IFEO\vnpc3000.exe: [Debugger] svchost.exe
IFEO\vpc32.exe: [Debugger] svchost.exe
IFEO\vpc42.exe: [Debugger] svchost.exe
IFEO\vpfw30s.exe: [Debugger] svchost.exe
IFEO\vptray.exe: [Debugger] svchost.exe
IFEO\vscan40.exe: [Debugger] svchost.exe
IFEO\vscenu6.02d30.exe: [Debugger] svchost.exe
IFEO\vsched.exe: [Debugger] svchost.exe
IFEO\vsecomr.exe: [Debugger] svchost.exe
IFEO\vshwin32.exe: [Debugger] svchost.exe
IFEO\vsisetup.exe: [Debugger] svchost.exe
IFEO\vsmain.exe: [Debugger] svchost.exe
IFEO\vsmon.exe: [Debugger] svchost.exe
IFEO\vsstat.exe: [Debugger] svchost.exe
IFEO\vswin9xe.exe: [Debugger] svchost.exe
IFEO\vswinntse.exe: [Debugger] svchost.exe
IFEO\vswinperse.exe: [Debugger] svchost.exe
IFEO\w32dsm89.exe: [Debugger] svchost.exe
IFEO\W3asbas.exe: [Debugger] svchost.exe
IFEO\w9x.exe: [Debugger] svchost.exe
IFEO\watchdog.exe: [Debugger] svchost.exe
IFEO\webdav.exe: [Debugger] svchost.exe
IFEO\WebProxy.exe: [Debugger] svchost.exe
IFEO\webscanx.exe: [Debugger] svchost.exe
IFEO\webtrap.exe: [Debugger] svchost.exe
IFEO\wfindv32.exe: [Debugger] svchost.exe
IFEO\whoswatchingme.exe: [Debugger] svchost.exe
IFEO\wimmun32.exe: [Debugger] svchost.exe
IFEO\win-bugsfix.exe: [Debugger] svchost.exe
IFEO\win32.exe: [Debugger] svchost.exe
IFEO\win32us.exe: [Debugger] svchost.exe
IFEO\winactive.exe: [Debugger] svchost.exe
IFEO\winav.exe: [Debugger] svchost.exe
IFEO\windll32.exe: [Debugger] svchost.exe
IFEO\window.exe: [Debugger] svchost.exe
IFEO\windows Police Pro.exe: [Debugger] svchost.exe
IFEO\windows.exe: [Debugger] svchost.exe
IFEO\wininetd.exe: [Debugger] svchost.exe
IFEO\wininitx.exe: [Debugger] svchost.exe
IFEO\winlogin.exe: [Debugger] svchost.exe
IFEO\winmain.exe: [Debugger] svchost.exe
IFEO\winppr32.exe: [Debugger] svchost.exe
IFEO\winrecon.exe: [Debugger] svchost.exe
IFEO\winservn.exe: [Debugger] svchost.exe
IFEO\winssk32.exe: [Debugger] svchost.exe
IFEO\winstart.exe: [Debugger] svchost.exe
IFEO\winstart001.exe: [Debugger] svchost.exe
IFEO\wintsk32.exe: [Debugger] svchost.exe
IFEO\winupdate.exe: [Debugger] svchost.exe
IFEO\wkufind.exe: [Debugger] svchost.exe
IFEO\wnad.exe: [Debugger] svchost.exe
IFEO\wnt.exe: [Debugger] svchost.exe
IFEO\wradmin.exe: [Debugger] svchost.exe
IFEO\wrctrl.exe: [Debugger] svchost.exe
IFEO\wsbgate.exe: [Debugger] svchost.exe
IFEO\wscfxas.exe: [Debugger] svchost.exe
IFEO\wscfxav.exe: [Debugger] svchost.exe
IFEO\wscfxfw.exe: [Debugger] svchost.exe
IFEO\wsctool.exe: [Debugger] svchost.exe
IFEO\wupdater.exe: [Debugger] svchost.exe
IFEO\wupdt.exe: [Debugger] svchost.exe
IFEO\wyvernworksfirewall.exe: [Debugger] svchost.exe
IFEO\xpdeluxe.exe: [Debugger] svchost.exe
IFEO\xpf202en.exe: [Debugger] svchost.exe
IFEO\xp_antispyware.exe: [Debugger] svchost.exe
IFEO\zapro.exe: [Debugger] svchost.exe
IFEO\zapsetup3001.exe: [Debugger] svchost.exe
IFEO\zatutor.exe: [Debugger] svchost.exe
IFEO\zonalm2601.exe: [Debugger] svchost.exe
IFEO\zonealarm.exe: [Debugger] svchost.exe
IFEO\_avp32.exe: [Debugger] svchost.exe
IFEO\_avpcc.exe: [Debugger] svchost.exe
IFEO\_avpm.exe: [Debugger] svchost.exe
IFEO\~1.exe: [Debugger] svchost.exe
IFEO\~2.exe: [Debugger] svchost.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2012-01-30]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Little Wonders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FIFA Soccer 64.lnk [2015-03-13]
ShortcutTarget: FIFA Soccer 64.lnk -> C:\ProgramData\{2899c890-57cb-72e8-2899-9c89057c2241}\FIFA Soccer 64.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-23] (AVAST Software)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-443951736-1583617210-2315430799-1001\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://homepage.aol.com/?mtmhp=txtlnkusaolp00000800HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
https://www.google.com/?trackid=sp-006HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
https://www.google.com/search?trackid=sp-006&q={searchTerms}HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-443951736-1583617210-2315430799-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
https://www.google.com/?trackid=sp-006HKU\S-1-5-21-443951736-1583617210-2315430799-1001\Software\Microsoft\Internet Explorer\Main,Search Page =
https://www.google.com/search?trackid=sp-006&q={searchTerms}HKU\S-1-5-21-443951736-1583617210-2315430799-1001\Software\Microsoft\Internet Explorer\Main,Start Page Restore =
http://www.cnn.com/HKU\S-1-5-21-443951736-1583617210-2315430799-1001\Software\Microsoft\Internet Explorer\Main,bProtector Start Page =
http://www2.delta-search.com/?babsrc=HP_ss&mntrId=88B8E0CB4E30AE28&affID=119351&tsp=5010HKU\S-1-5-21-443951736-1583617210-2315430799-1001\Software\Microsoft\Internet Explorer\Main,Search Bar =
https://www.google.com/?trackid=sp-006SearchScopes: HKLM -> DefaultScope {6F6D87DE-DD42-479E-BD07-A61B01025604} URL =
http://www.bing.com/search?q={searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBoxSearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {338A6B13-A8A3-4AF0-906C-1CC9EDEC0832} URL =
http://www.ask.com/web?q={searchTerms}&l=dis&o=uscqdSearchScopes: HKLM -> {6F6D87DE-DD42-479E-BD07-A61B01025604} URL =
http://www.bing.com/search?q={searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBoxSearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL =
https://www.google.com/search?trackid=sp-006&q={searchTerms}SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {338A6B13-A8A3-4AF0-906C-1CC9EDEC0832} URL =
http://www.ask.com/web?q={searchTerms}&l=dis&o=uscqdSearchScopes: HKLM-x32 -> {6F6D87DE-DD42-479E-BD07-A61B01025604} URL =
http://www.bing.com/search?q={searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBoxSearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL =
https://www.google.com/search?trackid=sp-006&q={searchTerms}SearchScopes: HKU\S-1-5-21-443951736-1583617210-2315430799-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL =
https://www.google.com/search?trackid=sp-006&q={searchTerms}SearchScopes: HKU\S-1-5-21-443951736-1583617210-2315430799-1001 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-443951736-1583617210-2315430799-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
http://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=88B8E0CB4E30AE28&affID=119351&tsp=5010SearchScopes: HKU\S-1-5-21-443951736-1583617210-2315430799-1001 -> {338A6B13-A8A3-4AF0-906C-1CC9EDEC0832} URL =
http://www.ask.com/web?q={searchTerms}&l=dis&o=uscqdSearchScopes: HKU\S-1-5-21-443951736-1583617210-2315430799-1001 -> {63140ECF-C629-BE59-8F0E-90B4FF340C03} URL =
http://www.bing.com/search?q={searchTerms}&pc=Z128&form=ZGAIDF&install_date=20110907&iesrc={referrer:source}SearchScopes: HKU\S-1-5-21-443951736-1583617210-2315430799-1001 -> {6F6D87DE-DD42-479E-BD07-A61B01025604} URL =
http://www.bing.com/search?q={searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBoxSearchScopes: HKU\S-1-5-21-443951736-1583617210-2315430799-1001 -> {ABD93EAF-D775-BC54-E63B-2804F22FD156} URL =
http://search.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=startnow&provider_code=&partner_id=999&product_id=10&affiliate_id=&channel=&toolbar_id=&toolbar_version=&install_country=&install_date=20140228&user_guid=4B1D612982D341B2ABB13D76A10EF756&machine_id=7a27995b166c8b20db199f9d9cd3c534&browser=ie&os=win&os_version=6.1-x64-SP1SearchScopes: HKU\S-1-5-21-443951736-1583617210-2315430799-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL =
https://www.google.com/search?trackid=sp-006&q={searchTerms}BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-23] (AVAST Software)
BHO: MinimuumPrice -> {AC747515-F000-40F9-9CD9-9F0FBCC80464} -> C:\Program Files (x86)\MinimuumPrice\AqHg2CNGpDYc9p.x64.dll [2015-08-04] ()
BHO: AAllDeaalAApp -> {F8862CE0-DB5C-4627-8136-3CDB9C2B6ED8} -> C:\Program Files (x86)\AAllDeaalAApp\W2xYSTAMAjXwlS.x64.dll [2015-08-03] ()
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-23] (AVAST Software)
BHO-x32: MinimuumPrice -> {AC747515-F000-40F9-9CD9-9F0FBCC80464} -> C:\Program Files (x86)\MinimuumPrice\AqHg2CNGpDYc9p.dll [2015-08-04] ()
BHO-x32: AAllDeaalAApp -> {F8862CE0-DB5C-4627-8136-3CDB9C2B6ED8} -> C:\Program Files (x86)\AAllDeaalAApp\W2xYSTAMAjXwlS.dll [2015-08-03] ()
Toolbar: HKU\S-1-5-21-443951736-1583617210-2315430799-1001 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
DPF: HKLM-x32 {BEA7310D-06C4-4339-A784-DC3804819809}
http://www.cvsphoto.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cabHandler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{35A80055-AF4B-4050-A202-E01638B934EF}: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Little Wonders\AppData\Roaming\Mozilla\Firefox\Profiles\fanljv6v.default
FF Homepage: hxxp://homepage.aol.com/?mtmhp=txtlnkusaolp00000800
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2013-12-27] (DivX, LLC)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2010-11-10] (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-06-18] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-07-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-07-06] (Google Inc.)
FF Plugin-x32: @unity3d.com/UnityPlayer -> C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll [2008-07-17] (Unity Technologies ApS)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2012-03-26] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-443951736-1583617210-2315430799-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Little Wonders\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-05-01] (Citrix Online)
FF user.js: detected! => C:\Users\Little Wonders\AppData\Roaming\Mozilla\Firefox\Profiles\fanljv6v.default\user.js [2014-03-22]
FF SearchPlugin: C:\Users\Little Wonders\AppData\Roaming\Mozilla\Firefox\Profiles\fanljv6v.default\searchplugins\startnow.xml [2014-02-28]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-01-30]
FF HKLM-x32\...\Firefox\Extensions: [gethighlightly@gethighlightly.com] - C:\Program Files (x86)\Mozilla Firefox\extensions\gethighlightly@gethighlightly.com
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-23]
FF HKU\S-1-5-21-443951736-1583617210-2315430799-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: No Name - C:\Users\Little Wonders\AppData\Roaming\Mozilla\Firefox\Profiles\fanljv6v.default\extensions\_qvxbkbnnuzqukzjj_i@frnhpojlbr_in.com [not found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
Chrome:
=======
CHR Profile: C:\Users\Little Wonders\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast Online Security) - C:\Users\Little Wonders\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-08-10]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Little Wonders\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Little Wonders\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-06]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-23]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 8338240e; c:\Program Files (x86)\PragmaEdit\PragmaEdit.dll [1776640 2015-06-16] () [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-23] (AVAST Software)
R2 CCMService; C:\Program Files (x86)\Personalized Software\Childcare Manager 10\Utilities\CCMLogManagerService\CCMService.exe [12288 2010-06-03] (Microsoft) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2753720 2015-07-01] (Microsoft Corporation)
R2 ec9c17f1; c:\Program Files (x86)\SoftwarePlus\SoftwarePlus.dll [1771520 2015-07-05] () [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [923136 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 Lethal Tonight; C:\Program Files (x86)\Lethal Tonight\Lethal Tonight.exe [8016461 2015-07-10] () [File not signed] <==== ATTENTION
R2 MSSQL$CCMSERVER; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Shaky Entertainment; C:\Program Files (x86)\Shaky Entertainment\Shaky Entertainment.exe [8016385 2015-07-22] () [File not signed] <==== ATTENTION
S2 AVGIDSAgent; "C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe" [X]
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S2 IHA_MessageCenter; "C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe" [X]
S3 WinDefend; %ProgramFiles%\Windows Defender\mpsvc.dll [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-23] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-23] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-23] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-23] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048856 2015-07-23] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-07-23] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150160 2015-07-23] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-23] (AVAST Software)
R1 wStLib64; C:\Windows\System32\drivers\wStLib64.sys [61128 2014-03-18] (StdLib)
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]
S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0; \??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-10 14:58 - 2015-08-10 14:59 - 00053107 _____ C:\Users\Little Wonders\Desktop\FRST.txt
2015-08-10 14:58 - 2015-08-10 14:59 - 00000000 ____D C:\FRST
2015-08-10 14:58 - 2015-08-10 14:58 - 02171392 _____ (Farbar) C:\Users\Little Wonders\Desktop\FRST64.exe