Test Topic for Log Submissions

[Y kawika]

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-01-2015

Ran by Y_kawika (administrator) on YWORKCOMPUTER on 18-06-2017 08:06:49

Running from F:\Documents\Links\Pitstop\dds

Loaded Profiles: Y_kawika & PCPitstopSVC (Available profiles: Y_kawika & PCPitstopSVC & DefaultAppPool)

Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 11 (Default browser: IE)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe

(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe

(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE

(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe

(PC Pitstop) C:\Program Files (x86)\PCPitstop\Super Shield\PCPitstopRTService.exe

(PC Pitstop LLC LLC) C:\Program Files (x86)\PCPitstop\PCPitstopScheduleService.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

(Tech Sentry) C:\Program Files (x86)\Tech Sentry\Tech Sentry\MFAService.exe

() C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe

(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe

(VMware, Inc.) G:\VM\vmware-authd.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe

(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe

(Apple Inc.) G:\Programs\iTunes\iTunesHelper.exe

(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHRA.EXE

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe

(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe

(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe

(PC Pitstop) C:\Program Files (x86)\PCPitstop\Super Shield\PCMaticRT.exe

() G:\VM\vmware-hostd.exe

() G:\Programs\Fold_Pitstop\FAHClient\FAHClient.exe

(DTS) C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(magicJack L.P.) C:\Users\Y_kawika\AppData\Roaming\mjusbsp\magicJack.exe

(Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe

(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

(PC Pitstop LLC) C:\Program Files (x86)\PCPitstop\PushController.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8497368 2015-07-07] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-06-30] (Realtek Semiconductor)

HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [140568 2007-09-07] (Acronis)

HKLM\...\Run: [iTunesHelper] => G:\Programs\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)

HKLM-x32\...\Run: [AcronisTimounterMonitor] => C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe [905056 2007-09-07] (Acronis)

HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2010-01-22] (NEC Electronics Corporation)

HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2595480 2007-09-07] (Acronis)

HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\PCPitstop\remote\PCMaticRemoteDesktopServer.exe [1966848 2017-03-14] (Rocket Online Tuneup)

HKLM-x32\...\Run: [PC Matic] => C:\Program Files (x86)\PCPitstop\Super Shield\PCMaticRT.exe [2149632 2017-04-27] (PC Pitstop)

HKLM\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1

HKU\S-1-5-21-2416071488-3092864057-3775617353-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHRA.EXE [283232 2012-02-29] (SEIKO EPSON CORPORATION)

HKU\S-1-5-21-2416071488-3092864057-3775617353-1000\...\Run: [cdloader] => C:\Users\Y_kawika\AppData\Roaming\mjusbsp\cdloader2.exe [51592 2014-07-04] (magicJack L.P.)

Lsa: [Authentication Packages] msv1_0 relog_ap

Startup: C:\Users\Y_kawika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\[email protected]

ShortcutTarget: [email protected] -> G:\Programs\Fold_Pitstop\FAHClient\HideConsole.exe ()

Startup: C:\Users\Y_kawika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8620.lnk

ShortcutTarget: Monitor Ink Alerts - HP Officejet Pro 8620.lnk -> C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPStatusBL.dll (Hewlett-Packard Development Company, LP)

ShellIconOverlayIdentifiers: [ Tortoise1Normal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: [ Tortoise2Modified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: [ Tortoise3Conflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: [ Tortoise4Locked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: [ Tortoise5ReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: [ Tortoise6Deleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: [ Tortoise7Added] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: [ Tortoise8Ignored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: [ Tortoise9Unversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: [ Tortoise1Normal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: [ Tortoise2Modified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: [ Tortoise3Conflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: [ Tortoise4Locked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: [ Tortoise5ReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: [ Tortoise6Deleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: [ Tortoise7Added] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: [ Tortoise8Ignored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: [ Tortoise9Unversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

HKU\S-1-5-21-2416071488-3092864057-3775617353-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

HKU\S-1-5-21-2416071488-3092864057-3775617353-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/

SearchScopes: HKU\S-1-5-21-2416071488-3092864057-3775617353-1000 -> DefaultScope {02127D54-2AD2-414F-9EFC-642AF44EB06D} URL = http://www.google.com/search?q={searchTerms}

SearchScopes: HKU\S-1-5-21-2416071488-3092864057-3775617353-1000 -> {02127D54-2AD2-414F-9EFC-642AF44EB06D} URL = http://www.google.com/search?q={searchTerms}

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

DPF: HKLM-x32 {721700FE-7F0E-49C5-BDED-CA92B7CB1245} https://174.58.199.10/camclictrl.cab

DPF: HKLM-x32 {9732FB42-C321-11D1-836F-00A0C993F125} http://www.pcpitstop.com/mhLbl.cab

DPF: HKLM-x32 {A4150320-98EC-4DB6-9BFB-EBF4B6FBEB16} http://192.168.2.99:99/codebase/DVM_IPCam2.cab

DPF: HKLM-x32 {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/PCMagnum/controls/PCPitstop2.dll

Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File Not found ()

Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File Not found ()

Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File Not found ()

Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File Not found ()

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:

========

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> E:\Programs\VLC Player\VLC\npvlc.dll (VideoLAN)

FF Plugin HKU\S-1-5-21-2416071488-3092864057-3775617353-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Y_kawika\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)

FF Plugin HKU\S-1-5-21-2416071488-3092864057-3775617353-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Y_kawika\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)

FF Plugin HKU\S-1-5-21-2416071488-3092864057-3775617353-1000: @talk.google.com/O1DPlugin -> C:\Users\Y_kawika\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)

FF Plugin HKU\S-1-5-21-2416071488-3092864057-3775617353-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Y_kawika\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKU\S-1-5-21-2416071488-3092864057-3775617353-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Y_kawika\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKU\S-1-5-21-2416071488-3092864057-3775617353-1000: vsee.com/VSeeDetection -> C:\Users\Y_kawika\AppData\Roaming\VSeeInstall\npVSeeDetection.dll (VSee Lab)

FF Plugin HKU\S-1-5-21-2416071488-3092864057-3775617353-1000: www.mydlink.com/Uplayer -> C:\Users\Y_kawika\AppData\Roaming\D-Link\mydlink services plugin\1.0.2.7\npUplayer.dll (D-Link Corporation)

FF Plugin ProgramFiles/Appdata: C:\Users\Y_kawika\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)

FF Plugin ProgramFiles/Appdata: C:\Users\Y_kawika\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)

FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Fiddler2\FiddlerHook

FF Extension: No Name - C:\Program Files (x86)\Fiddler2\FiddlerHook [2015-10-21]

Chrome:

=======

CHR Profile: C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (No Name) - C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-23]

CHR Extension: (Google Docs) - C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-26]

CHR Extension: (Google Drive) - C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-26]

CHR Extension: (YouTube) - C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-26]

CHR Extension: (Google Search) - C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-26]

CHR Extension: (Google Sheets) - C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-26]

CHR Extension: (Google Docs Offline) - C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-03]

CHR Extension: (Chromebook Recovery Utility) - C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default\Extensions\jndclpdbaamdhonoechobihbbiimdgai [2016-01-15]

CHR Extension: (mydlink services plugin) - C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldibdoepbjbkkcbgndfljnphngpglhbb [2017-02-11]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-26]

CHR Extension: (PC Matic) - C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default\Extensions\okmhneofinpilciglijihehjpaegledb [2017-02-03]

CHR Extension: (Gmail) - C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-26]

CHR Extension: (Chrome Media Router) - C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-30]

CHR HKLM-x32\...\Chrome\Extension: [okmhneofinpilciglijihehjpaegledb] - No Path

Opera:

=======

StartMenuInternet: (HKU\S-1-5-21-2416071488-3092864057-3775617353-1000) OperaStable - E:\Programs\Opera\Launcher.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)

R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1386496 2016-08-22] (Microsoft Corporation)

R3 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [210024 2011-05-31] (DTS)

R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659592 2017-04-13] (Foxit Software Inc.)

S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)

S3 Mikogo-Service; C:\Users\Y_kawika\AppData\Roaming\Mikogo\Mikogo-Service.exe [1064920 2016-06-08] (BeamYourScreen GmbH)

S3 Nero BackItUp Scheduler 3; G:\Programs\Nero8\Nero 8\Nero BackItUp\NBService.exe [836904 2007-09-10] (Nero AG)

S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-08-21] (Nero AG)

R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-03-31] (NVIDIA Corporation)

S3 pcmaticremotedesktopserver; C:\Program Files (x86)\PCPitstop\remote\PCMaticRemoteDesktopServer.exe [1966848 2017-03-14] (Rocket Online Tuneup)

R2 PCPitstop Realtime; C:\Program Files (x86)\PCPitstop\Super Shield\PCPitstopRTService.exe [751360 2017-04-27] (PC Pitstop)

R2 PCPitstop Scheduling; C:\Program Files (x86)\PCPitstop\PCPitstopScheduleService.exe [198392 2017-03-14] (PC Pitstop LLC LLC)

S3 ss_conn_service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)

R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10883824 2017-03-17] (TeamViewer GmbH)

R2 TechSentry; C:\Program Files (x86)\Tech Sentry\Tech Sentry\MFAService.exe [704920 2016-01-15] (Tech Sentry)

R2 TryAndDecideService; C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [492600 2007-09-07] ()

R2 VMAuthdService; G:\VM\vmware-authd.exe [87744 2014-11-20] (VMware, Inc.)

R2 VMwareHostd; G:\VM\vmware-hostd.exe [12730560 2014-11-20] ()

R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()

S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)

S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [40584 2015-08-27] (ThreatTrack Security)

S3 gfiutil; C:\Windows\System32\drivers\gfiutil.sys [31264 2013-09-04] (ThreatTrack Security)

R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [250816 2017-06-09] (Malwarebytes)

R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()

R3 Razerlow; C:\Windows\System32\drivers\DB3G.sys [21120 2005-11-07] (Razer (Asia-Pacific) Pte Ltd)

S3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [9129176 2014-08-26] (Realtek Semiconductor Corp.)

S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)

R0 vsock; C:\Windows\System32\drivers\vsock.sys [76480 2014-11-17] (VMware, Inc.)

R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-08-28] (VMware, Inc.)

R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()

S3 dgderdrv; System32\drivers\dgderdrv.sys [X]

S4 NVHDA; system32\drivers\nvhda64v.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2017-06-18 08:06 - 2017-06-18 08:06 - 00000000 ____D () C:\FRST

2017-06-16 16:41 - 2017-06-02 04:28 - 02317824 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll

2017-06-16 16:41 - 2017-06-02 04:28 - 02222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll

2017-06-16 16:41 - 2017-06-02 04:28 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll

2017-06-16 16:41 - 2017-06-02 04:28 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll

2017-06-16 16:41 - 2017-06-02 04:28 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll

2017-06-16 16:41 - 2017-06-02 04:28 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll

2017-06-16 16:41 - 2017-06-02 04:28 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll

2017-06-16 16:41 - 2017-06-02 04:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll

2017-06-16 16:41 - 2017-06-02 04:28 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll

2017-06-16 16:41 - 2017-06-02 04:11 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe

2017-06-16 16:41 - 2017-06-02 04:11 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe

2017-06-16 16:41 - 2017-06-02 04:10 - 00733696 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe

2017-06-16 16:41 - 2017-06-02 04:10 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe

2017-06-16 16:41 - 2017-06-02 04:09 - 01549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll

2017-06-16 16:41 - 2017-06-02 04:09 - 01400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll

2017-06-16 16:41 - 2017-06-02 04:09 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll

2017-06-16 16:41 - 2017-06-02 04:09 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll

2017-06-16 16:41 - 2017-06-02 04:09 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll

2017-06-16 16:41 - 2017-06-02 04:09 - 00104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll

2017-06-16 16:41 - 2017-06-02 04:09 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll

2017-06-16 16:41 - 2017-06-02 04:09 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll

2017-06-16 16:41 - 2017-06-02 03:58 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe

2017-06-16 16:41 - 2017-06-02 03:58 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe

2017-06-16 16:41 - 2017-06-02 03:57 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe

2017-06-16 16:41 - 2017-06-02 03:57 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll

2017-06-16 16:41 - 2017-05-21 00:28 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2017-06-16 16:41 - 2017-05-21 00:28 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2017-06-16 16:41 - 2017-05-21 00:24 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2017-06-16 16:41 - 2017-05-20 23:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe

2017-06-16 16:41 - 2017-05-20 23:48 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys

2017-06-16 16:41 - 2017-05-20 23:48 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys

2017-06-16 16:41 - 2017-05-20 23:48 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys

2017-06-16 16:41 - 2017-05-20 23:47 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2017-06-16 16:41 - 2017-05-20 23:46 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe

2017-06-16 16:41 - 2017-05-20 23:42 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll

2017-06-16 16:41 - 2017-05-16 14:19 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2017-06-16 16:41 - 2017-05-16 13:35 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2017-06-16 16:41 - 2017-05-14 16:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2017-06-16 16:41 - 2017-05-14 16:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2017-06-16 16:41 - 2017-05-14 16:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2017-06-16 16:41 - 2017-05-14 16:27 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2017-06-16 16:41 - 2017-05-14 16:27 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2017-06-16 16:41 - 2017-05-14 16:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2017-06-16 16:41 - 2017-05-14 16:26 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2017-06-16 16:41 - 2017-05-14 16:24 - 02899456 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2017-06-16 16:41 - 2017-05-14 16:19 - 25738752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2017-06-16 16:41 - 2017-05-14 16:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2017-06-16 16:41 - 2017-05-14 16:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2017-06-16 16:41 - 2017-05-14 16:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2017-06-16 16:41 - 2017-05-14 16:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2017-06-16 16:41 - 2017-05-14 16:10 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2017-06-16 16:41 - 2017-05-14 16:10 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2017-06-16 16:41 - 2017-05-14 16:10 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2017-06-16 16:41 - 2017-05-14 16:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2017-06-16 16:41 - 2017-05-14 15:57 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2017-06-16 16:41 - 2017-05-14 15:55 - 05975040 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2017-06-16 16:41 - 2017-05-14 15:48 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2017-06-16 16:41 - 2017-05-14 15:47 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx

2017-06-16 16:41 - 2017-05-14 15:46 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2017-06-16 16:41 - 2017-05-14 15:42 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2017-06-16 16:41 - 2017-05-14 15:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2017-06-16 16:41 - 2017-05-14 15:38 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2017-06-16 16:41 - 2017-05-14 15:37 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2017-06-16 16:41 - 2017-05-14 15:36 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2017-06-16 16:41 - 2017-05-14 15:23 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2017-06-16 16:41 - 2017-05-14 15:23 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2017-06-16 16:41 - 2017-05-14 15:22 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2017-06-16 16:41 - 2017-05-14 15:22 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2017-06-16 16:41 - 2017-05-14 15:22 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2017-06-16 16:41 - 2017-05-14 15:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2017-06-16 16:41 - 2017-05-14 15:20 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2017-06-16 16:41 - 2017-05-14 15:19 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2017-06-16 16:41 - 2017-05-14 15:18 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2017-06-16 16:41 - 2017-05-14 15:17 - 02132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2017-06-16 16:41 - 2017-05-14 15:16 - 02290176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2017-06-16 16:41 - 2017-05-14 15:15 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2017-06-16 16:41 - 2017-05-14 15:14 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2017-06-16 16:41 - 2017-05-14 15:12 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2017-06-16 16:41 - 2017-05-14 15:11 - 20274688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2017-06-16 16:41 - 2017-05-14 15:11 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2017-06-16 16:41 - 2017-05-14 15:10 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2017-06-16 16:41 - 2017-05-14 15:10 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2017-06-16 16:41 - 2017-05-14 15:02 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2017-06-16 16:41 - 2017-05-14 14:57 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2017-06-16 16:41 - 2017-05-14 14:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2017-06-16 16:41 - 2017-05-14 14:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2017-06-16 16:41 - 2017-05-14 14:54 - 15252992 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2017-06-16 16:41 - 2017-05-14 14:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2017-06-16 16:41 - 2017-05-14 14:52 - 03240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2017-06-16 16:41 - 2017-05-14 14:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2017-06-16 16:41 - 2017-05-14 14:50 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2017-06-16 16:41 - 2017-05-14 14:49 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2017-06-16 16:41 - 2017-05-14 14:44 - 04549120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2017-06-16 16:41 - 2017-05-14 14:42 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2017-06-16 16:41 - 2017-05-14 14:40 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2017-06-16 16:41 - 2017-05-14 14:39 - 02057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2017-06-16 16:41 - 2017-05-14 14:38 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2017-06-16 16:41 - 2017-05-14 14:37 - 01544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2017-06-16 16:41 - 2017-05-14 14:30 - 13664768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2017-06-16 16:41 - 2017-05-14 14:27 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2017-06-16 16:41 - 2017-05-14 14:15 - 02767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2017-06-16 16:41 - 2017-05-14 14:11 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2017-06-16 16:41 - 2017-05-14 14:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2017-06-16 16:41 - 2017-05-12 14:27 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi

2017-06-16 16:41 - 2017-05-12 14:26 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2017-06-16 16:41 - 2017-05-12 14:26 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi

2017-06-16 16:41 - 2017-05-12 14:26 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll

2017-06-16 16:41 - 2017-05-12 14:24 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:07 - 04001000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2017-06-16 16:41 - 2017-05-12 14:07 - 03945704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2017-06-16 16:41 - 2017-05-12 14:07 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll

2017-06-16 16:41 - 2017-05-12 14:04 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll

2017-06-16 16:41 - 2017-05-12 14:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll

2017-06-16 16:41 - 2017-05-12 14:03 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll

2017-06-16 16:41 - 2017-05-12 14:03 - 00629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll

2017-06-16 16:41 - 2017-05-12 14:03 - 00313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2017-06-16 16:41 - 2017-05-12 14:03 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

2017-06-16 16:41 - 2017-05-12 14:03 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll

2017-06-16 16:41 - 2017-05-12 14:03 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll

2017-06-16 16:41 - 2017-05-12 14:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll

2017-06-16 16:41 - 2017-05-12 14:03 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll

2017-06-16 16:41 - 2017-05-12 14:03 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll

2017-06-16 16:41 - 2017-05-12 14:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll

2017-06-16 16:41 - 2017-05-12 14:03 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll

2017-06-16 16:41 - 2017-05-12 14:03 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 14:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 13:55 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe

2017-06-16 16:41 - 2017-05-12 13:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys

2017-06-16 16:41 - 2017-05-12 13:54 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe

2017-06-16 16:41 - 2017-05-12 13:52 - 03222528 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2017-06-16 16:41 - 2017-05-12 13:51 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe

2017-06-16 16:41 - 2017-05-12 13:50 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe

2017-06-16 16:41 - 2017-05-12 13:46 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe

2017-06-16 16:41 - 2017-05-12 13:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll

2017-06-16 16:41 - 2017-05-12 13:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe

2017-06-16 16:41 - 2017-05-12 13:41 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll

2017-06-16 16:41 - 2017-05-12 13:41 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe

2017-06-16 16:41 - 2017-05-12 13:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe

2017-06-16 16:41 - 2017-05-12 13:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 13:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 13:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 13:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll

2017-06-16 16:41 - 2017-05-12 12:25 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll

2017-06-16 16:41 - 2017-05-12 11:58 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll

2017-06-16 16:41 - 2017-05-12 11:58 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll

2017-06-16 16:41 - 2017-05-10 11:33 - 00091368 _____ (Microsoft Corporation) C:\Windows\system32\MigAutoPlay.exe

2017-06-16 16:41 - 2017-05-10 11:29 - 14183936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2017-06-16 16:41 - 2017-05-10 11:29 - 03165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2017-06-16 16:41 - 2017-05-10 11:29 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll

2017-06-16 16:41 - 2017-05-10 11:29 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2017-06-16 16:41 - 2017-05-10 11:29 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll

2017-06-16 16:41 - 2017-05-10 11:28 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll

2017-06-16 16:41 - 2017-05-10 11:16 - 00091368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MigAutoPlay.exe

2017-06-16 16:41 - 2017-05-10 11:14 - 02651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2017-06-16 16:41 - 2017-05-10 11:13 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

2017-06-16 16:41 - 2017-05-10 11:13 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2017-06-16 16:41 - 2017-05-10 11:13 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll

2017-06-16 16:41 - 2017-05-10 11:13 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2017-06-16 16:41 - 2017-05-10 11:13 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll

2017-06-16 16:41 - 2017-05-10 11:13 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll

2017-06-16 16:41 - 2017-05-10 11:12 - 12880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2017-06-16 16:41 - 2017-05-10 11:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll

2017-06-16 16:41 - 2017-05-10 11:12 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll

2017-06-16 16:41 - 2017-05-10 11:00 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll

2017-06-16 16:41 - 2017-05-10 11:00 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll

2017-06-16 16:41 - 2017-05-10 11:00 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

2017-06-16 16:41 - 2017-05-10 11:00 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll

2017-06-16 16:41 - 2017-05-10 10:52 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys

2017-06-16 16:41 - 2017-05-09 11:30 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll

2017-06-16 16:41 - 2017-05-09 11:29 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll

2017-06-16 16:41 - 2017-05-09 11:15 - 00071680 _____ () C:\Windows\system32\PrintBrmUi.exe

2017-06-16 16:41 - 2017-05-09 11:11 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll

2017-06-16 16:41 - 2017-05-07 11:33 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys

2017-06-16 16:41 - 2017-05-07 11:29 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll

2017-06-16 16:41 - 2017-03-30 11:03 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\rundll32.exe

2017-06-16 16:41 - 2017-03-30 10:58 - 00045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe

2017-06-16 12:50 - 2017-06-16 12:50 - 00015270 _____ () C:\Users\Y_kawika\Downloads\msg0011.WAV

2017-06-15 13:58 - 2017-06-15 13:58 - 00027815 _____ () C:\Users\Y_kawika\Downloads\msg0010.WAV

2017-06-11 08:54 - 2017-06-17 10:45 - 00000970 _____ () C:\Users\Y_kawika\Desktop\magicJack.lnk

2017-06-09 16:29 - 2017-06-09 16:29 - 02150120 _____ (PC Pitstop LLC ) C:\Users\Y_kawika\Downloads\pcmaticss3.0.0.0-setup.exe

2017-06-07 07:23 - 2017-06-07 07:23 - 00002208 _____ () C:\Users\Public\Desktop\HP Officejet Pro 8620.lnk

2017-06-07 07:23 - 2017-06-07 07:23 - 00000057 _____ () C:\ProgramData\Ament.ini

2017-06-07 07:23 - 2017-06-07 07:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP

2017-06-07 07:23 - 2017-06-07 07:23 - 00000000 ____D () C:\ProgramData\HP

2017-06-07 07:23 - 2017-06-07 07:23 - 00000000 ____D () C:\Program Files\HP

2017-06-07 07:23 - 2017-06-07 07:23 - 00000000 ____D () C:\Program Files (x86)\HP

2017-06-07 07:23 - 2014-07-21 16:31 - 00763912 ____N (Hewlett-Packard Development Company, LP) C:\Windows\system32\HPDiscoPM7012.dll

2017-06-07 07:22 - 2017-06-07 07:23 - 00000000 ____D () C:\Users\Y_kawika\AppData\Local\HP

2017-06-07 06:17 - 2017-06-07 06:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician

2017-06-02 14:48 - 2017-06-02 16:09 - 00000000 _____ () C:\Users\Y_kawika\Documents\eFolderPort

2017-06-02 14:43 - 2017-06-02 14:43 - 00000000 ____D () C:\Users\Y_kawika\AppData\Local\CEF

2017-06-02 13:18 - 2017-06-02 13:18 - 00000000 ____D () C:\SmartClientCache

2017-06-02 13:18 - 2017-06-02 13:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft WSE

2017-06-02 13:17 - 2017-06-02 13:17 - 00000000 ____D () C:\Program Files (x86)\Encompass

2017-06-02 13:16 - 2017-06-02 14:22 - 00000000 ____D () C:\ProgramData\Adobe

2017-06-02 13:16 - 2017-06-02 13:16 - 00000000 ____D () C:\Program Files (x86)\Adobe

2017-06-01 16:51 - 2017-06-12 08:25 - 00000000 ____D () C:\Users\PCPitstopSVC

2017-06-01 16:51 - 2017-06-01 16:51 - 00000020 ___SH () C:\Users\PCPitstopSVC\ntuser.ini

2017-06-01 16:51 - 2015-05-29 06:43 - 00000000 ____D () C:\Users\PCPitstopSVC\AppData\Local\Google

2017-06-01 16:51 - 2015-04-27 03:00 - 00000000 ____D () C:\Users\PCPitstopSVC\AppData\Local\Microsoft Help

2017-06-01 16:51 - 2015-04-25 19:25 - 00000000 ___RD () C:\Users\PCPitstopSVC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2017-06-01 16:51 - 2015-04-25 19:25 - 00000000 ___RD () C:\Users\PCPitstopSVC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2017-05-31 21:34 - 2017-05-31 21:34 - 00000000 ____D () C:\Users\Y_kawika\Documents\paint.net User Files

2017-05-30 14:39 - 2017-05-30 14:39 - 00003980 _____ () C:\Users\Y_kawika\Downloads\Scripts (2).zip

2017-05-23 06:45 - 2017-05-23 06:45 - 00001539 _____ () C:\Users\Public\Desktop\iTunes.lnk

2017-05-23 06:45 - 2017-05-23 06:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2017-05-23 06:45 - 2017-05-23 06:45 - 00000000 ____D () C:\Program Files\iPod

2017-05-22 15:48 - 2017-05-22 15:48 - 00092035 _____ () C:\Users\Y_kawika\Downloads\msg0005.WAV

[Y kawika]

Addition.txt

[Y kawika]

HijackThis attempt to post

 

hijackthis.txt

[Y kawika]

.log file type attempt

 

hijackthis.log

 

 

[Augusto]

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-01-2015

Ran by Y_kawika (administrator) on YWORKCOMPUTER on 18-06-2017 08:06:49

Running from F:\Documents\Links\Pitstop\dds

Loaded Profiles: Y_kawika & PCPitstopSVC (Available profiles: Y_kawika & PCPitstopSVC & DefaultAppPool)

Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 11 (Default browser: IE)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe

(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe

(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE

(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe

(PC Pitstop) C:\Program Files (x86)\PCPitstop\Super Shield\PCPitstopRTService.exe

(PC Pitstop LLC LLC) C:\Program Files (x86)\PCPitstop\PCPitstopScheduleService.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

(Tech Sentry) C:\Program Files (x86)\Tech Sentry\Tech Sentry\MFAService.exe

() C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe

(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe

(VMware, Inc.) G:\VM\vmware-authd.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe

(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe

(Apple Inc.) G:\Programs\iTunes\iTunesHelper.exe

(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHRA.EXE

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe

(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe

(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe

(PC Pitstop) C:\Program Files (x86)\PCPitstop\Super Shield\PCMaticRT.exe

() G:\VM\vmware-hostd.exe

() G:\Programs\Fold_Pitstop\FAHClient\FAHClient.exe

(DTS) C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(magicJack L.P.) C:\Users\Y_kawika\AppData\Roaming\mjusbsp\magicJack.exe

(Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe

(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

(PC Pitstop LLC) C:\Program Files (x86)\PCPitstop\PushController.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8497368 2015-07-07] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-06-30] (Realtek Semiconductor)

HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [140568 2007-09-07] (Acronis)

HKLM\...\Run: [iTunesHelper] => G:\Programs\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)

HKLM-x32\...\Run: [AcronisTimounterMonitor] => C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe [905056 2007-09-07] (Acronis)

HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2010-01-22] (NEC Electronics Corporation)

HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2595480 2007-09-07] (Acronis)

HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\PCPitstop\remote\PCMaticRemoteDesktopServer.exe [1966848 2017-03-14] (Rocket Online Tuneup)

HKLM-x32\...\Run: [PC Matic] => C:\Program Files (x86)\PCPitstop\Super Shield\PCMaticRT.exe [2149632 2017-04-27] (PC Pitstop)

HKLM\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1

HKU\S-1-5-21-2416071488-3092864057-3775617353-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHRA.EXE [283232 2012-02-29] (SEIKO EPSON CORPORATION)

HKU\S-1-5-21-2416071488-3092864057-3775617353-1000\...\Run: [cdloader] => C:\Users\Y_kawika\AppData\Roaming\mjusbsp\cdloader2.exe [51592 2014-07-04] (magicJack L.P.)

Lsa: [Authentication Packages] msv1_0 relog_ap

Startup: C:\Users\Y_kawika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\[email protected]

ShortcutTarget: [email protected] -> G:\Programs\Fold_Pitstop\FAHClient\HideConsole.exe ()

Startup: C:\Users\Y_kawika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8620.lnk

ShortcutTarget: Monitor Ink Alerts - HP Officejet Pro 8620.lnk -> C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPStatusBL.dll (Hewlett-Packard Development Company, LP)

ShellIconOverlayIdentifiers: [ Tortoise1Normal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: [ Tortoise2Modified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: [ Tortoise3Conflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: [ Tortoise4Locked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: [ Tortoise5ReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: [ Tortoise6Deleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: [ Tortoise7Added] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: [ Tortoise8Ignored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: [ Tortoise9Unversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: [ Tortoise1Normal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: [ Tortoise2Modified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: [ Tortoise3Conflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: [ Tortoise4Locked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: [ Tortoise5ReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: [ Tortoise6Deleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: [ Tortoise7Added] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: [ Tortoise8Ignored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: [ Tortoise9Unversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

HKU\S-1-5-21-2416071488-3092864057-3775617353-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

HKU\S-1-5-21-2416071488-3092864057-3775617353-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/

SearchScopes: HKU\S-1-5-21-2416071488-3092864057-3775617353-1000 -> DefaultScope {02127D54-2AD2-414F-9EFC-642AF44EB06D} URL = http://www.google.co...q={searchTerms}

SearchScopes: HKU\S-1-5-21-2416071488-3092864057-3775617353-1000 -> {02127D54-2AD2-414F-9EFC-642AF44EB06D} URL = http://www.google.co...q={searchTerms}

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

DPF: HKLM-x32 {721700FE-7F0E-49C5-BDED-CA92B7CB1245} https://174.58.199.10/camclictrl.cab

DPF: HKLM-x32 {9732FB42-C321-11D1-836F-00A0C993F125} http://www.pcpitstop.com/mhLbl.cab

DPF: HKLM-x32 {A4150320-98EC-4DB6-9BFB-EBF4B6FBEB16} http://192.168.2.99:.../DVM_IPCam2.cab

DPF: HKLM-x32 {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcp.../PCPitstop2.dll

Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File Not found ()

Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File Not found ()

Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File Not found ()

Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File Not found ()

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:

========

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> E:\Programs\VLC Player\VLC\npvlc.dll (VideoLAN)

FF Plugin HKU\S-1-5-21-2416071488-3092864057-3775617353-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Y_kawika\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)

FF Plugin HKU\S-1-5-21-2416071488-3092864057-3775617353-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Y_kawika\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)

FF Plugin HKU\S-1-5-21-2416071488-3092864057-3775617353-1000: @talk.google.com/O1DPlugin -> C:\Users\Y_kawika\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)

FF Plugin HKU\S-1-5-21-2416071488-3092864057-3775617353-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Y_kawika\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKU\S-1-5-21-2416071488-3092864057-3775617353-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Y_kawika\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKU\S-1-5-21-2416071488-3092864057-3775617353-1000: vsee.com/VSeeDetection -> C:\Users\Y_kawika\AppData\Roaming\VSeeInstall\npVSeeDetection.dll (VSee Lab)

FF Plugin HKU\S-1-5-21-2416071488-3092864057-3775617353-1000: www.mydlink.com/Uplayer -> C:\Users\Y_kawika\AppData\Roaming\D-Link\mydlink services plugin\1.0.2.7\npUplayer.dll (D-Link Corporation)

FF Plugin ProgramFiles/Appdata: C:\Users\Y_kawika\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)

FF Plugin ProgramFiles/Appdata: C:\Users\Y_kawika\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)

FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Fiddler2\FiddlerHook

FF Extension: No Name - C:\Program Files (x86)\Fiddler2\FiddlerHook [2015-10-21]

Chrome:

=======

CHR Profile: C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (No Name) - C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-23]

CHR Extension: (Google Docs) - C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-26]

CHR Extension: (Google Drive) - C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-26]

CHR Extension: (YouTube) - C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-26]

CHR Extension: (Google Search) - C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-26]

CHR Extension: (Google Sheets) - C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-26]

CHR Extension: (Google Docs Offline) - C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-03]

CHR Extension: (Chromebook Recovery Utility) - C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default\Extensions\jndclpdbaamdhonoechobihbbiimdgai [2016-01-15]

CHR Extension: (mydlink services plugin) - C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldibdoepbjbkkcbgndfljnphngpglhbb [2017-02-11]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-26]

CHR Extension: (PC Matic) - C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default\Extensions\okmhneofinpilciglijihehjpaegledb [2017-02-03]

CHR Extension: (Gmail) - C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-26]

CHR Extension: (Chrome Media Router) - C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-30]

CHR HKLM-x32\...\Chrome\Extension: [okmhneofinpilciglijihehjpaegledb] - No Path

Opera:

=======

StartMenuInternet: (HKU\S-1-5-21-2416071488-3092864057-3775617353-1000) OperaStable - E:\Programs\Opera\Launcher.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)

R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1386496 2016-08-22] (Microsoft Corporation)

R3 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [210024 2011-05-31] (DTS)

R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659592 2017-04-13] (Foxit Software Inc.)

S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)

S3 Mikogo-Service; C:\Users\Y_kawika\AppData\Roaming\Mikogo\Mikogo-Service.exe [1064920 2016-06-08] (BeamYourScreen GmbH)

S3 Nero BackItUp Scheduler 3; G:\Programs\Nero8\Nero 8\Nero BackItUp\NBService.exe [836904 2007-09-10] (Nero AG)

S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-08-21] (Nero AG)

R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-03-31] (NVIDIA Corporation)

S3 pcmaticremotedesktopserver; C:\Program Files (x86)\PCPitstop\remote\PCMaticRemoteDesktopServer.exe [1966848 2017-03-14] (Rocket Online Tuneup)

R2 PCPitstop Realtime; C:\Program Files (x86)\PCPitstop\Super Shield\PCPitstopRTService.exe [751360 2017-04-27] (PC Pitstop)

R2 PCPitstop Scheduling; C:\Program Files (x86)\PCPitstop\PCPitstopScheduleService.exe [198392 2017-03-14] (PC Pitstop LLC LLC)

S3 ss_conn_service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)

R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10883824 2017-03-17] (TeamViewer GmbH)

R2 TechSentry; C:\Program Files (x86)\Tech Sentry\Tech Sentry\MFAService.exe [704920 2016-01-15] (Tech Sentry)

R2 TryAndDecideService; C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [492600 2007-09-07] ()

R2 VMAuthdService; G:\VM\vmware-authd.exe [87744 2014-11-20] (VMware, Inc.)

R2 VMwareHostd; G:\VM\vmware-hostd.exe [12730560 2014-11-20] ()

R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()

S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)

S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [40584 2015-08-27] (ThreatTrack Security)

S3 gfiutil; C:\Windows\System32\drivers\gfiutil.sys [31264 2013-09-04] (ThreatTrack Security)

R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [250816 2017-06-09] (Malwarebytes)

R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()

R3 Razerlow; C:\Windows\System32\drivers\DB3G.sys [21120 2005-11-07] (Razer (Asia-Pacific) Pte Ltd)

S3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [9129176 2014-08-26] (Realtek Semiconductor Corp.)

S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)

R0 vsock; C:\Windows\System32\drivers\vsock.sys [76480 2014-11-17] (VMware, Inc.)

R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-08-28] (VMware, Inc.)

R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()

S3 dgderdrv; System32\drivers\dgderdrv.sys [X]

S4 NVHDA; system32\drivers\nvhda64v.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2017-06-18 08:06 - 2017-06-18 08:06 - 00000000 ____D () C:\FRST

2017-06-16 16:41 - 2017-06-02 04:28 - 02317824 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll

2017-06-16 16:41 - 2017-06-02 04:28 - 02222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll

2017-06-16 16:41 - 2017-06-02 04:28 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll

2017-06-16 16:41 - 2017-06-02 04:28 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll

2017-06-16 16:41 - 2017-06-02 04:28 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll

2017-06-16 16:41 - 2017-06-02 04:28 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll

2017-06-16 16:41 - 2017-06-02 04:28 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll

2017-06-16 16:41 - 2017-06-02 04:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll

2017-06-16 16:41 - 2017-06-02 04:28 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll

2017-06-16 16:41 - 2017-06-02 04:11 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe

2017-06-16 16:41 - 2017-06-02 04:11 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe

2017-06-16 16:41 - 2017-06-02 04:10 - 00733696 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe

2017-06-16 16:41 - 2017-06-02 04:10 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe

2017-06-16 16:41 - 2017-06-02 04:09 - 01549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll

2017-06-16 16:41 - 2017-06-02 04:09 - 01400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll

2017-06-16 16:41 - 2017-06-02 04:09 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll

2017-06-16 16:41 - 2017-06-02 04:09 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll

2017-06-16 16:41 - 2017-06-02 04:09 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll

2017-06-16 16:41 - 2017-06-02 04:09 - 00104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll

2017-06-16 16:41 - 2017-06-02 04:09 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll

2017-06-16 16:41 - 2017-06-02 04:09 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll

2017-06-16 16:41 - 2017-06-02 03:58 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe

2017-06-16 16:41 - 2017-06-02 03:58 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe

2017-06-16 16:41 - 2017-06-02 03:57 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe

2017-06-16 16:41 - 2017-06-02 03:57 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll

2017-06-16 16:41 - 2017-05-21 00:28 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2017-06-16 16:41 - 2017-05-21 00:28 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2017-06-16 16:41 - 2017-05-21 00:24 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2017-06-16 16:41 - 2017-05-20 23:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe

2017-06-16 16:41 - 2017-05-20 23:48 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys

2017-06-16 16:41 - 2017-05-20 23:48 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys

2017-06-16 16:41 - 2017-05-20 23:48 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys

2017-06-16 16:41 - 2017-05-20 23:47 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2017-06-16 16:41 - 2017-05-20 23:46 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe

2017-06-16 16:41 - 2017-05-20 23:42 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll

2017-06-16 16:41 - 2017-05-16 14:19 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2017-06-16 16:41 - 2017-05-16 13:35 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2017-06-16 16:41 - 2017-05-14 16:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2017-06-16 16:41 - 2017-05-14 16:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2017-06-16 16:41 - 2017-05-14 16:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2017-06-16 16:41 - 2017-05-14 16:27 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2017-06-16 16:41 - 2017-05-14 16:27 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2017-06-16 16:41 - 2017-05-14 16:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2017-06-16 16:41 - 2017-05-14 16:26 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2017-06-16 16:41 - 2017-05-14 16:24 - 02899456 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2017-06-16 16:41 - 2017-05-14 16:19 - 25738752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2017-06-16 16:41 - 2017-05-14 16:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2017-06-16 16:41 - 2017-05-14 16:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2017-06-16 16:41 - 2017-05-14 16:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2017-06-16 16:41 - 2017-05-14 16:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2017-06-16 16:41 - 2017-05-14 16:10 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2017-06-16 16:41 - 2017-05-14 16:10 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2017-06-16 16:41 - 2017-05-14 16:10 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2017-06-16 16:41 - 2017-05-14 16:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2017-06-16 16:41 - 2017-05-14 15:57 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2017-06-16 16:41 - 2017-05-14 15:55 - 05975040 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2017-06-16 16:41 - 2017-05-14 15:48 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2017-06-16 16:41 - 2017-05-14 15:47 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx

2017-06-16 16:41 - 2017-05-14 15:46 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2017-06-16 16:41 - 2017-05-14 15:42 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2017-06-16 16:41 - 2017-05-14 15:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2017-06-16 16:41 - 2017-05-14 15:38 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2017-06-16 16:41 - 2017-05-14 15:37 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2017-06-16 16:41 - 2017-05-14 15:36 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2017-06-16 16:41 - 2017-05-14 15:23 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2017-06-16 16:41 - 2017-05-14 15:23 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2017-06-16 16:41 - 2017-05-14 15:22 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

[Augusto]

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-01-2015

Ran by Y_kawika (administrator) on YWORKCOMPUTER on 18-06-2017 08:06:49

Running from F:\Documents\Links\Pitstop\dds

Loaded Profiles: Y_kawika & PCPitstopSVC (Available profiles: Y_kawika & PCPitstopSVC & DefaultAppPool)

Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 11 (Default browser: IE)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe

(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe

(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE

(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe

(PC Pitstop) C:\Program Files (x86)\PCPitstop\Super Shield\PCPitstopRTService.exe

(PC Pitstop LLC LLC) C:\Program Files (x86)\PCPitstop\PCPitstopScheduleService.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

(Tech Sentry) C:\Program Files (x86)\Tech Sentry\Tech Sentry\MFAService.exe

() C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe

(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe

(VMware, Inc.) G:\VM\vmware-authd.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe

(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe

(Apple Inc.) G:\Programs\iTunes\iTunesHelper.exe

(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHRA.EXE

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe

(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe

(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe

(PC Pitstop) C:\Program Files (x86)\PCPitstop\Super Shield\PCMaticRT.exe

() G:\VM\vmware-hostd.exe

() G:\Programs\Fold_Pitstop\FAHClient\FAHClient.exe

(DTS) C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(magicJack L.P.) C:\Users\Y_kawika\AppData\Roaming\mjusbsp\magicJack.exe

(Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe

(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

(PC Pitstop LLC) C:\Program Files (x86)\PCPitstop\PushController.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8497368 2015-07-07] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-06-30] (Realtek Semiconductor)

HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [140568 2007-09-07] (Acronis)

HKLM\...\Run: [iTunesHelper] => G:\Programs\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)

HKLM-x32\...\Run: [AcronisTimounterMonitor] => C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe [905056 2007-09-07] (Acronis)

HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2010-01-22] (NEC Electronics Corporation)

HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2595480 2007-09-07] (Acronis)

HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\PCPitstop\remote\PCMaticRemoteDesktopServer.exe [1966848 2017-03-14] (Rocket Online Tuneup)

HKLM-x32\...\Run: [PC Matic] => C:\Program Files (x86)\PCPitstop\Super Shield\PCMaticRT.exe [2149632 2017-04-27] (PC Pitstop)

HKLM\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1

HKU\S-1-5-21-2416071488-3092864057-3775617353-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHRA.EXE [283232 2012-02-29] (SEIKO EPSON CORPORATION)

HKU\S-1-5-21-2416071488-3092864057-3775617353-1000\...\Run: [cdloader] => C:\Users\Y_kawika\AppData\Roaming\mjusbsp\cdloader2.exe [51592 2014-07-04] (magicJack L.P.)

Lsa: [Authentication Packages] msv1_0 relog_ap

Startup: C:\Users\Y_kawika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\[email protected]

ShortcutTarget: [email protected] -> G:\Programs\Fold_Pitstop\FAHClient\HideConsole.exe ()

Startup: C:\Users\Y_kawika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8620.lnk

ShortcutTarget: Monitor Ink Alerts - HP Officejet Pro 8620.lnk -> C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPStatusBL.dll (Hewlett-Packard Development Company, LP)

ShellIconOverlayIdentifiers: [ Tortoise1Normal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: [ Tortoise2Modified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: [ Tortoise3Conflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: [ Tortoise4Locked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: [ Tortoise5ReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: [ Tortoise6Deleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: [ Tortoise7Added] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: [ Tortoise8Ignored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: [ Tortoise9Unversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: [ Tortoise1Normal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: [ Tortoise2Modified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: [ Tortoise3Conflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: [ Tortoise4Locked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: [ Tortoise5ReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: [ Tortoise6Deleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: [ Tortoise7Added] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: [ Tortoise8Ignored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: [ Tortoise9Unversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

HKU\S-1-5-21-2416071488-3092864057-3775617353-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

HKU\S-1-5-21-2416071488-3092864057-3775617353-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/

SearchScopes: HKU\S-1-5-21-2416071488-3092864057-3775617353-1000 -> DefaultScope {02127D54-2AD2-414F-9EFC-642AF44EB06D} URL = http://www.google.co...q={searchTerms}

SearchScopes: HKU\S-1-5-21-2416071488-3092864057-3775617353-1000 -> {02127D54-2AD2-414F-9EFC-642AF44EB06D} URL = http://www.google.co...q={searchTerms}

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

DPF: HKLM-x32 {721700FE-7F0E-49C5-BDED-CA92B7CB1245} https://174.58.199.10/camclictrl.cab

DPF: HKLM-x32 {9732FB42-C321-11D1-836F-00A0C993F125} http://www.pcpitstop.com/mhLbl.cab

DPF: HKLM-x32 {A4150320-98EC-4DB6-9BFB-EBF4B6FBEB16} http://192.168.2.99:.../DVM_IPCam2.cab

DPF: HKLM-x32 {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcp.../PCPitstop2.dll

Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File Not found ()

Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File Not found ()

Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File Not found ()

Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File Not found ()

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:

========

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> E:\Programs\VLC Player\VLC\npvlc.dll (VideoLAN)

FF Plugin HKU\S-1-5-21-2416071488-3092864057-3775617353-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Y_kawika\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)

FF Plugin HKU\S-1-5-21-2416071488-3092864057-3775617353-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Y_kawika\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)

FF Plugin HKU\S-1-5-21-2416071488-3092864057-3775617353-1000: @talk.google.com/O1DPlugin -> C:\Users\Y_kawika\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)

FF Plugin HKU\S-1-5-21-2416071488-3092864057-3775617353-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Y_kawika\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKU\S-1-5-21-2416071488-3092864057-3775617353-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Y_kawika\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKU\S-1-5-21-2416071488-3092864057-3775617353-1000: vsee.com/VSeeDetection -> C:\Users\Y_kawika\AppData\Roaming\VSeeInstall\npVSeeDetection.dll (VSee Lab)

FF Plugin HKU\S-1-5-21-2416071488-3092864057-3775617353-1000: www.mydlink.com/Uplayer -> C:\Users\Y_kawika\AppData\Roaming\D-Link\mydlink services plugin\1.0.2.7\npUplayer.dll (D-Link Corporation)

FF Plugin ProgramFiles/Appdata: C:\Users\Y_kawika\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)

FF Plugin ProgramFiles/Appdata: C:\Users\Y_kawika\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)

FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Fiddler2\FiddlerHook

FF Extension: No Name - C:\Program Files (x86)\Fiddler2\FiddlerHook [2015-10-21]

Chrome:

=======

CHR Profile: C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (No Name) - C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-23]

CHR Extension: (Google Docs) - C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-26]

CHR Extension: (Google Drive) - C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-26]

CHR Extension: (YouTube) - C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-26]

CHR Extension: (Google Search) - C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-26]

CHR Extension: (Google Sheets) - C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-26]

CHR Extension: (Google Docs Offline) - C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-03]

CHR Extension: (Chromebook Recovery Utility) - C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default\Extensions\jndclpdbaamdhonoechobihbbiimdgai [2016-01-15]

CHR Extension: (mydlink services plugin) - C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldibdoepbjbkkcbgndfljnphngpglhbb [2017-02-11]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-26]

CHR Extension: (PC Matic) - C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default\Extensions\okmhneofinpilciglijihehjpaegledb [2017-02-03]

CHR Extension: (Gmail) - C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-26]

CHR Extension: (Chrome Media Router) - C:\Users\Y_kawika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-30]

CHR HKLM-x32\...\Chrome\Extension: [okmhneofinpilciglijihehjpaegledb] - No Path

Opera:

=======

StartMenuInternet: (HKU\S-1-5-21-2416071488-3092864057-3775617353-1000) OperaStable - E:\Programs\Opera\Launcher.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)

R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1386496 2016-08-22] (Microsoft Corporation)

R3 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [210024 2011-05-31] (DTS)

R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659592 2017-04-13] (Foxit Software Inc.)

S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)

S3 Mikogo-Service; C:\Users\Y_kawika\AppData\Roaming\Mikogo\Mikogo-Service.exe [1064920 2016-06-08] (BeamYourScreen GmbH)

S3 Nero BackItUp Scheduler 3; G:\Programs\Nero8\Nero 8\Nero BackItUp\NBService.exe [836904 2007-09-10] (Nero AG)

S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-08-21] (Nero AG)

R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-03-31] (NVIDIA Corporation)

S3 pcmaticremotedesktopserver; C:\Program Files (x86)\PCPitstop\remote\PCMaticRemoteDesktopServer.exe [1966848 2017-03-14] (Rocket Online Tuneup)

R2 PCPitstop Realtime; C:\Program Files (x86)\PCPitstop\Super Shield\PCPitstopRTService.exe [751360 2017-04-27] (PC Pitstop)

R2 PCPitstop Scheduling; C:\Program Files (x86)\PCPitstop\PCPitstopScheduleService.exe [198392 2017-03-14] (PC Pitstop LLC LLC)

S3 ss_conn_service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)

R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10883824 2017-03-17] (TeamViewer GmbH)

R2 TechSentry; C:\Program Files (x86)\Tech Sentry\Tech Sentry\MFAService.exe [704920 2016-01-15] (Tech Sentry)

R2 TryAndDecideService; C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [492600 2007-09-07] ()

R2 VMAuthdService; G:\VM\vmware-authd.exe [87744 2014-11-20] (VMware, Inc.)

R2 VMwareHostd; G:\VM\vmware-hostd.exe [12730560 2014-11-20] ()

R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()

S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)

S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [40584 2015-08-27] (ThreatTrack Security)

S3 gfiutil; C:\Windows\System32\drivers\gfiutil.sys [31264 2013-09-04] (ThreatTrack Security)

R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [250816 2017-06-09] (Malwarebytes)

R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()

R3 Razerlow; C:\Windows\System32\drivers\DB3G.sys [21120 2005-11-07] (Razer (Asia-Pacific) Pte Ltd)

S3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [9129176 2014-08-26] (Realtek Semiconductor Corp.)

S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)

R0 vsock; C:\Windows\System32\drivers\vsock.sys [76480 2014-11-17] (VMware, Inc.)

R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-08-28] (VMware, Inc.)

R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()

S3 dgderdrv; System32\drivers\dgderdrv.sys [X]

S4 NVHDA; system32\drivers\nvhda64v.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2017-06-18 08:06 - 2017-06-18 08:06 - 00000000 ____D () C:\FRST

2017-06-16 16:41 - 2017-06-02 04:28 - 02317824 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll

2017-06-16 16:41 - 2017-06-02 04:28 - 02222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll

2017-06-16 16:41 - 2017-06-02 04:28 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll

2017-06-16 16:41 - 2017-06-02 04:28 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll

2017-06-16 16:41 - 2017-06-02 04:28 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll

2017-06-16 16:41 - 2017-06-02 04:28 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll

2017-06-16 16:41 - 2017-06-02 04:28 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll

2017-06-16 16:41 - 2017-06-02 04:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll

2017-06-16 16:41 - 2017-06-02 04:28 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll

2017-06-16 16:41 - 2017-06-02 04:11 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe

2017-06-16 16:41 - 2017-06-02 04:11 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe

2017-06-16 16:41 - 2017-06-02 04:10 - 00733696 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe

2017-06-16 16:41 - 2017-06-02 04:10 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe

2017-06-16 16:41 - 2017-06-02 04:09 - 01549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll

2017-06-16 16:41 - 2017-06-02 04:09 - 01400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll

2017-06-16 16:41 - 2017-06-02 04:09 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll

2017-06-16 16:41 - 2017-06-02 04:09 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll

2017-06-16 16:41 - 2017-06-02 04:09 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll

2017-06-16 16:41 - 2017-06-02 04:09 - 00104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll

2017-06-16 16:41 - 2017-06-02 04:09 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll

2017-06-16 16:41 - 2017-06-02 04:09 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll

2017-06-16 16:41 - 2017-06-02 03:58 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe

2017-06-16 16:41 - 2017-06-02 03:58 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe

2017-06-16 16:41 - 2017-06-02 03:57 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe

2017-06-16 16:41 - 2017-06-02 03:57 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll

2017-06-16 16:41 - 2017-05-21 00:28 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2017-06-16 16:41 - 2017-05-21 00:28 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2017-06-16 16:41 - 2017-05-21 00:24 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2017-06-16 16:41 - 2017-05-21 00:24 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2017-06-16 16:41 - 2017-05-21 00:06 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2017-06-16 16:41 - 2017-05-20 23:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe

2017-06-16 16:41 - 2017-05-20 23:48 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys

2017-06-16 16:41 - 2017-05-20 23:48 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys

2017-06-16 16:41 - 2017-05-20 23:48 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys

2017-06-16 16:41 - 2017-05-20 23:47 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2017-06-16 16:41 - 2017-05-20 23:46 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe

2017-06-16 16:41 - 2017-05-20 23:42 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll

2017-06-16 16:41 - 2017-05-16 14:19 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2017-06-16 16:41 - 2017-05-16 13:35 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2017-06-16 16:41 - 2017-05-14 16:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2017-06-16 16:41 - 2017-05-14 16:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2017-06-16 16:41 - 2017-05-14 16:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2017-06-16 16:41 - 2017-05-14 16:27 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2017-06-16 16:41 - 2017-05-14 16:27 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2017-06-16 16:41 - 2017-05-14 16:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2017-06-16 16:41 - 2017-05-14 16:26 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2017-06-16 16:41 - 2017-05-14 16:24 - 02899456 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2017-06-16 16:41 - 2017-05-14 16:19 - 25738752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2017-06-16 16:41 - 2017-05-14 16:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2017-06-16 16:41 - 2017-05-14 16:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2017-06-16 16:41 - 2017-05-14 16:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2017-06-16 16:41 - 2017-05-14 16:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2017-06-16 16:41 - 2017-05-14 16:10 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2017-06-16 16:41 - 2017-05-14 16:10 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2017-06-16 16:41 - 2017-05-14 16:10 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2017-06-16 16:41 - 2017-05-14 16:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2017-06-16 16:41 - 2017-05-14 15:57 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2017-06-16 16:41 - 2017-05-14 15:55 - 05975040 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2017-06-16 16:41 - 2017-05-14 15:48 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2017-06-16 16:41 - 2017-05-14 15:47 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx

2017-06-16 16:41 - 2017-05-14 15:46 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2017-06-16 16:41 - 2017-05-14 15:42 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2017-06-16 16:41 - 2017-05-14 15:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2017-06-16 16:41 - 2017-05-14 15:38 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2017-06-16 16:41 - 2017-05-14 15:37 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2017-06-16 16:41 - 2017-05-14 15:36 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2017-06-16 16:41 - 2017-05-14 15:23 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2017-06-16 16:41 - 2017-05-14 15:23 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2017-06-16 16:41 - 2017-05-14 15:22 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

[Juliet]

experimenting?

 

[Augusto]

experimenting?

 

Hi Julliet - Yes - it is just for test. Thanks!

[Augusto]

==================== Event log errors: =========================

Application errors:
==================
Error: (06/18/2017 03:09:43 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "AceDAO,language="*",processorArchitecture="X86",type="win32",version="12.0.0.0"1".
Dependent Assembly AceDAO,language="*",processorArchitecture="X86",type="win32",version="12.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (06/18/2017 03:09:13 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (06/18/2017 03:09:12 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (06/18/2017 03:09:12 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (06/18/2017 03:08:36 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (06/18/2017 03:08:36 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (06/18/2017 03:08:36 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (06/17/2017 09:36:51 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (06/17/2017 09:36:51 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (06/17/2017 10:46:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wmiprvse.exe, version: 6.1.7601.17514, time stamp: 0x4ce79d42
Faulting module name: ntdll.dll, version: 6.1.7601.23807, time stamp: 0x5915fdce
Exception code: 0xc0000374
Fault offset: 0x00000000000bf3e2
Faulting process id: 0xddc
Faulting application start time: 0xwmiprvse.exe0
Faulting application path: wmiprvse.exe1
Faulting module path: wmiprvse.exe2
Report Id: wmiprvse.exe3


System errors:
=============
Error: (06/17/2017 10:48:32 AM) (Source: BROWSER) (EventID: 8032) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{653F5DE1-372B-4DFA-8E85-AF0B580DFB73}.
The backup browser is stopping.

Error: (06/17/2017 10:45:56 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147014847

Error: (06/17/2017 10:45:55 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147014847

Error: (06/17/2017 10:45:03 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The VMware Workstation Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (06/16/2017 09:21:33 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{653F5DE1-372B-4DFA-8E85-AF0B580DFB73}.
The backup browser is stopping.

Error: (06/16/2017 09:18:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The VMware Workstation Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (06/16/2017 08:46:36 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{653F5DE1-372B-4DFA-8E85-AF0B580DFB73}.
The backup browser is stopping.

Error: (06/16/2017 08:27:17 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The VMware Workstation Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (06/16/2017 08:27:17 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Modules Installer service terminated with the following error:
%%322

Error: (06/16/2017 04:45:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Search service failed to start due to the following error:
%%1053


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2017-06-18 07:54:06.237
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-06-18 07:15:49.632
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-06-17 21:52:38.650
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-06-17 21:30:41.850
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-06-17 14:04:47.945
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-06-17 13:54:47.572
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-06-17 10:56:19.616
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-06-17 10:46:03.240
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-06-17 10:40:41.073
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-06-17 10:35:11.333
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™ i7 CPU 930 @ 2.80GHz
Percentage of memory in use: 42%
Total physical RAM: 6135.11 MB
Available physical RAM: 3500.14 MB
Total Pagefile: 12268.4 MB
Available Pagefile: 9400.04 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Win7_Pro) (Fixed) (Total:465.57 GB) (Free:377.87 GB) NTFS
Drive e: (Core) (Fixed) (Total:204.19 GB) (Free:152.76 GB) NTFS
Drive f: (Tools) (Fixed) (Total:391.98 GB) (Free:223.17 GB) NTFS
Drive g: (RAID) (Fixed) (Total:931.51 GB) (Free:400.72 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2E5A876F)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: F37B42EE)
Partition 1: (Active) - (Size=204.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=392 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D7A98546)
Partition 1: (Active) - (Size=196 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.6 GB) - (Type=07 NTFS)

==================== End Of Log ============================

[Augusto]

==================== Loaded Modules (whitelisted) =============

2017-03-18 13:22 - 2017-03-31 22:10 - 00135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-05-09 00:44 - 2017-05-09 00:44 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-11-17 02:28 - 2016-11-17 02:28 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-09-22 20:32 - 2015-09-22 20:32 - 00093568 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll
2007-09-07 21:46 - 2007-09-07 21:46 - 00492600 _____ () C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
2017-05-09 03:05 - 2017-05-09 03:05 - 01354040 _____ () G:\Programs\iTunes\libxml2.dll
2017-05-09 03:05 - 2017-05-09 03:05 - 00092472 _____ () G:\Programs\iTunes\zlib1.dll
2014-11-20 18:20 - 2014-11-20 18:20 - 12730560 _____ () G:\VM\vmware-hostd.exe
2014-03-05 00:35 - 2014-03-05 00:35 - 15306240 _____ () G:\Programs\Fold_Pitstop\FAHClient\FAHClient.exe
2017-05-15 20:32 - 2017-05-09 05:13 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libglesv2.dll
2017-05-15 20:32 - 2017-05-09 05:13 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libegl.dll
2011-03-04 12:49 - 2011-03-04 12:49 - 00202752 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2017-05-15 11:50 - 2014-04-15 13:02 - 00524288 _____ () C:\Program Files (x86)\PCPitstop\Super Shield\SQLiteEncrypt.dll
2014-11-20 18:44 - 2014-11-20 18:44 - 01299136 _____ () G:\VM\libxml2.dll
2007-09-07 01:44 - 2007-09-07 01:44 - 01328408 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\fox.dll
2017-05-15 11:50 - 2017-04-27 00:26 - 00187136 _____ () C:\Program Files (x86)\PCPitstop\Super Shield\PCMaticRTen.dll
2014-11-20 18:20 - 2014-11-20 18:20 - 00191680 _____ () G:\VM\LIBEXPAT.dll
2014-11-20 18:20 - 2014-11-20 18:20 - 00388288 _____ () G:\VM\ssoClient.dll
2014-11-20 18:20 - 2014-11-20 18:20 - 00194752 _____ () G:\VM\nfc-types.dll
2014-07-04 13:00 - 2014-07-04 13:00 - 00084344 _____ () C:\Users\Y_kawika\AppData\Roaming\mjusbsp\octvqem_apiw.DLL

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^vpngui.exe.lnk => C:\Windows\pss\vpngui.exe.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Y_kawika^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DVR.lnk => C:\Windows\pss\DVR.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Y_kawika^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Intercom.exe - Shortcut.lnk => C:\Windows\pss\Intercom.exe - Shortcut.lnk.Startup
MSCONFIG\startupreg: FUFAXRCV => "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe"
MSCONFIG\startupreg: FUFAXSTM => "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"
MSCONFIG\startupreg: GoToMeeting => "C:\Users\Y_kawika\AppData\Local\Citrix\GoToMeeting\4800\g2mstart.exe" "/Trigger RunAtLogon"
MSCONFIG\startupreg: Info Center => C:\Program Files (x86)\PCPitstop\Info Center\InfoCenter.exe
MSCONFIG\startupreg: iTunesHelper => "G:\Programs\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesPDLR.exe => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: PC Pitstop Diskmd3 Reminder => C:\Program Files (x86)\PCPitstop\DiskMD3\Reminder-Diskmd3.exe
MSCONFIG\startupreg: vmware-tray.exe => "G:\VM\vmware-tray.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-2416071488-3092864057-3775617353-500 - Administrator - Disabled)
Guest (S-1-5-21-2416071488-3092864057-3775617353-501 - Limited - Enabled)
PCPitstopSVC (S-1-5-21-2416071488-3092864057-3775617353-1048 - Administrator - Enabled) => C:\Users\PCPitstopSVC
Y_kawika (S-1-5-21-2416071488-3092864057-3775617353-1000 - Administrator - Enabled) => C:\Users\Y_kawika

==================== Faulty Device Manager Devices =============

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

[Augusto]

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {041A4A70-B9D2-4086-A1D9-28B72182FE2C} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2017-02-22] (Microsoft Corporation)
Task: {1387A940-E9C1-446A-BD00-22A9DDF6B6EF} - System32\Tasks\Opera scheduled Autoupdate 1387074177 => E:\Programs\Opera\launcher.exe [2017-06-12] (Opera Software)
Task: {29B661B5-285B-4021-9E37-DFE086DE0BD6} - System32\Tasks\G2MUploadTask-S-1-5-21-2416071488-3092864057-3775617353-1000 => C:\Users\Y_kawika\AppData\Local\Citrix\GoToMeeting\7155\g2mupload.exe [2017-06-14] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {3918DFD7-7ED9-4701-B3F8-801FF534EEA3} - System32\Tasks\speedtest-Y_kawika => Wscript.exe //B "C:\Program Files (x86)\PCPitstop\Broadband Quality\runSpeedTest.wsf"
Task: {3E4349C3-DD3F-494E-BA31-021E790E45D1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-26] (Google Inc.)
Task: {A22A50FD-FC90-464A-A7C4-1834F6EEC49A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-26] (Google Inc.)
Task: {BD3B70C2-2A1C-44A1-8CEC-0B4DBAF518D7} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-11-16] (Microsoft Corporation)
Task: {C837A2F1-BBA1-46FC-BCB0-C688BA37C0FF} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_131_pepper.exe [2017-06-16] (Adobe Systems Incorporated)
Task: {CBB7A31B-5BA6-441A-BB79-F51886CC099C} - System32\Tasks\G2MUpdateTask-S-1-5-21-2416071488-3092864057-3775617353-1000 => C:\Users\Y_kawika\AppData\Local\Citrix\GoToMeeting\7155\g2mupdate.exe [2017-06-14] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {D40D6126-F2B4-494B-BCAE-5F9B5B77F6CC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {E1E7C2D6-84AD-4771-9EB3-D084399545E8} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2017-05-19] (Samsung Electronics Co. Ltd.)
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2416071488-3092864057-3775617353-1000.job => C:\Users\Y_kawika\AppData\Local\Citrix\GoToMeeting\7155\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2416071488-3092864057-3775617353-1000.job => C:\Users\Y_kawika\AppData\Local\Citrix\GoToMeeting\7155\g2mupload.exe

[Augusto]

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2416071488-3092864057-3775617353-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Y_kawika\AppData\Local\Citrix\GoToMeeting\6956\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-2416071488-3092864057-3775617353-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Y_kawika\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2416071488-3092864057-3775617353-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Y_kawika\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)

==================== Restore Points =========================

[Augusto]

00000855 ____A