Solved Infected Router

[Solved] Infected Router

I have run Adware, FRST, and will post logs..... I also ran Avast antivirus which is why I have come here.... I had a message stating that my security passwords etc could be jeopardised/affected....

 

***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\System\CurrentControlSet\Services\Eventlog\Application\Update Laflurla
[-] Key Deleted : HKLM\System\CurrentControlSet\Services\Eventlog\Application\Util Laflurla

***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [903 bytes] ##########
# AdwCleaner v5.035 - Logfile created 20/02/2016 at 12:57:52
# Updated 18/02/2016 by Xplode
# Database : 2016-02-18.5 [Server]
# Operating system : Windows 10 Home (x86)
# Username : Taliah - RAWR
# Running from : C:\Users\Taliah\Downloads\Desktop\adwcleaner_5.035.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : GoogleUpdateTaskUserS-1-5-21-1160702305-3582450622-2665941894-1000Core
[-] Task Deleted : GoogleUpdateTaskUserS-1-5-21-1160702305-3582450622-2665941894-1000UA
[-] Task Deleted : GoogleUpdateTaskUserS-1-5-21-1160702305-3582450622-2665941894-1000Core
[-] Task Deleted : GoogleUpdateTaskUserS-1-5-21-1160702305-3582450622-2665941894-1000UA

***** [ Registry ] *****


***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2008 bytes] ##########
# AdwCleaner v5.105 - Logfile created 26/03/2016 at 13:21:07
# Updated 21/03/2016 by Xplode
# Database : 2016-03-25.2 [Server]
# Operating system : Windows 10 Home (x86)
# Username : Taliah - RAWR
# Running from : C:\Users\Taliah\Downloads\Desktop\adwcleaner_5.105.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****

[-] File Deleted : C:\Users\Taliah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] File Deleted : C:\Users\Taliah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1160702305-3582450622-2665941894-1000\Software\AVG Security Toolbar

***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [3223 bytes] - [29/01/2016 20:58:27]
C:\AdwCleaner\AdwCleaner[C2].txt - [1286 bytes] - [28/02/2016 22:57:41]
C:\AdwCleaner\AdwCleaner[C3].txt - [1430 bytes] - [03/03/2016 23:08:22]
C:\AdwCleaner\AdwCleaner[S1].txt - [2999 bytes] - [05/01/2016 20:07:53]
C:\AdwCleaner\AdwCleaner[S2].txt - [1643 bytes] - [11/01/2016 22:47:01]
C:\AdwCleaner\AdwCleaner[S3].txt - [1774 bytes] - [25/01/2016 12:54:04]
C:\AdwCleaner\AdwCleaner[S4].txt - [1993 bytes] - [29/01/2016 20:53:59]
C:\AdwCleaner\AdwCleaner[S5].txt - [1916 bytes] - [04/02/2016 17:28:40]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3807 bytes] ##########

 

FRST Part 1

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01
Ran by Taliah (administrator) on RAWR (26-03-2016 14:24:42)
Running from C:\Users\Taliah\Downloads\Desktop
Loaded Profiles: Taliah (Available Profiles: Taliah & DefaultAppPool)
Platform: Microsoft Windows 10 Home Version 1511 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_9691412ff1876250\stacsv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_9691412ff1876250\AEstSrv.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware2\mbamservice.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware2\mbamscheduler.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware2\mbam.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(CyberLink Corp.) C:\Program Files\Hp\QuickPlay\QPService.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Hewlett-Packard) C:\Program Files\Hp\HP Software Update\hpwuschd2.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Google Inc.) C:\Users\Taliah\AppData\Local\Google\Update\GoogleUpdate.exe
() C:\Program Files\FileHippo.com\FileHippo.AppManager.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Google Inc.) C:\Users\Taliah\AppData\Local\Google\Update\1.3.29.5\GoogleCrashHandler.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\asulaunch.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Google Inc.) C:\Users\Taliah\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Taliah\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Taliah\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Taliah\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Taliah\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Taliah\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Taliah\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Taliah\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495708 2010-03-23] (IDT, Inc.)
HKLM\...\Run: [QPService] => C:\Program Files\HP\QuickPlay\QPService.exe [468264 2009-06-24] (CyberLink Corp.)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-18] (CyberLink Corp.)
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [320056 2009-06-25] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [UpdatePRCShortCut] => C:\Program Files\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-09] (Hewlett-Packard)
HKLM\...\Run: [WirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-24] (Hewlett-Packard)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-03] (AVAST Software)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3527368 2015-07-17] (Synaptics Incorporated)
HKU\S-1-5-21-1160702305-3582450622-2665941894-1000\...\Run: [HPADVISOR] => C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1668664 2009-07-16] (Hewlett-Packard)
HKU\S-1-5-21-1160702305-3582450622-2665941894-1000\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-06-18] (Hewlett-Packard Company)
HKU\S-1-5-21-1160702305-3582450622-2665941894-1000\...\Run: [Google Update] => C:\Users\Taliah\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
HKU\S-1-5-21-1160702305-3582450622-2665941894-1000\...\Run: [FileHippo.com] => C:\Program Files\FileHippo.com\FileHippo.AppManager.exe [10566352 2015-09-02] ()
HKU\S-1-5-21-1160702305-3582450622-2665941894-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [26112 2015-10-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-12-03] (AVAST Software)
Startup: C:\Users\Taliah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2011-12-01]
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 198.142.235.14 211.29.132.12 198.142.0.51
Tcpip\..\Interfaces\{5119e7d9-5c9f-4042-95dc-23d6f751cee9}: [DhcpNameServer] 198.142.235.14 211.29.132.12 198.142.0.51

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1160702305-3582450622-2665941894-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-1160702305-3582450622-2665941894-1000 -> DefaultScope {25107C24-F015-4F20-912E-B44B05F15704} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKU\S-1-5-21-1160702305-3582450622-2665941894-1000 -> {25107C24-F015-4F20-912E-B44B05F15704} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-03] (AVAST Software)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-10-19] (Hewlett-Packard Company)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Taliah\AppData\Roaming\Mozilla\Firefox\Profiles\nex98oqn.default
FF DefaultSearchUrl: hxxp://www.bing.com/search?FORM=IEFM1&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_21_0_0_197.dll [2016-03-26] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-08] (Google)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-04] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-04] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1160702305-3582450622-2665941894-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Taliah\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-1160702305-3582450622-2665941894-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Taliah\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-1160702305-3582450622-2665941894-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Taliah\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-04] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2012-12-19] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2011-04-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2011-04-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2011-04-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2011-04-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2011-04-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2011-04-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2011-04-17] (Apple Inc.)
FF SearchPlugin: C:\Users\Taliah\AppData\Roaming\Mozilla\Firefox\Profiles\nex98oqn.default\searchplugins\searchcanvas.xml [2013-02-20]
FF Extension: Lavasoft Search Plugin - C:\Users\Taliah\AppData\Roaming\Mozilla\Firefox\Profiles\nex98oqn.default\Extensions\jid1-yZwVFzbsyfMrqQ@jetpack [2012-12-22] [not signed]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-05-21] [not signed]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010-08-24] [not signed]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011-01-28] [not signed]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011-04-09] [not signed]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2011-07-04] [not signed]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [2012-11-28] [not signed]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012-11-20] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-03]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-12-03]

Chrome:
=======
CHR HomePage: Default -> hxxp://ninemsn.com.au/
CHR StartupUrls: Default -> "hxxp://ninemsn.com.au/ "
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Taliah\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Users\Taliah\AppData\Local\Google\Chrome\Application\49.0.2623.87\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Users\Taliah\AppData\Local\Google\Chrome\Application\49.0.2623.87\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Taliah\AppData\Local\Google\Chrome\Application\49.0.2623.87\pdf.dll => No File
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll => No File
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll => No File
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft Corp. DRM Netscape Plugin) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corp.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll => No File
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.3.0\\npsitesafety.dll => No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Java(TM) Platform SE 7 U15) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll => No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll => No File
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Taliah\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Google Update) - C:\Users\Taliah\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll => No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll => No File
CHR Plugin: (Java Deployment Toolkit 7.0.150.3) - C:\Windows\system32\npDeployJava1.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll => No File
CHR Profile: C:\Users\Taliah\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Taliah\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-11-22]
CHR Extension: (YouTube) - C:\Users\Taliah\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-05]
CHR Extension: (Google Search) - C:\Users\Taliah\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (Qualys BrowserCheck for Windows) - C:\Users\Taliah\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejhnkognlohdkpjkjongioociddgoibk [2015-12-14]
CHR Extension: (Avast Online Security) - C:\Users\Taliah\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-02-15]
CHR Extension: (TS1.8) - C:\Users\Taliah\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnhhmlalomhpoaelhcgmaeobmbbhfnkf [2015-10-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Taliah\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-29]
CHR Extension: (Gmail) - C:\Users\Taliah\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-12-03]
StartMenuInternet: Google Chrome - C:\Users\Taliah\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_x86_9691412ff1876250\aestsrv.exe [81920 2009-03-02] (Andrea Electronics Corporation)
R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336 2009-03-28] (LSI Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-03] (AVAST Software)
S3 GameConsoleService; C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe [246520 2010-10-01] (WildTangent, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26680 2016-02-18] (Hewlett-Packard Company)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-18] (Hewlett-Packard Company) [File not signed]
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware2\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware2\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [32568 2014-04-14] (The OpenVPN Project)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-01-22] ()
R2 STacSV; C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_x86_9691412ff1876250\STacSV.exe [229458 2010-03-23] (IDT, Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [217288 2015-07-17] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280376 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23256 2015-10-30] (Microsoft Corporation)

 

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Afc; C:\WINDOWS\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24016 2015-12-03] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [26096 2015-12-03] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [81168 2015-12-23] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [81728 2015-12-03] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49776 2015-12-03] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [812720 2016-03-03] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [449384 2016-01-21] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [117712 2015-12-03] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [209432 2015-12-03] (AVAST Software)
R3 athr; C:\WINDOWS\System32\drivers\athwn.sys [3205632 2015-10-30] (Qualcomm Atheros Communications, Inc.)
R0 gfibto; C:\WINDOWS\System32\drivers\gfibto.sys [13560 2013-02-19] (GFI Software)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [170200 2016-03-26] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [494080 2015-10-30] (Realtek )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [35528 2015-07-17] (Synaptics Incorporated)
S3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [12320 2013-08-21] (TuneUp Software)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37400 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [246104 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [98648 2015-10-30] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [163328 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-26 14:24 - 2016-03-26 14:24 - 00000000 ____D C:\FRST
2016-03-20 21:16 - 2016-03-20 21:16 - 00000000 ____D C:\Users\Taliah\Documents\My Filehippo Downloads
2016-03-20 21:14 - 2016-03-20 21:14 - 01239752 _____ (Microsoft Corporation) C:\Users\Taliah\Downloads\wlsetup-web (1).exe
2016-03-20 21:12 - 2016-03-20 21:12 - 14648000 _____ (Adobe Systems Inc.) C:\Users\Taliah\Downloads\Shockwave_Installer_Full.exe
2016-03-20 21:11 - 2016-03-20 21:11 - 00002067 _____ C:\Users\Taliah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileHippo App Manager.lnk
2016-03-20 21:10 - 2016-03-20 21:10 - 02190552 _____ C:\Users\Taliah\Downloads\appmanagersetup_2.0_b4_292.exe
2016-03-20 21:07 - 2016-03-20 21:08 - 18667480 _____ (Adobe Systems Inc.) C:\Users\Taliah\Downloads\AdobeAIRInstaller.exe
2016-03-09 16:16 - 2016-02-24 15:18 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-03-09 16:16 - 2016-02-24 15:12 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-03-09 16:16 - 2016-02-24 15:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-03-09 16:15 - 2016-03-01 15:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-03-09 16:15 - 2016-02-24 19:15 - 05797216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-03-09 16:15 - 2016-02-24 19:15 - 01561392 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-03-09 16:15 - 2016-02-24 19:11 - 00599904 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-03-09 16:15 - 2016-02-24 19:10 - 00959840 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-03-09 16:15 - 2016-02-24 19:03 - 00433504 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-03-09 16:15 - 2016-02-24 18:57 - 01174368 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-03-09 16:15 - 2016-02-24 18:50 - 02885680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-03-09 16:15 - 2016-02-24 18:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-03-09 16:15 - 2016-02-24 18:15 - 00107872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-03-09 16:15 - 2016-02-24 18:11 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-03-09 16:15 - 2016-02-24 18:11 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-03-09 16:15 - 2016-02-24 18:06 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-03-09 16:15 - 2016-02-24 18:03 - 00510880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-03-09 16:15 - 2016-02-24 17:59 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-03-09 16:15 - 2016-02-24 17:59 - 00118304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-03-09 16:15 - 2016-02-24 17:38 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-09 16:15 - 2016-02-24 17:35 - 01714016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-03-09 16:15 - 2016-02-24 17:35 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-03-09 16:15 - 2016-02-24 17:35 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-03-09 16:15 - 2016-02-24 17:35 - 00482656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-03-09 16:15 - 2016-02-24 17:35 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-03-09 16:15 - 2016-02-24 17:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-03-09 16:15 - 2016-02-24 17:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-03-09 16:15 - 2016-02-24 17:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-03-09 16:15 - 2016-02-24 17:03 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\olepro32.dll
2016-03-09 16:15 - 2016-02-24 16:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-03-09 16:15 - 2016-02-24 16:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-03-09 16:15 - 2016-02-24 16:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-03-09 16:15 - 2016-02-24 16:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-03-09 16:15 - 2016-02-24 16:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-03-09 16:15 - 2016-02-24 16:51 - 00037376 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-03-09 16:15 - 2016-02-24 16:47 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-03-09 16:15 - 2016-02-24 16:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-03-09 16:15 - 2016-02-24 16:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-03-09 16:15 - 2016-02-24 16:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-03-09 16:15 - 2016-02-24 16:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-03-09 16:15 - 2016-02-24 16:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-03-09 16:15 - 2016-02-24 16:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-03-09 16:15 - 2016-02-24 16:38 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-03-09 16:15 - 2016-02-24 16:37 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-03-09 16:15 - 2016-02-24 16:37 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-03-09 16:15 - 2016-02-24 16:37 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-03-09 16:15 - 2016-02-24 16:34 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-03-09 16:15 - 2016-02-24 16:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-03-09 16:15 - 2016-02-24 16:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-03-09 16:15 - 2016-02-24 16:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-03-09 16:15 - 2016-02-24 16:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-03-09 16:15 - 2016-02-24 16:29 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-03-09 16:15 - 2016-02-24 16:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-03-09 16:15 - 2016-02-24 16:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-03-09 16:15 - 2016-02-24 16:27 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-03-09 16:15 - 2016-02-24 16:25 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-03-09 16:15 - 2016-02-24 16:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-03-09 16:15 - 2016-02-24 16:23 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-03-09 16:15 - 2016-02-24 16:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-03-09 16:15 - 2016-02-24 16:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-03-09 16:15 - 2016-02-24 16:21 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-03-09 16:15 - 2016-02-24 16:21 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-03-09 16:15 - 2016-02-24 16:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-03-09 16:15 - 2016-02-24 16:20 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-03-09 16:15 - 2016-02-24 16:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-03-09 16:15 - 2016-02-24 16:18 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-03-09 16:15 - 2016-02-24 16:18 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-03-09 16:15 - 2016-02-24 16:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-03-09 16:15 - 2016-02-24 16:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-03-09 16:15 - 2016-02-24 16:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-03-09 16:15 - 2016-02-24 16:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-03-09 16:15 - 2016-02-24 16:09 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-03-09 16:15 - 2016-02-24 16:09 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-03-09 16:15 - 2016-02-24 16:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-03-09 16:15 - 2016-02-24 16:09 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-03-09 16:15 - 2016-02-24 16:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-03-09 16:15 - 2016-02-24 16:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-03-09 16:15 - 2016-02-24 16:07 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-03-09 16:15 - 2016-02-24 16:07 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-03-09 16:15 - 2016-02-24 16:06 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-03-09 16:15 - 2016-02-24 16:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-03-09 16:15 - 2016-02-24 16:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-03-09 16:15 - 2016-02-24 15:59 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-03-09 16:15 - 2016-02-24 15:55 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-03-09 16:15 - 2016-02-24 15:51 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-03-09 16:15 - 2016-02-24 15:46 - 02977280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-03-09 16:15 - 2016-02-24 15:38 - 01524224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-09 16:15 - 2016-02-24 15:37 - 01895936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-03-09 16:15 - 2016-02-24 15:37 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-03-09 16:15 - 2016-02-24 15:34 - 01887744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-09 16:15 - 2016-02-24 15:34 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-09 16:15 - 2016-02-24 15:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-03-09 16:15 - 2016-02-24 15:12 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-03-09 16:15 - 2016-02-24 14:59 - 05661696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-03-03 21:53 - 2016-02-23 20:34 - 01859960 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-03 21:53 - 2016-02-23 20:33 - 01541792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-03-03 21:53 - 2016-02-23 20:32 - 01820512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-03-03 21:53 - 2016-02-23 19:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-03-03 21:53 - 2016-02-23 19:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-03-03 21:53 - 2016-02-23 19:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-03-03 21:53 - 2016-02-23 19:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-03-03 21:53 - 2016-02-23 19:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-03-03 21:53 - 2016-02-23 19:30 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-03-03 21:53 - 2016-02-23 19:27 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-03-03 21:53 - 2016-02-23 18:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-03-03 21:53 - 2016-02-23 17:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-03-03 21:53 - 2016-02-23 17:30 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-03-03 21:53 - 2016-02-23 17:28 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-03-03 21:53 - 2016-02-23 17:28 - 00810496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-03-03 21:53 - 2016-02-23 17:28 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-03-03 21:53 - 2016-02-23 16:59 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-03-03 21:53 - 2016-02-23 16:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-03-03 21:53 - 2016-02-23 16:55 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-03-03 21:53 - 2016-02-23 16:53 - 01799168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-03 21:53 - 2016-02-23 16:50 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-03-03 21:53 - 2016-02-23 16:47 - 01075200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-03-03 21:53 - 2016-02-23 16:36 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-03-03 21:53 - 2016-02-23 16:36 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-03-03 21:53 - 2016-02-23 16:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-03-03 21:53 - 2016-02-23 16:32 - 02793472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-03-03 21:53 - 2016-02-23 16:30 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-03-03 21:53 - 2016-02-23 16:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-03-03 21:53 - 2016-02-09 13:23 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-03-03 21:53 - 2016-02-09 13:07 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-03-03 21:52 - 2016-02-23 20:37 - 00875992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-03-03 21:52 - 2016-02-23 20:37 - 00771120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-03-03 21:52 - 2016-02-23 20:34 - 01051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-03-03 21:52 - 2016-02-23 20:34 - 00926568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-03-03 21:52 - 2016-02-23 20:33 - 00354656 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll
2016-03-03 21:52 - 2016-02-23 20:33 - 00354656 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-03-03 21:52 - 2016-02-23 20:32 - 00462688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-03-03 21:52 - 2016-02-23 20:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-03-03 21:52 - 2016-02-23 20:16 - 00856928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-03-03 21:52 - 2016-02-23 19:40 - 00306840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-03-03 21:52 - 2016-02-23 19:39 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-03 21:52 - 2016-02-23 19:39 - 00297072 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-03-03 21:52 - 2016-02-23 19:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-03-03 21:52 - 2016-02-23 19:38 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-03-03 21:52 - 2016-02-23 19:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-03-03 21:52 - 2016-02-23 19:37 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-03-03 21:52 - 2016-02-23 19:37 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-03-03 21:52 - 2016-02-23 19:23 - 00124256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-03-03 21:52 - 2016-02-23 18:51 - 00381280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-03-03 21:52 - 2016-02-23 18:43 - 00639168 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-03-03 21:52 - 2016-02-23 18:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-03-03 21:52 - 2016-02-23 18:36 - 00429920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-03-03 21:52 - 2016-02-23 18:25 - 00722432 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-03-03 21:52 - 2016-02-23 18:25 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-03-03 21:52 - 2016-02-23 18:22 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-03-03 21:52 - 2016-02-23 18:21 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-03-03 21:52 - 2016-02-23 18:18 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-03-03 21:52 - 2016-02-23 18:16 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-03-03 21:52 - 2016-02-23 18:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-03-03 21:52 - 2016-02-23 18:14 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-03-03 21:52 - 2016-02-23 18:13 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-03-03 21:52 - 2016-02-23 18:08 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-03-03 21:52 - 2016-02-23 18:07 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-03 21:52 - 2016-02-23 18:07 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-03-03 21:52 - 2016-02-23 18:06 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-03-03 21:52 - 2016-02-23 18:06 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-03-03 21:52 - 2016-02-23 18:05 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-03-03 21:52 - 2016-02-23 18:05 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-03-03 21:52 - 2016-02-23 18:03 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-03-03 21:52 - 2016-02-23 18:01 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-03-03 21:52 - 2016-02-23 18:01 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-03-03 21:52 - 2016-02-23 18:01 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-03-03 21:52 - 2016-02-23 17:59 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-03-03 21:52 - 2016-02-23 17:57 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-03-03 21:52 - 2016-02-23 17:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-03-03 21:52 - 2016-02-23 17:51 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-03-03 21:52 - 2016-02-23 17:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-03-03 21:52 - 2016-02-23 17:50 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-03-03 21:52 - 2016-02-23 17:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-03-03 21:52 - 2016-02-23 17:49 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-03 21:52 - 2016-02-23 17:48 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-03-03 21:52 - 2016-02-23 17:48 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-03-03 21:52 - 2016-02-23 17:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-03-03 21:52 - 2016-02-23 17:46 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-03-03 21:52 - 2016-02-23 17:45 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-03-03 21:52 - 2016-02-23 17:45 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-03-03 21:52 - 2016-02-23 17:44 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-03-03 21:52 - 2016-02-23 17:43 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-03-03 21:52 - 2016-02-23 17:42 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-03-03 21:52 - 2016-02-23 17:41 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-03-03 21:52 - 2016-02-23 17:40 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-03-03 21:52 - 2016-02-23 17:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-03-03 21:52 - 2016-02-23 17:38 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-03-03 21:52 - 2016-02-23 17:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-03-03 21:52 - 2016-02-23 17:36 - 00484864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-03-03 21:52 - 2016-02-23 17:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-03-03 21:52 - 2016-02-23 17:36 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-03 21:52 - 2016-02-23 17:35 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-03-03 21:52 - 2016-02-23 17:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-03-03 21:52 - 2016-02-23 17:34 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-03-03 21:52 - 2016-02-23 17:29 - 00453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-03-03 21:52 - 2016-02-23 17:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-03-03 21:52 - 2016-02-23 17:28 - 00739328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-03-03 21:52 - 2016-02-23 17:25 - 00951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-03-03 21:52 - 2016-02-23 17:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-03-03 21:52 - 2016-02-23 17:24 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-03-03 21:52 - 2016-02-23 17:24 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-03-03 21:52 - 2016-02-23 17:24 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-03-03 21:52 - 2016-02-23 17:23 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-03-03 21:52 - 2016-02-23 17:23 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-03-03 21:52 - 2016-02-23 17:22 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-03-03 21:52 - 2016-02-23 17:21 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-03-03 21:52 - 2016-02-23 17:21 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-03-03 21:52 - 2016-02-23 17:20 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-03-03 21:52 - 2016-02-23 17:20 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-03-03 21:52 - 2016-02-23 17:16 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-03-03 21:52 - 2016-02-23 17:14 - 00694272 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-03-03 21:52 - 2016-02-23 17:05 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-03-03 21:52 - 2016-02-23 17:05 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-03-03 21:52 - 2016-02-23 16:58 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-03-03 21:52 - 2016-02-23 16:58 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-03-03 21:52 - 2016-02-23 16:51 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-03-03 21:52 - 2016-02-23 16:36 - 01931776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-03-03 21:52 - 2016-02-09 14:32 - 00228704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-03-03 21:52 - 2016-02-09 14:14 - 00153952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-03-03 21:52 - 2016-02-09 13:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-03-03 21:52 - 2016-02-09 13:09 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-02-29 00:19 - 2016-02-29 00:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-02-29 00:18 - 2016-02-29 00:18 - 00002628 _____ C:\Users\Public\Desktop\Skype.lnk
2016-02-29 00:18 - 2016-02-29 00:18 - 00000000 ___RD C:\Program Files\Skype
2016-02-29 00:18 - 2016-02-29 00:18 - 00000000 ____D C:\Program Files\Common Files\Skype
2016-02-29 00:15 - 2016-02-29 00:15 - 00001884 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2016-02-29 00:15 - 2016-02-29 00:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

 

FRST Part 3

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-26 14:10 - 2010-08-15 12:39 - 00000904 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-26 14:03 - 2015-10-30 15:48 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-26 14:03 - 2015-10-30 15:48 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-26 14:00 - 2012-07-16 17:49 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-03-26 13:27 - 2016-01-02 21:22 - 00000320 _____ C:\ProgramData\hpqp.ini
2016-03-26 13:27 - 2016-01-02 21:22 - 00000188 _____ C:\ProgramData\HPWALog.txt
2016-03-26 13:25 - 2014-04-07 15:16 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-03-26 13:24 - 2016-02-04 17:05 - 00000900 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-26 13:23 - 2016-01-22 04:50 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-26 13:22 - 2015-10-30 15:13 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-03-26 13:17 - 2016-01-05 20:07 - 00000000 ____D C:\AdwCleaner
2016-03-23 22:04 - 2015-10-30 15:39 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-22 20:59 - 2013-06-21 20:54 - 00000932 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1160702305-3582450622-2665941894-1000UA.job
2016-03-22 20:59 - 2013-06-21 20:54 - 00000910 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1160702305-3582450622-2665941894-1000Core.job
2016-03-21 21:58 - 2016-01-04 19:14 - 00000000 ____D C:\Users\Taliah\Downloads\Tania's work stuff
2016-03-20 21:11 - 2014-04-19 13:54 - 00000000 ____D C:\Program Files\FileHippo.com
2016-03-20 21:08 - 2009-08-15 17:05 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2016-03-16 04:53 - 2015-10-30 15:48 - 00000000 ____D C:\WINDOWS\rescache
2016-03-16 03:48 - 2015-10-30 15:47 - 00000000 ____D C:\WINDOWS\INF
2016-03-16 03:40 - 2016-01-22 04:27 - 00000000 ____D C:\Users\Taliah
2016-03-16 03:39 - 2016-01-22 04:19 - 00358024 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-16 03:36 - 2015-10-30 15:48 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-16 03:36 - 2015-10-30 15:48 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-15 22:57 - 2009-12-24 10:27 - 00002496 _____ C:\Users\Taliah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-15 22:12 - 2016-01-22 04:26 - 00988244 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-14 15:53 - 2013-08-16 05:41 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-03-14 15:41 - 2010-10-29 20:48 - 141270216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-03-08 17:12 - 2015-10-30 15:49 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-03-08 17:12 - 2015-10-30 15:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-03-05 11:50 - 2015-09-10 14:16 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-04 03:46 - 2015-10-30 16:58 - 00000000 ____D C:\Program Files\Windows Journal
2016-03-04 03:46 - 2015-10-30 15:48 - 00000000 __RSD C:\WINDOWS\Media
2016-03-04 03:46 - 2015-10-30 15:48 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-03-04 03:46 - 2015-10-30 15:48 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-03-04 03:46 - 2015-10-30 15:48 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-03-04 03:46 - 2015-10-30 15:48 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-03-04 03:46 - 2015-10-30 15:48 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-03-04 03:46 - 2015-10-30 15:13 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-03-03 20:05 - 2014-04-07 12:17 - 00812720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2016-03-01 21:58 - 2015-10-30 15:48 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-03-01 20:03 - 2013-02-10 00:09 - 00096624 _____ C:\Users\Taliah\AppData\Local\GDIPFONTCACHEV1.DAT
2016-02-29 00:20 - 2011-08-21 21:46 - 00000000 ____D C:\Users\Taliah\AppData\Roaming\Skype
2016-02-29 00:19 - 2011-08-21 21:46 - 00000000 ____D C:\ProgramData\Skype
2016-02-29 00:15 - 2015-03-03 23:42 - 00000000 ____D C:\Program Files\QuickTime
2016-02-28 14:07 - 2012-07-28 01:23 - 00000322 _____ C:\WINDOWS\Tasks\HPCeeScheduleForRAWR$.job

==================== Files in the root of some directories =======

2016-01-02 21:22 - 2016-01-02 21:22 - 0000000 _____ () C:\Users\Taliah\AppData\Local\AtStart.txt
2016-01-02 21:22 - 2016-01-02 21:22 - 0000000 _____ () C:\Users\Taliah\AppData\Local\DSwitch.txt
2016-01-02 21:22 - 2016-01-02 21:22 - 0000000 _____ () C:\Users\Taliah\AppData\Local\QSwitch.txt
2016-01-02 21:22 - 2016-03-26 13:27 - 0000320 _____ () C:\ProgramData\hpqp.ini
2016-01-02 21:22 - 2016-03-26 13:27 - 0000188 _____ () C:\ProgramData\HPWALog.txt

Some files in TEMP:
====================
C:\Users\Taliah\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-03-16 03:52

==================== End of FRST.txt ============================

 

I will now post Addition txt

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version:05-03-2016 01
Ran by Taliah (2016-03-26 14:27:25)
Running from C:\Users\Taliah\Downloads\Desktop
Microsoft Windows 10 Home Version 1511 (X86) (2016-01-21 18:56:59)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1160702305-3582450622-2665941894-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1160702305-3582450622-2665941894-503 - Limited - Disabled)
Guest (S-1-5-21-1160702305-3582450622-2665941894-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1160702305-3582450622-2665941894-1002 - Limited - Enabled)
Taliah (S-1-5-21-1160702305-3582450622-2665941894-1000 - Administrator - Enabled) => C:\Users\Taliah

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 21.0.0.176 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.197 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)
Avast Pro Antivirus (HKLM\...\Avast) (Version: 11.1.2245 - AVAST Software)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
FileHippo App Manager (HKLM\...\FileHippo.com) (Version: - FileHippo.com)
Google Chrome (HKU\S-1-5-21-1160702305-3582450622-2665941894-1000\...\Google Chrome) (Version: 49.0.2623.87 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
HP Support Assistant (HKLM\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.2.8.25 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.2.8.17 - Hewlett-Packard Company)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.1.94 - LSI Corporation)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.1.177.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95120000-0122-0409-0000-0000000FF1CE}) (Version: 12.0.6423.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
SafeZone Stable 1.46.1990.139 (Version: 1.46.1990.139 - Avast Software) Hidden
Skype™ 7.18 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Sophos Virus Removal Tool (HKLM\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.5 - Sophos Limited)
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.95 - Synaptics Incorporated)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1160702305-3582450622-2665941894-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Taliah\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1160702305-3582450622-2665941894-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Taliah\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1160702305-3582450622-2665941894-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Taliah\AppData\Local\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1160702305-3582450622-2665941894-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Taliah\AppData\Local\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1160702305-3582450622-2665941894-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Taliah\AppData\Local\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1160702305-3582450622-2665941894-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Taliah\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1160702305-3582450622-2665941894-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Taliah\AppData\Local\Google\Update\1.3.29.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1160702305-3582450622-2665941894-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Taliah\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-1160702305-3582450622-2665941894-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Taliah\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1160702305-3582450622-2665941894-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Taliah\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1160702305-3582450622-2665941894-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Taliah\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-1160702305-3582450622-2665941894-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Taliah\AppData\Local\Google\Update\1.3.29.1\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1160702305-3582450622-2665941894-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Taliah\AppData\Local\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1160702305-3582450622-2665941894-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Taliah\AppData\Local\Google\Update\1.3.29.5\psuser.dll (Google Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {016A8C9B-1D69-4036-8A3B-8AAF9A4D6FF3} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0334E04F-6800-4AEA-85BE-5D6CC38E69E9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-26] (Adobe Systems Incorporated)
Task: {038F2465-F2DC-4485-9B4B-82200C29FE40} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {05B20FB9-934A-44D1-AD95-5C208E7FF81C} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0D60CC62-2193-4EB3-8A50-84379E789BAA} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0F220C67-CE4A-40FA-A35F-4B3AEF6E0CCD} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {122B9638-CFE7-4E36-82F9-30C69ABA3EDC} - System32\Tasks\{C63CABFC-ED6B-4A0A-B11C-096233C9AF05} => pcalua.exe -a C:\Users\Taliah\Downloads\SpyHunter-Installer.exe -d C:\Users\Taliah\Downloads
Task: {1544930C-2378-4DF2-B4BB-4D687E0081A0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {1D0EABCF-E22B-43C0-B962-7DC66BE5B7CA} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {22E48D3D-2F7A-4532-83ED-7F6176D54876} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-01-29] (Microsoft)
Task: {24EABE08-24F2-4734-A6E7-9E8728D2D54F} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {2D901D51-D67F-4217-AB71-E3EF8CB23E78} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {36B82EC7-7AEC-4851-8775-8B140AC2D203} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1160702305-3582450622-2665941894-1000UA => C:\Users\Taliah\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-21] (Facebook Inc.)
Task: {39F25F9D-E89C-49FB-945A-566A0157BD13} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3B977460-442D-4767-B58C-C5C85D05EB53} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1160702305-3582450622-2665941894-1000Core => C:\Users\Taliah\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-21] (Facebook Inc.)
Task: {4727D745-3176-4A73-8BCF-34EE6E1938F9} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {4F127396-246E-4B9D-8BF4-E9F39649E29F} - System32\Tasks\avastBCLRestartS-1-5-21-1160702305-3582450622-2665941894-1000 => Chrome.exe
Task: {4F85AA5E-C2F9-475E-85FE-7CEF5A3B9278} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {5751EAED-8C16-4282-ABDA-003AB4A8EC86} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {58C3AF1D-8DB3-4557-8269-D28FAEA79BC6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {60204FA2-DE7A-4A33-B110-BFD83C477280} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {64CD27C5-69CC-4F3F-ADE3-20997BBC7FF3} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6B101B15-37B8-4F6C-B0A8-1EECDDB5042C} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {7980B120-DB80-40DB-8E33-429C9EC8222A} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7BE062F7-1572-4357-BB43-FE2B32332CE5} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {7C45BD38-B4E4-4C59-8D4F-DF5E6722EE24} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-01-20] (Hewlett-Packard)
Task: {7C84E484-F2AC-46AD-B88A-3B9D73E70251} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7DF89722-24DA-45A9-8EB6-1B143B06801B} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7E056306-C366-4B38-87B3-D7F34DA347FE} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {82A55F70-B6B0-4750-B25D-8920B219856C} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {8B354DD2-E6FA-4C0E-B3C5-C84FE53EF4A6} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {8E5BFD59-11B4-48D9-95DF-3A9B45286BD3} - System32\Tasks\{10809A57-B3EE-4A79-B4CA-22DC426D060D} => pcalua.exe -a C:\Users\Taliah\Downloads\Adaware_Installer(2).exe -d "C:\Program Files\Lavasoft\Ad-Aware "
Task: {96F84F17-6F87-4120-994C-299C78A68308} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9BE4C97E-BA85-441B-8E5B-3849BA70E8EB} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-03-14] (Microsoft Corporation)
Task: {9EF880C4-B69C-45C4-A975-AAE2CBC09E9D} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9FFE1C97-B451-4DCA-954F-B438B9AFB889} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A18BC537-FE49-4B8D-B851-654FC62B09B9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {A43EFA45-CBDF-476A-BCAB-D0A3425AD276} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {A51055D1-6891-4D10-A987-DAC719C77BFA} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A60EB621-78E8-49D6-A3C8-6CD908A1D2E2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AFFA9408-D62E-4D64-AB50-4E65179EAD8D} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\PROGRA~1\AD-AWA~1\AdAwareLauncher.exe
Task: {B29D6776-230E-4BB5-B71F-F425243A1FF2} - System32\Tasks\{321CD4F7-55B9-4043-B9AF-4CB49AFF558F} => pcalua.exe -a "C:\Users\Taliah\Downloads\Adaware_Installer (2).exe" -d C:\Users\Taliah\Downloads
Task: {B51558CF-4108-4608-ABBB-2834C8EEA982} - System32\Tasks\HPCeeScheduleForRAWR$ => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {B871B77F-0193-4C3D-B4F8-97D7BBCB50D0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-03-11] (Hewlett-Packard)
Task: {BBC38BA3-5C95-4272-B392-06927FE9B3B1} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {BF696320-E741-4EDA-97BA-A7049A6D8AA2} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {C8D8B762-AB74-4DEA-B686-DD6DB478980E} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D3EA7DE7-69E5-4556-A2C7-A7B64FA12C35} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-12-03] (AVAST Software)
Task: {D902B895-EDC3-44BC-A42A-DDB6660B134F} - System32\Tasks\SafeZone scheduled Autoupdate 1449092702 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2015-12-01] (Avast Software)
Task: {E2660FD2-E0BF-424B-B4B2-9C3C77E3F2F4} - System32\Tasks\{DA0142C9-0C0B-467C-9EE9-C1F1EBA2DC0C} => pcalua.exe -a G:\Install_Nokia_Ovi_Suite.exe -d G:\
Task: {E5A2F543-9951-45DD-A9B7-4BB67148665A} - System32\Tasks\{83CD4F5B-013E-4147-8D91-B38CDCA146CC} => Firefox.exe hxxp://ui.skype.com/ui/0/5.5.0.113.259/en/abandoninstall?source=lightinstaller&page=tsDownload&installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;userlevelpresent
Task: {EE4A72C8-FFBD-4264-8EFD-C7ABD9E8A306} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {EF953E4F-B3D5-4BEA-84B8-95246351C0DC} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F8692447-CEF7-4F92-B156-DE451D2E1D06} - System32\Tasks\{CEEB1724-29F4-4F8C-8AE6-3A5B1AED6D8D} => pcalua.exe -a C:\Users\Taliah\Downloads\wmpplugin(2).exe -d "C:\Program Files\Windows Media Player "
Task: {FB6BBC94-FCAC-4C8D-B935-FCADA7B8856A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-02-17] (Hewlett-Packard)
Task: {FCA56214-ABDF-4B78-86A0-0B018B288795} - System32\Tasks\{F0B95EE7-E28B-4613-BA06-6E2328CB393F} => pcalua.exe -a "C:\Users\Taliah\Downloads\Shockwave_Installer_Slim (3).exe" -d C:\Users\Taliah\Downloads

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1160702305-3582450622-2665941894-1000Core.job => C:\Users\Taliah\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1160702305-3582450622-2665941894-1000UA.job => C:\Users\Taliah\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForRAWR$.job => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe

 

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 15:44 - 2015-10-30 15:44 - 00149504 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-03 07:41 - 2015-12-03 07:41 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-12-03 07:41 - 2015-12-03 07:41 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-03-22 20:42 - 2016-03-22 20:42 - 02857472 _____ () C:\Program Files\AVAST Software\Avast\defs\16032200\algo.dll
2015-12-03 07:41 - 2015-12-03 07:41 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-12-03 07:41 - 2015-12-03 07:41 - 00241896 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-03-26 13:26 - 2016-03-26 13:26 - 02857472 _____ () C:\Program Files\AVAST Software\Avast\defs\16032501\algo.dll
2009-08-15 17:22 - 2009-01-22 04:47 - 00247152 ____N () C:\Program Files\CyberLink\Shared files\RichVideo.exe
2016-03-03 21:53 - 2016-02-23 20:34 - 01859960 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-03 21:53 - 2016-02-23 20:34 - 01859960 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-01-22 22:09 - 2016-01-22 22:09 - 00070656 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-03-03 21:52 - 2016-02-23 17:48 - 00316416 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-22 22:09 - 2016-01-22 22:09 - 05340672 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-22 22:09 - 2016-01-22 22:09 - 00471552 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-02-10 20:30 - 2016-01-16 15:06 - 02366464 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-02-10 20:30 - 2016-01-16 15:09 - 02656768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-12-03 07:42 - 2015-12-03 07:42 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2009-07-16 10:51 - 2009-07-16 10:51 - 00061440 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2009-07-16 10:51 - 2009-07-16 10:51 - 00131072 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2009-07-16 10:50 - 2009-07-16 10:50 - 00040960 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingServer.dll
2009-07-16 10:50 - 2009-07-16 10:50 - 00005632 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2009-07-16 10:50 - 2009-07-16 10:50 - 00018944 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2009-07-16 10:50 - 2009-07-16 10:50 - 00036864 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingClients.dll
2009-07-16 10:50 - 2009-07-16 10:50 - 00028672 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
2009-07-16 10:50 - 2009-07-16 10:50 - 00007680 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\RemotingClient.dll
2009-06-18 04:40 - 2009-06-18 04:40 - 02121728 _____ () C:\Program Files\Common Files\LightScribe\QtCore4.dll
2009-06-18 04:40 - 2009-06-18 04:40 - 07745536 _____ () C:\Program Files\Common Files\LightScribe\QtGui4.dll
2009-06-18 04:40 - 2009-06-18 04:40 - 00135168 _____ () C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2015-09-02 21:00 - 2015-09-02 21:00 - 10566352 _____ () C:\Program Files\FileHippo.com\FileHippo.AppManager.exe
2009-07-02 08:44 - 2009-07-02 08:44 - 00632888 _____ () C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
2016-01-22 07:31 - 2016-01-22 07:31 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-01-22 07:31 - 2016-01-22 07:31 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-22 07:31 - 2016-01-22 07:31 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-03-15 22:57 - 2016-03-08 12:48 - 01676440 _____ () C:\Users\Taliah\AppData\Local\Google\Chrome\Application\49.0.2623.87\libglesv2.dll
2016-03-15 22:57 - 2016-03-08 12:48 - 00086168 _____ () C:\Users\Taliah\AppData\Local\Google\Chrome\Application\49.0.2623.87\libegl.dll
2016-03-25 16:18 - 2016-03-21 16:17 - 17541312 _____ () C:\Users\Taliah\AppData\Local\Google\Chrome\User Data\PepperFlash\21.0.0.197\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 12:04 - 2014-04-09 10:59 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1160702305-3582450622-2665941894-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Taliah\AppData\Local\Microsoft\Windows\Themes\img19.jpg
DNS Servers: 198.142.235.14 - 211.29.132.12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

 

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) LPort=808
FirewallRules: [{A60D9D73-1F3E-481F-A265-67412254941E}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{69F50ECD-6DCF-468F-B6EC-973F0973B254}] => (Allow) C:\Program Files\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{E78E2544-EB63-45B4-A919-483D05DFE676}] => (Allow) C:\Program Files\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{EC4D603E-D810-47CC-AB38-CBD472D30AFD}] => (Allow) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{B886B432-E7EA-4E4B-B4A5-35C9C7C62F0F}] => (Allow) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{FB878EE5-F4A8-472D-B6E7-E35B1D8EA834}] => (Allow) C:\Program Files\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{9BF5036C-6E3D-486F-8AC4-FBAA0B3E56ED}] => (Allow) C:\Program Files\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{8B182900-4209-4FF6-A7F6-63939BEE96BB}] => (Allow) C:\Users\Taliah\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{4DA263C5-FB95-4D67-996E-77DF78C271A6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{827837D9-F071-43A8-A239-EC6B3B8F6CAD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FB1D1941-275B-4861-A23E-BCECB0A55974}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe

==================== Restore Points =========================

28-02-2016 11:39:36 Scheduled Checkpoint
03-03-2016 23:48:48 Windows Update
14-03-2016 15:40:37 Windows Update
21-03-2016 17:44:10 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/26/2016 01:39:04 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4

Error: (03/26/2016 10:54:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 64804844

Error: (03/26/2016 10:54:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 64804844

Error: (03/26/2016 10:54:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/25/2016 04:54:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1485

Error: (03/25/2016 04:54:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1485

Error: (03/25/2016 04:54:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/23/2016 09:59:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Rawr.local already in use; will try Rawr-2.local instead

Error: (03/23/2016 09:59:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 16 Rawr.local. AAAA FE80:0000:0000:0000C46:6096:C5D8:A7FB

Error: (03/23/2016 09:59:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from FE80:0000:0000:0000C46:6096:C5D8:A7FB:5353 4 Rawr.local. Addr 192.168.0.16


System errors:
=============
Error: (03/26/2016 01:23:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error:
%%1058

Error: (03/26/2016 01:22:31 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BrokerInfrastructure service.

Error: (03/26/2016 01:22:28 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024001e: .

Error: (03/26/2016 01:21:56 PM) (Source: DCOM) (EventID: 10010) (User: Rawr)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}

Error: (03/26/2016 01:21:45 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Sync Host_32cabd service to connect.

Error: (03/26/2016 01:21:45 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the User Data Storage_32cabd service to connect.

Error: (03/26/2016 01:21:45 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the User Data Storage_32cabd service, but this action failed with the following error:
%%1056

Error: (03/26/2016 01:21:40 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {7006698D-2974-4091-A424-85DD0B909E23}

Error: (03/26/2016 01:21:40 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {7006698D-2974-4091-A424-85DD0B909E23}

Error: (03/26/2016 01:21:40 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {7006698D-2974-4091-A424-85DD0B909E23}


CodeIntegrity:
===================================
Date: 2016-03-18 14:04:40.519
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-03-16 03:40:40.265
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-03-04 03:49:55.433
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-03-04 03:35:19.266
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-19 17:42:12.048
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-17 03:43:59.834
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-29 19:57:37.106
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-26 01:32:35.438
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-22 04:50:40.238
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-22 04:46:43.102
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Celeron(R) Dual-Core CPU T3000 @ 1.80GHz
Percentage of memory in use: 55%
Total physical RAM: 1978.92 MB
Available physical RAM: 872.23 MB
Total Virtual: 3962.92 MB
Available Virtual: 2456.96 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:220.68 GB) (Free:140.75 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (RECOVERY) (Fixed) (Total:11.24 GB) (Free:1.83 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: CFAD9F98)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=220.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=783 MB) - (Type=27)
Partition 4: (Not Active) - (Size=11.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

 

Just to add I also had a message not to retsart my computer and to call a helpline.... since then I ran my Antivirus... which stated that my router was infected ....

 

Here is the Rogue Killer Log:

RogueKiller V12.0.3.0 [Mar 21 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 10 (10.0.10586) 32 bits version
Started in : Normal mode
User : Taliah [Administrator]
Started from : C:\Users\Taliah\Downloads\Desktop\RogueKiller.exe
Mode : Scan -- Date : 03/27/2016 20:07:35

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 0 ¤¤¤

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 2 ¤¤¤
[PUP][Folder] C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521} -> Found
[PUP][Folder] C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD} -> Found

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST9250410AS +++++
--- User ---
[MBR] 96e52b126ebea04be84e47b9b467003b
[BSP] 93264375a13f1e579aa1dba1782e9a68 : HP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 199 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 409600 | Size: 225978 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 463214592 | Size: 783 MB
3 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 464818176 | Size: 11512 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 27-Mar-16
Scan Time: 8:34 PM
Logfile: MWare.txt
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.03.27.01
Rootkit Database: v2016.03.12.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 10
CPU: x86
File System: NTFS
User: Taliah

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 458587
Time Elapsed: 37 min, 0 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

 

ADware log as follows

# AdwCleaner v5.036 - Logfile created 28/02/2016 at 22:57:41
# Updated 22/02/2016 by Xplode
# Database : 2016-02-28.1 [Server]
# Operating system : Windows 10 Home (x86)
# Username : Taliah - RAWR
# Running from : C:\Users\Taliah\Downloads\Desktop\adwcleaner_5.036.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [2087 bytes] - [29/01/2016 20:58:27]
C:\AdwCleaner\AdwCleaner[C2].txt - [771 bytes] - [28/02/2016 22:57:41]
C:\AdwCleaner\AdwCleaner[S1].txt - [1307 bytes] - [05/01/2016 20:07:53]
C:\AdwCleaner\AdwCleaner[S2].txt - [1643 bytes] - [11/01/2016 22:47:01]
C:\AdwCleaner\AdwCleaner[S3].txt - [1774 bytes] - [25/01/2016 12:54:04]
C:\AdwCleaner\AdwCleaner[S4].txt - [1993 bytes] - [29/01/2016 20:53:59]
C:\AdwCleaner\AdwCleaner[S5].txt - [653 bytes] - [04/02/2016 17:28:40]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1207 bytes] ##########
# AdwCleaner v5.105 - Logfile created 27/03/2016 at 21:29:52
# Updated 21/03/2016 by Xplode
# Database : 2016-03-26.1 [Server]
# Operating system : Windows 10 Home (x86)
# Username : Taliah - RAWR
# Running from : C:\Users\Taliah\Downloads\Desktop\adwcleaner_5.105 (1).exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [3886 bytes] - [29/01/2016 20:58:27]
C:\AdwCleaner\AdwCleaner[C2].txt - [2058 bytes] - [28/02/2016 22:57:41]
C:\AdwCleaner\AdwCleaner[C3].txt - [1430 bytes] - [03/03/2016 23:08:22]
C:\AdwCleaner\AdwCleaner[S1].txt - [2999 bytes] - [05/01/2016 20:07:53]
C:\AdwCleaner\AdwCleaner[S2].txt - [2916 bytes] - [11/01/2016 22:47:01]
C:\AdwCleaner\AdwCleaner[S3].txt - [1774 bytes] - [25/01/2016 12:54:04]
C:\AdwCleaner\AdwCleaner[S4].txt - [1993 bytes] - [29/01/2016 20:53:59]
C:\AdwCleaner\AdwCleaner[S5].txt - [1916 bytes] - [04/02/2016 17:28:40]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [2569 bytes] ##########

 

Finally the JRT Log:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.4 (03.14.2016)
Operating System: Windows 10 Home x86
Ran by Taliah (Administrator) on 27-Mar-16 at 21:48:00.80
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0




Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27-Mar-16 at 21:55:10.70
End of JRT log

 

can result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01
Ran by Taliah (administrator) on RAWR (28-03-2016 11:13:58)
Running from C:\Users\Taliah\Downloads\Desktop
Loaded Profiles: Taliah (Available Profiles: Taliah & DefaultAppPool)
Platform: Microsoft Windows 10 Home Version 1511 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_9691412ff1876250\stacsv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware2\mbamscheduler.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware2\mbamservice.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_9691412ff1876250\AEstSrv.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware2\mbam.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\asww10mon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(CyberLink Corp.) C:\Program Files\Hp\QuickPlay\QPService.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Hewlett-Packard) C:\Program Files\Hp\HP Software Update\hpwuschd2.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Google Inc.) C:\Users\Taliah\AppData\Local\Google\Update\GoogleUpdate.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Google Inc.) C:\Users\Taliah\AppData\Local\Google\Update\1.3.29.5\GoogleCrashHandler.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\LockAppHost.exe
() C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Microsoft Corporation) C:\Windows\System32\wuapihost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495708 2010-03-23] (IDT, Inc.)
HKLM\...\Run: [QPService] => C:\Program Files\HP\QuickPlay\QPService.exe [468264 2009-06-24] (CyberLink Corp.)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-18] (CyberLink Corp.)
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [320056 2009-06-25] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [UpdatePRCShortCut] => C:\Program Files\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-09] (Hewlett-Packard)
HKLM\...\Run: [WirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-24] (Hewlett-Packard)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139256 2016-03-27] (AVAST Software)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3527368 2015-07-17] (Synaptics Incorporated)
HKU\S-1-5-21-1160702305-3582450622-2665941894-1000\...\Run: [HPADVISOR] => C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1668664 2009-07-16] (Hewlett-Packard)
HKU\S-1-5-21-1160702305-3582450622-2665941894-1000\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-06-18] (Hewlett-Packard Company)
HKU\S-1-5-21-1160702305-3582450622-2665941894-1000\...\Run: [Google Update] => C:\Users\Taliah\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
HKU\S-1-5-21-1160702305-3582450622-2665941894-1000\...\Run: [FileHippo.com] => C:\Program Files\FileHippo.com\FileHippo.AppManager.exe [10566352 2015-09-02] ()
HKU\S-1-5-21-1160702305-3582450622-2665941894-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [26112 2015-10-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-03-27] (AVAST Software)
Startup: C:\Users\Taliah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2011-12-01]
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 198.142.235.14 211.29.132.12 198.142.0.51
Tcpip\..\Interfaces\{5119e7d9-5c9f-4042-95dc-23d6f751cee9}: [DhcpNameServer] 198.142.235.14 211.29.132.12 198.142.0.51

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1160702305-3582450622-2665941894-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-1160702305-3582450622-2665941894-1000 -> DefaultScope {25107C24-F015-4F20-912E-B44B05F15704} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKU\S-1-5-21-1160702305-3582450622-2665941894-1000 -> {25107C24-F015-4F20-912E-B44B05F15704} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-03-27] (AVAST Software)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Taliah\AppData\Roaming\Mozilla\Firefox\Profiles\nex98oqn.default
FF DefaultSearchUrl: hxxp://www.bing.com/search?FORM=IEFM1&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_21_0_0_197.dll [2016-03-26] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-08] (Google)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-04] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-04] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1160702305-3582450622-2665941894-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Taliah\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-1160702305-3582450622-2665941894-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Taliah\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-1160702305-3582450622-2665941894-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Taliah\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-04] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2012-12-19] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2011-04-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2011-04-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2011-04-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2011-04-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2011-04-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2011-04-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2011-04-17] (Apple Inc.)
FF SearchPlugin: C:\Users\Taliah\AppData\Roaming\Mozilla\Firefox\Profiles\nex98oqn.default\searchplugins\searchcanvas.xml [2013-02-20]
FF Extension: Lavasoft Search Plugin - C:\Users\Taliah\AppData\Roaming\Mozilla\Firefox\Profiles\nex98oqn.default\Extensions\jid1-yZwVFzbsyfMrqQ@jetpack [2012-12-22] [not signed]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-05-21] [not signed]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010-08-24] [not signed]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011-01-28] [not signed]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011-04-09] [not signed]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2011-07-04] [not signed]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [2012-11-28] [not signed]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012-11-20] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-03-27]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-03-27]

Chrome:
=======
CHR HomePage: Default -> hxxp://ninemsn.com.au/
CHR StartupUrls: Default -> "hxxp://ninemsn.com.au/ "
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Taliah\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Users\Taliah\AppData\Local\Google\Chrome\Application\49.0.2623.87\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Users\Taliah\AppData\Local\Google\Chrome\Application\49.0.2623.87\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Taliah\AppData\Local\Google\Chrome\Application\49.0.2623.87\pdf.dll => No File
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll => No File
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll => No File
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft Corp. DRM Netscape Plugin) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corp.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll => No File
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.3.0\\npsitesafety.dll => No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Java(TM) Platform SE 7 U15) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll => No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll => No File
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Taliah\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Google Update) - C:\Users\Taliah\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll => No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll => No File
CHR Plugin: (Java Deployment Toolkit 7.0.150.3) - C:\Windows\system32\npDeployJava1.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll => No File
CHR Profile: C:\Users\Taliah\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Taliah\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-11-22]
CHR Extension: (YouTube) - C:\Users\Taliah\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-05]
CHR Extension: (Google Search) - C:\Users\Taliah\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (Qualys BrowserCheck for Windows) - C:\Users\Taliah\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejhnkognlohdkpjkjongioociddgoibk [2015-12-14]
CHR Extension: (Avast Online Security) - C:\Users\Taliah\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-02-15]
CHR Extension: (TS1.8) - C:\Users\Taliah\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnhhmlalomhpoaelhcgmaeobmbbhfnkf [2015-10-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Taliah\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-29]
CHR Extension: (Gmail) - C:\Users\Taliah\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-03-27]
StartMenuInternet: Google Chrome - C:\Users\Taliah\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_x86_9691412ff1876250\aestsrv.exe [81920 2009-03-02] (Andrea Electronics Corporation)
R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336 2009-03-28] (LSI Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-03-27] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [119128 2016-03-27] (AVAST Software)
S3 GameConsoleService; C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe [246520 2010-10-01] (WildTangent, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26680 2016-02-18] (Hewlett-Packard Company)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-18] (Hewlett-Packard Company) [File not signed]
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware2\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware2\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [32568 2014-04-14] (The OpenVPN Project)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-01-22] ()
R2 STacSV; C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_x86_9691412ff1876250\STacSV.exe [229458 2010-03-23] (IDT, Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [217288 2015-07-17] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280376 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23256 2015-10-30] (Microsoft Corporation)

 

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Afc; C:\WINDOWS\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [32792 2016-03-27] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [35096 2016-03-27] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [91168 2016-03-27] (AVAST Software)
R1 aswNetSec; C:\WINDOWS\system32\drivers\aswNetSec.sys [356640 2016-03-27] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [91232 2016-03-27] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [58776 2016-03-27] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [816304 2016-03-27] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [447848 2016-03-27] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [127432 2016-03-27] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [221240 2016-03-27] (AVAST Software)
R3 athr; C:\WINDOWS\System32\drivers\athwn.sys [3205632 2015-10-30] (Qualcomm Atheros Communications, Inc.)
R0 gfibto; C:\WINDOWS\System32\drivers\gfibto.sys [13560 2013-02-19] (GFI Software)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [24448 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [170200 2016-03-27] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [53120 2016-03-10] (Malwarebytes Corporation)
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [494080 2015-10-30] (Realtek )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [35528 2015-07-17] (Synaptics Incorporated)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [24688 2016-03-27] ()
S3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [12320 2013-08-21] (TuneUp Software)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37400 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [246104 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [98648 2015-10-30] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [163328 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-27 23:01 - 2016-03-27 23:01 - 00002066 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2016-03-27 22:31 - 2016-03-27 22:31 - 00001191 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2016-03-27 22:27 - 2016-03-27 22:27 - 00002164 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Internet Security.lnk
2016-03-27 22:27 - 2016-03-27 22:27 - 00002152 _____ C:\Users\Public\Desktop\Avast Internet Security.lnk
2016-03-27 22:25 - 2016-03-27 22:27 - 00356640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswnetsec.sys
2016-03-27 22:24 - 2016-03-27 22:24 - 00334280 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-03-27 22:24 - 2016-03-27 22:24 - 00052184 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-03-27 21:55 - 2016-03-27 21:55 - 00000546 _____ C:\Users\Taliah\Desktop\JRT.txt
2016-03-26 14:24 - 2016-03-28 11:13 - 00000000 ____D C:\FRST
2016-03-20 21:16 - 2016-03-27 22:19 - 00000000 ____D C:\Users\Taliah\Documents\My Filehippo Downloads
2016-03-20 21:14 - 2016-03-20 21:14 - 01239752 _____ (Microsoft Corporation) C:\Users\Taliah\Downloads\wlsetup-web (1).exe
2016-03-20 21:12 - 2016-03-20 21:12 - 14648000 _____ (Adobe Systems Inc.) C:\Users\Taliah\Downloads\Shockwave_Installer_Full.exe
2016-03-20 21:11 - 2016-03-20 21:11 - 00002067 _____ C:\Users\Taliah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileHippo App Manager.lnk
2016-03-20 21:10 - 2016-03-20 21:10 - 02190552 _____ C:\Users\Taliah\Downloads\appmanagersetup_2.0_b4_292.exe
2016-03-20 21:07 - 2016-03-20 21:08 - 18667480 _____ (Adobe Systems Inc.) C:\Users\Taliah\Downloads\AdobeAIRInstaller.exe
2016-03-09 16:16 - 2016-02-24 15:18 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-03-09 16:16 - 2016-02-24 15:12 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-03-09 16:16 - 2016-02-24 15:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-03-09 16:15 - 2016-03-01 15:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-03-09 16:15 - 2016-02-24 19:15 - 05797216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-03-09 16:15 - 2016-02-24 19:15 - 01561392 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-03-09 16:15 - 2016-02-24 19:11 - 00599904 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-03-09 16:15 - 2016-02-24 19:10 - 00959840 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-03-09 16:15 - 2016-02-24 19:03 - 00433504 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-03-09 16:15 - 2016-02-24 18:57 - 01174368 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-03-09 16:15 - 2016-02-24 18:50 - 02885680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-03-09 16:15 - 2016-02-24 18:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-03-09 16:15 - 2016-02-24 18:15 - 00107872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-03-09 16:15 - 2016-02-24 18:11 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-03-09 16:15 - 2016-02-24 18:11 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-03-09 16:15 - 2016-02-24 18:06 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-03-09 16:15 - 2016-02-24 18:03 - 00510880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-03-09 16:15 - 2016-02-24 17:59 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-03-09 16:15 - 2016-02-24 17:59 - 00118304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-03-09 16:15 - 2016-02-24 17:38 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-09 16:15 - 2016-02-24 17:35 - 01714016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-03-09 16:15 - 2016-02-24 17:35 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-03-09 16:15 - 2016-02-24 17:35 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-03-09 16:15 - 2016-02-24 17:35 - 00482656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-03-09 16:15 - 2016-02-24 17:35 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-03-09 16:15 - 2016-02-24 17:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-03-09 16:15 - 2016-02-24 17:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-03-09 16:15 - 2016-02-24 17:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-03-09 16:15 - 2016-02-24 17:03 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\olepro32.dll
2016-03-09 16:15 - 2016-02-24 16:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-03-09 16:15 - 2016-02-24 16:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-03-09 16:15 - 2016-02-24 16:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-03-09 16:15 - 2016-02-24 16:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-03-09 16:15 - 2016-02-24 16:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-03-09 16:15 - 2016-02-24 16:51 - 00037376 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-03-09 16:15 - 2016-02-24 16:47 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-03-09 16:15 - 2016-02-24 16:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-03-09 16:15 - 2016-02-24 16:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-03-09 16:15 - 2016-02-24 16:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-03-09 16:15 - 2016-02-24 16:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-03-09 16:15 - 2016-02-24 16:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-03-09 16:15 - 2016-02-24 16:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-03-09 16:15 - 2016-02-24 16:38 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-03-09 16:15 - 2016-02-24 16:37 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-03-09 16:15 - 2016-02-24 16:37 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-03-09 16:15 - 2016-02-24 16:37 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-03-09 16:15 - 2016-02-24 16:34 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-03-09 16:15 - 2016-02-24 16:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-03-09 16:15 - 2016-02-24 16:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-03-09 16:15 - 2016-02-24 16:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-03-09 16:15 - 2016-02-24 16:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-03-09 16:15 - 2016-02-24 16:29 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-03-09 16:15 - 2016-02-24 16:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-03-09 16:15 - 2016-02-24 16:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-03-09 16:15 - 2016-02-24 16:27 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-03-09 16:15 - 2016-02-24 16:25 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-03-09 16:15 - 2016-02-24 16:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-03-09 16:15 - 2016-02-24 16:23 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-03-09 16:15 - 2016-02-24 16:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-03-09 16:15 - 2016-02-24 16:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-03-09 16:15 - 2016-02-24 16:21 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-03-09 16:15 - 2016-02-24 16:21 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-03-09 16:15 - 2016-02-24 16:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-03-09 16:15 - 2016-02-24 16:20 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-03-09 16:15 - 2016-02-24 16:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-03-09 16:15 - 2016-02-24 16:18 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-03-09 16:15 - 2016-02-24 16:18 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-03-09 16:15 - 2016-02-24 16:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-03-09 16:15 - 2016-02-24 16:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-03-09 16:15 - 2016-02-24 16:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-03-09 16:15 - 2016-02-24 16:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-03-09 16:15 - 2016-02-24 16:09 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-03-09 16:15 - 2016-02-24 16:09 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-03-09 16:15 - 2016-02-24 16:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-03-09 16:15 - 2016-02-24 16:09 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-03-09 16:15 - 2016-02-24 16:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-03-09 16:15 - 2016-02-24 16:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-03-09 16:15 - 2016-02-24 16:07 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-03-09 16:15 - 2016-02-24 16:07 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-03-09 16:15 - 2016-02-24 16:06 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-03-09 16:15 - 2016-02-24 16:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-03-09 16:15 - 2016-02-24 16:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-03-09 16:15 - 2016-02-24 15:59 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-03-09 16:15 - 2016-02-24 15:55 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-03-09 16:15 - 2016-02-24 15:51 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-03-09 16:15 - 2016-02-24 15:46 - 02977280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-03-09 16:15 - 2016-02-24 15:38 - 01524224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-09 16:15 - 2016-02-24 15:37 - 01895936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-03-09 16:15 - 2016-02-24 15:37 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-03-09 16:15 - 2016-02-24 15:34 - 01887744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-09 16:15 - 2016-02-24 15:34 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-09 16:15 - 2016-02-24 15:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-03-09 16:15 - 2016-02-24 15:12 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-03-09 16:15 - 2016-02-24 14:59 - 05661696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-03-03 21:53 - 2016-02-23 20:34 - 01859960 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-03 21:53 - 2016-02-23 20:33 - 01541792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-03-03 21:53 - 2016-02-23 20:32 - 01820512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-03-03 21:53 - 2016-02-23 19:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-03-03 21:53 - 2016-02-23 19:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-03-03 21:53 - 2016-02-23 19:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-03-03 21:53 - 2016-02-23 19:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-03-03 21:53 - 2016-02-23 19:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-03-03 21:53 - 2016-02-23 19:30 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-03-03 21:53 - 2016-02-23 19:27 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-03-03 21:53 - 2016-02-23 18:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-03-03 21:53 - 2016-02-23 17:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-03-03 21:53 - 2016-02-23 17:30 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-03-03 21:53 - 2016-02-23 17:28 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-03-03 21:53 - 2016-02-23 17:28 - 00810496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-03-03 21:53 - 2016-02-23 17:28 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-03-03 21:53 - 2016-02-23 16:59 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-03-03 21:53 - 2016-02-23 16:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-03-03 21:53 - 2016-02-23 16:55 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-03-03 21:53 - 2016-02-23 16:53 - 01799168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-03 21:53 - 2016-02-23 16:50 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-03-03 21:53 - 2016-02-23 16:47 - 01075200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-03-03 21:53 - 2016-02-23 16:36 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-03-03 21:53 - 2016-02-23 16:36 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-03-03 21:53 - 2016-02-23 16:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-03-03 21:53 - 2016-02-23 16:32 - 02793472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-03-03 21:53 - 2016-02-23 16:30 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-03-03 21:53 - 2016-02-23 16:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-03-03 21:53 - 2016-02-09 13:23 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-03-03 21:53 - 2016-02-09 13:07 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-03-03 21:52 - 2016-02-23 20:37 - 00875992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-03-03 21:52 - 2016-02-23 20:37 - 00771120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-03-03 21:52 - 2016-02-23 20:34 - 01051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-03-03 21:52 - 2016-02-23 20:34 - 00926568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-03-03 21:52 - 2016-02-23 20:33 - 00354656 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll
2016-03-03 21:52 - 2016-02-23 20:33 - 00354656 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-03-03 21:52 - 2016-02-23 20:32 - 00462688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-03-03 21:52 - 2016-02-23 20:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-03-03 21:52 - 2016-02-23 20:16 - 00856928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-03-03 21:52 - 2016-02-23 19:40 - 00306840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-03-03 21:52 - 2016-02-23 19:39 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-03 21:52 - 2016-02-23 19:39 - 00297072 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-03-03 21:52 - 2016-02-23 19:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-03-03 21:52 - 2016-02-23 19:38 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-03-03 21:52 - 2016-02-23 19:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-03-03 21:52 - 2016-02-23 19:37 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-03-03 21:52 - 2016-02-23 19:37 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-03-03 21:52 - 2016-02-23 19:23 - 00124256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-03-03 21:52 - 2016-02-23 18:51 - 00381280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-03-03 21:52 - 2016-02-23 18:43 - 00639168 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-03-03 21:52 - 2016-02-23 18:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-03-03 21:52 - 2016-02-23 18:36 - 00429920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-03-03 21:52 - 2016-02-23 18:25 - 00722432 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-03-03 21:52 - 2016-02-23 18:25 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-03-03 21:52 - 2016-02-23 18:22 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-03-03 21:52 - 2016-02-23 18:21 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-03-03 21:52 - 2016-02-23 18:18 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-03-03 21:52 - 2016-02-23 18:16 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-03-03 21:52 - 2016-02-23 18:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-03-03 21:52 - 2016-02-23 18:14 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-03-03 21:52 - 2016-02-23 18:13 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-03-03 21:52 - 2016-02-23 18:08 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-03-03 21:52 - 2016-02-23 18:07 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-03 21:52 - 2016-02-23 18:07 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-03-03 21:52 - 2016-02-23 18:06 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-03-03 21:52 - 2016-02-23 18:06 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-03-03 21:52 - 2016-02-23 18:05 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-03-03 21:52 - 2016-02-23 18:05 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-03-03 21:52 - 2016-02-23 18:03 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-03-03 21:52 - 2016-02-23 18:01 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-03-03 21:52 - 2016-02-23 18:01 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-03-03 21:52 - 2016-02-23 18:01 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-03-03 21:52 - 2016-02-23 17:59 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-03-03 21:52 - 2016-02-23 17:57 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-03-03 21:52 - 2016-02-23 17:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-03-03 21:52 - 2016-02-23 17:51 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-03-03 21:52 - 2016-02-23 17:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-03-03 21:52 - 2016-02-23 17:50 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-03-03 21:52 - 2016-02-23 17:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-03-03 21:52 - 2016-02-23 17:49 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-03 21:52 - 2016-02-23 17:48 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-03-03 21:52 - 2016-02-23 17:48 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-03-03 21:52 - 2016-02-23 17:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-03-03 21:52 - 2016-02-23 17:46 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-03-03 21:52 - 2016-02-23 17:45 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-03-03 21:52 - 2016-02-23 17:45 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-03-03 21:52 - 2016-02-23 17:44 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-03-03 21:52 - 2016-02-23 17:43 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-03-03 21:52 - 2016-02-23 17:42 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-03-03 21:52 - 2016-02-23 17:41 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-03-03 21:52 - 2016-02-23 17:40 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-03-03 21:52 - 2016-02-23 17:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-03-03 21:52 - 2016-02-23 17:38 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-03-03 21:52 - 2016-02-23 17:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-03-03 21:52 - 2016-02-23 17:36 - 00484864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-03-03 21:52 - 2016-02-23 17:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-03-03 21:52 - 2016-02-23 17:36 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-03 21:52 - 2016-02-23 17:35 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-03-03 21:52 - 2016-02-23 17:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-03-03 21:52 - 2016-02-23 17:34 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-03-03 21:52 - 2016-02-23 17:29 - 00453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-03-03 21:52 - 2016-02-23 17:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-03-03 21:52 - 2016-02-23 17:28 - 00739328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-03-03 21:52 - 2016-02-23 17:25 - 00951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-03-03 21:52 - 2016-02-23 17:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-03-03 21:52 - 2016-02-23 17:24 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-03-03 21:52 - 2016-02-23 17:24 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-03-03 21:52 - 2016-02-23 17:24 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-03-03 21:52 - 2016-02-23 17:23 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-03-03 21:52 - 2016-02-23 17:23 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-03-03 21:52 - 2016-02-23 17:22 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-03-03 21:52 - 2016-02-23 17:21 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-03-03 21:52 - 2016-02-23 17:21 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-03-03 21:52 - 2016-02-23 17:20 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-03-03 21:52 - 2016-02-23 17:20 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-03-03 21:52 - 2016-02-23 17:16 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-03-03 21:52 - 2016-02-23 17:14 - 00694272 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-03-03 21:52 - 2016-02-23 17:05 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-03-03 21:52 - 2016-02-23 17:05 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-03-03 21:52 - 2016-02-23 16:58 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-03-03 21:52 - 2016-02-23 16:58 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-03-03 21:52 - 2016-02-23 16:51 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-03-03 21:52 - 2016-02-23 16:36 - 01931776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-03-03 21:52 - 2016-02-09 14:32 - 00228704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-03-03 21:52 - 2016-02-09 14:14 - 00153952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-03-03 21:52 - 2016-02-09 13:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-03-03 21:52 - 2016-02-09 13:09 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-02-29 00:15 - 2016-02-29 00:15 - 00001884 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2016-02-29 00:15 - 2016-02-29 00:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

==================== One Month Modified files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-28 00:10 - 2010-08-15 12:39 - 00000904 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-28 00:00 - 2012-07-16 17:49 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-03-27 23:59 - 2013-06-21 20:54 - 00000932 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1160702305-3582450622-2665941894-1000UA.job
2016-03-27 23:01 - 2014-04-19 11:20 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-03-27 23:01 - 2011-07-18 22:26 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-03-27 23:01 - 2009-08-15 17:04 - 00000000 ____D C:\ProgramData\Adobe
2016-03-27 22:58 - 2011-08-21 21:46 - 00000000 ____D C:\ProgramData\Skype
2016-03-27 22:33 - 2016-01-02 21:22 - 00000320 _____ C:\ProgramData\hpqp.ini
2016-03-27 22:33 - 2016-01-02 21:22 - 00000187 _____ C:\ProgramData\HPWALog.txt
2016-03-27 22:33 - 2014-04-07 15:16 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-03-27 22:31 - 2016-02-04 17:05 - 00000900 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-27 22:31 - 2015-12-03 07:45 - 00001191 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-03-27 22:30 - 2016-01-22 04:50 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-27 22:29 - 2015-10-30 15:13 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-03-27 22:27 - 2014-04-07 12:17 - 00816304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2016-03-27 22:27 - 2014-04-07 12:17 - 00447848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2016-03-27 22:27 - 2014-04-07 12:17 - 00091168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
2016-03-27 22:26 - 2014-04-07 12:17 - 00221240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2016-03-27 22:24 - 2014-04-28 19:30 - 00032792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-03-27 22:24 - 2014-04-07 12:17 - 00127432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-03-27 22:24 - 2014-04-07 12:17 - 00091232 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-03-27 22:24 - 2014-04-07 12:17 - 00058776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-03-27 22:23 - 2015-04-18 23:59 - 00035096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2016-03-27 20:59 - 2013-06-21 20:54 - 00000910 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1160702305-3582450622-2665941894-1000Core.job
2016-03-27 20:32 - 2015-12-31 13:27 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware2
2016-03-27 20:32 - 2015-12-31 12:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2
2016-03-27 20:29 - 2015-12-31 10:07 - 00024688 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-03-27 20:26 - 2015-10-30 15:47 - 00000000 ____D C:\WINDOWS\INF
2016-03-27 19:54 - 2015-10-30 15:48 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-27 13:45 - 2015-10-30 15:39 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-27 11:41 - 2015-10-30 15:48 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-27 11:29 - 2011-08-21 21:46 - 00000000 ____D C:\Users\Taliah\AppData\Roaming\Skype
2016-03-26 13:17 - 2016-01-05 20:07 - 00000000 ____D C:\AdwCleaner
2016-03-21 21:58 - 2016-01-04 19:14 - 00000000 ____D C:\Users\Taliah\Downloads\Tania's work stuff
2016-03-20 21:11 - 2014-04-19 13:54 - 00000000 ____D C:\Program Files\FileHippo.com
2016-03-20 21:08 - 2009-08-15 17:05 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2016-03-16 04:53 - 2015-10-30 15:48 - 00000000 ____D C:\WINDOWS\rescache
2016-03-16 03:40 - 2016-01-22 04:27 - 00000000 ____D C:\Users\Taliah
2016-03-16 03:39 - 2016-01-22 04:19 - 00358024 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-16 03:36 - 2015-10-30 15:48 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-16 03:36 - 2015-10-30 15:48 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-15 22:57 - 2009-12-24 10:27 - 00002496 _____ C:\Users\Taliah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-15 22:12 - 2016-01-22 04:26 - 00988244 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-14 15:53 - 2013-08-16 05:41 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-03-14 15:41 - 2010-10-29 20:48 - 141270216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-03-10 14:09 - 2014-04-07 15:16 - 00053120 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-03-10 14:08 - 2014-04-07 15:16 - 00126336 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-03-10 14:08 - 2014-04-07 15:16 - 00024448 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-03-08 17:12 - 2015-10-30 15:49 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-03-08 17:12 - 2015-10-30 15:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-03-05 11:50 - 2015-09-10 14:16 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-04 03:46 - 2015-10-30 16:58 - 00000000 ____D C:\Program Files\Windows Journal
2016-03-04 03:46 - 2015-10-30 15:48 - 00000000 __RSD C:\WINDOWS\Media
2016-03-04 03:46 - 2015-10-30 15:48 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-03-04 03:46 - 2015-10-30 15:48 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-03-04 03:46 - 2015-10-30 15:48 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-03-04 03:46 - 2015-10-30 15:48 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-03-04 03:46 - 2015-10-30 15:48 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-03-04 03:46 - 2015-10-30 15:13 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-03-01 21:58 - 2015-10-30 15:48 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-03-01 20:03 - 2013-02-10 00:09 - 00096624 _____ C:\Users\Taliah\AppData\Local\GDIPFONTCACHEV1.DAT
2016-02-29 00:15 - 2015-03-03 23:42 - 00000000 ____D C:\Program Files\QuickTime
2016-02-28 14:07 - 2012-07-28 01:23 - 00000322 _____ C:\WINDOWS\Tasks\HPCeeScheduleForRAWR$.job

==================== Files in the root of some directories =======

2016-01-02 21:22 - 2016-01-02 21:22 - 0000000 _____ () C:\Users\Taliah\AppData\Local\AtStart.txt
2016-01-02 21:22 - 2016-01-02 21:22 - 0000000 _____ () C:\Users\Taliah\AppData\Local\DSwitch.txt
2016-01-02 21:22 - 2016-01-02 21:22 - 0000000 _____ () C:\Users\Taliah\AppData\Local\QSwitch.txt
2016-01-02 21:22 - 2016-03-27 22:33 - 0000320 _____ () C:\ProgramData\hpqp.ini
2016-01-02 21:22 - 2016-03-27 22:33 - 0000187 _____ () C:\ProgramData\HPWALog.txt

Some files in TEMP:
====================
C:\Users\Taliah\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Taliah\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-03-16 03:52

==================== End of FRST.txt ============================

 

and here is the addition txt:

dditional scan result of Farbar Recovery Scan Tool (x86) Version:05-03-2016 01
Ran by Taliah (2016-03-28 11:16:21)
Running from C:\Users\Taliah\Downloads\Desktop
Microsoft Windows 10 Home Version 1511 (X86) (2016-01-21 18:56:59)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1160702305-3582450622-2665941894-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1160702305-3582450622-2665941894-503 - Limited - Disabled)
Guest (S-1-5-21-1160702305-3582450622-2665941894-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1160702305-3582450622-2665941894-1002 - Limited - Enabled)
Taliah (S-1-5-21-1160702305-3582450622-2665941894-1000 - Administrator - Enabled) => C:\Users\Taliah

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 21.0.0.176 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.197 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)
Avast Internet Security (HKLM\...\Avast) (Version: 11.1.2253 - AVAST Software)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
FileHippo App Manager (HKLM\...\FileHippo.com) (Version: - FileHippo.com)
Google Chrome (HKU\S-1-5-21-1160702305-3582450622-2665941894-1000\...\Google Chrome) (Version: 49.0.2623.87 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
HP Support Assistant (HKLM\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.2.8.25 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.2.8.17 - Hewlett-Packard Company)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.1.94 - LSI Corporation)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.1.177.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95120000-0122-0409-0000-0000000FF1CE}) (Version: 12.0.6423.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
SafeZone Stable 1.48.2066.44 (Version: 1.48.2066.44 - Avast Software) Hidden
Sophos Virus Removal Tool (HKLM\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.5 - Sophos Limited)
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.95 - Synaptics Incorporated)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1160702305-3582450622-2665941894-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Taliah\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1160702305-3582450622-2665941894-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Taliah\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1160702305-3582450622-2665941894-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Taliah\AppData\Local\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1160702305-3582450622-2665941894-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Taliah\AppData\Local\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1160702305-3582450622-2665941894-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Taliah\AppData\Local\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1160702305-3582450622-2665941894-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Taliah\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1160702305-3582450622-2665941894-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Taliah\AppData\Local\Google\Update\1.3.29.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1160702305-3582450622-2665941894-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Taliah\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-1160702305-3582450622-2665941894-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Taliah\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1160702305-3582450622-2665941894-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Taliah\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1160702305-3582450622-2665941894-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Taliah\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-1160702305-3582450622-2665941894-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Taliah\AppData\Local\Google\Update\1.3.29.1\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1160702305-3582450622-2665941894-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Taliah\AppData\Local\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1160702305-3582450622-2665941894-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Taliah\AppData\Local\Google\Update\1.3.29.5\psuser.dll (Google Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {016A8C9B-1D69-4036-8A3B-8AAF9A4D6FF3} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0334E04F-6800-4AEA-85BE-5D6CC38E69E9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-26] (Adobe Systems Incorporated)
Task: {038F2465-F2DC-4485-9B4B-82200C29FE40} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {05B20FB9-934A-44D1-AD95-5C208E7FF81C} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0D60CC62-2193-4EB3-8A50-84379E789BAA} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0F220C67-CE4A-40FA-A35F-4B3AEF6E0CCD} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {122B9638-CFE7-4E36-82F9-30C69ABA3EDC} - System32\Tasks\{C63CABFC-ED6B-4A0A-B11C-096233C9AF05} => pcalua.exe -a C:\Users\Taliah\Downloads\SpyHunter-Installer.exe -d C:\Users\Taliah\Downloads
Task: {1544930C-2378-4DF2-B4BB-4D687E0081A0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {1D0EABCF-E22B-43C0-B962-7DC66BE5B7CA} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {22E48D3D-2F7A-4532-83ED-7F6176D54876} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-01-29] (Microsoft)
Task: {24EABE08-24F2-4734-A6E7-9E8728D2D54F} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {2D901D51-D67F-4217-AB71-E3EF8CB23E78} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {362F9EAC-941F-4B92-BF3E-9D40F8634A23} - System32\Tasks\avast! Windows 10 Start Menu helper => c:\program files\avast software\avast\asww10mon.exe [2016-03-27] (AVAST Software)
Task: {36B82EC7-7AEC-4851-8775-8B140AC2D203} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1160702305-3582450622-2665941894-1000UA => C:\Users\Taliah\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-21] (Facebook Inc.)
Task: {39F25F9D-E89C-49FB-945A-566A0157BD13} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3B977460-442D-4767-B58C-C5C85D05EB53} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1160702305-3582450622-2665941894-1000Core => C:\Users\Taliah\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-21] (Facebook Inc.)
Task: {4727D745-3176-4A73-8BCF-34EE6E1938F9} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {4F127396-246E-4B9D-8BF4-E9F39649E29F} - System32\Tasks\avastBCLRestartS-1-5-21-1160702305-3582450622-2665941894-1000 => Chrome.exe
Task: {4F85AA5E-C2F9-475E-85FE-7CEF5A3B9278} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {5751EAED-8C16-4282-ABDA-003AB4A8EC86} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {58C3AF1D-8DB3-4557-8269-D28FAEA79BC6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {60204FA2-DE7A-4A33-B110-BFD83C477280} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {62F2B44D-B8ED-4D45-AD9E-1166F7AC0C41} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-03-27] (AVAST Software)
Task: {64CD27C5-69CC-4F3F-ADE3-20997BBC7FF3} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6B101B15-37B8-4F6C-B0A8-1EECDDB5042C} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {7980B120-DB80-40DB-8E33-429C9EC8222A} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7BE062F7-1572-4357-BB43-FE2B32332CE5} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {7C84E484-F2AC-46AD-B88A-3B9D73E70251} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7DF89722-24DA-45A9-8EB6-1B143B06801B} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7E056306-C366-4B38-87B3-D7F34DA347FE} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {82A55F70-B6B0-4750-B25D-8920B219856C} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {8B354DD2-E6FA-4C0E-B3C5-C84FE53EF4A6} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {8E5BFD59-11B4-48D9-95DF-3A9B45286BD3} - System32\Tasks\{10809A57-B3EE-4A79-B4CA-22DC426D060D} => pcalua.exe -a C:\Users\Taliah\Downloads\Adaware_Installer(2).exe -d "C:\Program Files\Lavasoft\Ad-Aware "
Task: {96F84F17-6F87-4120-994C-299C78A68308} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9BE4C97E-BA85-441B-8E5B-3849BA70E8EB} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-03-14] (Microsoft Corporation)
Task: {9EF880C4-B69C-45C4-A975-AAE2CBC09E9D} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9FFE1C97-B451-4DCA-954F-B438B9AFB889} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A18BC537-FE49-4B8D-B851-654FC62B09B9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {A43EFA45-CBDF-476A-BCAB-D0A3425AD276} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {A51055D1-6891-4D10-A987-DAC719C77BFA} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A60EB621-78E8-49D6-A3C8-6CD908A1D2E2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AFFA9408-D62E-4D64-AB50-4E65179EAD8D} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\PROGRA~1\AD-AWA~1\AdAwareLauncher.exe
Task: {B29D6776-230E-4BB5-B71F-F425243A1FF2} - System32\Tasks\{321CD4F7-55B9-4043-B9AF-4CB49AFF558F} => pcalua.exe -a "C:\Users\Taliah\Downloads\Adaware_Installer (2).exe" -d C:\Users\Taliah\Downloads
Task: {B51558CF-4108-4608-ABBB-2834C8EEA982} - System32\Tasks\HPCeeScheduleForRAWR$ => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {B871B77F-0193-4C3D-B4F8-97D7BBCB50D0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-03-11] (Hewlett-Packard)
Task: {BBC38BA3-5C95-4272-B392-06927FE9B3B1} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {BF696320-E741-4EDA-97BA-A7049A6D8AA2} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {C1E46E29-440A-4AB5-B5FE-570256E405CA} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {C8D8B762-AB74-4DEA-B686-DD6DB478980E} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E2660FD2-E0BF-424B-B4B2-9C3C77E3F2F4} - System32\Tasks\{DA0142C9-0C0B-467C-9EE9-C1F1EBA2DC0C} => pcalua.exe -a G:\Install_Nokia_Ovi_Suite.exe -d G:\
Task: {E5A2F543-9951-45DD-A9B7-4BB67148665A} - System32\Tasks\{83CD4F5B-013E-4147-8D91-B38CDCA146CC} => Firefox.exe hxxp://ui.skype.com/ui/0/5.5.0.113.259/en/abandoninstall?source=lightinstaller&page=tsDownload&installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;userlevelpresent
Task: {EE4A72C8-FFBD-4264-8EFD-C7ABD9E8A306} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {EF953E4F-B3D5-4BEA-84B8-95246351C0DC} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F1C10B26-AF33-4EF8-B673-2B2AC07F14D5} - System32\Tasks\{F070F5B9-E843-4BB2-B854-14588C8132B9} => Chrome.exe hxxp://ui.skype.com/ui/0/7.21.0.100/en/abandoninstall?page=tsMain
Task: {F3AC52A9-8556-41F0-9DF3-CD459C00B594} - System32\Tasks\SafeZone scheduled Autoupdate 1449092702 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-02-01] (Avast Software)
Task: {F6E15579-CD5C-4815-903E-C19DA189BA02} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {F8692447-CEF7-4F92-B156-DE451D2E1D06} - System32\Tasks\{CEEB1724-29F4-4F8C-8AE6-3A5B1AED6D8D} => pcalua.exe -a C:\Users\Taliah\Downloads\wmpplugin(2).exe -d "C:\Program Files\Windows Media Player "
Task: {FB6BBC94-FCAC-4C8D-B935-FCADA7B8856A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-03-07] (Hewlett-Packard)
Task: {FCA56214-ABDF-4B78-86A0-0B018B288795} - System32\Tasks\{F0B95EE7-E28B-4613-BA06-6E2328CB393F} => pcalua.exe -a "C:\Users\Taliah\Downloads\Shockwave_Installer_Slim (3).exe" -d C:\Users\Taliah\Downloads