.aamedia.ro
O1 - Hosts: 127.0.0.1 abcstats.com
O1 - Hosts: 127.0.0.1 ad4.abradio.cz
O1 - Hosts: 127.0.0.1 a.abv.bg
O1 - Hosts: 127.0.0.1 adserver.abv.bg
O1 - Hosts: 127.0.0.1 adv.abv.bg
O1 - Hosts: 127.0.0.1 bimg.abv.bg
O1 - Hosts: 127.0.0.1 ca.abv.bg
O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua
O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com
O1 - Hosts: 127.0.0.1 accuserveadsystem.com
O1 - Hosts: 57 more lines...
O2:
64bit: - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:
64bit: - BHO: (Virtual Keyboard Plugin) - {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
O2:
64bit: - BHO: (Content Blocker Plugin) - {93BC2EA7-2F17-4729-948A-D2E03FFB2412} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
O2:
64bit: - BHO: (Safe Money Plugin) - {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
O2:
64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2:
64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O2 - BHO: (ATLAS Toolbar) - {3C6301ED-0F78-4AF2-8150-D9C052361A8E} - C:\Program Files (x86)\ATLAS V14\ATLIECP.DLL (FUJITSU LIMITED)
O2 - BHO: (Virtual Keyboard Plugin) - {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Content Blocker Plugin) - {93BC2EA7-2F17-4729-948A-D2E03FFB2412} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Safe Money Plugin) - {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3 - HKLM\..\Toolbar: (ATLAS Toolbar) - {3C6301ED-0F78-4AF2-8150-D9C052361A8E} - C:\Program Files (x86)\ATLAS V14\ATLIECP.DLL (FUJITSU LIMITED)
O4:
64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Malwarebytes Anti-Exploit] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Raptr] C:\Program Files (x86)\Raptr\raptrstub.exe (Raptr, Inc)
O4 - HKCU..\Run: [Advanced SystemCare 8] C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe (IObit)
O4 - HKCU..\Run: [DAEMON Tools Pro Agent] C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
O4 - Startup: C:\Users\Mitchell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk = C:\Users\Mitchell\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:
64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:
64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:
64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:
64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:
64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:
64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:
64bit: - Extra Button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:
64bit: - Extra 'Tools' menuitem : Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:
64bit: - Extra Button: Virtual Keyboard - {5547CE1F-74E9-41E5-9CBF-5211ECC37341} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
O9:
64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:
64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra Button: Virtual Keyboard - {5547CE1F-74E9-41E5-9CBF-5211ECC37341} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: ATLAS Translation - {B7707A72-4355-11D4-82BD-00000EBBEF8D} - C:\Program Files (x86)\ATLAS V14\atlscript.html ()
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13
64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: aeriagames.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: aeriagames.com ([]https in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0B493C87-1087-4029-BD5A-39FD2F6E918F}: DhcpNameServer = 7.254.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{23897452-4B4C-4463-81B8-B75A217AFCC0}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B6CCFA43-580A-4611-B6B3-E43C4590E53C}: DhcpNameServer = 192.168.1.254
O18:
64bit: - Protocol\Handler\osf - No CLSID value found
O18:
64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:
64bit: - HKLM IFEO\chrome.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG Technologies)
O27:
64bit: - HKLM IFEO\hpsf.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG Technologies)
O27 - HKLM IFEO\chrome.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG Technologies)
O27 - HKLM IFEO\hpsf.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG Technologies)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2015/10/28 12:11:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2015/10/28 12:11:06 | 000,109,272 | ---- | C] (Malwarebytes) -- C:\windows\SysNative\drivers\mbamchameleon.sys
[2015/10/28 12:11:06 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mwac.sys
[2015/10/28 12:11:06 | 000,025,816 | ---- | C] (Malwarebytes) -- C:\windows\SysNative\drivers\mbam.sys
[2015/10/28 11:26:28 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015/10/24 11:44:53 | 000,190,648 | ---- | C] (Kaspersky Lab ZAO) -- C:\windows\SysNative\drivers\kneps.sys
[2015/10/24 11:44:52 | 000,817,848 | ---- | C] (Kaspersky Lab ZAO) -- C:\windows\SysNative\drivers\klif.sys
[2015/10/24 11:44:52 | 000,159,960 | ---- | C] (Kaspersky Lab ZAO) -- C:\windows\SysNative\drivers\klflt.sys
[2015/10/24 11:44:52 | 000,085,360 | ---- | C] (Kaspersky Lab ZAO) -- C:\windows\SysNative\drivers\klwtp.sys
[2015/10/24 11:44:52 | 000,077,680 | ---- | C] (Kaspersky Lab ZAO) -- C:\windows\SysNative\drivers\klwfp.sys
[2015/10/24 11:44:52 | 000,039,792 | ---- | C] (Kaspersky Lab ZAO) -- C:\windows\SysNative\drivers\klim6.sys
[2015/10/24 11:44:52 | 000,024,944 | ---- | C] (Kaspersky Lab ZAO) -- C:\windows\SysNative\drivers\klpd.sys
[2015/10/24 11:44:51 | 000,478,392 | ---- | C] (Kaspersky Lab ZAO) -- C:\windows\SysNative\drivers\kl1.sys
[2015/10/24 11:44:51 | 000,064,368 | ---- | C] (Kaspersky Lab ZAO) -- C:\windows\SysNative\drivers\kldisk.sys
[2015/10/24 11:44:46 | 000,040,304 | ---- | C] (Kaspersky Lab ZAO) -- C:\windows\SysNative\drivers\klkbdflt.sys
[2015/10/24 11:44:46 | 000,039,792 | ---- | C] (Kaspersky Lab ZAO) -- C:\windows\SysNative\drivers\klmouflt.sys
[2015/10/24 11:44:43 | 000,226,480 | ---- | C] (Kaspersky Lab ZAO) -- C:\windows\SysNative\drivers\klhk.sys
[2015/10/24 11:44:40 | 000,247,016 | ---- | C] (Kaspersky Lab UK Ltd) -- C:\windows\SysNative\drivers\cm_km_w.sys
[2015/10/24 09:26:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
[2015/10/24 09:26:24 | 000,110,176 | ---- | C] (Kaspersky Lab ZAO) -- C:\windows\SysNative\klfphc.dll
[2015/10/24 09:25:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2015/10/24 09:25:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2015/10/24 09:06:15 | 000,040,248 | ---- | C] (AVG Technologies) -- C:\windows\SysNative\TURegOpt.exe
[2015/10/24 09:06:10 | 000,029,496 | ---- | C] (AVG Technologies) -- C:\windows\SysNative\authuitu.dll
[2015/10/24 09:06:10 | 000,025,400 | ---- | C] (AVG Technologies) -- C:\windows\SysWow64\authuitu.dll
[2015/10/23 06:15:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
[2015/10/22 14:56:13 | 000,000,000 | ---D | C] -- C:\Users\Mitchell\Documents\MEGAsync Downloads
[2015/10/22 14:53:26 | 000,000,000 | ---D | C] -- C:\Users\Mitchell\AppData\Local\Mega Limited
[2015/10/22 14:53:22 | 000,000,000 | ---D | C] -- C:\Users\Mitchell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
[2015/10/22 14:53:19 | 000,000,000 | ---D | C] -- C:\Users\Mitchell\AppData\Local\MEGAsync
[2015/10/22 02:46:13 | 004,268,032 | ---- | C] (Qualcomm Atheros Communications, Inc.) -- C:\windows\SysNative\drivers\athwbx.sys
[2015/10/21 06:18:34 | 000,000,000 | ---D | C] -- C:\Users\Mitchell\Documents\MGR
[2015/10/13 17:49:46 | 000,000,000 | ---D | C] -- C:\Users\Mitchell\AppData\Local\Eushully
[2015/10/12 16:51:23 | 000,000,000 | ---D | C] -- C:\Users\Mitchell\AppData\Roaming\Will
[2015/10/12 16:27:48 | 000,615,424 | ---- | C] (nobukichi) -- C:\windows\tsakuninst.exe
[2015/10/12 15:27:23 | 000,000,000 | ---D | C] -- C:\Users\Mitchell\AppData\Local\AreaZero
[2015/10/12 15:24:50 | 000,615,424 | ---- | C] (nobukichi) -- C:\windows\tsauninst.exe
[2015/10/11 20:31:55 | 000,000,000 | ---D | C] -- C:\windows\MRLH
[2015/10/08 15:10:13 | 000,000,000 | ---D | C] -- C:\Users\Mitchell\AppData\Roaming\SUPERAntiSpyware.com
[2015/10/08 15:04:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2015/10/08 15:04:53 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2015/10/08 15:04:53 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2015/10/08 14:42:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes Anti-Exploit
[2015/10/08 14:42:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Exploit
[2015/10/08 14:24:40 | 000,192,216 | ---- | C] (Malwarebytes) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/10/08 14:24:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2015/10/08 12:50:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2015/10/08 12:49:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2015/10/08 12:48:46 | 000,000,000 | ---D | C] -- C:\Users\Mitchell\AppData\Roaming\Sun
[2015/10/08 12:48:45 | 000,000,000 | ---D | C] -- C:\Users\Mitchell\.oracle_jre_usage
[2015/10/02 09:02:26 | 000,242,688 | ---- | C] (QUALCOMM Incorporated) -- C:\windows\SysNative\drivers\qcusbser.sys
[2015/10/02 08:56:44 | 000,808,960 | ---- | C] (AMD) -- C:\windows\SysNative\coinst_13.352.dll
[2015/10/02 08:56:38 | 000,190,976 | ---- | C] (AMD) -- C:\windows\SysNative\atitmm64.dll
[2015/10/02 08:56:32 | 000,031,232 | ---- | C] (AMD) -- C:\windows\SysNative\atimuixx.dll
[2015/10/02 08:56:30 | 000,590,848 | ---- | C] (AMD) -- C:\windows\SysNative\atieclxx.exe
[2015/10/02 08:56:30 | 000,240,128 | ---- | C] (AMD) -- C:\windows\SysNative\atiesrxx.exe
[2015/10/02 08:56:21 | 000,065,024 | ---- | C] (Khronos Group) -- C:\windows\SysNative\OpenCL.dll
[2015/10/02 08:56:21 | 000,058,880 | ---- | C] (Khronos Group) -- C:\windows\SysWow64\OpenCL.dll
[2015/10/02 08:55:17 | 000,083,160 | ---- | C] (Realtek Semiconductor.) -- C:\windows\SysNative\RtCRX64.dll
[2015/10/02 08:48:57 | 000,885,504 | ---- | C] (Realtek ) -- C:\windows\SysNative\drivers\Rt630x64.sys
[2015/10/02 08:38:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8
[2015/10/02 08:37:36 | 000,034,080 | ---- | C] (IObit) -- C:\windows\SysNative\SmartDefragBootTime.exe
[2015/10/02 08:37:35 | 000,128,288 | ---- | C] (IObit) -- C:\windows\SysWow64\IObitSmartDefragExtension.dll
[2015/10/02 08:37:34 | 000,128,288 | ---- | C] (IObit) -- C:\windows\SysNative\IObitSmartDefragExtension.dll
[2015/10/02 08:37:31 | 000,021,184 | ---- | C] (IObit) -- C:\windows\SysNative\drivers\SmartDefragDriver.sys
[2015/10/02 08:37:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 4
[2015/10/02 08:34:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
[2015/10/02 08:33:02 | 000,026,528 | ---- | C] (REALiX(tm)) -- C:\windows\SysWow64\drivers\HWiNFO64A.SYS
[2015/10/02 08:32:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Booster 3
[2015/10/02 06:34:31 | 000,000,000 | ---D | C] -- C:\Users\Mitchell\AppData\Roaming\Apple Computer
[2015/10/02 06:34:21 | 000,000,000 | ---D | C] -- C:\windows\tasks\ImCleanDisabled
[2015/10/02 06:34:14 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2015/10/02 06:34:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\IObit
[2015/10/02 06:34:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
[2015/10/02 06:34:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2015/10/02 06:34:02 | 000,000,000 | ---D | C] -- C:\Users\Mitchell\AppData\Roaming\IObit
[2015/10/01 01:21:08 | 000,000,000 | ---D | C] -- C:\windows\pss
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2015/10/28 13:43:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2015/10/28 12:12:26 | 000,192,216 | ---- | M] (Malwarebytes) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/10/28 11:42:45 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2015/10/28 11:40:15 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2015/10/28 11:40:10 | 2958,184,448 | -HS- | M] () -- C:\hiberfil.sys
[2015/10/28 11:39:42 | 000,065,536 | ---- | M] () -- C:\windows\SysNative\spu_storage.bin
[2015/10/26 12:26:04 | 000,497,504 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2015/10/26 05:00:27 | 000,414,559 | ---- | M] () -- C:\windows\SysNative\ApnDatabase.xml
[2015/10/26 04:16:43 | 000,000,262 | ---- | M] () -- C:\windows\tasks\ASC8_SkipUac_Mitchell.job
[2015/10/24 19:01:38 | 000,000,892 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player PPAPI Notifier.job
[2015/10/24 11:43:42 | 000,190,648 | ---- | M] (Kaspersky Lab ZAO) -- C:\windows\SysNative\drivers\kneps.sys
[2015/10/24 11:43:42 | 000,085,360 | ---- | M] (Kaspersky Lab ZAO) -- C:\windows\SysNative\drivers\klwtp.sys
[2015/10/24 11:43:42 | 000,077,680 | ---- | M] (Kaspersky Lab ZAO) -- C:\windows\SysNative\drivers\klwfp.sys
[2015/10/24 11:43:41 | 000,024,944 | ---- | M] (Kaspersky Lab ZAO) -- C:\windows\SysNative\drivers\klpd.sys
[2015/10/24 11:43:40 | 000,817,848 | ---- | M] (Kaspersky Lab ZAO) -- C:\windows\SysNative\drivers\klif.sys
[2015/10/24 11:43:40 | 000,039,792 | ---- | M] (Kaspersky Lab ZAO) -- C:\windows\SysNative\drivers\klim6.sys
[2015/10/24 11:43:39 | 000,159,960 | ---- | M] (Kaspersky Lab ZAO) -- C:\windows\SysNative\drivers\klflt.sys
[2015/10/24 11:43:39 | 000,064,368 | ---- | M] (Kaspersky Lab ZAO) -- C:\windows\SysNative\drivers\kldisk.sys
[2015/10/24 11:43:38 | 000,478,392 | ---- | M] (Kaspersky Lab ZAO) -- C:\windows\SysNative\drivers\kl1.sys
[2015/10/24 09:47:05 | 000,039,792 | ---- | M] (Kaspersky Lab ZAO) -- C:\windows\SysNative\drivers\klmouflt.sys
[2015/10/24 09:47:04 | 000,040,304 | ---- | M] (Kaspersky Lab ZAO) -- C:\windows\SysNative\drivers\klkbdflt.sys
[2015/10/24 09:46:59 | 000,226,480 | ---- | M] (Kaspersky Lab ZAO) -- C:\windows\SysNative\drivers\klhk.sys
[2015/10/24 09:46:48 | 000,247,016 | ---- | M] (Kaspersky Lab UK Ltd) -- C:\windows\SysNative\drivers\cm_km_w.sys
[2015/10/24 02:25:22 | 000,000,358 | ---- | M] () -- C:\windows\tasks\HPCeeScheduleForMitchell.job
[2015/10/23 13:01:12 | 507,700,262 | ---- | M] () -- C:\windows\MEMORY.DMP
[2015/10/22 14:56:03 | 000,001,038 | ---- | M] () -- C:\Users\Mitchell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk
[2015/10/22 07:52:18 | 000,000,916 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/10/22 07:52:18 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/10/22 07:52:18 | 000,000,530 | ---- | M] () -- C:\windows\tasks\SUPERAntiSpyware Scheduled Task cf9539b6-39fc-4116-bf8b-811109690dd1.job
[2015/10/22 07:52:18 | 000,000,530 | ---- | M] () -- C:\windows\tasks\SUPERAntiSpyware Scheduled Task 9bc93637-dd7a-4939-8399-0219e29d2574.job
[2015/10/22 02:46:13 | 004,268,032 | ---- | M] (Qualcomm Atheros Communications, Inc.) -- C:\windows\SysNative\drivers\athwbx.sys
[2015/10/21 06:17:05 | 000,007,609 | ---- | M] () -- C:\Users\Mitchell\AppData\Local\Resmon.ResmonCfg
[2015/10/15 20:05:16 | 000,891,920 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2015/10/15 20:05:16 | 000,731,100 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2015/10/15 20:05:16 | 000,153,678 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2015/10/08 12:33:38 | 000,002,398 | ---- | M] () -- C:\Users\Mitchell\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2015/10/05 09:50:22 | 000,064,216 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mwac.sys
[2015/10/05 09:50:10 | 000,109,272 | ---- | M] (Malwarebytes) -- C:\windows\SysNative\drivers\mbamchameleon.sys
[2015/10/05 09:50:06 | 000,025,816 | ---- | M] (Malwarebytes) -- C:\windows\SysNative\drivers\mbam.sys
[2015/10/04 06:54:43 | 000,001,547 | ---- | M] () -- C:\Users\Mitchell\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2015/10/02 09:02:26 | 000,242,688 | ---- | M] (QUALCOMM Incorporated) -- C:\windows\SysNative\drivers\qcusbser.sys
[2015/10/02 08:56:44 | 000,808,960 | ---- | M] (AMD) -- C:\windows\SysNative\coinst_13.352.dll
[2015/10/02 08:56:44 | 000,234,804 | ---- | M] () -- C:\windows\SysNative\ativvaxy_cik.dat
[2015/10/02 08:56:44 | 000,233,008 | ---- | M] () -- C:\windows\SysNative\ativvaxy_cik_nd.dat
[2015/10/02 08:56:44 | 000,230,912 | ---- | M] () -- C:\windows\SysNative\clinfo.exe
[2015/10/02 08:56:44 | 000,138,832 | ---- | M] () -- C:\windows\SysNative\samu_krnl_isv_ci.sbin
[2015/10/02 08:56:44 | 000,138,832 | ---- | M] () -- C:\windows\SysNative\samu_krnl_ci.sbin
[2015/10/02 08:56:44 | 000,082,112 | ---- | M] () -- C:\windows\SysNative\ativce02.dat
[2015/10/02 08:56:44 | 000,042,544 | ---- | M] () -- C:\windows\SysNative\kapp_ci.sbin
[2015/10/02 08:56:44 | 000,038,544 | ---- | M] () -- C:\windows\SysNative\kapp_si.sbin
[2015/10/02 08:56:43 | 003,471,376 | ---- | M] () -- C:\windows\SysWow64\atiumdva.cap
[2015/10/02 08:56:40 | 003,437,632 | ---- | M] () -- C:\windows\SysNative\atiumd6a.cap
[2015/10/02 08:56:38 | 000,190,976 | ---- | M] (AMD) -- C:\windows\SysNative\atitmm64.dll
[2015/10/02 08:56:32 | 000,031,232 | ---- | M] (AMD) -- C:\windows\SysNative\atimuixx.dll
[2015/10/02 08:56:30 | 000,734,861 | ---- | M] () -- C:\windows\SysNative\atiicdxx.dat
[2015/10/02 08:56:30 | 000,590,848 | ---- | M] (AMD) -- C:\windows\SysNative\atieclxx.exe
[2015/10/02 08:56:30 | 000,240,128 | ---- | M] (AMD) -- C:\windows\SysNative\atiesrxx.exe
[2015/10/02 08:56:22 | 000,577,864 | ---- | M] () -- C:\windows\SysWow64\atiapfxx.blb
[2015/10/02 08:56:22 | 000,577,864 | ---- | M] () -- C:\windows\SysNative\atiapfxx.blb
[2015/10/02 08:56:21 | 000,065,024 | ---- | M] (Khronos Group) -- C:\windows\SysNative\OpenCL.dll
[2015/10/02 08:56:21 | 000,058,880 | ---- | M] (Khronos Group) -- C:\windows\SysWow64\OpenCL.dll
[2015/10/02 08:56:14 | 000,415,232 | ---- | M] () -- C:\windows\SysNative\amdmiracast.dll
[2015/10/02 08:56:09 | 000,134,144 | ---- | M] () -- C:\windows\SysNative\amdhdl64.dll
[2015/10/02 08:56:09 | 000,123,392 | ---- | M] () -- C:\windows\SysWow64\amdhdl32.dll
[2015/10/02 08:55:17 | 000,083,160 | ---- | M] (Realtek Semiconductor.) -- C:\windows\SysNative\RtCRX64.dll
[2015/10/02 08:48:57 | 000,885,504 | ---- | M] (Realtek ) -- C:\windows\SysNative\drivers\Rt630x64.sys
[2015/10/02 08:33:02 | 000,026,528 | ---- | M] (REALiX(tm)) -- C:\windows\SysWow64\drivers\HWiNFO64A.SYS
[2015/10/02 06:40:08 | 000,002,347 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2015/10/01 09:38:28 | 000,001,034 | ---- | M] () -- C:\Users\Mitchell\Application Data\Microsoft\Internet Explorer\Quick Launch\Tunngle.lnk
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2015/10/26 05:00:27 | 000,414,559 | ---- | C] () -- C:\windows\SysNative\ApnDatabase.xml
[2015/10/24 09:05:55 | 000,002,240 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015.lnk
[2015/10/23 06:15:17 | 000,001,399 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
[2015/10/22 14:56:03 | 000,001,038 | ---- | C] () -- C:\Users\Mitchell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk
[2015/10/21 06:17:05 | 000,007,609 | ---- | C] () -- C:\Users\Mitchell\AppData\Local\Resmon.ResmonCfg
[2015/10/19 22:05:32 | 507,700,262 | ---- | C] () -- C:\windows\MEMORY.DMP
[2015/10/08 15:10:20 | 000,000,530 | ---- | C] () -- C:\windows\tasks\SUPERAntiSpyware Scheduled Task cf9539b6-39fc-4116-bf8b-811109690dd1.job
[2015/10/08 15:10:20 | 000,000,530 | ---- | C] () -- C:\windows\tasks\SUPERAntiSpyware Scheduled Task 9bc93637-dd7a-4939-8399-0219e29d2574.job
[2015/10/08 12:32:42 | 000,000,916 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/10/08 12:32:40 | 000,000,912 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/10/02 08:56:44 | 000,234,804 | ---- | C] () -- C:\windows\SysNative\ativvaxy_cik.dat
[2015/10/02 08:56:44 | 000,233,008 | ---- | C] () -- C:\windows\SysNative\ativvaxy_cik_nd.dat
[2015/10/02 08:56:44 | 000,230,912 | ---- | C] () -- C:\windows\SysNative\clinfo.exe
[2015/10/02 08:56:44 | 000,138,832 | ---- | C] () -- C:\windows\SysNative\samu_krnl_isv_ci.sbin
[2015/10/02 08:56:44 | 000,138,832 | ---- | C] () -- C:\windows\SysNative\samu_krnl_ci.sbin
[2015/10/02 08:56:44 | 000,082,112 | ---- | C] () -- C:\windows\SysNative\ativce02.dat
[2015/10/02 08:56:44 | 000,042,544 | ---- | C] () -- C:\windows\SysNative\kapp_ci.sbin
[2015/10/02 08:56:44 | 000,038,544 | ---- | C] () -- C:\windows\SysNative\kapp_si.sbin
[2015/10/02 08:56:42 | 003,471,376 | ---- | C] () -- C:\windows\SysWow64\atiumdva.cap
[2015/10/02 08:56:39 | 003,437,632 | ---- | C] () -- C:\windows\SysNative\atiumd6a.cap
[2015/10/02 08:56:30 | 000,734,861 | ---- | C] () -- C:\windows\SysNative\atiicdxx.dat
[2015/10/02 08:56:22 | 000,577,864 | ---- | C] () -- C:\windows\SysWow64\atiapfxx.blb
[2015/10/02 08:56:22 | 000,577,864 | ---- | C] () -- C:\windows\SysNative\atiapfxx.blb
[2015/10/02 08:56:13 | 000,415,232 | ---- | C] () -- C:\windows\SysNative\amdmiracast.dll
[2015/10/02 08:56:09 | 000,134,144 | ---- | C] () -- C:\windows\SysNative\amdhdl64.dll
[2015/10/02 08:56:09 | 000,123,392 | ---- | C] () -- C:\windows\SysWow64\amdhdl32.dll
[2015/10/02 08:37:45 | 000,000,262 | ---- | C] () -- C:\windows\tasks\ASC8_SkipUac_Mitchell.job
[2015/08/07 20:03:28 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2015/04/22 20:52:45 | 000,107,008 | ---- | C] () -- C:\windows\SysWow64\OEMLicense.dll
[2015/04/22 20:48:58 | 000,046,080 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2015/04/22 07:24:06 | 000,000,256 | -H-- | C] () -- C:\windows\SysWow64\LTAW14FN.BIN
[2015/04/22 07:24:06 | 000,000,256 | -H-- | C] () -- C:\windows\SysWow64\FJLTAFOU.BIN
[2015/04/04 16:17:24 | 000,000,000 | -HS- | C] () -- C:\Users\Mitchell\AppData\Local\LumaEmu
[2015/04/03 09:59:10 | 000,000,056 | ---- | C] () -- C:\windows\kgt2k.INI
[2015/04/02 16:17:10 | 000,778,752 | ---- | C] () -- C:\windows\SysWow64\RGSS102E.dll
[2015/04/02 16:17:10 | 000,761,856 | ---- | C] () -- C:\windows\SysWow64\RGSS104J.dll
[2015/04/02 16:17:10 | 000,758,272 | ---- | C] () -- C:\windows\SysWow64\RGSS104E.dll
[2015/04/02 16:17:10 | 000,685,056 | ---- | C] () -- C:\windows\SysWow64\RGSS103J.dll
[2015/04/02 16:17:09 | 000,781,312 | ---- | C] () -- C:\windows\SysWow64\RGSS102J.dll
[2015/04/02 16:17:09 | 000,771,584 | ---- | C] () -- C:\windows\SysWow64\RGSS100J.dll
[2015/03/26 14:20:41 | 000,002,255 | ---- | C] () -- C:\windows\SysWow64\WimBootCompress.ini
[2014/01/27 04:22:44 | 000,204,952 | ---- | C] () -- C:\windows\SysWow64\ativvsvl.dat
[2014/01/27 04:22:44 | 000,157,144 | ---- | C] () -- C:\windows\SysWow64\ativvsva.dat
[2014/01/27 04:22:40 | 000,003,917 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
[2014/01/27 04:22:28 | 000,995,342 | ---- | C] () -- C:\windows\SysWow64\amdocl_as32.exe
[2014/01/27 04:22:28 | 000,798,734 | ---- | C] () -- C:\windows\SysWow64\amdocl_ld32.exe
========== ZeroAccess Check ==========
[2013/12/11 17:05:38 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/10/23 09:42:03 | 022,372,152 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/10/23 09:42:03 | 019,795,904 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2014/10/28 20:19:43 | 001,013,760 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2014/10/28 19:59:23 | 000,786,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2014/10/28 20:16:01 | 000,512,512 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2015/04/07 15:00:09 | 000,000,000 | ---D | M] -- C:\Users\Mitchell\AppData\Roaming\Acapela Group
[2015/04/01 10:20:02 | 000,000,000 | ---D | M] -- C:\Users\Mitchell\AppData\Roaming\AMD
[2015/06/02 10:51:44 | 000,000,000 | ---D | M] -- C:\Users\Mitchell\AppData\Roaming\AVG
[2015/04/20 06:04:34 | 000,000,000 | ---D | M] -- C:\Users\Mitchell\AppData\Roaming\Battle.net
[2015/04/27 07:42:10 | 000,000,000 | ---D | M] -- C:\Users\Mitchell\AppData\Roaming\Clickteam
[2015/10/26 15:51:19 | 000,000,000 | ---D | M] -- C:\Users\Mitchell\AppData\Roaming\DAEMON Tools Pro
[2015/09/26 23:23:37 | 000,000,000 | ---D | M] -- C:\Users\Mitchell\AppData\Roaming\DRPSu
[2015/10/07 23:40:24 | 000,000,000 | ---D | M] -- C:\Users\Mitchell\AppData\Roaming\dungmachi
[2015/09/21 20:54:30 | 000,000,000 | ---D | M] -- C:\Users\Mitchell\AppData\Roaming\Easy2Convert
[2015/04/22 07:27:42 | 000,000,000 | ---D | M] -- C:\Users\Mitchell\AppData\Roaming\Fujitsu
[2015/04/01 21:15:45 | 000,000,000 | ---D | M] -- C:\Users\Mitchell\AppData\Roaming\Injustice
[2015/10/28 11:29:35 | 000,000,000 | ---D | M] -- C:\Users\Mitchell\AppData\Roaming\IObit
[2015/03/27 09:28:37 | 000,000,000 | ---D | M] -- C:\Users\Mitchell\AppData\Roaming\JetBrains
[2015/09/22 21:18:24 | 000,000,000 | ---D | M] -- C:\Users\Mitchell\AppData\Roaming\Kalypso Media
[2015/04/01 07:29:58 | 000,000,000 | ---D | M] -- C:\Users\Mitchell\AppData\Roaming\library_dir
[2015/10/28 13:56:47 | 000,000,000 | ---D | M] -- C:\Users\Mitchell\AppData\Roaming\MediaMonkey
[2015/03/24 10:45:24 | 000,000,000 | ---D | M] -- C:\Users\Mitchell\AppData\Roaming\MotioninJoy
[2015/04/07 15:35:23 | 000,000,000 | ---D | M] -- C:\Users\Mitchell\AppData\Roaming\OpenOffice
[2015/08/03 03:52:49 | 000,000,000 | ---D | M] -- C:\Users\Mitchell\AppData\Roaming\Opera Software
[2015/05/02 06:51:11 | 000,000,000 | ---D | M] -- C:\Users\Mitchell\AppData\Roaming\org.sakuradite.browser
[2015/04/22 14:48:08 | 000,000,000 | ---D | M] -- C:\Users\Mitchell\AppData\Roaming\org.sakuradite.reader
[2015/06/21 12:23:39 | 000,000,000 | ---D | M] -- C:\Users\Mitchell\AppData\Roaming\PlayFirst
[2015/10/19 07:15:17 | 000,000,000 | ---D | M] -- C:\Users\Mitchell\AppData\Roaming\Pro Cycling Manager 2015
[2015/08/08 05:19:42 | 000,000,000 | ---D | M] -- C:\Users\Mitchell\AppData\Roaming\RadeonPro
[2015/04/23 18:09:28 | 000,000,000 | ---D | M] -- C:\Users\Mitchell\AppData\Roaming\Raptr
[2015/05/01 07:55:01 | 000,000,000 | ---D | M] -- C:\Users\Mitchell\AppData\Roaming\RenPy
[2015/06/09 20:31:28 | 000,000,000 | ---D | M] -- C:\Users\Mitchell\AppData\Roaming\Steam
[2015/06/08 19:29:48 | 000,000,000 | ---D | M] -- C:\Users\Mitchell\AppData\Roaming\The Creative Assembly
[2015/06/02 11:01:02 | 000,000,000 | ---D | M] -- C:\Users\Mitchell\AppData\Roaming\TuneUp Software
[2015/10/12 16:51:23 | 000,000,000 | ---D | M] -- C:\Users\Mitchell\AppData\Roaming\Will
[2015/03/24 10:44:19 | 000,000,000 | ---D | M] -- C:\Users\Mitchell\AppData\Roaming\{65C209F0-0153-4404-950E-20CDBC159EC5}
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 74 bytes -> C:\Users\Mitchell\SkyDrive:ms-properties
@Alternate Data Stream - 248 bytes -> C:\ProgramData\Temp:439E3411
@Alternate Data Stream - 234 bytes -> C:\ProgramData\Temp:BDD83DC4
@Alternate Data Stream - 220 bytes -> C:\Users\Mitchell\OneDrive:ms-properties
@Alternate Data Stream - 217 bytes -> C:\ProgramData\Temp:80E965A3
@Alternate Data Stream - 216 bytes -> C:\ProgramData\Temp:03D08225
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:2CB9631F
< End of report >
AdwCleaner report
# AdwCleaner v5.015 - Logfile created 28/10/2015 at 11:37:48
# Updated 26/10/2015 by Xplode
# Database : 2015-10-26.2 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Mitchell - THOMAS
# Running from : C:\Users\Mitchell\Downloads\adwcleaner_5.015.exe
# Option : Cleaning
# Support :
http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\Users\Mitchell\AppData\Roaming\Mozilla\Firefox\Profiles\2purzlgc.default\Extensions\
[email protected]
***** [ Files ] *****
[-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
[-] File Deleted : C:\Users\Mitchell\AppData\Roaming\Mozilla\Firefox\Profiles\2purzlgc.default\user.js
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing
[-] Key Deleted : HKCU\Software\Classes\CLSID\{AD4409E5-23C2-412B-849D-8FC0635B4073}
[-] Key Deleted : HKCU\Software\Classes\CLSID\{AEE9D70C-6C9E-4B27-9F2C-8F14E95BEEF6}
[-] Key Deleted : HKCU\Software\Classes\CLSID\{DD20920E-515A-4342-85E3-FC9A9FDA55C2}
[-] Key Deleted : HKCU\Software\Classes\CLSID\{92FDEF05-B35E-4806-B87F-8B66AB649997}
[-] Key Deleted : HKCU\Software\Classes\CLSID\{9F0BF664-B611-4C53-AEEA-FDBFCE6E3CA3}
[-] Key Deleted : HKCU\Software\Classes\CLSID\{A8BD93E8-F6AE-4F02-828D-DE47FEC4D375}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{363F46BE-27B4-4C8D-99E7-B1E049B84376}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{90A9B7D2-3794-45EA-9E23-140E3938D2D9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A753A1EC-973E-4718-AF8E-A3F554D45C44}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02AFA80F-4BEE-41FD-8572-214B58A9EF90}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKU\.DEFAULT\Software\Avg Secure Update
[-] Key Deleted : HKCU\Software\Avg Secure Update
[!] Key Not Deleted : [x64] HKCU\Software\Avg Secure Update
***** [ Web browsers ] *****
[-] [C:\Users\Mitchell\AppData\Roaming\Mozilla\Firefox\Profiles\2purzlgc.default\prefs.js] [Preference] Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [4157 bytes] ##########
Malwarebytes Anti-Malware
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 327974
Time Elapsed: 26 min, 29 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 2
RiskWare.IFEOHijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CHROME.EXE, Quarantined, [a8ad5c001a71191da8237a317c87e21e],
RiskWare.IFEOHijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CHROME.EXE, Quarantined, [d1849fbde5a6092d814a5b5021e28779],
Registry Values: 2
RiskWare.IFEOHijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CHROME.EXE|Debugger, "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe", Quarantined, [a8ad5c001a71191da8237a317c87e21e]
RiskWare.IFEOHijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CHROME.EXE|Debugger, "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe", Quarantined, [d1849fbde5a6092d814a5b5021e28779]
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)