Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 92790 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Persistent Browser/Program Update Prompts [Closed]


  • This topic is locked This topic is locked
5 replies to this topic

#1 TheHoag57

TheHoag57

    New Member

  • New Member
  • Pip
  • 2 posts

Posted 05 November 2014 - 08:52 AM

Hi,

 

      I am continually being hit with Flash Player, Java and Webpage update prompts.  Also getting "Web browser is out of date" messages.  I'm getting confronted with web pages that I did not click on and when I try to " X out" I get another message: "Are you sure you want to leave this page?".  Sometimes these messages blink and I can't get them off. I'm also getting messages that I've been infected with Malware and my financial info etc. is at risk. I've run the free versions of CC Cleaner and Trend Micro, but they picked up nothing.  Please help.  Below are the reports. I hope I have them all. 

 

Thanks,

 

TheHoag57

 

aswMBR version 1.0.1.2201 Copyright© 2014 AVAST Software
Run date: 2014-11-05 09:16:41
-----------------------------
09:16:41.660    OS Version: Windows x64 6.2.9200
09:16:41.660    Number of processors: 4 586 0x3A09
09:16:41.660    ComputerName: OFFICEPC  UserName: Howard
09:16:42.942    Initialize success
09:16:43.051    VM: initialized successfully
09:16:43.051    VM: Intel CPU supported
09:16:47.998    VM: disk I/O iaStorA.sys
09:17:34.222    AVAST engine defs: 14110401
09:17:38.847    The log file has been saved successfully to "C:\Users\Howard\Desktop\aswMBR.txt"

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-11-2014
Ran by Howard (administrator) on OFFICEPC on 05-11-2014 09:30:40
Running from C:\Users\Howard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O4RJYEET
Loaded Profile: Howard (Available profiles: Howard)
Platform: Windows 8 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\Belkin\F1U201.401\usbshare.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
(Microsoft Corporation) C:\Windows\System32\AutoUpdate.exe
(PC-Doctor, Inc.) C:\Program Files\My Dell\uaclauncher.exe
(Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\5a8b70fd13275d04fae63afd597ce0f2\WindowsStoreSetupBox.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.17074_none_6233bc1f5106b696\TiWorker.exe
(Microsoft Corporation) C:\$Windows.~BT\Sources\SetupHost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-04] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [143888 2012-06-01] (CyberLink Corp.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\F1U201.401.lnk
ShortcutTarget: F1U201.401.lnk -> C:\Program Files (x86)\Belkin\F1U201.401\usbshare.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope {8AA322B7-8399-4C48-B714-F2E4026B97A6} URL = http://www.bing.com/...E10TR&pc=MDDCJS
SearchScopes: HKLM - {8AA322B7-8399-4C48-B714-F2E4026B97A6} URL = http://www.bing.com/...E10TR&pc=MDDCJS
SearchScopes: HKLM-x32 - DefaultScope {8AA322B7-8399-4C48-B714-F2E4026B97A6} URL = http://www.bing.com/...E10TR&pc=MDDCJS
SearchScopes: HKLM-x32 - {8AA322B7-8399-4C48-B714-F2E4026B97A6} URL = http://www.bing.com/...E10TR&pc=MDDCJS
SearchScopes: HKCU - DefaultScope {FF91649D-25C9-4811-A778-2C1F38E03B66} URL = https://search.yahoo...44,20028,0,25,0
SearchScopes: HKCU - {8AA322B7-8399-4C48-B714-F2E4026B97A6} URL =
SearchScopes: HKCU - {FF91649D-25C9-4811-A778-2C1F38E03B66} URL = https://search.yahoo...44,20028,0,25,0
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll No File

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2436280 2014-09-25] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [43520 2012-07-25] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [634368 2012-07-25] (Microsoft Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18432 2012-07-25] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [77824 2012-06-19] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2012-08-05] (OSR Open Systems Resources, Inc.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [X]
U3 aswMBR; \??\C:\Users\Howard\AppData\Local\Temp\aswMBR.sys [X]
U3 aswVmm; \??\C:\Users\Howard\AppData\Local\Temp\aswVmm.sys [X]

========================== Drivers MD5 =======================

C:\Windows\System32\drivers\1394ohci.sys E890C46E4754F0DF51BAFCC8D2E07498
C:\Windows\System32\drivers\3ware.sys 4F18D4C7EA14F11A7211F60D553C03DB
C:\Windows\System32\drivers\ACPI.sys 975AABEB243B800C23626D6B652C5A9C
C:\Windows\System32\Drivers\acpiex.sys DC968C37822117E576B933F34A2D130C
C:\Windows\System32\drivers\acpipagr.sys 0CA9F7C3A78227C21A0A7854E245CFB2
C:\Windows\System32\drivers\acpipmi.sys 8EB8DA03B142D3DD1EB9ED8107A76C43
C:\Windows\System32\drivers\acpitime.sys CBCE725C5D86ABA7D2604E22951AA9B8
C:\Windows\System32\drivers\adp94xx.sys 93C6388592B99925C1D1576E465BC80F
C:\Windows\System32\drivers\adpahci.sys D27763E0247292654E7F7D16444C7C72
C:\Windows\System32\drivers\adpu320.sys 67B90070FF48F794AF19F9FCF0080D75
C:\Windows\system32\drivers\afd.sys FE7FB9612D354EB41DF4F0FF5D6FB259
C:\Windows\System32\drivers\agp440.sys 01590377A5AB19E792528C628A2A68F9
C:\Windows\System32\drivers\amdk8.sys 5A81054B824004B1ECC04F0034A1CDF9
C:\Windows\System32\drivers\amdppm.sys B849D453E644FAB9BC8EF6DC8CA9C4C6
C:\Windows\System32\drivers\amdsata.sys 35A0EB5AECB0FA3C41A2FB514A562304
C:\Windows\System32\drivers\amdsbs.sys 00452671904F5EE94B50BF0219C97164
C:\Windows\System32\drivers\amdxata.sys EA3FFE53E92E59C87E3ECA9BEB20D9B7
C:\Windows\system32\drivers\appid.sys 83B3682CE922FB0F415734B26D9D6233
C:\Windows\System32\drivers\arc.sys E933401B392387F4BE34DE8BAF1722A7
C:\Windows\System32\drivers\arcsas.sys 07CA323EF2E8247A568AB0F3662AD644
C:\Windows\system32\DRIVERS\asyncmac.sys 74DBAEC35366C4EE7670428808715A6A
C:\Windows\System32\drivers\atapi.sys A721FF570C2387E383BDDEA9632863C9
C:\Windows\system32\DRIVERS\athw8x.sys CBBD8F724C6C0B3D05477BB5C982D4B8
C:\Windows\System32\drivers\bxvbda.sys 87AB5BB072A3F128541D5B815F82FFDD
C:\Windows\System32\drivers\BasicDisplay.sys 81703BC5D68DEDBB086C2368FBE7B334
C:\Windows\System32\drivers\BasicRender.sys 5EC68164E14D25675C98BBB5F09E8606
C:\Windows\System32\Drivers\Beep.sys 9E7AEA59776D904607985AFFE7E5E183
C:\Windows\System32\DRIVERS\bowser.sys B17AC10B47C7FCB44D22A1F06415840E
C:\Windows\System32\drivers\BthAvrcpTg.sys 6695200F455E251F0BCC9CE4D0978D59
C:\Windows\System32\drivers\bthhfenum.sys 616EB8748C988AEE98D93DA141C3D3B4
C:\Windows\System32\drivers\BthHFHid.sys DCB4EBD928A6FB368BE6CAE522412DE1
C:\Windows\System32\drivers\bthmodem.sys 033916CE8784A848B9A3D686B7F66D97
C:\Windows\System32\DRIVERS\cdfs.sys 990B1BABE6E81FB18E65A87EBEFB1772
C:\Windows\System32\drivers\cdrom.sys 339BFF85D788268752DA8C9644B188EE
C:\Windows\System32\drivers\circlass.sys F64B7D1A37CC1D5F421D5359EEC81E2E
C:\Windows\System32\drivers\CLFS.sys 9905168708DB68849B879B5548F68AB3
C:\Windows\system32\DRIVERS\CLVirtualDrive.sys 075CCE75090786F124573A788C8656E6
C:\Windows\System32\drivers\CmBatt.sys 2DC8538A2260647484A6C921CA837313
C:\Windows\System32\Drivers\cng.sys DBF9E5346431557BF56F41E7F8EC0DC1
C:\Windows\System32\drivers\CompositeBus.sys 0E5B1E9E7122EDAAF1F6CE047965CA92
C:\Windows\System32\drivers\condrv.sys D9CB0782AF819548072AA45B70F8B22D
C:\Windows\System32\drivers\dam.sys FAEF4C245BE832DB41B15DAAC336AFB7
C:\Windows\System32\drivers\DellRbtn.sys DC253191A553DACA7684CFB5B03A4268
C:\Windows\System32\Drivers\dfsc.sys 431141C6859990824D17F71C30A78728
C:\Windows\System32\drivers\discache.sys 3C736FAE17BA6F91BA37594AAB139CD0
C:\Windows\System32\drivers\disk.sys AE3786294CC246A5403783E1B86A0168
C:\Windows\System32\drivers\dmvsc.sys 82A7C72593793FE1EADA7A305BD1567A
C:\Windows\system32\DRIVERS\Dot4.sys 27069CFFF29B7F04F4B1BB10154BE52B
C:\Windows\System32\drivers\Dot4Prt.sys 0BD906A79F9CE3013F7D9D0AC45F9F9D
C:\Windows\system32\DRIVERS\dot4usb.sys B7D595F2F464F7B628AD53F06547792C
C:\Windows\system32\drivers\drmkaud.sys 9C7C183F937951AE17C5B8B3259CF3FF
C:\Windows\System32\drivers\dxgkrnl.sys 2BB5627EB587FA995086C3D8C21B6D3F
C:\Windows\System32\drivers\evbda.sys 5AB97B3282D7D6114949D1EB5C8598E4
C:\Windows\System32\drivers\EhStorClass.sys 66D60BD9A4C05616ABECA2A901475098
C:\Windows\System32\drivers\EhStorTcgDrv.sys A61D0F543024E458C0FE32352E1978E2
C:\Windows\System32\drivers\errdev.sys D790D058D67582DB9C84C2D33695FE6B
C:\Windows\System32\Drivers\exfat.sys 7A4D6FEB8C52B3FE855E4DCDF9107E03
C:\Windows\System32\Drivers\fastfat.sys 60996602A7111FD2D086E803F33E4282
C:\Windows\System32\drivers\fdc.sys 73B2D11DF0B6E03A0CB0323218ACB3E4
C:\Windows\System32\drivers\fileinfo.sys 88A9EBACD1058ABB237A6B4E96E7F397
C:\Windows\System32\drivers\filetrace.sys 9E4EE3A0B00FF7D5F42A4AF9744CBA02
C:\Windows\System32\drivers\flpydisk.sys B1D4C168FF7B8579E3745888658FFB1D
C:\Windows\System32\drivers\fltmgr.sys B33EC133AE4E6C1881D2302D93D2467D
C:\Windows\System32\drivers\FsDepends.sys A5F7873A39E4E9FAAAE59B7E9E36B705
C:\Windows\System32\Drivers\Fs_Rec.sys A6DD7D491F587F4BC13FB972977DC8E8
C:\Windows\System32\DRIVERS\fvevol.sys C1646A95EAC515F60CDB2A7A8A013C1E
C:\Windows\System32\drivers\fxppm.sys A969D92973DFA895E7776B4BFE36DBB2
C:\Windows\System32\drivers\gagp30kx.sys 52BC441E07A827EBAB70CDC7EAEDB28D
C:\Windows\System32\drivers\vmgencounter.sys 721F8EEF5E9747F32670DEFF7FB92541
C:\Windows\System32\Drivers\msgpioclx.sys FC2B8B06BDBD3B6457F5A3DA9AD2410E
C:\Windows\system32\drivers\HdAudio.sys 630555943E5A3FE21010CE91EC7FC84F
C:\Windows\System32\drivers\HDAudBus.sys 58CC013EFA9893057160EDA018D8ADCE
C:\Windows\System32\drivers\HidBatt.sys 3F76BBA53D65E85A7F53E7A71082082C
C:\Windows\System32\drivers\hidbth.sys 085F150D002B7F0153D3C06DDF33A143
C:\Windows\System32\drivers\hidi2c.sys CC4A07E51D89575CAB6F4EB590D87CD4
C:\Windows\System32\drivers\hidir.sys DC96F7DACB777CDEAEF9958A50BFDA06
C:\Windows\System32\drivers\hidusb.sys 012C354B4AB48E9A7A657DF39E3A2073
C:\Windows\System32\drivers\HpSAMD.sys 64DB7A8D97CA53DCCF93D0A1E08342CF
C:\Windows\System32\drivers\HTTP.sys F4A91D985EB9D1D2717D538F3424603C
C:\Windows\System32\drivers\hwpolicy.sys 2A98301068801700906C06649860FE94
C:\Windows\System32\drivers\hyperkbd.sys DC76901D82097C9E297F20C287CB9A27
C:\Windows\system32\DRIVERS\HyperVideo.sys 716413AB3CA12DE0A7222D28C1C9352C
C:\Windows\System32\drivers\i8042prt.sys C9E9CBF73AFFBFE3E801EFB516787BA3
C:\Windows\System32\drivers\iaStorA.sys 459016E8A4FA6426EDB5A9456A6E5E58
C:\Windows\System32\drivers\iaStorV.sys 5E394EBD26FD68AA9300332C46BEDD62
C:\Windows\system32\DRIVERS\igdkmd64.sys 87B67C33144BE5A68D20D9BE4D528E43
C:\Windows\System32\drivers\iirsp.sys 24847A06B84339FEEDE5CABF3D27D320
C:\Windows\system32\DRIVERS\IntcDAud.sys F5495B38BFB9149925F54F65AB40EFBF
C:\Windows\System32\drivers\intelide.sys 4F37726CF764CA18A8A84F85EF3A7F24
C:\Windows\System32\drivers\intelppm.sys E15CDF68DD73423F15D4AC404793AF0D
C:\Windows\System32\DRIVERS\ipfltdrv.sys 8FCA66234A0933D796BB780B7953BAB9
C:\Windows\System32\drivers\IPMIDrv.sys A4071DA3AE419F9694BFCB267C7DB8D7
C:\Windows\System32\drivers\ipnat.sys 3969B9C218DD3FAA9F4ED2FFC3651C02
C:\Windows\System32\drivers\irenum.sys 25CD7C4BB2863FFC2B0B311F0AEBF77C
C:\Windows\System32\drivers\isapnp.sys D940C5BB9DC92E588533C19ABCC3D2C2
C:\Windows\System32\drivers\msiscsi.sys E6530FD4F61B40F338BF4355A21B9A09
C:\Windows\System32\drivers\kbdclass.sys 8FBD94B69D6423E20ABCD59D86368B21
C:\Windows\System32\drivers\kbdhid.sys E88C932ABDF8185A62C8F2FC7B051FB6
C:\Windows\system32\DRIVERS\kdnic.sys FB6C185092E18011EF49989425C2AA87
C:\Windows\System32\Drivers\ksecdd.sys 8B3EB6372436195B8EA8AE09A184BCE2
C:\Windows\System32\Drivers\ksecpkg.sys 3DD9C86EA88E8B5A51904AD87E1F2E78
C:\Windows\system32\drivers\ksthunk.sys 81492FEEBF2F26455B00EE8DBAE8A1B0
C:\Windows\system32\DRIVERS\lltdio.sys CEEFD29FC551F289810B0B9381B321DC
C:\Windows\System32\drivers\lsi_sas.sys 022CDD12161B063D7852B1075BF3FFF2
C:\Windows\System32\drivers\lsi_sas2.sys 07AD59D669B996F29F91817F0ECFA34F
C:\Windows\System32\drivers\lsi_scsi.sys 216FB796AA4E252ACCE93B1BCB80B5EC
C:\Windows\System32\drivers\lsi_sss.sys 5E80530AF37102488EE980B4A92AF99F
C:\Windows\system32\drivers\luafv.sys 2BDC5D711FA61307CE6190D47C956368
C:\Windows\System32\drivers\megasas.sys 9B0D829C3BE4E7472DB9DD2B79908E3C
C:\Windows\System32\drivers\MegaSR.sys ECC3F54C7AFC318271C4F0B4606D8DB0
C:\Windows\System32\drivers\HECIx64.sys 2BB3EAE2EA641515D4B205CAB29E1624
C:\Windows\System32\drivers\modem.sys 780098AD5DA8A4822E2563984C85EF7B
C:\Windows\System32\drivers\monitor.sys EA8EAD3F5B762F889CC7F3966625B48B
C:\Windows\System32\drivers\mouclass.sys 618446B98C79776654340CE27C73485E
C:\Windows\System32\drivers\mouhid.sys C0ADEBED913295803B579ED288936CBB
C:\Windows\System32\drivers\mountmgr.sys E7E9DBFDD3F25ED0C05B99AE9FA18BDE
C:\Windows\System32\drivers\mpsdrv.sys 4CCBBD4944777CA100B9A6C2F149A46F
C:\Windows\system32\drivers\mrxdav.sys 3D70147F55F1EC84EB9139ED7FFE48BC
C:\Windows\System32\DRIVERS\mrxsmb.sys 14EE56050E1637926F5CFA65B1F4209B
C:\Windows\System32\DRIVERS\mrxsmb10.sys 06D5F2FA3C61E8EA91648EA8E9F99FD3
C:\Windows\System32\DRIVERS\mrxsmb20.sys 0AA400AB21745F1153ECE75E0186509A
C:\Windows\system32\DRIVERS\bridge.sys 98487487D6B3797CA927E9D7B030AE13
C:\Windows\System32\Drivers\Msfs.sys 3886F1F2A4D2900ABAA7E4486BEEE6A2
C:\Windows\System32\drivers\msgpiowin32.sys C32A7A39B960A42BA9D4FBE47213CA03
C:\Windows\System32\drivers\mshidkmdf.sys D3857A767B91A061B408CCAB02DA4F40
C:\Windows\System32\drivers\mshidumdf.sys 839B48910FB1E887635C48F3EC11A05E
C:\Windows\System32\drivers\msisadrv.sys 55C0DB741E3AB7463242B185B1C2997C
C:\Windows\system32\drivers\MSKSSRV.sys 509809566E49F4411055864EA8D437CD
C:\Windows\system32\DRIVERS\mslldp.sys 63145201D6458E4958E572E7D6FC2604
C:\Windows\system32\drivers\MSPCLOCK.sys 99D526E803DB6D7FF290FD98B6204641
C:\Windows\system32\drivers\MSPQM.sys 06FA77C3E2A491ADCD704C5E73006269
C:\Windows\System32\Drivers\MsRPC.sys E134EC4DE11CF78CB01432D180710D84
C:\Windows\System32\drivers\mssmbios.sys B5AECF12F09DEE97C9FCAA5BA016CE1E
C:\Windows\system32\drivers\MSTEE.sys 72D66A05E0F99F2528F6C6204FD22AA1
C:\Windows\System32\drivers\MTConfig.sys 8AAAE399FC255FA105D4158CBA289001
C:\Windows\System32\Drivers\mup.sys 3BCB702F3E6CC622DCAFCAA45D7CDE0A
C:\Windows\System32\drivers\mvumis.sys 3A1E095277BBD406CEA8EA6B76950664
C:\Windows\system32\DRIVERS\nwifi.sys 43D7388A90A4C6EA346A4D6FF0377479
C:\Windows\System32\drivers\ndis.sys A10E176F3B2BF83EDE7B5C4658C93B66
C:\Windows\system32\DRIVERS\ndiscap.sys 39C8A1D9D46F5E83A016BCAB72455284
C:\Windows\system32\DRIVERS\NdisImPlatform.sys 762941932B7E4C588E48A577BA9D6440
C:\Windows\system32\DRIVERS\ndistapi.sys 7A6F8A6D0E01432EBA294EF29CDD0FA7
C:\Windows\system32\DRIVERS\ndisuio.sys 79AB68BB3FFF974AD4F41FA559F4EC67
C:\Windows\system32\DRIVERS\ndiswan.sys 62C7DBF4F9301F76CF87D4B9D8F57BF8
C:\Windows\system32\DRIVERS\ndiswan.sys 62C7DBF4F9301F76CF87D4B9D8F57BF8
C:\Windows\System32\Drivers\NDProxy.sys 3730942D7DB2F8BB5F84542B7FF6F650
C:\Windows\System32\drivers\Ndu.sys D3F60A4345FCA9C1BE68AD7D0D6DE770
C:\Windows\System32\DRIVERS\netbios.sys 7C203A76394F9AE68F69EEE5F9612C4A
C:\Windows\System32\DRIVERS\netbt.sys 7CEC25C682D319D484630B3952C31A11
C:\Windows\System32\drivers\nfrd960.sys 12DD2800E4EEA37DC9AE256AD62423B4
C:\Windows\System32\Drivers\Npfs.sys 17E19A742FB30C002F8B43575451DBE1
C:\Windows\System32\drivers\npsvctrig.sys 8ED299C30792544264E558BEA79F0947
C:\Windows\System32\drivers\nsiproxy.sys 689B3B1E95C70ABF7AFF29F9406EF1E0
C:\Windows\System32\Drivers\Ntfs.sys 7BE3EDFFA3216F989A6BDCB14795DD08
C:\Windows\System32\Drivers\Null.sys 4163ADE07DB51843AE31F65B94F5398D
C:\Windows\System32\drivers\nvraid.sys D6D34118263412D3AAA8348A9572B7F2
C:\Windows\System32\drivers\nvstor.sys 27AFC428D1D32ABD04A86763A4EDDEA9
C:\Windows\System32\drivers\nv_agp.sys 051CFB5107BAAE510419BDC41F8C4036
C:\Windows\System32\drivers\parport.sys 4563DAF8C6A740AD7F501E219BD10766
C:\Windows\System32\drivers\partmgr.sys D6ACCF9F2EEEEA711C14EFD976E573F3
C:\Windows\System32\drivers\pci.sys 4A003E8F718C1E6A2050CA98CD53E3E2
C:\Windows\System32\drivers\pciide.sys F9908D274D458220F91E89B54D78D837
C:\Windows\System32\drivers\pcmcia.sys 84D19CB6102627932DCB5DFDF89FE269
C:\Windows\System32\drivers\pcw.sys CEBBAD5391C2644560C55628A40BFD27
C:\Windows\System32\drivers\pdc.sys 0698DEDEAD6A00AD0D468C687D830FBF
C:\Windows\System32\drivers\peauth.sys 61FE70659CD43E07F94DA4DC31DEC493
C:\Windows\system32\DRIVERS\raspptp.sys 362D47E5B4D67270DE4B8606036F4ADD
C:\Windows\System32\drivers\processr.sys DD979EB6A7212F60E4AFBE96EDC7AE6D
C:\Windows\system32\DRIVERS\pacer.sys EB8034147D4820CD31BFCB11A2A652DF
C:\Windows\system32\drivers\qwavedrv.sys 13D47BB0CCA2FC51BD15F8E85C6A078E
C:\Windows\System32\DRIVERS\rasacd.sys 873C60F8178100557740A832FCE10B5F
C:\Windows\system32\DRIVERS\AgileVpn.sys 69B93F623B130976243ECA3D84CC99CA
C:\Windows\system32\DRIVERS\rasl2tp.sys A14D625C5AEE5FFE0F47D1A1D419FAAE
C:\Windows\system32\DRIVERS\raspppoe.sys 00695B9C2DB6111064499C529E90C042
C:\Windows\system32\DRIVERS\rassstp.sys A7F24D8CD1956B0A1FDCB86CC5114DE4
C:\Windows\System32\DRIVERS\rdbss.sys CA03D642ACE58E1BA54E4B383F91CD69
C:\Windows\System32\drivers\rdpbus.sys CA7DF5EC95D8DE0DD24BE7FF97369F68
C:\Windows\System32\drivers\rdpdr.sys B2A3AD74FF2E2FFA73AF2567108231B3
C:\Windows\System32\drivers\rdpvideominiport.sys 57F4787E4602A3FCA719C0A33137C6DA
C:\Windows\System32\Drivers\RDPWD.sys B3CB0721E81E30419CE7D837EF4EA151
C:\Windows\System32\drivers\rdyboost.sys 62C1F8A0685FE07E998AA296C4F697C4
C:\Windows\system32\DRIVERS\rspndr.sys E04E770DD198B9399640717145E79EBF
C:\Windows\system32\DRIVERS\Rt630x64.sys 7D9DA8EC6784A9EE213C676709D46BE6
C:\Windows\System32\drivers\vms3cap.sys 752EC7DCD2F96871A3857EEE6AFE965A
C:\Windows\System32\drivers\sbp2port.sys 9C7B28CE0D136DB226E24DB3BC817F92
C:\Windows\System32\DRIVERS\scfilter.sys 5D7733A12756B267FCA021672B26BC9E
C:\Windows\System32\drivers\sdbus.sys F58B030A0664385C707B8C1C63682041
C:\Windows\System32\drivers\sdstor.sys BB107AA9980B0DA4E19A3A90C3BD4460
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\SerCx.sys 87C46B239A7EEF30FDFDD5E9BD46130C
C:\Windows\System32\drivers\serenum.sys 7A1F9347C85FD55E39B8A76B3A25C5AD
C:\Windows\System32\drivers\serial.sys F640A0A218BBF857F1D04A15D7D939F6
C:\Windows\System32\drivers\sermouse.sys F1A5F56B2620B862CC28FF96A0A6DAAB
C:\Windows\System32\drivers\sfloppy.sys 7EE65419B29302C795714FF8073969A1
C:\Windows\System32\drivers\SiSRaid2.sys 2560721D6F16D5B611C36A3A9D28C1B2
C:\Windows\System32\drivers\sisraid4.sys 3AA8FDE1DBF65BB8B88B053529554A0D
C:\Windows\System32\drivers\spaceport.sys 9110193D93960E38B8692E4519C75D72
C:\Windows\System32\drivers\SpbCx.sys 3D8679C8DF52EB26EB7583A4E0A29202
C:\Windows\System32\DRIVERS\srv.sys 0F1FCD575A03ABDE13FCA9D0ADE4DDA6
C:\Windows\System32\DRIVERS\srv2.sys B56A855B23676CCE05B626C6037FD02F
C:\Windows\System32\DRIVERS\srvnet.sys 78E9665C8DC59106D133CBEF0F0C3DE3
C:\Windows\System32\drivers\stexstor.sys 4E85355B94CFCB67C135F6521A4895A7
C:\Windows\System32\drivers\storahci.sys B240874B2CA0CD02E8CD11E140B14C57
C:\Windows\System32\DRIVERS\vmstorfl.sys F74DBC95A57B1EE866D3732EB5F79BE2
C:\Windows\System32\drivers\storvsc.sys 543CD3CC0E05B8D8815E0D4F040B6F59
C:\Windows\System32\drivers\swenum.sys 4AFD66AAE74FFB5986BC240744DC5FC9
C:\Windows\System32\drivers\tcpip.sys 0E0C16EE82E2F4EBC2FBCA24C8F00D9E
C:\Windows\system32\DRIVERS\tcpip.sys 0E0C16EE82E2F4EBC2FBCA24C8F00D9E
C:\Windows\System32\drivers\tcpipreg.sys 8F2A13A5DF99D72FDDE87F502A66F989
C:\Windows\system32\DRIVERS\tdx.sys 73DC722CE5DF26D7638CE2446F2655C7
C:\Windows\System32\drivers\terminpt.sys F7C8AB5D8AFFAA318D6A21093D139BF4
C:\Windows\system32\drivers\tpm.sys E94F7A7B48C7638D1F3F8089344C97B7
C:\Windows\System32\drivers\tsusbflt.sys 4E7C5FB10A50435523DE0CAA37DE2BD3
C:\Windows\System32\drivers\TsUsbGD.sys 16D684A820872EE54F6370703AC0B513
C:\Windows\system32\DRIVERS\tunnel.sys 78C9EE193AC2B4CBDBC48B620314D740
C:\Windows\System32\drivers\uagp35.sys 6D4F67CA56ACA2085DFA2CD89EAFBC1A
C:\Windows\System32\drivers\uaspstor.sys 6FD6D03B7752C78712E5CFF29A305026
C:\Windows\System32\drivers\ucx01000.sys 061BA3EE0D2BE17944990544008CF190
C:\Windows\System32\DRIVERS\udfs.sys 25C50F4EDF70D0A831E0566BD181CCF2
C:\Windows\System32\drivers\uliagpkx.sys 07FEBCDF24FABA0D47B635D85A0FFB7A
C:\Windows\System32\drivers\umbus.sys 02CEB3FE6152668A7BA420B93B664860
C:\Windows\System32\drivers\umpass.sys 991EE6B5FC41EAEF99C8AF5B92F2CA09
C:\Windows\System32\drivers\usbccgp.sys C976C4306F9AE133D6BBD47FDFC3BF92
C:\Windows\System32\drivers\usbcir.sys 427B6DB8C05A5A977E8C3525370A2595
C:\Windows\System32\drivers\usbehci.sys B24FDEB1B18496F1B463782235AA3AF1
C:\Windows\System32\drivers\usbhub.sys F8C2A832DF9403F5EA8080CBDBDA95FB
C:\Windows\System32\drivers\UsbHub3.sys FAAB461D5AEB21EE5FC5C0DBD6648223
C:\Windows\System32\drivers\usbohci.sys 325F6179009B5A7F6118951A5BA422AB
C:\Windows\System32\drivers\usbprint.sys 9FDBA6982582A6F2354144980F641E7B
C:\Windows\System32\drivers\usbscan.sys AD91D1BBE5D3CF4501887DC1C09384FD
C:\Windows\System32\drivers\USBSTOR.SYS BFC7FE4AAEB61317A921871B4085EF4B
C:\Windows\System32\drivers\usbuhci.sys 1ABF657259DB57F7E5558E4DF1357C0C
C:\Windows\System32\drivers\USBXHCI.SYS 8DC398D7B8E02C929A2096E74A170970
C:\Windows\System32\drivers\vdrvroot.sys BACECBFF9C97F7627A60B0E0F1FE7EE8
C:\Windows\System32\drivers\VerifierExt.sys 74FA2D4368DE6F6CE14393EDF1F342BE
C:\Windows\System32\drivers\vhdmp.sys 500BE6B2E49883720D0AE8BB859ED7A3
C:\Windows\System32\drivers\viaide.sys F5B4A14B00E89250C50982AC762DDD1D
C:\Windows\System32\drivers\vmbus.sys 78DB50F7329F6D1311658DABFFFC8BE0
C:\Windows\System32\drivers\VMBusHID.sys ECFEE2F2BA3932C7880D1A8F67D68F91
C:\Windows\System32\drivers\volmgr.sys CB60FAAED8B49B812EBBF77EB87D9B18
C:\Windows\System32\drivers\volmgrx.sys A74101DA9809251BCD0E5A26BAE0F824
C:\Windows\System32\drivers\volsnap.sys AA37946941ED3805AB3A924965907147
C:\Windows\System32\drivers\vpci.sys A8DA1C1B52ECEA3726DEBED4FF1B700D
C:\Windows\System32\drivers\vsmraid.sys 38A60CD9C009C55C6D3B5586F8E6A353
C:\Windows\System32\drivers\vstxraid.sys A0F6FE0FC2F647C22BBFD6BD4249DBCC
C:\Windows\System32\drivers\vwifibus.sys 62460A45435A26A334907E3F2EA45611
C:\Windows\system32\DRIVERS\vwififlt.sys 095E943D27025E4D588AF0A72CC2318F
C:\Windows\system32\DRIVERS\vwifimp.sys 73FA1A41A97A5C34ADC03B3577FF1A86
C:\Windows\System32\drivers\wacompen.sys 6B806E893714019969E2B50D7EF6A4D9
C:\Windows\system32\DRIVERS\wanarp.sys 61F6972FF9AC9A8D0B4D62076DC30051
C:\Windows\system32\DRIVERS\wanarp.sys 61F6972FF9AC9A8D0B4D62076DC30051
C:\Windows\System32\drivers\wd.sys B3A4D918DAB90505B6BC7B70632913CB
C:\Windows\System32\drivers\WdBoot.sys 3772FF85F0098686B0DCD77076AE0786
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\drivers\WdFilter.sys AB6F7DE8BFBF61A42F8764D9A621BD8B
C:\Windows\System32\DRIVERS\wfplwfs.sys 44BB9C31E6242C4BD1CE7C2B440C2533
C:\Windows\System32\drivers\wimmount.sys A3C7624A42A3447EF5EDD1ED37FE4E60
C:\Windows\System32\drivers\wmiacpi.sys E2A596CACFC6504306CDB7B593B90084
C:\Windows\System32\DRIVERS\wpcfltr.sys C6FF953D5D6F2EAE3B8883474D5076B3
C:\Windows\System32\drivers\WpdUpFltr.sys 0346CAFC181C91C6E2330332EB332ED6
C:\Windows\system32\drivers\ws2ifsl.sys BC8B5CB336E63BB25EAD1CE8EDD34B81
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\drivers\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\system32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\system32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-05 09:24 - 2014-11-05 09:30 - 00000000 ____D () C:\FRST
2014-11-05 09:11 - 2014-11-05 09:11 - 01181322 _____ () C:\windows\PFRO.log
2014-11-05 09:11 - 2014-11-05 09:11 - 00000400 _____ () C:\windows\DCEBOOT.RST
2014-11-05 09:11 - 2014-11-05 09:11 - 00000000 _____ () C:\windows\DCEBOOT.LOG
2014-11-05 09:06 - 2014-11-05 09:08 - 00025136 _____ (Trend Micro Inc.) C:\windows\DCEBoot64.exe
2014-11-05 09:06 - 2014-11-05 09:06 - 00236080 _____ (Trend Micro Inc.) C:\windows\RegBootClean64.exe
2014-11-05 09:01 - 2014-11-05 09:01 - 00003152 _____ () C:\windows\System32\Tasks\{D8AE753F-094C-4A11-AEF0-5E1987BE04A3}
2014-11-05 08:30 - 2014-11-05 09:11 - 00000000 ____D () C:\ProgramData\BoostSoftware
2014-11-05 08:30 - 2014-11-05 08:30 - 02909960 _____ (BoostSoftware Inc. ) C:\Users\Howard\Desktop\PCHealthBoost-Setup.exe
2014-11-05 08:28 - 2014-08-29 02:57 - 00067408 _____ (Trend Micro Inc.) C:\kbfilter.sys
2014-11-05 08:28 - 2014-08-29 02:57 - 00007799 _____ () C:\kbfilter.cat
2014-11-05 08:28 - 2014-08-29 02:57 - 00000098 _____ () C:\install.bat
2014-11-05 08:28 - 2014-08-29 02:57 - 00000081 _____ () C:\uninstall.bat
2014-11-05 08:15 - 2014-11-05 09:08 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-11-05 08:13 - 2014-11-05 09:10 - 00000000 ____D () C:\ProgramData\Trend Micro
2014-11-05 08:09 - 2014-11-05 08:09 - 00000036 _____ () C:\Users\Howard\AppData\Local\housecall.guid.cache
2014-10-31 08:16 - 2014-11-05 09:30 - 00342046 _____ () C:\windows\WindowsUpdate.log
2014-10-29 07:36 - 2014-10-30 08:13 - 00000000 ____D () C:\windows\system32\AutoUpdateLicense
2014-10-29 06:14 - 2014-10-21 22:34 - 00010777 _____ () C:\windows\system32\AutoconfigV2.cab
2014-10-29 06:14 - 2014-10-21 22:33 - 00581016 _____ (Microsoft Corporation) C:\windows\system32\AutoUpdate.exe
2014-10-29 06:14 - 2014-10-21 22:33 - 00462760 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2014-10-29 06:14 - 2014-10-21 20:08 - 00568832 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-10-29 06:14 - 2014-10-21 20:08 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-29 06:14 - 2014-10-21 20:01 - 00695808 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-10-29 06:14 - 2014-10-21 20:01 - 00198656 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.dll
2014-10-29 06:14 - 2014-10-21 20:01 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-29 06:14 - 2014-10-21 20:00 - 00125952 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2014-10-29 06:11 - 2014-10-29 06:11 - 00000000 ____D () C:\ProgramData\Browser
2014-10-27 12:26 - 2014-10-27 12:26 - 00327032 _____ () C:\windows\system32\FNTCACHE.DAT
2014-10-27 12:13 - 2014-10-27 12:24 - 00000000 ____D () C:\Program Files (x86)\Yahoo Browser Settings
2014-10-27 12:12 - 2014-10-27 12:24 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-10-27 12:12 - 2014-10-27 12:12 - 00000000 __SHD () C:\windows\SysWOW64\AI_RecycleBin
2014-10-27 12:12 - 2014-10-27 12:12 - 00000000 ____D () C:\ProgramData\W3i
2014-10-27 12:12 - 2014-10-27 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall Helper
2014-10-27 12:12 - 2014-10-27 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mPlayer
2014-10-27 12:12 - 2014-10-27 12:12 - 00000000 ____D () C:\Program Files (x86)\W3i
2014-10-27 12:12 - 2014-10-27 12:12 - 00000000 ____D () C:\Program Files (x86)\mPlayer
2014-10-27 08:56 - 2014-10-27 09:07 - 00022863 _____ () C:\windows\diagwrn.xml
2014-10-27 08:56 - 2014-10-27 09:07 - 00022863 _____ () C:\windows\diagerr.xml
2014-10-16 05:43 - 2014-09-20 00:16 - 19280896 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-10-16 05:43 - 2014-09-19 22:57 - 14368768 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-10-16 05:43 - 2014-09-13 00:29 - 00079360 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-10-16 05:43 - 2014-09-12 23:02 - 00068096 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-10-16 05:43 - 2014-07-11 23:41 - 00008704 _____ (Microsoft Corporation) C:\windows\system32\KBDRUM.DLL
2014-10-16 05:43 - 2014-07-11 23:41 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDYAK.DLL
2014-10-16 05:43 - 2014-07-11 23:41 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTAT.DLL
2014-10-16 05:43 - 2014-07-11 23:41 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDRU1.DLL
2014-10-16 05:43 - 2014-07-11 23:41 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDRU.DLL
2014-10-16 05:43 - 2014-07-11 23:41 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL
2014-10-16 05:43 - 2014-07-11 23:16 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRUM.DLL
2014-10-16 05:43 - 2014-07-11 23:16 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDYAK.DLL
2014-10-16 05:43 - 2014-07-11 23:16 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTAT.DLL
2014-10-16 05:43 - 2014-07-11 23:16 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU1.DLL
2014-10-16 05:43 - 2014-07-11 23:16 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU.DLL
2014-10-16 05:43 - 2014-07-11 23:15 - 00006144 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBASH.DLL
2014-10-16 05:43 - 2014-07-11 19:02 - 00478352 _____ () C:\windows\SysWOW64\locale.nls
2014-10-16 05:43 - 2014-07-11 19:00 - 00478352 _____ () C:\windows\system32\locale.nls
2014-10-16 05:43 - 2014-07-08 17:33 - 00181248 _____ (Microsoft Corp.) C:\windows\system32\Defrag.exe
2014-10-16 05:43 - 2014-07-08 17:32 - 01539584 _____ (Microsoft Corporation) C:\windows\system32\storagewmi.dll
2014-10-16 05:43 - 2014-07-08 17:32 - 00340480 _____ (Microsoft Corporation) C:\windows\system32\defragsvc.dll
2014-10-16 05:43 - 2014-07-08 17:30 - 01220608 _____ (Microsoft Corporation) C:\windows\SysWOW64\storagewmi.dll
2014-10-16 05:43 - 2014-07-07 00:53 - 01125376 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2014-10-16 05:43 - 2014-07-07 00:52 - 03248128 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-10-16 05:43 - 2014-07-07 00:52 - 00724992 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-10-16 05:43 - 2014-07-07 00:52 - 00300544 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2014-10-16 05:43 - 2014-07-07 00:52 - 00263680 _____ (Microsoft Corporation) C:\windows\system32\wcmsvc.dll
2014-10-16 05:43 - 2014-07-07 00:52 - 00074752 _____ (Microsoft Corporation) C:\windows\system32\wcmcsp.dll
2014-10-16 05:43 - 2014-07-07 00:51 - 05982208 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-10-16 05:43 - 2014-07-06 23:01 - 01049600 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2014-10-16 05:43 - 2014-07-06 23:01 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2014-10-16 05:43 - 2014-07-06 23:00 - 05095424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-10-16 05:43 - 2014-07-06 22:59 - 00269312 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
2014-10-16 05:43 - 2014-07-04 05:52 - 00328000 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volsnap.sys
2014-10-16 05:43 - 2014-07-02 20:59 - 01824784 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2014-10-16 05:43 - 2014-07-02 19:30 - 01408952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2014-10-16 05:43 - 2014-06-28 02:01 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmapi.dll
2014-10-16 05:43 - 2014-06-28 01:57 - 00209920 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2014-10-16 05:43 - 2014-06-28 01:56 - 00117248 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll
2014-10-16 05:43 - 2014-06-25 02:09 - 00733184 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2014-10-16 05:43 - 2014-06-25 02:07 - 01023488 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2014-10-16 05:43 - 2014-06-17 18:27 - 02032640 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-10-16 05:43 - 2014-06-17 18:23 - 02238464 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-10-16 05:43 - 2014-06-11 09:47 - 02842112 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2014-10-16 05:43 - 2014-06-10 23:40 - 02620928 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2014-10-16 05:43 - 2014-06-10 17:44 - 01403896 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2014-10-16 05:43 - 2014-05-29 18:31 - 00323072 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-10-16 05:43 - 2014-05-29 18:03 - 00419328 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-10-16 05:43 - 2014-02-04 05:57 - 01271664 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2014-10-16 05:42 - 2014-10-09 23:47 - 00693248 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-10-16 05:42 - 2014-10-09 23:47 - 00275968 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-10-16 05:42 - 2014-10-07 23:26 - 00556544 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-10-16 05:42 - 2014-09-20 00:18 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-10-16 05:42 - 2014-09-20 00:17 - 02236928 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-10-16 05:42 - 2014-09-20 00:17 - 01407488 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-10-16 05:42 - 2014-09-20 00:17 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-10-16 05:42 - 2014-09-20 00:17 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-10-16 05:42 - 2014-09-20 00:16 - 15399424 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-10-16 05:42 - 2014-09-20 00:16 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-10-16 05:42 - 2014-09-20 00:16 - 02655232 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-10-16 05:42 - 2014-09-20 00:16 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-10-16 05:42 - 2014-09-20 00:16 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-10-16 05:42 - 2014-09-20 00:16 - 00255488 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-10-16 05:42 - 2014-09-20 00:16 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-10-16 05:42 - 2014-09-20 00:16 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-10-16 05:42 - 2014-09-20 00:16 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-10-16 05:42 - 2014-09-20 00:16 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-10-16 05:42 - 2014-09-20 00:16 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-10-16 05:42 - 2014-09-20 00:16 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-10-16 05:42 - 2014-09-20 00:15 - 01508864 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-10-16 05:42 - 2014-09-20 00:15 - 00451584 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-10-16 05:42 - 2014-09-20 00:15 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-10-16 05:42 - 2014-09-19 22:57 - 13757952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-10-16 05:42 - 2014-09-19 22:57 - 02861568 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-10-16 05:42 - 2014-09-19 22:57 - 02055168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-10-16 05:42 - 2014-09-19 22:57 - 01762816 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-10-16 05:42 - 2014-09-19 22:57 - 01180672 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-10-16 05:42 - 2014-09-19 22:57 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-10-16 05:42 - 2014-09-19 22:57 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-10-16 05:42 - 2014-09-19 22:57 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-10-16 05:42 - 2014-09-19 22:57 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-10-16 05:42 - 2014-09-19 22:57 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-10-16 05:42 - 2014-09-19 22:57 - 00080384 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-10-16 05:42 - 2014-09-19 22:57 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-10-16 05:42 - 2014-09-19 22:57 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-10-16 05:42 - 2014-09-19 22:57 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-10-16 05:42 - 2014-09-19 22:57 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-10-16 05:42 - 2014-09-19 22:56 - 01440768 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-10-16 05:42 - 2014-09-19 22:56 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-10-16 05:42 - 2014-09-19 22:56 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-10-16 05:42 - 2014-09-19 22:38 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-10-16 05:42 - 2014-09-19 22:33 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-10-16 05:42 - 2014-09-19 20:06 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-10-16 05:42 - 2014-09-02 21:48 - 00510464 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2014-10-16 05:42 - 2014-09-02 21:21 - 00585728 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2014-10-16 05:42 - 2014-08-01 17:08 - 00388729 _____ () C:\windows\system32\ApnDatabase.xml
2014-10-16 05:42 - 2014-07-24 08:50 - 00447296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBHUB3.SYS
2014-10-16 05:42 - 2014-07-16 18:28 - 00027648 _____ (Microsoft Corporation) C:\windows\SysWOW64\sscore.dll
2014-10-16 05:42 - 2014-07-16 17:59 - 00305664 _____ (Microsoft Corporation) C:\windows\system32\srvsvc.dll
2014-10-16 05:42 - 2014-07-16 17:59 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\sscore.dll
2014-10-16 05:42 - 2014-07-12 01:45 - 01549824 _____ (Microsoft Corporation) C:\windows\system32\msdtctm.dll
2014-10-16 05:42 - 2014-07-11 23:36 - 00674304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2014-10-16 05:42 - 2014-07-11 23:36 - 00211456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2014-10-16 05:42 - 2014-07-11 23:34 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2014-10-16 05:42 - 2014-07-11 23:34 - 00250368 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2014-10-16 05:42 - 2014-06-28 01:57 - 01341952 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2014-10-16 05:42 - 2014-06-27 21:23 - 01126400 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2014-10-16 05:41 - 2014-09-27 23:18 - 04068352 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-10-16 05:41 - 2014-09-17 18:24 - 02416128 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-10-16 05:41 - 2014-09-17 17:56 - 02885120 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-10-16 05:41 - 2014-08-30 00:48 - 10115072 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2014-10-16 05:41 - 2014-08-30 00:46 - 02306560 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2014-10-16 05:41 - 2014-08-29 23:05 - 08858112 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2014-10-16 05:41 - 2014-08-29 23:03 - 02037760 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2014-10-16 05:41 - 2014-06-12 18:34 - 00754176 _____ (Microsoft Corporation) C:\windows\SysWOW64\actxprxy.dll
2014-10-16 05:41 - 2014-06-12 18:29 - 02146304 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-05 09:30 - 2014-09-24 10:57 - 00000000 ___HD () C:\$Windows.~BT
2014-11-05 09:16 - 2012-07-26 02:28 - 00850046 _____ () C:\windows\system32\PerfStringBackup.INI
2014-11-05 09:13 - 2014-08-09 10:24 - 00004978 _____ () C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for OFFICEPC-Howard OfficePC
2014-11-05 09:12 - 2012-07-26 02:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-11-05 09:11 - 2012-07-26 00:26 - 00524288 ___SH () C:\windows\system32\config\BBI
2014-11-05 09:08 - 2012-07-26 03:12 - 00000000 ___HD () C:\windows\ELAMBKUP
2014-11-05 09:08 - 2012-07-26 03:12 - 00000000 ____D () C:\windows\SysWOW64\GroupPolicy
2014-11-05 09:00 - 2012-07-26 03:12 - 00000000 ____D () C:\windows\system32\sru
2014-11-05 08:45 - 2012-07-26 00:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-11-05 08:37 - 2013-08-20 06:07 - 00000000 ____D () C:\Users\Howard\Desktop\Howie
2014-11-05 08:15 - 2012-07-26 03:12 - 00000000 ___HD () C:\windows\system32\GroupPolicy
2014-10-31 07:44 - 2013-07-30 17:59 - 00000000 ___DC () C:\Users\Howard\AppData\Local\MigWiz
2014-10-31 07:44 - 2013-02-14 07:50 - 00000000 ____D () C:\windows\Panther
2014-10-30 06:25 - 2014-08-20 06:23 - 00275080 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-10-29 07:37 - 2012-07-26 02:59 - 00000000 ____D () C:\windows\CbsTemp
2014-10-29 07:36 - 2012-07-26 03:12 - 00000000 ____D () C:\windows\WinStore
2014-10-27 12:25 - 2013-02-14 08:30 - 00000000 ____D () C:\windows\SysWOW64\RTCOM
2014-10-27 12:20 - 2013-04-06 14:30 - 00000000 ____D () C:\Users\Howard\AppData\Local\VirtualStore
2014-10-27 10:17 - 2013-04-06 14:29 - 00000000 ____D () C:\Users\Howard\AppData\Local\Packages
2014-10-27 09:02 - 2012-07-26 03:12 - 00000000 ____D () C:\windows\Registration
2014-10-27 08:50 - 2012-07-26 03:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-10-24 22:58 - 2013-09-13 08:02 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-10-17 07:08 - 2012-07-26 03:12 - 00000000 ____D () C:\windows\rescache
2014-10-17 06:24 - 2014-07-10 23:01 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-10-17 06:24 - 2012-07-26 03:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-17 06:23 - 2013-08-20 04:43 - 00000000 ____D () C:\windows\system32\MRT
2014-10-17 06:23 - 2012-07-26 03:12 - 00000000 ___RD () C:\windows\ToastData
2014-10-17 06:22 - 2013-04-08 07:18 - 103265616 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

==================== BCD ================================

Firmware Boot Manager
---------------------
identifier              {fwbootmgr}
displayorder            {bootmgr}
timeout                 1

Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=\Device\HarddiskVolume1
path                    \EFI\Microsoft\Boot\bootmgfw.efi
description             Windows Boot Manager
locale                  en-us
inherit                 {globalsettings}
integrityservices       Enable
default                 {current}
resumeobject            {f75038ca-76b5-11e2-9267-a41f7265269d}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30

Windows Boot Loader
-------------------
identifier              {121bfc2b-76a5-11e2-87c3-a41f7265269d}
device                  ramdisk=[\Device\HarddiskVolume4]\Recovery\windowsre\winre.wim,{121bfc2c-76a5-11e2-87c3-a41f7265269d}
path                    \windows\system32\winload.efi
description             Recovery Environment
osdevice                ramdisk=[\Device\HarddiskVolume4]\Recovery\windowsre\winre.wim,{121bfc2c-76a5-11e2-87c3-a41f7265269d}
systemroot              \windows
nx                      OptIn
detecthal               Yes
winpe                   Yes

Windows Boot Loader
-------------------
identifier              {745dd2f3-76af-11e2-be68-a41f7265269d}
device                  ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{745dd2f4-76af-11e2-be68-a41f7265269d}
path                    \windows\system32\winload.efi
description             Windows Recovery Environment
locale                  en-us
inherit                 {bootloadersettings}
displaymessage          Recovery
osdevice                ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{745dd2f4-76af-11e2-be68-a41f7265269d}
systemroot              \windows
nx                      OptIn
bootmenupolicy          Standard
winpe                   Yes

Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \windows\system32\winload.efi
description             Windows 8
locale                  en-us
inherit                 {bootloadersettings}
integrityservices       Enable
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
osdevice                partition=C:
systemroot              \windows
resumeobject            {f75038ca-76b5-11e2-9267-a41f7265269d}
nx                      OptIn
bootmenupolicy          Standard
detecthal               Yes

Windows Boot Loader
-------------------
identifier              {f75038cc-76b5-11e2-9267-a41f7265269d}
device                  ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{f75038cd-76b5-11e2-9267-a41f7265269d}
path                    \windows\system32\winload.efi
description             Windows Recovery Environment
inherit                 {bootloadersettings}
displaymessage          Recovery
osdevice                ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{f75038cd-76b5-11e2-9267-a41f7265269d}
systemroot              \windows
nx                      OptIn
bootmenupolicy          Standard
winpe                   Yes

Resume from Hibernate
---------------------
identifier              {f75038ca-76b5-11e2-9267-a41f7265269d}
device                  partition=C:
path                    \windows\system32\winresume.efi
description             Windows Resume Application
locale                  en-us
inherit                 {resumeloadersettings}
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
filedevice              partition=C:
filepath                \hiberfil.sys
bootmenupolicy          Standard
debugoptionenabled      No

Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=\Device\HarddiskVolume1
path                    \EFI\Microsoft\Boot\memtest.efi
description             Windows Memory Diagnostic
locale                  en-us
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS Settings
------------
identifier              {emssettings}
bootems                 No

Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM Defects
-----------
identifier              {badmemory}

Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}

Device options
--------------
identifier              {121bfc2c-76a5-11e2-87c3-a41f7265269d}
description             Ramdisk options
ramdisksdidevice        partition=\Device\HarddiskVolume4
ramdisksdipath          \Recovery\windowsre\boot.sdi

Device options
--------------
identifier              {745dd2f4-76af-11e2-be68-a41f7265269d}
description             Windows Recovery
ramdisksdidevice        partition=\Device\HarddiskVolume4
ramdisksdipath          \Recovery\WindowsRE\boot.sdi

Device options
--------------
identifier              {f75038cd-76b5-11e2-9267-a41f7265269d}
description             Windows Recovery
ramdisksdidevice        partition=\Device\HarddiskVolume4
ramdisksdipath          \Recovery\WindowsRE\boot.sdi

 

LastRegBack: 2014-11-04 06:43

==================== End Of Log ============================

 

Users shortcut scan result (x64) Version: 04-11-2014
Ran by Howard at 2014-11-05 09:31:05
Running from C:\Users\Howard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O4RJYEET
Boot Mode: Normal
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)

 

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon.lnk -> c:\Windows\Installer\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}\amazonicon.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Store.lnk -> C:\Windows\WinStore\WinStore.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall Helper\Uninstall Helper.lnk -> C:\Program Files (x86)\W3i\UninstallHelper\UninstallHelper.exe (InstallX, LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\F1U201.401.lnk -> C:\Program Files (x86)\Belkin\F1U201.401\usbshare.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mPlayer\mPlayer.lnk -> C:\Program Files (x86)\mPlayer\gmplayer.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mPlayer\Uninstall mPlayer.lnk -> C:\Program Files (x86)\mPlayer\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\excel.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenote.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\powerpnt.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Send to OneNote 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\winword.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Office 2013 Language Preferences.lnk -> C:\Program Files\Microsoft Office 15\root\office15\SETLANG.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Office 2013 Upload Center.lnk -> C:\Program Files\Microsoft Office 15\root\office15\msouc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel Control Center.lnk -> C:\Program Files (x86)\Intel\Intel Control Center\IntelControlCenter.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel® Rapid Storage Technology.lnk -> C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUI.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel® Management Engine Components\Intel® Management and Security Status.lnk -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HotSpot\HotSpot.lnk -> C:\Program Files (x86)\Dell Wireless\HotSpot.exe (Atheros Communication)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Backup and Recovery\Dell Backup and Recovery.lnk -> C:\Program Files (x86)\Dell Backup and Recovery\Dbr.exe (SoftThinks - Dell)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell\Dell Digital Delivery.lnk -> C:\Program Files (x86)\Dell Digital Delivery\DeliveryTray.exe (Dell Products, LP)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite\CyberLink Media Suite Essentials.lnk -> C:\Program Files (x86)\CyberLink\Media Suite\PS.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite\CyberLink PowerDVD 10\CyberLink PowerDVD 10.lnk -> C:\Program Files (x86)\CyberLink\PowerDVD10\PDVDLaunchPolicy.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite\CyberLink PowerDirector 10\PowerDirector 10.lnk -> C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite\CyberLink Power2Go 8\CyberLink Power2Go 8.lnk -> C:\Program Files (x86)\CyberLink\Power2Go8\Power2Go8.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite\CyberLink Power2Go 8\Desktop Burning Gadget.lnk -> C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite\CyberLink Power2Go 8\ISO Viewer.lnk -> C:\Program Files (x86)\CyberLink\Power2Go8\IsoViewer8.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite\CyberLink Power2Go 8\Virtual Drive.lnk -> C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite\CyberLink LabelPrint 2.5\CyberLink LabelPrint 2.5.lnk -> C:\Program Files (x86)\CyberLink\LabelPrint\LabelPrint.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atheros Smart Net\asav.lnk -> C:\Program Files (x86)\Dell Wireless\asav.exe (QUALCOMM Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\Windowspowershell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Intel\ExtremeGraphics\CUI\Resource\Intel® HD Graphics.lnk -> C:\Windows\System32\GfxUI.exe (Intel Corporation)
Shortcut: C:\Users\Default\Links\SkyDrive.lnk -> C:\Program Files (x86)\Microsoft SkyDrive\SkyDriveSetup.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk -> C:\Program Files (x86)\Microsoft SkyDrive\SkyDriveSetup.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Users\Howard\AppData\Roaming\Microsoft\Windows\Libraries ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Howard\Links\Desktop.lnk -> C:\Users\Howard\Desktop ()
Shortcut: C:\Users\Howard\Links\Downloads.lnk -> C:\Users\Howard\Downloads ()
Shortcut: C:\Users\Howard\Links\SkyDrive.lnk -> C:\Users\Howard\SkyDrive ()
Shortcut: C:\Users\Howard\Desktop\Howie\Hogan Refinance\lock_&_submit - Shortcut.lnk -> C:\Users\Howard\Downloads\lock_&_submit.pdf ()
Shortcut: C:\Users\Howard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Howard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk -> C:\Users\Howard\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\Howard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Howard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Users\Howard\AppData\Roaming\Microsoft\Windows\Libraries ()
Shortcut: C:\Users\Howard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\Howard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Howard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Howard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Howard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Howard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Howard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Amazon.lnk -> c:\Windows\Installer\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}\amazonicon.ico ()
Shortcut: C:\Users\Howard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Users\Howard\AppData\Roaming\Microsoft\Windows\Libraries ()
Shortcut: C:\Users\Howard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Howard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Movie Maker.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe (Microsoft Corporation)
Shortcut: C:\Users\Howard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Photo Gallery.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe (Microsoft Corporation)
Shortcut: C:\Users\Howard\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Howard\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Howard\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Howard\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Howard\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Howard\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Howard\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\F1U201.401.lnk -> C:\Program Files (x86)\Belkin\F1U201.401\usbshare.exe ()

ShortcutWithArgument: C:\Users\Howard\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\8215062560.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0xcc9f9e06 -pinnedTimeHigh 0x01ce3527 -securityFlags 0x00000000 -url 0x00000016 hxxp://www.google.com/

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall Helper\Uninstall Uninstall Helper.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {82BF2C5E-79A7-4A13-B508-D5E64A5B141E}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell\My Dell\My Dell.lnk -> C:\Program Files\My Dell\pcdlauncher.exe (PC-Doctor, Inc.) -> -lloc dsc
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell\My Dell\PC Checkup.lnk -> C:\Program Files\My Dell\pcdlauncher.exe (PC-Doctor, Inc.) -> -startingpage pccheckup -lloc pccheckup
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Howard\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Howard\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Howard\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Howard\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Howard\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Howard\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Howard\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Howard\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\Howard\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Howard\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Howard\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-7063377240.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0xb9580a9a -pinnedTimeHigh 0x01ce3c23 -securityFlags 0x00000000 -url 0x0000014e https://my.screennam...State=ver:4|rt:

InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall Helper\Privacy Policy.url -> hxxp://policy.installiqlearnmore.com/privacypolicy.html
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall Helper\Terms of Service.url -> hxxp://policy.installiqlearnmore.com/terms-of-service.html
InternetURL: C:\Users\Howard\Favorites\Google.url -> hxxp://www.google.com/
InternetURL: C:\Users\Howard\Favorites\YouTube.url -> hxxp://www.youtube.com/
InternetURL: C:\Users\Howard\Favorites\Tech Sites\Antivirus and Internet Security Protection from Trend Micro.url -> hxxp://shop.trendmicro.com/Official-Site/?cm_mmc=Paid+Search:%20US%20-_-CONS:Brand-_-Google-_-KWtrend%20micro&utm_source=google&utm_medium=cpc&utm_term=trend%20micro&utm_content=paidsearch&utm_campaign=g%20-%20us%20-%20nam%20-%20trend%20micro%20cons%20-%20ps%20-%20trend%20b&keywordid=26-28228&k_userid=5e18fd30-8ab1-a828-b33c-0000122ce0ac&gclid=CMv566rD48ECFcrm7AodBhUAog
InternetURL: C:\Users\Howard\Favorites\Tech Sites\What the Tech  Free Tech Support.url -> hxxp://www.whatthetech.com/
InternetURL: C:\Users\Howard\Favorites\Sports\espn The Worldwide Leader In Sports.url -> hxxp://espn.go.com/
InternetURL: C:\Users\Howard\Favorites\Sports\Mega Millions.url -> hxxp://www.state.nj.us/lottery/games/1-2_mega_millions.shtml
InternetURL: C:\Users\Howard\Favorites\Sports\NHL.com - The National Hockey League.url -> hxxp://www.nhl.com/
InternetURL: C:\Users\Howard\Favorites\Sports\Pool Games - Play Free Pool Games at Miniclip.url -> hxxp://www.miniclip.com/games/genre-513/pool/en/
InternetURL: C:\Users\Howard\Favorites\Sports\The Official Site of The New York Yankees  yankees.com Homepage.url -> hxxp://newyork.yankees.mlb.com/index.jsp?c_id=nyy
InternetURL: C:\Users\Howard\Favorites\Sports\The Official Web Site - New York Rangers.url -> hxxp://rangers.nhl.com/
InternetURL: C:\Users\Howard\Favorites\Sports\WFAN « CBS New York.url -> hxxp://newyork.cbslocal.com/station/wfan/
InternetURL: C:\Users\Howard\Favorites\Sports\NY Giants\Big Blue View, a New York Giants community.url -> hxxp://www.bigblueview.com/
InternetURL: C:\Users\Howard\Favorites\Sports\NY Giants\Giants.com  Giants Gameday - Pregame.url -> hxxp://www.giants.com/
InternetURL: C:\Users\Howard\Favorites\Sports\Fishing\Gambler Fishing, Point Pleasant Beach, NJ.url -> hxxp://www.gamblerfishing.net/reports.html
InternetURL: C:\Users\Howard\Favorites\Sports\Fishing\Miss Belmar.url -> hxxp://www.missbelmar.com/refresh/templates/fishing_reports.php?id=43
InternetURL: C:\Users\Howard\Favorites\Sports\Fishing\NJDEP Division of Fish & Wildlife - 2014 NJ Marine DIGEST.url -> hxxp://www.nj.gov/dep/fgw/digmar.htm
InternetURL: C:\Users\Howard\Favorites\Sports\Fishing\Norma K Fishing - Point Pleasant Beach NJ.url -> hxxp://www.normakfishing.com/news_reports.php
InternetURL: C:\Users\Howard\Favorites\Sports\Fishing\Ocean Explorer Fishing Report.url -> hxxp://www.oceanexplorerbelmar.com/october-2014.html
InternetURL: C:\Users\Howard\Favorites\Sports\Fishing\scottsbt.com Scotts Daily Fishing Report.url -> hxxp://www.scottsbt.com/fishing/report.htm
InternetURL: C:\Users\Howard\Favorites\Sports\Fishing\Fishing Knots\Uni Knot - How to tie a Uni Knot.url -> hxxp://www.netknots.com/fishing_knots/uni-knot/
InternetURL: C:\Users\Howard\Favorites\Shopping\amazon.com.url -> hxxp://www.amazon.com/?tag=amazusnavi-20&hvadid=13191552728&hvpos=1t1&hvexid=&hvnetw=g&hvrand=1262501227323724554&hvpone=&hvptwo=&hvqmt=e&hvdev=c&ref=pd_sl_7j18redljs_e
InternetURL: C:\Users\Howard\Favorites\Shopping\Barnes & Noble - Books, Textbooks, eBooks, Toys, Games & More.url -> hxxp://www.barnesandnoble.com/
InternetURL: C:\Users\Howard\Favorites\Shopping\Electronics, Cars, Fashion, Collectibles, Coupons and More  eBay.url -> hxxp://www.ebay.com/
InternetURL: C:\Users\Howard\Favorites\Shopping\GE MWF Comp. Replacement Refrigerator Filter WF287 Only $19.url -> hxxp://www.filtersfast.com/Aqua-Fresh-WF287-Filter.asp?gclid=CPijtbjry7gCFVCf4AodwUAAqw
InternetURL: C:\Users\Howard\Favorites\Shopping\Home Accents II.url -> hxxp://homeaccents2.com/
InternetURL: C:\Users\Howard\Favorites\Shopping\Men's Deer Stags Fudd Slipper Tan Shoes.com.url -> hxxp://www.shoes.com/en-US/Product/06583-5159978/Deer+Stags/Tan/Mens+Fudd+Slipper.aspx?campaign=Deer+Stags&CMP=KNC-adwordspla&cpc=adwordspla&KPID=5159978-06583-9.0M&partnerid=adwordspla
InternetURL: C:\Users\Howard\Favorites\Shopping\Nautica Swimwear, Core Every Day Value Swim Trunks - Nautica Swim - Men - Macy's.url -> hxxp://www1.macys.com/shop/product/nautica-swimwear-core-every-day-value-swim-trunks?ID=773316&CategoryID=60120
InternetURL: C:\Users\Howard\Favorites\Shopping\Shorts\Eagle USA - Search Results.url -> hxxp://www.eaglesportswear.com/SearchResult.asp?CatID=1014
InternetURL: C:\Users\Howard\Favorites\Shopping\Shorts\Men's jersey shorts with pockets..url -> hxxp://www.justgear.com/products/mens/mens-french-terry-cotton-shorts.html
InternetURL: C:\Users\Howard\Favorites\Mortgage Info\Mortgage Rates  Compare Current Mortgage Interest Rates  Mortage Rate News.url -> https://www.lendingt.../mortgage-rates
InternetURL: C:\Users\Howard\Favorites\Mortgage Info\Mortgage Rates in Neptune-Lakewood, New Jersey by Bankrate.url -> hxxp://www.bankrate.com/funnel/mortgages/mortgage-results.aspx?prods=8&loan=165000&perc=20&market=204
InternetURL: C:\Users\Howard\Favorites\Medical\AmeriFlex.url -> https://sso.flex125....hn/UserPassword
InternetURL: C:\Users\Howard\Favorites\Medical\Cigna, a Global Health Insurance and Health Service Company.url -> hxxp://www.cigna.com/
InternetURL: C:\Users\Howard\Favorites\Maps - Weather\07720 Weather Forecast and Conditions - weather.com.url -> hxxp://www.weather.com/weather/today/Bradley+Beach+NJ+07720:4:US
InternetURL: C:\Users\Howard\Favorites\Maps - Weather\Weather in Bradley Beach - AccuWeather Forecast for NJ 07720.url -> hxxp://www.accuweather.com/en/us/bradley-beach-nj/07720/daily-weather-forecast/2208841?day=1
InternetURL: C:\Users\Howard\Favorites\Links\AOL Mail Simple, Free, Fun.url -> https://my.screennam...aol.com&lang=en
InternetURL: C:\Users\Howard\Favorites\Links\Google.url -> hxxp://www.google.com/
InternetURL: C:\Users\Howard\Favorites\Links\Ocean. nj - Google Maps.url -> https://maps.google....ved=0CAgQ_AUoAg
InternetURL: C:\Users\Howard\Favorites\K and M Stuff\Clifton  Anthony's Coal Fired Pizza.url -> https://acfp.com/location/clifton/
InternetURL: C:\Users\Howard\Favorites\K and M Stuff\Rainbow Academy  Center Locator.url -> hxxp://rainbowacademy.com/center-locator/
InternetURL: C:\Users\Howard\Favorites\HH Apt\InterDesign 52620 10.5in. Power Lock Towel Bar.url -> hxxp://www.atgstores.com/towel-bars/interdesign-52620-105in-power-lock-towel-bar_6793025.html?linkloc=reCanonical
InternetURL: C:\Users\Howard\Favorites\HH Apt\Shop Verizon Deals & Compare  TV, Internet, Phone  Verizon Official Site.url -> hxxp://www.verizon.com/home/shop/shopping.htm
InternetURL: C:\Users\Howard\Favorites\Health\Chocolate CAN Be Good For You, At The Right Dose.url -> hxxp://www.foodmatters.tv/articles-1/chocolate-can-be-good-for-you-at-the-right-dose
InternetURL: C:\Users\Howard\Favorites\Health\doctoryourself.com Andrew Saul's Natural Health Website.url -> hxxp://www.doctoryourself.com/
InternetURL: C:\Users\Howard\Favorites\Health\FOODMATTERS®  Natural Health & Nutrition  FOODMATTERS®.url -> hxxp://www.foodmatters.tv/
InternetURL: C:\Users\Howard\Favorites\Health\Himalania Organic Goji Berries  Wegmans.url -> hxxp://www.wegmans.com/webapp/wcs/stores/servlet/ProductDisplay?langId=-1&storeId=10052&catalogId=10002&productId=355280
InternetURL: C:\Users\Howard\Favorites\Health\Spirulina Benefits.url -> hxxp://www.thespirulinabenefits.com/
InternetURL: C:\Users\Howard\Favorites\Health\The Gerson Therapy  Gerson Institute.url -> https://gerson.org/g...gerson-therapy/
InternetURL: C:\Users\Howard\Favorites\Bench\Body Solid Best Fitness Foldable FID Utility Bench.url -> hxxp://www.afitnessequipment.com/body_solid_best_fitness_foldable_f_i_d_utility_weight_bench_BFFID10.html
InternetURL: C:\Users\Howard\Favorites\Bench\Body Solid Utility Bench (PFID130W) US$159.0000.url -> hxxp://www.bestbuyfitness.com/product_detail_1776.aspx?gclid=CPPA9Oawu70CFcg7OgodcFIAsg
InternetURL: C:\Users\Howard\Favorites\Bench\Work Out Bench Cap FM504  eBay.url -> hxxp://www.ebay.com/itm/Work-Out-Bench-CAP-Fm504-/161256839506?pt=LH_DefaultDomain_0&hash=item258ba81952
InternetURL: C:\Users\Howard\Favorites\Bars\TOP 100 BARS DOWN THE NJ SHORE - Best NJ shore bars.url -> hxxp://www.funnewjersey.com/upload_user/Best_New_Jersey_bars_and_Clubs/TOP_100_SHORE_BARS_NJ.HTM
InternetURL: C:\Users\Howard\Favorites\Banking - Credit Cards\American Express Login.url -> https://online.ameri...inav=iNavLnkLog
InternetURL: C:\Users\Howard\Favorites\Banking - Credit Cards\Bank of America — Banking, Credit Cards, Mortgages and Investing.url -> https://www.bankofamerica.com/
InternetURL: C:\Users\Howard\Favorites\Asbury - Bradley\Brickwall Tavern and Dining Room.url -> hxxp://www.brickwalltavern.com/
InternetURL: C:\Users\Howard\Favorites\Asbury - Bradley\Music\709  Point Pleasant, NJ.url -> hxxp://www.709pointbeach.com/bandcalendar.aspx
InternetURL: C:\Users\Howard\Favorites\Asbury - Bradley\Music\D'Arcy's.url -> hxxp://www.darcystavern.com/page/page/5412352/2014-7.htm
InternetURL: C:\Users\Howard\Favorites\Asbury - Bradley\Music\Events  Dauphin Grille.url -> hxxp://dauphingrille.com/events/
InternetURL: C:\Users\Howard\Favorites\Asbury - Bradley\Music\Music & Events  Giamanos Restaurant.url -> hxxp://www.giamanos.com/calendar-of-events/music-events/
InternetURL: C:\Users\Howard\Favorites\Asbury - Bradley\Music\Pagano's UVA - News & Events.url -> hxxp://www.uvaonmain.com/news.html
InternetURL: C:\Users\Howard\Favorites\Asbury - Bradley\Music\The legendary Wonder Bar in Asbury Park, NJ —.url -> hxxp://thewonderbarasbury.com/
InternetURL: C:\Users\Howard\Favorites\Asbury - Bradley\Music\Incinerators\The Incinerators  Facebook.url -> https://www.facebook...nerators?ref=ts
InternetURL: C:\Users\Howard\Favorites\Asbury - Bradley\Music\Incinerators\The Incinerators Music, Lyrics, Songs, and Videos.url -> hxxp://www.reverbnation.com/theincinerators
InternetURL: C:\Users\Howard\Favorites\401K - ADP\ADP iPayStatements  Login.url -> https://ipay.adp.com/iPay/login.jsf
InternetURL: C:\Users\Howard\Favorites\401K - ADP\ADP Retirement Services Login.url -> https://www.mykplan...._net/login.aspx
InternetURL: C:\Users\Howard\Favorites\401K - ADP\INDU Quote - Dow Jones Industrial Average Index - Bloomberg.url -> hxxp://www.bloomberg.com/quote/INDU:IND
InternetURL: C:\Users\Howard\Favorites\401K - ADP\Morningstar – Independent Investment Research.url -> hxxp://www.morningstar.com/
InternetURL: C:\Users\Public\Desktop\ebay.url -> hxxp://rover.ebay.com/rover/1/711-86042-13409-7/4

==================== End of log =============================

 


    Advertisements

Register to Remove


#2 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 06 November 2014 - 09:12 PM

Hi TheHoag57,

My name is OCD. I would be more than happy to take a look at your log and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:

  • I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for the issues on this machine.
  • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.
  • Copy and Paste logs directly into the reply window. DO NOT attach the logs unless specifically instructed to do so.

IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your Operating System and losing all your programs and data.

Please stay with this topic until I let you know that your system appears to be "All Clear"

Important: All tools MUST be run from the Desktop.

=========================

Please delete the copy of FRST you have installed on your computer and follow the directions below to download a fresh copy, but this time be sure to save it to your desktop.

=========================

bullseye_zpse9eaf36e.gif Security Check

Download Security Check by screen317 from here or here.

  • Save it to your Desktop.
    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=========================

bullseye_zpse9eaf36e.gif Malwarebytes Anti-Rootkit

  • Download Malwarebytes Anti-Rootkit
  • Once the file has been downloaded, right click on the downloaded file and select the Extract all menu option.
  • Follow the instructions to extract the ZIP file to a folder called mbar-versionnumber on your desktop.
  • Once the ZIP file has been extracted, open the folder and when that folder opens, double-click on the mbar folder.
  • Double-click on the mbar.exe file to launch Malwarebytes Anti-Rootkit.
  • After you double-click on the mbar.exe file, you may receive a User Account Control (UAC) message if you are sure you wish to allow the program to run. Please allow to start Malwarebytes Anti-Rootkit correctly.
  • Malwarebytes Anti-Rootkit will now install necessary drivers that are required for the program to operate correctly.
  • If you receive a DDA driver message like could not load DDA driver, click on the Yes button and Malwarebytes Anti-Rootkit will now restart your computer and will start automatically.

MBAMAnti-Rootkit1_zps4613be8c.png

  • Please click by the introduction screen on the Next button to continue.

MBAMAnti-Rootkit2update_zpsf85fca28.png

  • Next you will see the Update Database screen.
  • Click on the Update button so Malwarebytes Anti-Rootkit can download the latest definition updates.

MBAMAnti-Rootkitupdatecomplete_zpscf9f4c

  • When the update has finished, click on the Next button.

MBAMAnti-Rootkitscan_zps9b346fe7.png

  • Next you can select some basic scanning options. Make sure the Drivers, Sectors, and System scan targets are selected before you click on the Scan button.
  • Malwarebytes Anti-Rootkit will now start scanning your computer for rootkits. This scan can take some time, so please be patient.

MBAMAnti-Rootkitscan-results_zps9f0fdf8e

  • When the scan with Malwarebytes Anti-Rootkit is finished, the program will display a screen with the results from the scan.
  • Make sure everything is selected and that the option to create a restore point is checked.
  • Next click on the Cleanup button. Malwarebytes Anti-Rootkit will then prompt you to reboot your computer.
  • Click on Yes button to restart your computer.
  • There will now be two log files created in the mbar folder called system-log.txt and one that starts with mbar-log.
  • The mbar-log file will always start with mbar-log, but the rest will be named using a timestamp indicating the time it was run.
    • For example, mbar-log-2012-11-12 (19-13-32).txt corresponds to mbar-log-year-month-day (hour-minute-second).txt.
  • The system-log.txt contains information about each time you have run MBAR and contains diagnostic information from the program.

=========================

bullseye_zpse9eaf36e.gif Download Farbar Recovery Scan Tool and save to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click and select "Run as Administrator" to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply

=========================

In your next post please provide the following:

  • checkup.txt
  • system-log.txt
  • mbar-log
  • FRST.txt
  • Addition.txt

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.


#3 TheHoag57

TheHoag57

    New Member

  • New Member
  • Pip
  • 2 posts

Posted 08 November 2014 - 04:04 PM

Hi OCD,

 

              I got stuck on Step 1. When I try to download "Security Check", I get hit with the screen that you see below. I've tried several times to no avail. I have no other trouble getting around on the internet with Firefox.  Please advise how to work around.  Thanks, TheHoag57.

 

"  The connection was reset

 

The connection to the server was reset while the page was loading.

 

  • The site could be temporarily unavailable or too busy. Try again in a few moments.
  • If you are unable to load any pages, check your computer's network connections.
  • If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted access to the web."

 

 



#4 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 08 November 2014 - 08:25 PM

Hi TheHoag57,

Just go ahead and skip the Security Check step and continue on with the remainder of the steps.
OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.


#5 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 12 November 2014 - 08:55 PM

Hi TheHoag57,

Just checking in to see if you still need help?
OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.


#6 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 16 November 2014 - 09:25 AM

Due to inactivity this topic will be closed.
If you need help please start a new thread.

New members follow the instructions here http://forums.whatth...ed_t106388.html and start a new topic
OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users