Britec Tech Support Forum

Welcome, Guest

You have to register before you can post on our site.

Search Forums

(Advanced Search)

Latest Threads

Search Pretty Womans from...
Last Post: Magi_Fox
Yesterday, 10:09 AM

Search Sexy Womans from y...
Last Post: kalpeshdeora1006
Yesterday, 08:26 AM

Search Womans in your tow...
Last Post: MacTavish
05-21-2024, 04:55 AM

Humans Have Been Around F...
Last Post: Desperado91
05-08-2024, 03:09 PM

Unsurpassed Сasual Dating...
Last Post: bubuxem
05-08-2024, 08:29 AM

How The Rosetta Stone Unl...
Last Post: kalpeshdeora1006
05-06-2024, 05:04 PM

[Unsurpassed Сasual Datin...
Last Post: IBOSONIC
05-06-2024, 02:28 PM

Antimatter
Last Post: roya
05-06-2024, 04:30 AM

Let's talk Photography!
Last Post: MacTavish
05-06-2024, 04:04 AM

Scale of the Universe
Last Post: TaddyBear
05-05-2024, 11:45 PM

Forum Statistics

» Members: 10,801, » Latest member: bobbybutt, » Forum threads: 4,235, » Forum posts: 30,474,
Full Statistics

Best Wishes BEckley

Posted by: GuiltySpark - 01-04-2015, 12:40 AM - Forum: Announcements - Replies (2)

Here's a little (easy) one for you BEckley just to give you something to do Wink

48 61 70 70 79 42 69 72 74 68 64 61 79 66 72 6F 6D 61 6C 6C 40 42 72 69 74 65 63 66 6F 72 75 6D 73

68 74 74 70 3A 2F 2F 79 6F 75 74 75 2E 62 65 2F 46 63 68 4D 75 50 51 4F 42 77 41

CCleaner Registry Cleaner Questions

Posted by: cfdevlin01 - 01-03-2015, 05:01 PM - Forum: General Discussion - Replies (4)

Through various posts, plus the videos from Britec, the use of Registry Cleaners has not been recommended. I am wondering how safe the Monitors and/or Administrators of this forum believe the Registry Cleaner within CCleaner is? I have used it many times on my own computers plus the computers of customers while performing a computer tuneup with no ill affects. I have found it to be so safe that I wonder if a Registry Backup is necessary. I know the previous statement is not sound, but am looking for advice from someone more familiar and more technical than I am on the process.

Thanks in advance for any input.

Chuck Devlin (cfdevlin01)

Dell Dimension 8400 Beep Code Issue

Posted by: chriscbd_19 - 01-03-2015, 06:11 AM - Forum: Hardware Repairs and Troubleshooting - Replies (5)

	I have a Dell Dimension 8400 with 3.4ghz processor that is hyperthreading capable which brings up my question I ran a couple bootable diagnostic programs and when the motherboard test was running failed when it got to memory cache and then I ran the other tool and again it failed the motherboard memory cache does anyone know how to fix this problem? Thanks for any help

Issue with RWEverything

Posted by: rltchess - 01-02-2015, 09:01 PM - Forum: Software Repairs and Troubleshooting - Replies (7)

	Followed instructions to the letter when installing RWEverything and I'm missing the MSDM tab. I'm running Windows 8.1 64 bit with all the current updates. Attached Files Thumbnail(s)

Hi to all at Britec

Posted by: pops1056 - 01-02-2015, 03:08 PM - Forum: New Member Introductions - Replies (3)

	Hi to you all at Britec I am about to embark on my first computer build so will be looking for plenty of advice.

A little help understanding results

Posted by: edcannady - 01-02-2015, 01:42 AM - Forum: Security, Viruses, Trojans & Malware Removal - Replies (11)

Hi All! Smile
I am new to all of this and I keep getting notices from Malwarebytes that different IP address are trying to access c:\windows\exploer.exe. Malwarebytes blocks the attempts so it is doing its job. I just wanted to make certain there was nothing on my computer that was encouraging these "attacks". I ran FRST and I do not see anything and maybe I just do not know what I am really looking at. Would someone please look at the txt file and see if I missed something? Thank you so much for your time. Sincerely, Ed

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-01-2015
Ran by SYSTEM on MININT-PDH82PS on 01-01-2015 17:04:26
Running from I:\
Platform: Windows 7 Ultimate (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.

Tutorial for Farbar Recovery Scan Tool: https://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [Norton Ghost 15.0] => C:\Program Files\Norton Ghost\Agent\VProTray.exe [2598760 2010-03-03] (Symantec Corporation)
HKLM\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [36864 2014-06-25] ()
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1310720 2009-06-05] (Analog Devices, Inc.)
HKLM\...\Run: [SoundMAX] => C:\Program Files\Analog Devices\SoundMAX\soundmax.exe [3866624 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM\...\Run: [UnlockerAssistant] => C:\Program Files\Unlocker\UnlockerAssistant.exe [17408 2010-07-04] ()
HKU\Ed Cannady\...\Run: [Ivhvsoft] => regsvr32.exe "C:\Users\Ed Cannady\AppData\Local\Ivhvsoft\cfTime.dll" <===== ATTENTION
HKU\Ed Cannady\...\Run: [Afkhworks] => C:\Windows\System32\regsvr32.exe "C:\Users\Ed Cannady\AppData\Local\YfmdPack\cfTime.dll"
Startup: C:\Users\Ed Cannady\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Kybtec World Clock 5.2.lnk
ShortcutTarget: Kybtec World Clock 5.2.lnk -> C:\Windows\Installer\{A72F9228-6931-4F89-A698-A94CFC4B312F}\_5EDF48767C1AFE743962F9.exe ()

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
S2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S2 DiskDoctorService; C:\Program Files\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe [1029480 2010-11-30] (Symantec Corporation)
S2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [451928 2014-11-25] (Garmin Ltd or its subsidiaries)
S3 GenericMount Helper Service; C:\Program Files\Norton Ghost\Shared\Drivers\GenericMountHelper.exe [1574408 2010-02-12] (Symantec)
S2 HPSupportSolutionsFrameworkService; C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe [49464 2014-05-21] (Hewlett-Packard Company)
S3 LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE [2999664 2007-09-12] (Symantec Corporation)
S4 LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [105248 2007-02-06] (Logitech Inc.)
S2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)
S2 Norton Ghost; C:\Program Files\Norton Ghost\Agent\VProSvc.exe [4590432 2010-03-03] (Symantec Corporation)
S2 SpeedDiskService; C:\Program Files\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrv.exe [1037672 2010-11-30] (Symantec Corporation)
S3 Symantec SymSnap VSS Provider; C:\Windows\system32\dllhost.exe [7168 2009-07-13] (Microsoft Corporation)
S3 SymSnapService; C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe [1964528 2010-02-11] (Symantec)
S4 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-18] (Logitech Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S1 AsIO; C:\Windows\System32\drivers\AsIO.sys [12400 2007-12-17] ()
S3 CompFilter; C:\Windows\System32\DRIVERS\lvbusflt.sys [22176 2012-01-18] (Logitech Inc.)
S3 GenericMount; C:\Windows\System32\DRIVERS\GenericMount.sys [57840 2010-02-12] (Symantec Corporation)
S0 JRAID; C:\Windows\System32\DRIVERS\jraid.sys [90464 2014-06-25] (JMicron Technology Corp.)
S3 LVcKap; C:\Windows\System32\DRIVERS\LVcKap.sys [1691808 2007-02-06] ()
S3 LVMVDrv; C:\Windows\System32\DRIVERS\LVMVDrv.sys [1964064 2007-02-06] (Logitech Inc.)
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25632 2007-02-06] ()
S1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [75480 2014-11-21] (Malwarebytes Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-01-01] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)
S3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [6504 2009-05-13] ()
S3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [25808 2014-01-07] (Microsoft Corporation)
S3 RTL8187; C:\Windows\System32\DRIVERS\rtl8187.sys [375808 2010-01-07] (Realtek Semiconductor Corporation )
S3 Ser2plx86; C:\Windows\System32\DRIVERS\ser2pl.sys [140800 2014-09-03] (Prolific Technology Inc.)
S3 SymDSMon; C:\Windows\system32\drivers\SymDSMon.sys [128248 2010-11-30] (Symantec Corporation)
S3 SYMSpeedDisk; C:\Windows\system32\drivers\SymSpeedDisk.sys [108800 2010-11-30] (Symantec Corporation)
S3 VProEventMonitor; C:\Windows\System32\DRIVERS\vproeventmonitor.sys [15096 2009-09-21] (Symantec Corporation)
S3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] ()
S2 V2iMount; No ImagePath
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ADIHdAud.sys 23F78687CBF3972704650A799420BFA8
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys D0B388DA1D111A34366E04EB4A5DD156
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\djsvs.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdagp.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D320BF87125326F996D4904FE24300FC
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 46387FB17B086D16DEA267D5BE23A2F2
C:\Windows\system32\drivers\appid.sys E499E422412EF37576092A52648DB2B4
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\drivers\AsIO.sys 2B4E66FAC6503494A2C6F32BB6AB3826
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bxvbdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60x.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 85449EEBE8F8EBD6481EFBF0F352B4EB
C:\Windows\system32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lvbusflt.sys 9704B9C442E3EF2989746D08F80A3743
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 3583A5A8CC2E682BFFBD4630D0FEC08B
C:\Windows\system32\DRIVERS\evbdx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\flpydisk.sys ==> MD5 is legitB
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 7DAE5EBCC80E45D3253F4923DC424D05
C:\Windows\System32\DRIVERS\fvevol.sys E306A24D9694C724FA2491278BF50FDB
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GenericMount.sys 69F8F310654D699C7E5BD5C67279980F
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HdAudio.sys A5EF29D5315111C80A5C1ABAD14C8972
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys 5CD5F9A5444E6CDCB0AC89BD62D8B76E
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys EB34CE31FABD4DC4343FD2AD16D2CAF9
C:\Windows\System32\DRIVERS\jraid.sys 827A37DDED4CDE672AB54DE8B11F6964
C:\Windows\system32\drivers\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 4120DA10AA42A9996F4575DB9E3E6E6E
C:\Windows\System32\Drivers\ksecpkg.sys 1E1845606C5A4579F7F3D95796CC1ED1
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\LVcKap.sys 9A3D4FC6B86E7E36473079AB76AC703D
C:\Windows\System32\DRIVERS\LVMVDrv.sys 0ACBC11F19320AF6C19F2E20013D9095
C:\Windows\System32\DRIVERS\LVPr2Mon.sys 12866641284EBB41E627BB53C04DA959
C:\Windows\System32\DRIVERS\lvrs.sys ED643E777BA3F7151EF3F0FB6BE4F7F0
C:\Windows\System32\DRIVERS\lvuvc.sys 5BC80451109A8DD7F2DDD35BCE2929A3
C:\Windows\system32\drivers\mbamchameleon.sys 9BD41E40039098BF5F8FE878A9A6989E
C:\Windows\system32\drivers\mbam.sys A3F4391DFDF2F9E9FE4EAD193265A5AD
C:\Windows\system32\drivers\MBAMSwissArmy.sys 8E2E9CCD873ABF180F48BCAEEEBE347D
C:\Windows\system32\drivers\mwac.sys 312CD3307F600E7CD340B79B3DCB3A01
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\system32\drivers\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\MpFilter.sys 6460D4A5C981567E74A7AC1349DE10F5
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 21F4B24ACFC79A483515BD986DD9043F
C:\Windows\System32\DRIVERS\mrxsmb.sys 5D16C921E3671636C0EBA3BBAAC5FD25
C:\Windows\System32\DRIVERS\mrxsmb10.sys 6D17A4791ACA19328C685D256349FEFC
C:\Windows\System32\DRIVERS\mrxsmb20.sys B81F204D146000BE76651A50670A5E9E
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ASACPI.sys 0F24624106D8042E7F27882D9D6FF5C0
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 8C9C922D71F1CD4DEF73F186416B7896
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NisDrvWFP.sys 6A83B8AF342E61DEE353BAA81F67B7DA
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys C8DFF8D07755A66C7A4A738930F0FEAC
C:\Windows\System32\DRIVERS\NuidFltr.sys 4F408965ED4CE74C5FEBB7C90BC1B804
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nvlddmkm.sys 9A77B1C13BCCEDDF78DFD7AFC25B4F5E
C:\Windows\system32\drivers\nvraid.sys B3E25EE28883877076E0E1FF877D02E0
C:\Windows\system32\drivers\nvstor.sys 4380E59A170D88C4F1022EFF6719A8A4
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys 3F34A1B4C5F6475F320C275E63AFCE9B
C:\Windows\system32\DRIVERS\parvdm.sys ==> MD5 is legit
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys 344D1FA0438A967F1A2BAA42C86D6E19
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 65375DF758CA1872AB7EBBBA457FD5E6
C:\Windows\System32\Drivers\RDPWD.sys CD9214A6AE17D188D17C3CF8CB9CC693
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt86win7.sys 5283B9A27FF230F2FF70D92451FF409A
C:\Windows\System32\DRIVERS\rtl8187.sys 325590E7E9587459643BA24D2CF73BF2
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ser2pl.sys 6E56ED49FB113FDE4604108C5E0CFE37
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisagp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys E4C2764065D66EA1D2D3EBC28FE99C46
C:\Windows\System32\DRIVERS\srv2.sys 03F0545BD8D4C77FA0AE1CEEDFCC71AB
C:\Windows\System32\DRIVERS\srvnet.sys BE6BD660CAA6F291AE06A718A4FA8ABC
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\SymDSMon.sys 4C155FA65CBF81513E4B9D088737E9CF
C:\Windows\System32\DRIVERS\symsnap.sys A5CF31080E99718949BCC38C83F13452
C:\Windows\system32\drivers\SymSpeedDisk.sys E9983667331D463F1E5B34F9170A9AE0
C:\Windows\System32\drivers\tcpip.sys 5579DD18546999F5D0EC39D018726C6B
C:\Windows\System32\DRIVERS\tcpip.sys 5579DD18546999F5D0EC39D018726C6B
C:\Windows\System32\drivers\tcpipreg.sys 3EEBD3BD93DA46A26E89893C7AB2FF3B
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 2C2C5AFE7EE4F620D69C23C0617651A8
C:\Windows\System32\DRIVERS\tdx.sys 7FE680A3DFA421C4A8E4879AE4C5AAB0
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys 6C5139E4283249518F7743D7043775B3
C:\Windows\System32\drivers\tsusbflt.sys C6A5FBD4977305E1FA23E02C042DB463
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\drivers\usbaudio.sys A1977C315BF5691DA99235AA4A6907AF
C:\Windows\System32\DRIVERS\usbccgp.sys 0803FBA9FE829D61AE26EC0BCC910C46
C:\Windows\system32\drivers\usbcir.sys 2352AB5F9F8F097BF9D41D5A4718A041
C:\Windows\System32\DRIVERS\usbehci.sys D40855F89B69305140BBD7E9A3BA2DA6
C:\Windows\System32\DRIVERS\usbhub.sys EDF2DF71C4F1E13A6AC75F5224DE655A
C:\Windows\system32\drivers\usbohci.sys 9828C8D14CC2676421778F0DE638CF97
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys FC6B21DB4B5B398AB93DBE59CBF11036
C:\Windows\System32\DRIVERS\USBSTOR.SYS F991AB9CC6B908DB552166768176896A
C:\Windows\System32\DRIVERS\usbuhci.sys 800AABFD625EEFF899F7E5496BDE37AB
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaagp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\viac7.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vproeventmonitor.sys EF3506B04EB9124240B35148EAACBAA5
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys 7090D3436EEB4E7DA3373090A23448F7
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys 25944D2CC49E0A6C581D02A74B7D6645
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wimfltr.sys 090A2B8F055343815556A01F725F6C35
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys A67E5F9A400F3BD1BE3D80613B45F708
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys 06E6F32C8D0A3F66D956F57B43A2E070
C:\Windows\System32\DRIVERS\WUDFRd.sys 867C301E8B790040AE9CF6486E8041DF
C:\Windows\System32\DRIVERS\yk62x86.sys 30B73EB97218A16CBC6DE535782A1B35

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-01 17:04 - 2015-01-01 17:04 - 00000000 ____D () C:\FRST
2014-12-31 17:33 - 2014-12-31 17:33 - 00000000 ____D () C:\Program Files\Unlocker
2014-12-31 17:23 - 2014-12-31 17:23 - 35962568 _____ (Microsoft Corporation) C:\Users\Ed Cannady\Downloads\Windows-KB890830-V5.19.exe
2014-12-31 17:20 - 2014-12-31 17:21 - 122694400 _____ (Microsoft Corporation) C:\Users\Ed Cannady\Downloads\msert.exe
2014-12-30 18:33 - 2014-12-31 04:37 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-12-30 18:05 - 2014-12-31 17:41 - 00001188 _____ () C:\Windows\setupact.log
2014-12-30 18:05 - 2014-12-30 18:05 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-29 01:04 - 2014-12-29 01:04 - 00000000 ____D () C:\Windows\Minidump
2014-12-27 15:27 - 2014-12-27 15:27 - 00000761 _____ () C:\Windows\System32\Drivers\etc\hosts.txt
2014-12-27 15:13 - 2014-12-31 04:50 - 00000000 ____D () C:\Users\Ed Cannady\AppData\Local\YfmdPack
2014-12-27 15:13 - 2014-12-31 04:50 - 00000000 ____D () C:\Users\Ed Cannady\AppData\Local\Ivhvsoft
2014-12-27 15:03 - 2014-12-27 15:03 - 00000100 _____ () C:\Users\Ed Cannady\AppData\Roaming\default.pls
2014-12-27 14:44 - 2014-12-27 14:44 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-12-20 16:24 - 2014-12-20 16:25 - 36249600 _____ () C:\Windows\System32\config\components.rrr
2014-12-20 16:24 - 2014-12-20 16:24 - 00000020 ___SH () C:\Users\TEMP\ntuser.ini
2014-12-20 16:24 - 2014-12-20 16:24 - 00000000 ____D () C:\users\TEMP
2014-12-20 16:24 - 2014-05-27 14:52 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Microsoft Help
2014-12-20 15:49 - 2014-12-20 15:49 - 00000000 ____D () C:\Windows\System32\Garmin
2014-12-19 18:19 - 2014-12-19 18:19 - 00000000 ____D () C:\Users\Ed Cannady\AppData\Local\MipKukSoft
2014-12-19 18:19 - 2014-12-19 18:19 - 00000000 ____D () C:\Users\Ed Cannady\AppData\Local\Kybtec Software
2014-12-19 18:18 - 2014-12-19 18:18 - 00000000 ____D () C:\Windows\System32\appmgmt
2014-12-19 18:16 - 2014-12-19 18:16 - 00000000 ____D () C:\ProgramData\Kybtec Software
2014-12-18 01:39 - 2014-12-12 19:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2014-12-10 03:27 - 2014-12-10 03:27 - 00000000 ____D () C:\Windows\System32\appraiser
2014-12-10 03:08 - 2014-10-17 17:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\System32\mf.dll
2014-12-09 21:03 - 2014-12-03 20:38 - 00728576 _____ (Microsoft Corporation) C:\Windows\System32\appraiser.dll
2014-12-09 21:03 - 2014-12-03 20:38 - 00610304 _____ (Microsoft Corporation) C:\Windows\System32\invagent.dll
2014-12-09 21:03 - 2014-12-03 20:38 - 00337920 _____ (Microsoft Corporation) C:\Windows\System32\generaltel.dll
2014-12-09 21:03 - 2014-12-03 20:38 - 00315392 _____ (Microsoft Corporation) C:\Windows\System32\devinv.dll
2014-12-09 21:03 - 2014-12-03 20:38 - 00202752 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2014-12-09 21:03 - 2014-12-03 20:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\System32\aepic.dll
2014-12-09 21:03 - 2014-12-03 20:34 - 00873984 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2014-12-09 21:03 - 2014-12-01 15:28 - 01160872 _____ (Microsoft Corporation) C:\Windows\System32\aitstatic.exe
2014-12-09 21:03 - 2014-11-26 17:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2014-12-09 21:03 - 2014-11-21 18:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-12-09 21:03 - 2014-11-21 18:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-12-09 21:03 - 2014-11-21 18:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2014-12-09 21:03 - 2014-11-21 18:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2014-12-09 21:03 - 2014-11-21 18:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2014-12-09 21:03 - 2014-11-21 18:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2014-12-09 21:03 - 2014-11-21 18:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-12-09 21:03 - 2014-11-21 17:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2014-12-09 21:03 - 2014-11-21 17:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2014-12-09 21:03 - 2014-11-21 17:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2014-12-09 21:03 - 2014-11-21 17:55 - 00102912 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2014-12-09 21:03 - 2014-11-21 17:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2014-12-09 21:03 - 2014-11-21 17:48 - 00667648 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2014-12-09 21:03 - 2014-11-21 17:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2014-12-09 21:03 - 2014-11-21 17:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-12-09 21:03 - 2014-11-21 17:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2014-12-09 21:03 - 2014-11-21 17:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2014-12-09 21:03 - 2014-11-21 17:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-12-09 21:03 - 2014-11-21 17:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-12-09 21:03 - 2014-11-21 17:23 - 00684544 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2014-12-09 21:03 - 2014-11-21 17:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2014-12-09 21:03 - 2014-11-21 17:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-12-09 21:03 - 2014-11-21 16:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-12-09 21:03 - 2014-11-21 16:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2014-12-09 21:03 - 2014-11-10 18:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2014-12-09 21:03 - 2014-11-10 17:32 - 00074752 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tdx.sys
2014-12-09 21:02 - 2014-11-21 18:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2014-12-09 21:02 - 2014-11-21 17:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2014-12-09 21:02 - 2014-11-21 17:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2014-12-09 21:02 - 2014-11-21 17:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-12-09 21:02 - 2014-11-07 18:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\tzres.dll
2014-12-09 21:02 - 2014-10-29 17:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\System32\charmap.exe
2014-12-09 21:02 - 2014-10-02 17:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\System32\WsmSvc.dll
2014-12-09 21:02 - 2014-10-02 17:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\System32\WSManMigrationPlugin.dll
2014-12-09 21:02 - 2014-10-02 17:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\System32\WsmWmiPl.dll
2014-12-09 21:02 - 2014-10-02 17:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\System32\WsmAuto.dll
2014-12-09 21:02 - 2014-10-02 17:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\System32\WSManHTTPConfig.exe
2014-12-07 14:25 - 2014-12-12 17:08 - 00024856 _____ () C:\Users\Ed Cannady\Desktop\roof.dwg
2014-12-07 14:25 - 2014-12-07 14:31 - 00026657 _____ () C:\Users\Ed Cannady\Documents\roof.dwg
2014-12-07 14:25 - 2014-12-07 14:25 - 00025923 _____ () C:\Users\Ed Cannady\Documents\roof.bak

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-01 16:56 - 2014-10-15 03:27 - 01536793 _____ () C:\Windows\WindowsUpdate.log
2015-01-01 13:28 - 2014-06-17 19:05 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2014-12-31 23:20 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\registration
2014-12-31 18:18 - 2014-05-27 17:39 - 00000000 ____D () C:\ProgramData\TEMP
2014-12-31 17:47 - 2009-07-13 20:34 - 00022528 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-31 17:47 - 2009-07-13 20:34 - 00022528 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-31 04:50 - 2014-05-30 17:05 - 00000000 ____D () C:\Users\Ed Cannady\AppData\Local\Symantec_Corporation
2014-12-31 04:50 - 2014-05-29 18:39 - 00000000 ____D () C:\Program Files\Norton Utilities 15
2014-12-31 04:50 - 2014-05-28 03:30 - 00000000 ____D () C:\Users\Ed Cannady\AppData\Roaming\Azureus
2014-12-31 04:50 - 2014-05-27 03:36 - 00000000 ____D () C:\users\Ed Cannady
2014-12-31 04:50 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\System32\Msdtc
2014-12-31 04:50 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\AppCompat
2014-12-31 04:09 - 2009-07-13 20:33 - 00479872 _____ () C:\Windows\System32\FNTCACHE.DAT
2014-12-30 18:32 - 2014-05-27 06:04 - 00723920 _____ () C:\Windows\System32\perfh019.dat
2014-12-30 18:32 - 2014-05-27 06:04 - 00150222 _____ () C:\Windows\System32\perfc019.dat
2014-12-30 18:32 - 2014-05-27 03:41 - 01647438 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-12-30 18:31 - 2014-05-27 10:07 - 00139728 _____ () C:\Users\Ed Cannady\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-27 20:13 - 2014-04-12 07:29 - 00004096 ___SH () C:\VSNAP.IDX
2014-12-27 15:14 - 2014-05-27 12:44 - 00000000 ____D () C:\ProgramData\VSO
2014-12-27 15:13 - 2014-08-12 05:22 - 00000069 _____ () C:\Windows\NeroDigital.ini
2014-12-27 15:00 - 2014-05-31 19:27 - 00000000 ____D () C:\Users\Ed Cannady\Documents\ConvertXtoDVD
2014-12-27 14:44 - 2014-05-28 18:16 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-27 14:43 - 2014-10-18 07:01 - 00096680 _____ (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
2014-12-27 14:43 - 2014-05-28 18:15 - 00000000 ____D () C:\Program Files\Java
2014-12-27 12:39 - 2014-05-27 17:25 - 01784832 _____ () C:\Users\Ed Cannady\Documents\CheckingAccount.xls
2014-12-26 19:14 - 2014-07-16 18:23 - 00003072 _____ () C:\Windows\System32\Cache.db
2014-12-25 18:34 - 2009-07-13 20:52 - 00000000 ____D () C:\Windows\Performance
2014-12-25 11:30 - 2014-05-25 07:45 - 00000000 ____D () C:\!!!!FOR EMAIL
2014-12-24 12:18 - 2014-05-28 18:18 - 00000000 ____D () C:\Program Files\Vuze
2014-12-24 11:29 - 2014-06-23 16:42 - 00000000 ____D () C:\Users\Ed Cannady\AppData\Roaming\Skype
2014-12-24 10:42 - 2014-10-30 17:21 - 00000000 ___RD () C:\Program Files\Skype
2014-12-24 10:42 - 2014-06-23 16:42 - 00000000 ____D () C:\ProgramData\Skype
2014-12-23 04:25 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\System32\NDF
2014-12-20 17:50 - 2009-07-13 18:03 - 57147392 _____ () C:\Windows\System32\config\software.rmbak
2014-12-20 17:50 - 2009-07-13 18:03 - 00262144 _____ () C:\Windows\System32\config\default.rmbak
2014-12-20 16:25 - 2014-11-21 19:13 - 00258048 _____ () C:\Users\UpdatusUser\s-1-5-21-672638538-1369354690-3403721451-1003.rrr
2014-12-20 16:16 - 2014-05-27 10:03 - 00000000 ____D () C:\Program Files\Common Files\Kybtec Software
2014-12-20 15:52 - 2014-06-17 19:04 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-12-20 15:38 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\System32\wfp
2014-12-20 15:36 - 2014-05-31 19:09 - 00000000 ____D () C:\KYBTEC
2014-12-20 15:36 - 2014-05-27 10:03 - 00000000 ____D () C:\Program Files\Kybtec Software
2014-12-20 15:17 - 2014-07-06 17:03 - 00000000 ____D () C:\Users\Ed Cannady\AppData\Local\Deployment
2014-12-18 18:28 - 2014-05-28 18:04 - 00000000 ____D () C:\_Project
2014-12-18 04:46 - 2014-05-27 07:17 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-15 17:57 - 2014-08-18 11:38 - 00000000 ____D () C:\Users\Ed Cannady\AppData\Local\Adobe
2014-12-15 17:57 - 2014-05-28 19:10 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2014-12-15 17:57 - 2014-05-28 19:10 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2014-12-10 05:26 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\rescache
2014-12-10 03:27 - 2014-05-27 16:18 - 00000000 ___SD () C:\Windows\System32\CompatTel
2014-12-10 03:27 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\System32\ru-RU
2014-12-10 03:11 - 2014-05-27 08:41 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 03:05 - 2014-05-27 04:23 - 00000000 ____D () C:\Windows\System32\MRT
2014-12-10 03:01 - 2014-05-27 04:23 - 109818608 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-12-07 14:16 - 2014-05-27 08:14 - 00000000 ____D () C:\Program Files\AutoCAD 2002
2014-12-07 05:06 - 2014-05-27 11:34 - 00000000 ____D () C:\Users\Ed Cannady\AppData\Roaming\Microchip
2014-12-05 20:16 - 2014-09-23 03:39 - 00258048 _____ () C:\Users\UpdatusUser\s-1-5-21-672638538-1369354690-3403721451-1004.rrr

Some content of TEMP:
====================
C:\Users\Ed Cannady\AppData\Local\Temp\UpdateFlashPlayer_bea4f8b7.exe
C:\Users\Ed Cannady\AppData\Local\Temp\UpdateFlashPlayer_bfab9129.exe

==================== Known DLLs (Whitelisted) ============

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe
[2014-10-15 02:36] - [2014-07-16 17:39] - 0304128 ____A (Microsoft Corporation) 52449FD429D6053B78AE564DEF303870

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Restore Points =========================

Restore point made on: 2014-12-25 19:05:23
Restore point made on: 2014-12-25 23:00:41
Restore point made on: 2014-12-26 23:00:42
Restore point made on: 2014-12-27 23:00:42
Restore point made on: 2014-12-28 22:05:25
Restore point made on: 2014-12-28 23:17:21
Restore point made on: 2014-12-29 23:00:42
Restore point made on: 2014-12-30 18:02:39
Restore point made on: 2014-12-30 18:14:22
Restore point made on: 2014-12-30 23:00:47
Restore point made on: 2014-12-31 04:42:53
Restore point made on: 2014-12-31 23:03:53

==================== BCD ================================

Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=C:
description Windows Boot Manager
locale en-US
inherit {globalsettings}
default {default}
resumeobject {7ce8fc2d-e598-11e3-bfbd-92e2f16b8dee}
displayorder {default}
toolsdisplayorder {memdiag}
timeout 30

Windows Boot Loader
-------------------
identifier {default}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale en-US
inherit {bootloadersettings}
recoverysequence {current}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {7ce8fc2d-e598-11e3-bfbd-92e2f16b8dee}
nx OptIn

Windows Boot Loader
-------------------
identifier {current}
device ramdisk=[C:]\Recovery\7ce8fc2f-e598-11e3-bfbd-92e2f16b8dee\Winre.wim,{7ce8fc30-e598-11e3-bfbd-92e2f16b8dee}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\7ce8fc2f-e598-11e3-bfbd-92e2f16b8dee\Winre.wim,{7ce8fc30-e598-11e3-bfbd-92e2f16b8dee}
systemroot \windows
nx OptIn
winpe Yes

Windows Boot Loader
-------------------
identifier {e14e01cc-e483-11e3-b91b-c62372b697e8}
device ramdisk=[C:]\Recovery\3d8c383f-c135-11e3-819c-b6b172464e37\Winre.wim,{e14e01cd-e483-11e3-b91b-c62372b697e8}
path \windows\system32\winload.exe
description Windows Recovery Environment (recovered)
locale
osdevice ramdisk=[C:]\Recovery\3d8c383f-c135-11e3-819c-b6b172464e37\Winre.wim,{e14e01cd-e483-11e3-b91b-c62372b697e8}
systemroot \windows
winpe Yes

Resume from Hibernate
---------------------
identifier {7ce8fc2d-e598-11e3-bfbd-92e2f16b8dee}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale en-US
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
pae Yes
debugoptionenabled No

Windows Memory Tester
---------------------
identifier {memdiag}
device partition=C:
path \boot\memtest.exe
description Windows Memory Diagnostic
locale en-US
inherit {globalsettings}
badmemoryaccess Yes

EMS Settings
------------
identifier {emssettings}
bootems Yes

Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

RAM Defects
-----------
identifier {badmemory}

Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}

Device options
--------------
identifier {7ce8fc30-e598-11e3-bfbd-92e2f16b8dee}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\7ce8fc2f-e598-11e3-bfbd-92e2f16b8dee\boot.sdi

Device options
--------------
identifier {e14e01cd-e483-11e3-b91b-c62372b697e8}
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\3d8c383f-c135-11e3-819c-b6b172464e37\boot.sdi

==================== Memory info ===========================

Percentage of memory in use: 14%
Total physical RAM: 3071.18 MB
Available physical RAM: 2626.35 MB
Total Pagefile: 3069.46 MB
Available Pagefile: 2631.23 MB
Total Virtual: 2047.88 MB
Available Virtual: 1945.7 MB

==================== Drives ================================

Drive c: (Garage) (Fixed) (Total:931.41 GB) (Free:834.44 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (XP Drive Files) (Fixed) (Total:149.05 GB) (Free:78.13 GB) NTFS
Drive e: (NEW BACKUP) (Fixed) (Total:465.76 GB) (Free:112.65 GB) NTFS
Drive f: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive i: (ED CANNADY) (Removable) (Total:3.74 GB) (Free:3.62 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 41CE41CD)
Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 298.1 GB) (Disk ID: D7E4194D)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: B0A12B0A)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 3.7 GB) (Disk ID: E782E782)
Partition 1: (Not Active) - (Size=3.7 GB) - (Type=07 NTFS)

LastRegBack: 2014-12-25 00:50

==================== End Of Log ============================

Hello from the US

Posted by: Steven R - 12-28-2014, 09:59 PM - Forum: New Member Introductions - Replies (3)

	Hi all, I'm Steven. I run a small computer business and am always looking to meet others in the same line of work to share knowledge. Steve

Crypto wall

Posted by: Steven R - 12-28-2014, 09:50 PM - Forum: Security, Viruses, Trojans & Malware Removal - Replies (6)

	hi, I have a hard drive that was infected and encrypted by the Cryptowall virus. Is there a way to unencrypt the files without paying the ransom?

Windows Shell attack

Posted by: sikochikn - 12-27-2014, 04:38 PM - Forum: Security, Viruses, Trojans & Malware Removal - Replies (4)

Good day forum mates, I recently found out i'm a victim of the Windows Shell vulnerability (CVE-2010-2568) it took me a while to figure out what it was. While figuring it out and trying to combat it in it's premature stages it has manifested itself tenfold. My antivirus caught some of it and got rid of a good number of junk files but it has taken over my administrator account, started adding new accounts, and moving system file contents to unknown areas. Is there any way to rid my system of this and start new with a good defense base?

virtualbox booting usb

Posted by: yanceycat - 12-27-2014, 12:35 AM - Forum: Software Repairs and Troubleshooting - Replies (2)

	I was watching the you tube video on booting a live usb in virtualbox I been trying to do this but no go, virtualbox is seeing the usb but it won't mount the plop linux CD correct it giving me this error see attchment it also not letting me go to my guest window 7 my host is also window Attached Files Thumbnail(s)

Pages (409): « Previous 1 ... 376 377 378 379 380 ... 409 Next »