Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Familiar issue: Malwarebytes perpetually blocks outbound viruses


  • This topic is locked This topic is locked
7 replies to this topic

#1 Ellis_T

Ellis_T

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:07:16 PM

Posted 12 January 2016 - 12:14 PM

LIke many here in this forum, I have been plagued by Malwarebytes displaying a message about every three seconds telling me that it has blocked an outbound virus. The message reads like this:

___________________________________________________________________________

 

Malwarebytes Anti-Malware

 

:( Malicious Website Blocked

 

Domain:    istatic.eshopcomp.com

              

IP:              205185208.26      

 

Port:          58054  

 

Type:        Outbound

 

Process: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

Manage Web Exclusions

___________________________________________________________________________

 
In addition to this message, other similar ones have the following differences:
nlw.underwearliftoff.com;834112227; 53623
omd.printingsparole.com;834112229; 59361
 
I'm running System 7 Professional Sp1 on a ASUS Motherboard with N Intel Core i7-4770K CPU
running at 3.5GHz with 16.0 GB of RAM and a 64-bit Operating System. 
 
A couple of days ago, I spent half the day with Geek Squad who ran their virus cleaning routines not once but twice and didn't get rid of the problem until they finally uninstalled and reinstalled Chrome. 
 
And now it's back. 
 
I have done what was requested in the previous forums and here are the resulting logs from the FRST (Farber) Scans:
 
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:10-01-2015 01
Ran by ELLIS7 (administrator) on ELLIS7-PC (12-01-2016 11:30:47)
Running from C:\Users\ELLIS7\Downloads
Loaded Profiles: ELLIS7 & ReportServer & MSSQLFDLauncher & MSSQLSERVER (Available Profiles: ELLIS7 & Admin & ReportServer & MSSQLFDLauncher & MSSQLSERVER)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Two Pilots) C:\Windows\VPDAgent_x64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.22\AsusFanControlService.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\ramaint.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(MediaMall Technologies, Inc.) C:\Program Files (x86)\MediaMall\MediaMallServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
() C:\Program Files (x86)\Canon\Easy-WebPrint EX\bin\mysqld.exe
(The Neat Company) C:\Program Files (x86)\Neat\exec\NeatStartupService.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\pcCMService.exe
(Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS12.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(TechSmith Corporation) C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\fdhost.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Alcatel-Lucent) C:\Program Files (x86)\ATT\8.4.1.12\ma\bin\MAHostService.exe
(Joyent, Inc) C:\Program Files (x86)\ATT\8.4.1.12\ma\bin\node.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Siber Systems Inc.) C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome-nm-host.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 12\SnagitEditor.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 12\TscHelp.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 12\Snagit32.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 12\SnagPriv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\btvstack.exe [1023104 2012-11-29] (Atheros Commnucations)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7636696 2014-09-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1396592 2014-09-01] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [286192 2013-01-31] (Intel Corporation)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\athbttray.exe [801920 2012-11-29] (Atheros Commnucations)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-10-30] (Adobe Systems Incorporated)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2014-10-08] (LogMeIn, Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-03-06] (Intel Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2304688 2015-12-15] (Adobe Systems Incorporated)
HKU\S-1-5-21-312271826-1430807147-1564925630-1000\...\Run: [Google Update] => C:\Users\ELLIS7\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc.)
HKU\S-1-5-21-312271826-1430807147-1564925630-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-312271826-1430807147-1564925630-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [61200 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-312271826-1430807147-1564925630-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-312271826-1430807147-1564925630-1000\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110160 2015-10-08] (Siber Systems)
HKU\S-1-5-21-312271826-1430807147-1564925630-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd)
HKU\S-1-5-21-312271826-1430807147-1564925630-1000\...\Run: [GoogleChromeAutoLaunch_336ADEA2984D967F8E6E6EDE8C033298] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [741704 2015-12-10] (Google Inc.)
HKU\S-1-5-21-312271826-1430807147-1564925630-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\MARINE~1.SCR [6696960 2009-05-11] (SereneScreen)
HKU\S-1-5-18\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoInternetOpenWith] 1
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [  OCError] -> {0960F090-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2014-12-17] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCErrorShared] -> {0960F091-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2014-12-17] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCOK] -> {0960F092-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2014-12-17] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCOKShared] -> {0960F093-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2014-12-17] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCSync] -> {0960F094-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2014-12-17] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCSyncShared] -> {0960F095-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2014-12-17] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCWarning] -> {0960F096-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2014-12-17] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCWarningShared] -> {0960F097-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2014-12-17] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ELLIS7\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ELLIS7\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ELLIS7\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ELLIS7\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ELLIS7\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ELLIS7\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ELLIS7\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ELLIS7\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
Startup: C:\Users\ELLIS7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-12]
ShortcutTarget: Dropbox.lnk -> C:\Users\ELLIS7\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{21AA41F6-EBD4-4282-AA60-F9ECE80B892E}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{21AA41F6-EBD4-4282-AA60-F9ECE80B892E}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{7CBD867B-B372-4B6A-A9B2-15707323AB2D}: [DhcpNameServer] 192.168.1.254
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-312271826-1430807147-1564925630-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-312271826-1430807147-1564925630-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-312271826-1430807147-1564925630-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
SearchScopes: HKU\S-1-5-21-312271826-1430807147-1564925630-1000 -> {B366EC1A-70A0-48DB-BC4B-03D3BC58E7C1} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2015-12-18] (Microsoft Corporation)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-10-08] (Siber Systems Inc.)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2016-01-04] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2015-12-18] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2015-12-18] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2016-01-04] (Oracle Corporation)
BHO-x32: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27] (Adobe Systems, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2012-06-14] (CANON INC.)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2015-10-08] (Siber Systems Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2016-01-04] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-11-29] (Atheros Commnucations)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2015-12-18] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2016-01-04] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-10-08] (Siber Systems Inc.)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2015-10-08] (Siber Systems Inc.)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27] (Adobe Systems, Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2012-06-14] (CANON INC.)
Toolbar: HKU\S-1-5-21-312271826-1430807147-1564925630-1000 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-10-08] (Siber Systems Inc.)
Toolbar: HKU\S-1-5-21-312271826-1430807147-1564925630-1000 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  No File
Toolbar: HKU\S-1-5-21-312271826-1430807147-1564925630-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {108D3206-846A-4A93-BACB-F0572D043ED7} hxxp://216.212.5.10:85/webrec.cab
DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} hxxps://secure.logmein.com//activex/ractrl.cab?lmi=2063
Handler-x32: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - C:\Program Files (x86)\Intuit\QuickBooks 2012\HelpAsyncPluggableProtocol.dll [2015-02-27] (Intuit, Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-18] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-18] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-18] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-18] (Microsoft Corporation)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\ELLIS7\AppData\Roaming\Mozilla\Firefox\Profiles\kv4ir4ex.default-1416336359338
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-29] ()
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2016-01-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2016-01-04] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-12-15] (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2015-11-18] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2016-01-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2016-01-04] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2015-12-18] (Microsoft Corporation)
FF Plugin-x32: @Motive.com/NpMotive,version=1.0 -> C:\Program Files (x86)\ATT\8.4.1.12\ma\bin\npMotive.dll [2014-08-27] (Alcatel-Lucent)
FF Plugin-x32: @Motive.com/npMotiveRequest,version=1.0 -> C:\Program Files (x86)\Common Files\Motive\npMotiveRequest.dll [2011-12-06] (Alcatel-Lucent)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-08-23] (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-06] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-06] (NVIDIA Corporation)
FF Plugin-x32: @samsungsmartcam.com/npwViewer -> C:\Program Files (x86)\Samsung\SmartCam\npwViewer_lib.dll [2014-11-27] (Samsung Techwin)
FF Plugin-x32: @samsungsmartcam.com/npwViewer_turn -> C:\Program Files (x86)\Samsung\SmartCam\npwViewer_lib_turn.dll [2014-11-27] (Samsung Techwin)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-01] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-12-15] (Adobe Systems)
FF Plugin-x32: samsungtechwin.com/SmartCamFinder -> C:\Program Files (x86)\Samsung\SmartCam\npSmartCamFinder.dll [2014-08-17] (Samsung Techwin)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin HKU\S-1-5-21-312271826-1430807147-1564925630-1000: @citrixonline.com/appdetectorplugin -> C:\Users\ELLIS7\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2013-10-24] (Citrix Online)
FF Plugin HKU\S-1-5-21-312271826-1430807147-1564925630-1000: @samsungsmartcam.com/npwViewer -> C:\Program Files (x86)\Samsung\SmartCam\npwViewer_lib.dll [2014-11-27] (Samsung Techwin)
FF Plugin HKU\S-1-5-21-312271826-1430807147-1564925630-1000: @samsungsmartcam.com/npwViewer_turn -> C:\Program Files (x86)\Samsung\SmartCam\npwViewer_lib_turn.dll [2014-11-27] (Samsung Techwin)
FF Plugin HKU\S-1-5-21-312271826-1430807147-1564925630-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\ELLIS7\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-312271826-1430807147-1564925630-1000: @talk.google.com/O1DPlugin -> C:\Users\ELLIS7\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-312271826-1430807147-1564925630-1000: @tools.google.com/Google Update;version=3 -> C:\Users\ELLIS7\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.)
FF Plugin HKU\S-1-5-21-312271826-1430807147-1564925630-1000: @tools.google.com/Google Update;version=9 -> C:\Users\ELLIS7\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.)
FF Plugin HKU\S-1-5-21-312271826-1430807147-1564925630-1000: samsungtechwin.com/SmartCamFinder -> C:\Program Files (x86)\Samsung\SmartCam\npSmartCamFinder.dll [2014-08-17] (Samsung Techwin)
FF Plugin HKU\S-1-5-21-312271826-1430807147-1564925630-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Users\ELLIS7\AppData\Roaming\mozilla\plugins\npatgpc.dll [2014-07-24] (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\ELLIS7\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\ELLIS7\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Extension: iCloud Bookmarks - C:\Users\ELLIS7\AppData\Roaming\Mozilla\Firefox\Profiles\kv4ir4ex.default-1416336359338\Extensions\firefoxdav@icloud.com [2015-06-15]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-08-30] [not signed]
FF Extension: Motive Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\mcciwbch@motive.com.xpi [2014-12-23] [not signed]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-08-30] [not signed]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08]
FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: Adobe Contribute Toolbar - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2013-09-12] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox\roboform.xpi
FF Extension: RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox\roboform.xpi [2015-10-08]
FF HKU\S-1-5-21-312271826-1430807147-1564925630-1000\...\Firefox\Extensions: [{3f34ed98-04e6-4252-9646-d930abe8bd3b}] - C:\Program Files (x86)\findAdeal\135.xpi => not found
FF HKU\S-1-5-21-312271826-1430807147-1564925630-1000\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox\roboform.xpi
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-09-17] <==== ATTENTION
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.ighome.com/
CHR StartupUrls: Default -> "hxxp://www.ighome.com/","hxxps://mail.google.com/mail/u/0/#inbox","hxxps://us-mg4.mail.yahoo.com/neo/launch?.partner=sbc&.rand=fingnteh6n1q1","hxxps://www.folioidentity.com/identity/login?service=https%3A%2F%2Fverification.folioidentity.com%3A443%2Fverification%2Flogin%3Fservice%3Dhttps%253A%252F%252Fwww.folioinvesting.com%253A443%252Fj_security_check%26login.partnercode%3DDEFAULT%26login.sourcehost%3Dhttps%253A%252F%252Fwww.folioinvesting.com%253A443&login.partnercode=DEFAULT&login.sourcehost=https%3A%2F%2Fwww.folioinvesting.com%3A443","hxxps://calendar.google.com/calendar/render?pli=1#main_7","hxxps://www.google.com/"
CHR Profile: C:\Users\ELLIS7\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\ELLIS7\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-04]
CHR Extension: (Google Docs) - C:\Users\ELLIS7\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-04]
CHR Extension: (Google Drive) - C:\Users\ELLIS7\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-04]
CHR Extension: (YouTube) - C:\Users\ELLIS7\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-04]
CHR Extension: (SIP Caller click to call) - C:\Users\ELLIS7\AppData\Local\Google\Chrome\User Data\Default\Extensions\ceiljlhenjgjmffkmfccjoehdpppcgfg [2016-01-05]
CHR Extension: (Pushbullet) - C:\Users\ELLIS7\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2016-01-10]
CHR Extension: (Google Search) - C:\Users\ELLIS7\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-04]
CHR Extension: (Pointofmail.com Email Tracking & Recall) - C:\Users\ELLIS7\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbfenljjbahpbnpffpepeiommncfckci [2016-01-05]
CHR Extension: (Google Sheets) - C:\Users\ELLIS7\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-04]
CHR Extension: (Authy) - C:\Users\ELLIS7\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaedmjdfmmahhbjefcbgaolhhanlaolb [2016-01-05]
CHR Extension: (Google Docs Offline) - C:\Users\ELLIS7\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-04]
CHR Extension: (Desktop Notifications for Android) - C:\Users\ELLIS7\AppData\Local\Google\Chrome\User Data\Default\Extensions\giicnncicnopjohcpamieklkiacdoeni [2016-01-05]
CHR Extension: (Blockchain) - C:\Users\ELLIS7\AppData\Local\Google\Chrome\User Data\Default\Extensions\glaohkkooicollgefkkmndjcbblominl [2016-01-05]
CHR Extension: (Google Calendar (by Google)) - C:\Users\ELLIS7\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2016-01-05]
CHR Extension: (Chrome to Mobile) - C:\Users\ELLIS7\AppData\Local\Google\Chrome\User Data\Default\Extensions\idknbmbdnapjicclomlijcgfpikmndhd [2016-01-05]
CHR Extension: (Google Hangouts) - C:\Users\ELLIS7\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2016-01-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\ELLIS7\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-04]
CHR Extension: (SpeakIt!) - C:\Users\ELLIS7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgeolalilifpodheeocdmbhehgnkkbak [2016-01-05]
CHR Extension: (Gmail) - C:\Users\ELLIS7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-04]
CHR Extension: (RoboForm Password Manager) - C:\Users\ELLIS7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2016-01-05]
CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-02-27]
CHR HKLM-x32\...\Chrome\Extension: [lggaaajacmlhgbpldaboipiinndchjgm] - C:\Program Files (x86)\MediaMall\toolbar\ce.crx <not found>
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [683696 2015-11-16] (Adobe Systems Incorporated)
R2 Agent; C:\Windows\VPDAgent_x64.exe [148480 2013-11-14] (Two Pilots) [File not signed]
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016448 2015-11-25] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-05-07] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [945152 2013-04-15] (ASUSTeK Computer Inc.) [File not signed]
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.22\AsusFanControlService.exe [1639424 2013-04-19] (ASUSTeK Computer Inc.) [File not signed]
R2 AT&T Troubleshoot & Resolve; C:\Program Files (x86)\ATT\8.4.1.12\ma\bin\MAHostService.exe [321024 2014-08-27] (Alcatel-Lucent) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [232064 2012-11-29] (Atheros Commnucations) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2748600 2015-12-04] (Microsoft Corporation)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [240576 2013-10-07] (DTS, Inc)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2013-09-12] (Macrovision Europe Ltd.) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-04-03] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [417288 2015-12-08] (LogMeIn, Inc.)
R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [507400 2015-12-08] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2014-10-08] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 MSSQLFDLauncher; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [50880 2014-02-21] (Microsoft Corporation)
R2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [372416 2015-06-09] (Microsoft Corporation)
R2 MySQL56; C:\ProgramData\MySQL\MySQL Server 5.6\my.ini [14258 2014-06-23] () [File not signed]
R2 Neat Startup Service; C:\Program Files (x86)\Neat\exec\NeatStartupService.exe [26624 2015-07-14] (The Neat Company) [File not signed]
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 pcCMService64; C:\Program Files\Common Files\Motive\pcCMService.exe [460800 2013-10-22] (Alcatel-Lucent) [File not signed]
R2 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2015-02-27] (Intuit) [File not signed]
S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2012-12-06] (Intuit Inc.) [File not signed]
R2 QBVSS; C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [1248256 2012-12-06] (Intuit Inc.) [File not signed]
R2 ReportServer; C:\Program Files\Microsoft SQL Server\MSRS12.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2467008 2015-04-20] (Microsoft Corporation)
S4 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [613056 2015-06-09] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TechSmith Uploader Service; C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3408384 2015-01-26] (TechSmith Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [627992 2014-01-13] (Wacom Technology, Corp.)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [635160 2014-04-03] (Wacom Technology, Corp.)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [327296 2012-11-29] (Atheros) [File not signed]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTek Computer Inc.)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [47512 2013-01-10] (Asmedia Technology)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-21] ()
S3 ASMTFilter; C:\Windows\SysWow64\drivers\asmtufdriver.sys [21400 2013-01-28] (hxxp://www.asmedia.com.tw) [File not signed]
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-13] ()
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-19] (MCCI Corporation)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-11-14] (AVG Technologies)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [496400 2013-02-26] (Intel Corporation)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-01-31] (Intel Corporation)
R4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [23680 2013-01-25] (ASUSTeK Computer Inc.)
R4 IOMap; C:\Windows\SysWOW64\drivers\IOMap64.sys [0 2013-11-26] () <==== ATTENTION (zero byte File/Folder)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2014-10-08] (LogMeIn, Inc.)
S4 LMIRfsClientNP; no ImagePath
S3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-12] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [118272 2014-04-03] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MREMP50a64; C:\Program Files\Common Files\Motive\MREMP50a64.SYS [43008 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50a64; C:\Program Files\Common Files\Motive\MRESP50a64.SYS [40960 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA))
R3 msvad_simple; C:\Windows\System32\drivers\povrtdev.sys [28528 2015-06-20] (MediaMall Technologies, Inc.)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 RDID1009; C:\Windows\System32\Drivers\rdwm1009.sys [81920 2009-09-18] (Roland Corporation)
S4 RsFx0310; C:\Windows\System32\DRIVERS\RsFx0310.sys [249024 2015-04-20] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [31472 2014-04-07] (Synaptics Incorporated)
R3 vrvd5; C:\Windows\System32\DRIVERS\vrvd5.sys [13344 2014-12-30] (Rsupport Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-12 11:30 - 2016-01-12 11:30 - 00047448 _____ C:\Users\ELLIS7\Downloads\FRST.txt
2016-01-12 11:28 - 2016-01-12 11:30 - 00000000 ____D C:\FRST
2016-01-12 11:27 - 2016-01-12 11:27 - 02370560 _____ (Farbar) C:\Users\ELLIS7\Downloads\FRST64.exe
2016-01-12 08:02 - 2016-01-12 10:53 - 00011547 _____ C:\Users\ELLIS7\Downloads\WatchDataExport_20160112.xlsx
2016-01-12 08:02 - 2016-01-12 08:08 - 00009944 _____ C:\Users\ELLIS7\Downloads\RecommendationDataExport_20160112.xlsx
2016-01-12 08:02 - 2016-01-12 08:06 - 00053730 _____ C:\Users\ELLIS7\Downloads\RawDataExport_20160112.xlsx
2016-01-12 08:01 - 2016-01-12 08:06 - 00009676 _____ C:\Users\ELLIS7\Downloads\FolioDataExport_20160112 (1).xlsx
2016-01-12 08:01 - 2016-01-12 08:01 - 00004989 _____ C:\Users\ELLIS7\Downloads\FolioDataExport_20160112.xlsx
2016-01-12 07:24 - 2016-01-12 07:24 - 02329602 _____ C:\Users\ELLIS7\Downloads\w_aaaa2822.pdf
2016-01-12 00:59 - 2016-01-12 00:59 - 00090000 _____ C:\Users\ELLIS7\Desktop\2016-01-12_0-59-08.pdf
2016-01-12 00:56 - 2016-01-12 00:59 - 00017562 _____ C:\Users\ELLIS7\Desktop\2016-01-12_0-56-03.pdf
2016-01-12 00:31 - 2016-01-12 00:31 - 00000000 ____D C:\Users\ELLIS7\Documents\Add-in Express
2016-01-12 00:28 - 2016-01-12 00:28 - 00001527 _____ C:\Users\ELLIS7\Downloads\download_1452576517835.csv
2016-01-11 23:49 - 2016-01-12 07:09 - 00000000 ____D C:\Users\ELLIS7\Desktop\Fix MBAM Virus
2016-01-11 23:46 - 2016-01-11 23:46 - 00001845 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2016-01-11 23:46 - 2016-01-11 23:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-01-11 23:46 - 2016-01-11 23:46 - 00000000 ____D C:\Program Files (x86)\QuickTime
2016-01-11 18:11 - 2016-01-11 18:11 - 00000000 ____D C:\ProgramData\MediaMall
2016-01-11 17:22 - 2016-01-11 17:22 - 00000000 ____D C:\Program Files (x86)\ESET
2016-01-11 17:21 - 2016-01-11 17:21 - 02870984 _____ (ESET) C:\Users\ELLIS7\Downloads\esetsmartinstaller_enu.exe
2016-01-11 17:08 - 2016-01-11 17:08 - 01600184 _____ (Malwarebytes) C:\Users\ELLIS7\Downloads\JRT.exe
2016-01-11 16:10 - 2016-01-11 16:10 - 00000000 ___RD C:\Users\ELLIS7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2016-01-11 15:50 - 2016-01-11 15:50 - 01754112 _____ C:\Users\ELLIS7\Downloads\AdwCleaner.exe
2016-01-11 15:03 - 2016-01-11 15:03 - 22908888 _____ (Malwarebytes ) C:\Users\ELLIS7\Downloads\mbam-setup-2.2.0.1024 (1).exe
2016-01-11 14:46 - 2016-01-11 14:46 - 06808384 _____ (Piriform Ltd) C:\Users\ELLIS7\Downloads\ccsetup513pro.exe
2016-01-11 14:46 - 2016-01-11 14:46 - 06808384 _____ (Piriform Ltd) C:\Users\ELLIS7\Downloads\ccsetup513pro (1).exe
2016-01-10 15:37 - 2016-01-11 16:11 - 00000000 ___RD C:\Users\ELLIS7\Creative Cloud Files
2016-01-10 15:36 - 2009-08-19 22:50 - 00024416 ____R (Adobe Systems Inc.) C:\Windows\system32\AdobePDFUI.dll
2016-01-10 15:34 - 2016-01-10 15:34 - 00001221 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2016-01-10 15:34 - 2016-01-10 15:34 - 00001209 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2016-01-09 17:29 - 2016-01-09 17:29 - 00543932 _____ C:\Users\ELLIS7\Documents\SheradskySolicitation.pdf
2016-01-09 17:28 - 2016-01-09 17:28 - 00539699 _____ C:\Users\ELLIS7\Documents\IMG_20160109_0004.pdf
2016-01-09 17:02 - 2016-01-09 17:04 - 01209819 _____ C:\Users\ELLIS7\Documents\IMG_20160109_0003.pdf
2016-01-09 17:01 - 2016-01-09 17:01 - 00004307 _____ C:\Users\ELLIS7\Documents\IMG_20160109_0002.pdf
2016-01-09 16:57 - 2016-01-09 16:57 - 00580415 _____ C:\Users\ELLIS7\Documents\IMG_20160109_0001.pdf
2016-01-09 16:45 - 2016-01-09 16:45 - 00002031 _____ C:\Users\ELLIS7\Downloads\0A9394100K08_holdings_20160109_1646.csv
2016-01-09 16:39 - 2016-01-09 16:39 - 00000000 ____D C:\SSG
2016-01-09 16:35 - 2016-01-09 16:36 - 57280903 _____ (AAII) C:\Users\ELLIS7\Downloads\stockinvestorinstall.exe
2016-01-09 16:35 - 2016-01-09 16:35 - 07528960 _____ C:\Users\ELLIS7\Downloads\SSG (59).exe
2016-01-06 14:03 - 2016-01-06 14:03 - 00014063 _____ C:\Users\ELLIS7\Downloads\12-2015 (1).PDF
2016-01-06 14:03 - 2016-01-06 14:03 - 00014063 _____ C:\Users\ELLIS7\Downloads\11-2015 (1).PDF
2016-01-06 14:03 - 2016-01-06 14:03 - 00014059 _____ C:\Users\ELLIS7\Downloads\08-2015 (1).PDF
2016-01-06 14:03 - 2016-01-06 14:03 - 00014056 _____ C:\Users\ELLIS7\Downloads\09-2015 (1).PDF
2016-01-06 14:03 - 2016-01-06 14:03 - 00014053 _____ C:\Users\ELLIS7\Downloads\07-2015 (1).PDF
2016-01-06 14:02 - 2016-01-06 14:05 - 00000000 ____D C:\Users\ELLIS7\Desktop\SalesTaxes2015
2016-01-06 13:57 - 2016-01-06 13:57 - 00014062 _____ C:\Users\ELLIS7\Downloads\10-2015.PDF
2016-01-04 21:52 - 2016-01-04 21:52 - 00849008 _____ (Webroot) C:\Users\ELLIS7\Downloads\sysbbanalyzer.exe
2016-01-04 21:11 - 2016-01-04 21:11 - 00002255 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-04 21:11 - 2016-01-04 21:11 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1475e64c64e67.job
2016-01-04 21:11 - 2016-01-04 21:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-01-04 21:08 - 2016-01-04 21:08 - 00036852 _____ C:\Users\ELLIS7\Desktop\google.reg
2016-01-04 20:52 - 2016-01-04 20:52 - 00927824 _____ (Google Inc.) C:\Users\ELLIS7\Downloads\ChromeSetup.exe
2016-01-04 20:41 - 2016-01-04 20:41 - 00000000 ____D C:\Users\ELLIS7\Downloads\avz4
2016-01-04 20:41 - 2016-01-04 20:41 - 00000000 ____D C:\Users\ELLIS7\AppData\LocalLow\WINZIP_P054d
2016-01-04 20:40 - 2016-01-04 20:40 - 09842759 _____ C:\Users\ELLIS7\Downloads\avz4.zip
2016-01-04 20:35 - 2016-01-04 20:35 - 45414480 _____ (Google Inc.) C:\Users\ELLIS7\Downloads\ChromeStandaloneSetup.exe
2016-01-04 20:15 - 2016-01-04 20:15 - 00000000 ____D C:\Users\ELLIS7\AppData\LocalLow\WINZIP_Pd1bf
2016-01-04 20:14 - 2016-01-04 20:38 - 00000000 ____D C:\Users\ELLIS7\Downloads\revouninstaller-portable
2016-01-04 20:13 - 2016-01-04 20:13 - 03007700 _____ C:\Users\ELLIS7\Downloads\revouninstaller (1).zip
2016-01-04 20:12 - 2016-01-04 20:12 - 03007700 _____ C:\Users\ELLIS7\Downloads\revouninstaller.zip
2016-01-04 18:52 - 2016-01-12 08:09 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-01-04 18:52 - 2016-01-11 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-01-04 18:52 - 2016-01-11 15:04 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-01-04 18:52 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-01-04 18:52 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-01-04 18:52 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-01-04 18:51 - 2016-01-04 18:51 - 22908888 _____ (Malwarebytes ) C:\Users\ELLIS7\Downloads\mbam-setup-2.2.0.1024.exe
2016-01-04 18:00 - 2016-01-04 18:01 - 00260716 _____ C:\TDSSKiller.3.1.0.9_04.01.2016_18.00.11_log.txt
2016-01-04 17:59 - 2016-01-04 13:13 - 00326752 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2016-01-04 17:59 - 2016-01-04 13:13 - 00206944 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2016-01-04 17:59 - 2016-01-04 13:13 - 00206944 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2016-01-04 17:58 - 2016-01-04 13:12 - 00278624 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2016-01-04 17:58 - 2016-01-04 13:12 - 00191584 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2016-01-04 17:58 - 2016-01-04 13:12 - 00191072 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2016-01-04 17:25 - 2016-01-04 17:25 - 00000000 ____D C:\Users\ELLIS7\AppData\Local\CEF
2016-01-04 16:05 - 2016-01-04 16:05 - 01592736 _____ (LogMeIn, Inc.) C:\Users\ELLIS7\Downloads\Support-LogMeInRescue (4).exe
2016-01-04 15:23 - 2016-01-04 15:23 - 94106531 _____ C:\Users\ELLIS7\Downloads\20160104_140709.mp4
2016-01-04 15:14 - 2016-01-04 15:14 - 33770634 _____ C:\Users\ELLIS7\Downloads\Copy of 20160104_140709 (1).mp4
2016-01-04 15:06 - 2016-01-04 15:06 - 33770634 _____ C:\Users\ELLIS7\Downloads\Copy of 20160104_140709.mp4
2016-01-04 13:13 - 2016-01-04 13:13 - 00110176 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2016-01-04 13:12 - 2016-01-04 17:26 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-01-04 13:12 - 2016-01-04 13:12 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2016-01-04 13:11 - 2016-01-04 13:12 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-04 13:11 - 2016-01-04 13:11 - 00002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-01-04 12:57 - 2016-01-04 12:58 - 00000000 ____D C:\NPE
2016-01-04 12:54 - 2016-01-04 18:08 - 00000000 ____D C:\Users\ELLIS7\AppData\Local\NPE
2016-01-04 12:48 - 2016-01-04 12:49 - 00261532 _____ C:\TDSSKiller.3.1.0.9_04.01.2016_12.48.24_log.txt
2016-01-04 11:25 - 2016-01-04 11:27 - 00000000 ____D C:\ProgramData\WRData
2016-01-04 11:24 - 2016-01-04 11:24 - 01592736 _____ (LogMeIn, Inc.) C:\Users\ELLIS7\Downloads\Support-LogMeInRescue (3).exe
2016-01-04 11:23 - 2016-01-04 11:23 - 01592736 _____ (LogMeIn, Inc.) C:\Users\ELLIS7\Downloads\Support-LogMeInRescue.exe
2016-01-04 11:23 - 2016-01-04 11:23 - 01592736 _____ (LogMeIn, Inc.) C:\Users\ELLIS7\Downloads\Support-LogMeInRescue (2).exe
2016-01-04 11:23 - 2016-01-04 11:23 - 01592736 _____ (LogMeIn, Inc.) C:\Users\ELLIS7\Downloads\Support-LogMeInRescue (1).exe
2015-12-28 18:52 - 2015-12-28 18:52 - 00004819 _____ C:\Users\ELLIS7\Downloads\Suntrust_History.qfx
2015-12-27 14:05 - 2015-12-27 14:05 - 03727338 _____ C:\Users\ELLIS7\Downloads\173CC.mp4
2015-12-25 13:09 - 2015-12-25 13:09 - 00000869 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasyVSL.lnk
2015-12-25 13:09 - 2015-12-25 13:09 - 00000000 ____D C:\Program Files (x86)\EasyVSL
2015-12-20 17:18 - 2015-12-20 17:18 - 00001321 _____ C:\Users\ELLIS7\Downloads\insight_tT0PfKKp8gw_TwJ_zt1D30yVvotUz2MSKA_2015-11-21-2015-12-18_world.zip
2015-12-20 05:55 - 2015-12-20 05:55 - 00000000 ____D C:\Users\ELLIS7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Technitya.com
2015-12-20 05:32 - 2015-12-20 05:32 - 00427400 _____ () C:\Users\ELLIS7\Downloads\setup.exe
2015-12-19 15:50 - 2015-12-19 15:50 - 04890856 _____ (ReviverSoft LLC) C:\Users\ELLIS7\Downloads\DriverReviverSetup_ppc.exe
2015-12-19 11:32 - 2015-12-19 11:32 - 07558656 _____ C:\Users\ELLIS7\Downloads\SSG (58).exe
2015-12-19 06:41 - 2015-12-19 06:41 - 00114735 _____ C:\Users\ELLIS7\Downloads\AutoIDCards.pdf
2015-12-18 16:07 - 2015-12-18 16:07 - 03974216 _____ C:\Users\ELLIS7\Downloads\GoingGlobal-2015.pdf
2015-12-17 16:26 - 2015-12-17 16:26 - 00000109 _____ C:\Users\ELLIS7\Desktop\Accounts for Ellis Traub.url
2015-12-16 07:11 - 2015-12-16 07:11 - 07563776 _____ C:\Users\ELLIS7\Downloads\SSG (57).exe
2015-12-15 16:46 - 2016-01-07 22:29 - 00096278 _____ C:\Users\ELLIS7\Documents\CrisisManagement2.xlsm
2015-12-15 12:27 - 2015-12-15 12:27 - 00000000 ____D C:\Users\ELLIS7\AppData\Roaming\(C8-A8-23-CA-B2-BA)
2015-12-15 00:40 - 2015-12-15 00:40 - 00000061 _____ C:\Users\ELLIS7\Desktop\QuickBooks.url
2015-12-15 00:12 - 2015-12-15 00:12 - 00001713 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-12-15 00:12 - 2015-12-15 00:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-12-15 00:12 - 2015-12-15 00:12 - 00000000 ____D C:\Program Files\iTunes
2015-12-15 00:12 - 2015-12-15 00:12 - 00000000 ____D C:\Program Files\iPod
2015-12-15 00:12 - 2015-12-15 00:12 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-12-14 14:12 - 2015-12-14 14:12 - 00000000 ____D C:\Users\ELLIS7\AppData\Local\OfficeBSCache-MyComputer
2015-12-14 14:04 - 2015-12-17 20:10 - 00003601 _____ C:\Users\ELLIS7\AppData\Local\OfficeMix_16_0.txt
2015-12-14 14:04 - 2015-12-14 14:04 - 00000000 ____D C:\Program Files (x86)\Office Mix
2015-12-14 14:03 - 2015-12-14 14:03 - 08725392 _____ (Microsoft Corporation) C:\Users\ELLIS7\Downloads\OfficeMix.Setup.exe
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-12 11:28 - 2009-07-13 22:20 - 00000000 ____D C:\Windows
2016-01-12 11:26 - 2015-06-06 16:21 - 00000922 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-312271826-1430807147-1564925630-1000UA.job
2016-01-12 11:21 - 2013-11-22 10:55 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-312271826-1430807147-1564925630-1000UA.job
2016-01-12 11:14 - 2014-07-18 14:56 - 00000540 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-312271826-1430807147-1564925630-1000.job
2016-01-12 11:00 - 2013-09-11 04:27 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-12 10:59 - 2014-06-25 13:27 - 00000000 ____D C:\Users\ELLIS7\AppData\Local\Deployment
2016-01-12 10:52 - 2013-09-11 06:02 - 00000000 ____D C:\ProgramData\LogMeIn
2016-01-12 10:47 - 2015-05-30 04:16 - 00000636 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-312271826-1430807147-1564925630-1000.job
2016-01-12 10:37 - 2013-09-12 22:25 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-12 10:23 - 2009-07-13 23:45 - 00013472 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-12 10:23 - 2009-07-13 23:45 - 00013472 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-12 07:42 - 2013-09-11 04:27 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-12 02:00 - 2013-09-12 17:43 - 00000000 ____D C:\Users\ELLIS7\AppData\Local\Adobe
2016-01-11 23:04 - 2013-11-22 10:55 - 00000860 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-312271826-1430807147-1564925630-1000Core.job
2016-01-11 22:45 - 2015-09-28 13:46 - 00000000 ____D C:\Users\ELLIS7\Downloads\Download Archives
2016-01-11 22:00 - 2015-07-15 14:42 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bf3673b8ff8f.job
2016-01-11 19:21 - 2015-07-15 14:06 - 00000860 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-312271826-1430807147-1564925630-1000Core1d0bf314c593375.job
2016-01-11 17:12 - 2015-08-13 10:29 - 00000000 ____D C:\Program Files (x86)\MediaMall
2016-01-11 17:11 - 2014-12-23 18:28 - 00000000 ____D C:\Program Files (x86)\ATT
2016-01-11 16:14 - 2009-07-14 00:13 - 00992178 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-11 16:14 - 2009-07-13 22:20 - 00000000 ___HD C:\Windows\inf
2016-01-11 16:11 - 2014-09-08 17:48 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-01-11 16:10 - 2014-12-17 09:42 - 00000000 ___RD C:\Users\ELLIS7\iCloudDrive
2016-01-11 16:10 - 2014-10-18 17:24 - 00000988 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2016-01-11 16:10 - 2013-09-12 20:42 - 00000000 ___RD C:\Users\ELLIS7\Dropbox
2016-01-11 16:10 - 2013-09-12 20:25 - 00000000 ____D C:\Users\ELLIS7\AppData\Roaming\Dropbox
2016-01-11 16:09 - 2013-09-11 04:54 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-11 16:09 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-11 16:07 - 2013-11-18 17:03 - 00000000 ____D C:\AdwCleaner
2016-01-11 16:05 - 2013-09-12 17:58 - 00000000 ____D C:\Program Files\Adobe
2016-01-11 15:58 - 2013-09-10 12:31 - 00000000 ____D C:\Users\ELLIS7
2016-01-11 15:25 - 2014-09-08 18:02 - 00000000 ____D C:\Windows\twain_64
2016-01-11 14:50 - 2013-09-16 16:51 - 00000000 ____D C:\Users\ELLIS7\AppData\Local\CrashDumps
2016-01-11 14:46 - 2013-09-13 14:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-01-11 14:46 - 2013-09-13 14:01 - 00000000 ____D C:\Program Files\CCleaner
2016-01-10 15:38 - 2013-09-12 17:48 - 00000000 ____D C:\ProgramData\Adobe
2016-01-10 15:37 - 2013-09-11 06:11 - 00000000 ____D C:\Users\ELLIS7\AppData\Roaming\Adobe
2016-01-10 15:36 - 2013-09-12 18:21 - 00002465 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 9.lnk
2016-01-10 15:36 - 2013-09-12 18:21 - 00002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 9 Pro.lnk
2016-01-10 15:30 - 2013-09-12 17:52 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-01-10 06:53 - 2014-09-08 17:40 - 00000000 ____D C:\Users\Public\Documents\Neat ADF Scanner
2016-01-10 06:51 - 2014-08-27 20:31 - 00000000 ____D C:\Users\MSSQLFDLauncher
2016-01-10 06:36 - 2015-09-04 16:23 - 00000000 ____D C:\Users\ELLIS7\Desktop\desktop items
2016-01-10 06:25 - 2013-09-12 12:50 - 00000000 ____D C:\Users\ELLIS7\AppData\Roaming\Skype
2016-01-10 00:00 - 2013-09-11 06:10 - 00000000 ____D C:\Users\ELLIS7\AppData\Local\LogMeInIgnition
2016-01-09 16:42 - 2015-01-21 22:57 - 00000000 ___RD C:\Investware
2016-01-07 15:12 - 2013-10-02 16:58 - 00174920 _____ C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2016-01-07 15:08 - 2013-09-12 14:28 - 00000000 ____D C:\Users\ELLIS7\AppData\Local\LogMeIn Rescue Applet
2016-01-04 21:11 - 2013-09-11 04:27 - 00000000 ____D C:\Program Files (x86)\Google
2016-01-04 19:35 - 2015-07-31 23:43 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-01-04 17:59 - 2014-12-25 09:17 - 00000000 ____D C:\Program Files\Java
2016-01-04 17:58 - 2014-10-17 13:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-01-04 17:58 - 2014-10-17 13:14 - 00000000 ____D C:\Program Files (x86)\Java
2016-01-04 13:14 - 2015-08-27 11:27 - 00000000 ____D C:\Users\ELLIS7\.oracle_jre_usage
2016-01-04 13:13 - 2015-08-14 11:08 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-01-04 13:12 - 2013-09-11 05:23 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-01-04 12:54 - 2013-09-11 14:23 - 00000000 ____D C:\ProgramData\Norton
2016-01-02 16:11 - 2013-09-11 04:42 - 00000000 ____D C:\Users\ELLIS7\AppData\Roaming\Atheros
2016-01-02 11:37 - 2013-09-12 22:25 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-02 11:37 - 2013-09-12 22:25 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-01-02 11:37 - 2013-09-11 05:23 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-01 15:44 - 2014-09-04 12:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YNAB 4
2016-01-01 15:44 - 2014-09-04 12:02 - 00000000 ____D C:\Program Files (x86)\YNAB 4
2015-12-30 14:41 - 2015-05-30 04:16 - 00003670 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-312271826-1430807147-1564925630-1000
2015-12-30 14:41 - 2014-07-18 14:56 - 00003574 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-312271826-1430807147-1564925630-1000
2015-12-26 13:46 - 2015-11-24 10:21 - 03528363 _____ C:\Users\ELLIS7\Desktop\Creating Wealth.pptx
2015-12-25 13:09 - 2015-01-17 17:18 - 00000108 _____ C:\Users\ELLIS7\dkcaCiInqjQse3Ua7MeXuTRQ==
2015-12-24 18:39 - 2013-09-14 23:23 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-12-24 18:37 - 2013-09-12 09:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-12-23 17:45 - 2009-07-14 00:32 - 00000000 ___SD C:\Windows\Downloaded Program Files
2015-12-20 09:02 - 2013-09-12 12:50 - 00000000 ____D C:\ProgramData\Skype
2015-12-20 05:41 - 2015-02-11 17:49 - 00000000 ____D C:\Users\ELLIS7\AppData\Roaming\Microsoft_Corporation
2015-12-18 03:00 - 2015-04-05 02:00 - 00000000 ____D C:\Windows\SysWOW64\GWX
2015-12-18 03:00 - 2015-04-05 02:00 - 00000000 ____D C:\Windows\system32\GWX
2015-12-15 16:46 - 2015-11-25 18:13 - 00084663 _____ C:\Users\ELLIS7\Documents\CrisisManagement.xlsm
2015-12-15 12:45 - 2013-09-11 04:42 - 00000000 ____D C:\Users\ELLIS7\Documents\Bluetooth Folder
2015-12-15 00:12 - 2013-09-19 09:01 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-12-14 15:45 - 2013-09-12 09:57 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-14 14:04 - 2014-06-11 13:55 - 00000000 ____D C:\ProgramData\Package Cache
 
==================== Files in the root of some directories =======
 
2015-11-22 08:29 - 2015-11-22 08:29 - 0000132 _____ () C:\Users\ELLIS7\AppData\Roaming\Adobe GIF Format CS5 Prefs
2013-10-27 13:42 - 2015-11-22 08:34 - 0000132 _____ () C:\Users\ELLIS7\AppData\Roaming\Adobe PNG Format CS5 Prefs
2013-12-03 12:01 - 2014-06-30 14:23 - 0000542 _____ () C:\Users\ELLIS7\AppData\Roaming\InkSaveHook.ini
2015-05-21 09:28 - 2015-05-21 10:28 - 0000115 _____ () C:\Users\ELLIS7\AppData\Roaming\LogFile.txt
2014-03-15 12:36 - 2014-05-20 23:35 - 0000079 _____ () C:\Users\ELLIS7\AppData\Roaming\WB.CFG
2013-10-19 11:01 - 2015-12-01 15:59 - 0001456 _____ () C:\Users\ELLIS7\AppData\Local\Adobe Save for Web 12.0 Prefs
2013-12-26 12:29 - 2013-12-26 12:29 - 0003031 _____ () C:\Users\ELLIS7\AppData\Local\albb4cgceicgqa.ini
2013-12-26 12:31 - 2013-12-26 12:31 - 0002837 _____ () C:\Users\ELLIS7\AppData\Local\llbb1cgceiccea.ini
2015-12-14 14:04 - 2015-12-17 20:10 - 0003601 _____ () C:\Users\ELLIS7\AppData\Local\OfficeMix_16_0.txt
2013-12-05 11:41 - 2015-05-27 14:31 - 0007607 _____ () C:\Users\ELLIS7\AppData\Local\resmon.resmoncfg
2014-06-25 09:12 - 2014-06-25 09:12 - 0000000 _____ () C:\ProgramData\DP45977C.lfl
2014-02-03 17:07 - 2014-11-21 14:42 - 0001009 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2013-11-06 18:22 - 2013-11-06 18:22 - 0004995 _____ () C:\ProgramData\xgneqrwu.hrx
 
Some files in TEMP:
====================
C:\Users\ELLIS7\AppData\Local\Temp\AAMHelper.exe
C:\Users\ELLIS7\AppData\Local\Temp\AdobeApplicationManager.exe
C:\Users\ELLIS7\AppData\Local\Temp\sqlite3.dll
 
 
Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\Drivers\IOMAP64.SYS
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-01-09 00:46
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:10-01-2015 01
Ran by ELLIS7 (2016-01-12 11:31:04)
Running from C:\Users\ELLIS7\Downloads
Windows 7 Professional Service Pack 1 (X64) (2013-09-10 17:31:09)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Admin (S-1-5-21-312271826-1430807147-1564925630-1004 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-312271826-1430807147-1564925630-500 - Administrator - Disabled)
ELLIS7 (S-1-5-21-312271826-1430807147-1564925630-1000 - Administrator - Enabled) => C:\Users\ELLIS7
Guest (S-1-5-21-312271826-1430807147-1564925630-501 - Limited - Disabled)
GuestUser (S-1-5-21-312271826-1430807147-1564925630-1005 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Out of date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Out of date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat 9 Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000004}{AC76BA86-1033-F400-7760-000000000004}) (Version: 9.5.5 - Adobe Systems)
Adobe Acrobat 9.5.5 - CPSID_83708 (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000004}_955) (Version:  - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.204 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.4.3.189 - Adobe Systems Incorporated)
Adobe Creative Suite 5 Web Premium (HKLM-x32\...\{CDC08463-9303-4BF1-BF8C-E1A2ECEE3248}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.270 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.3 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\{315BE77E-D725-477D-9C71-63F78844363C}) (Version: 12.2.2.172 - Adobe Systems, Inc)
Amazon Kindle (HKU\S-1-5-21-312271826-1430807147-1564925630-1000\...\Amazon Kindle) (Version:  - Amazon)
Amazon Music (HKU\S-1-5-21-312271826-1430807147-1564925630-1000\...\Amazon Amazon Music) (Version: 3.9.5.820 - Amazon Services LLC)
ApiViewer 2004 (HKLM-x32\...\{A25947EB-D9C2-4D6E-8051-810C913211B5}_is1) (Version:  - )
Apple Application Support (32-bit) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.4.001 - Asmedia Technology)
ASUS Boot Setting (HKLM-x32\...\{7AAE9187-C24F-4073-A951-36C370E7A3A5}) (Version: 1.00.09 - ASUSTeK Computer Inc.)
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.020 - ASUSTek Computer Inc.)
AT&T Troubleshoot & Resolve (HKLM-x32\...\ATT-AT&T Troubleshoot & Resolve) (Version: 8.4.1.12 - AT&T)
Atheros Bluetooth Filter Driver Package (HKLM\...\{65486209-5C54-439C-8383-8AC9BBE25932}) (Version: 2.0.0.27 - Qualcomm Atheros)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.170 - Atheros)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Autodesk Pixlr (HKLM-x32\...\Autodesk Pixlr) (Version: 1.1.0.0 - Autodesk)
Autodesk Pixlr (x32 Version: 1.1.0.0 - Autodesk) Hidden
Avanquest update (HKLM-x32\...\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}) (Version: 1.34 - Avanquest Software)
AVS Audio Converter 8.0 (HKLM-x32\...\AVS Audio Converter_is1) (Version: 8.0.2.541 - Online Media Technologies Ltd.)
AVS Audio Editor 8.0 (HKLM-x32\...\AVS Audio Editor_is1) (Version: 8.0.2.501 - Online Media Technologies Ltd.)
AVS Disc Creator 5.2 (HKLM-x32\...\AVS Disc Creator_is1) (Version: 5.2.4.534 - Online Media Technologies Ltd.)
AVS Document Converter 3.0.1 (HKLM-x32\...\AVS Document Converter_is1) (Version: 3.0.1.237 - Online Media Technologies Ltd.)
AVS Image Converter 4.0.1.280 (HKLM-x32\...\AVS Image Converter_is1) (Version: 4.0.1.280 - Online Media Technologies Ltd.)
AVS Media Player 4.2.5.108 (HKLM-x32\...\AVS Media Player_is1) (Version: 4.2.5.108 - Online Media Technologies Ltd.)
AVS Photo Editor 2.3.3.147 (HKLM-x32\...\AVS Photo Editor_is1) (Version: 2.3.3.147 - Online Media Technologies Ltd.)
AVS Registry Cleaner 3.0.2.271 (HKLM-x32\...\AVS Registry Cleaner_is1) (Version: 3.0.2.271 - Online Media Technologies Ltd.)
AVS Video Converter 9.1 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 9.1.4.574 - Online Media Technologies Ltd.)
AVS Video Editor 7.1 (HKLM-x32\...\AVS Video Editor_is1) (Version: 7.1.4.264 - Online Media Technologies Ltd.)
AVS Video ReMaker 5.0.1.172 (HKLM-x32\...\AVS Video ReMaker_is1) (Version: 5.0.1.172 - Online Media Technologies Ltd.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon MX450 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX450_series) (Version: 1.00 - Canon Inc.)
Canon MX450 series On-screen Manual (HKLM-x32\...\Canon MX450 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)
Canon MX450 series User Registration (HKLM-x32\...\Canon MX450 series User Registration) (Version:  - ‭Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)
Canvas 9 (HKLM-x32\...\{C0951118-6725-4BD7-9AA8-078C19729ADF}) (Version: 9.0.2.0722 - Deneba)
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
Citrix Online Launcher (HKLM-x32\...\{DB014C85-A264-4BCA-A66F-6DD1FCF8EC36}) (Version: 1.0.335 - Citrix)
CoyoteWT 1.1 (HKLM-x32\...\CoyoteWT_is1) (Version:  - Coyote Electronics Inc.)
CPUID ASUS CPU-Z 1.63 (HKLM\...\CPUID ASUS CPU-Z_is1) (Version: 1.63 - CPUID, Inc.)
CrazyTalk Animator v2.15 PRO (HKLM-x32\...\{7127D4CC-78E6-41E3-8BCB-A50ED34846E2}) (Version: 2.15.2328.1 - Reallusion Inc.)
CrazyTalk v6.21 PRO (HKLM-x32\...\{60CE924D-12CB-4A96-8B75-18F92CE1D585}) (Version: 6.21.1921.1 - Reallusion)
CrazyTalk v7.32 PRO (HKLM-x32\...\{27C4EA98-84A3-4CDF-A436-F984A0283357}) (Version: 7.32.3114.1 - Reallusion Inc.)
Cubby (HKU\S-1-5-21-312271826-1430807147-1564925630-1000\...\Cubby) (Version: 1.0.0.12568 - LogMeIn, Inc.)
CuteFTP 8 Home (HKLM-x32\...\{949DBB22-2FB7-4de1-804C-23D495A988D8}) (Version: 8.3.4 - GlobalSCAPE)
DllTool 1.0 (HKLM-x32\...\{8C36FC6F-3576-447C-B15D-FF1504C91104}_is1) (Version:  - )
Dropbox (HKU\S-1-5-21-312271826-1430807147-1564925630-1000\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
EasyVSL (HKLM-x32\...\com.searchcreatively.EasyVSL) (Version: 2.1.10 - PayKickstart, LLC)
EasyVSL (x32 Version: 2.1.10 - PayKickstart, LLC) Hidden
ecoPrint2 Ink Saver v4.0.1 (HKLM-x32\...\ecoPrint2 Ink Saver_is1) (Version:  - Activewave Interact, Inc.)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Excel 2007 Power Programming with VBA (HKLM-x32\...\Excel 2007 Power Programming with VBA) (Version:  - )
Explaindio Video Creator version 1.005 (HKLM-x32\...\{E9335605-E78E-4783-980B-0832D6517651}_is1) (Version: 1.005 - Explaindio LLC)
Explaindio Video Creator version 1.009 (HKLM-x32\...\{9E347DDD-DB67-4348-8C96-75E0BBC65407}_is1) (Version: 1.009 - Explaindio LLC)
Explaindio Video Creator version 1.010 (HKLM-x32\...\{0B392A4D-A388-40E8-B1A3-6F62A18ED86D}_is1) (Version: 1.010 - Explaindio LLC)
FaceFilter v3.02 PRO (HKLM-x32\...\{6020758E-57A9-41E3-AF20-8EE311EA6156}) (Version: 3.02.1506.1 - Reallusion Inc.)
FastPictureViewer Codec Pack 3.7.0.94 (HKLM-x32\...\{689AED04-976D-4E0E-9E9D-7042E5921FA5}) (Version: 3.7.0.94 - Axel Rietschin Software Developments)
Fotosizer 2.09 (HKLM-x32\...\Fotosizer) (Version: 2.09.0.548 - Fotosizer.com)
GDR 4213 for SQL Server 2014 (KB3070446) (64-bit) (HKLM\...\KB3070446) (Version: 12.1.4213.0 - Microsoft Corporation)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Drive (HKLM-x32\...\{1C3D2F92-D25E-4D98-B810-3F3B0857BF26}) (Version: 1.26.0707.2863 - Google, Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Google+ Auto Backup (HKU\S-1-5-21-312271826-1430807147-1564925630-1000\...\Google+ Auto Backup) (Version: 1.0.26.151 - Google, Inc.)
GoToMeeting 7.8.1.4190 (HKU\S-1-5-21-312271826-1430807147-1564925630-1000\...\GoToMeeting) (Version: 7.8.1.4190 - CitrixOnline)
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
Iconion (HKLM-x32\...\Iconion_is1) (Version:  - )
Incomedia WebSite X5 v11 - Evolution (HKLM-x32\...\{EC4C85CF-8A29-4506-A0A3-78D1B2FA557B}_is1) (Version: 11.0.0.9 - Incomedia s.r.l.)
InPixio Photo (HKLM-x32\...\{5F0C0CD8-77B1-4C3E-9F01-5AF10D85DBB4}) (Version: 6.03.0 - Avanquest Software)
InPixio Photo Clip (HKLM-x32\...\{385677FD-EA78-4945-9AA5-6816F3646529}) (Version: 1.02.26070 - Avanquest Software)
InstaCards (HKLM-x32\...\{58259C24-7B5E-4977-93B0-E9EEA1B884CE}) (Version: 1.4.0 - Avanquest Software)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.1.1000 - Intel Corporation)
Intel® Network Connections 18.1.59.0 (HKLM\...\PROSetDX) (Version: 18.1.59.0 - Intel)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.19 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.)
Java 7 Update 79 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417079FF}) (Version: 7.0.790 - Oracle)
Java 7 Update 79 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217079FF}) (Version: 7.0.790 - Oracle)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
join.me (HKU\S-1-5-21-312271826-1430807147-1564925630-1000\...\JoinMe) (Version: 1.20.0.125 - LogMeIn, Inc.)
Linksys Connect (HKLM-x32\...\Linksys Connect) (Version: 1.5.14350.0 - Linksys LLC)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
LogMeIn (HKLM-x32\...\{697E7F08-CB6F-442A-83CD-D44F54654272}) (Version: 4.1.4634 - LogMeIn, Inc.)
LogMeIn Client (HKLM-x32\...\{D2300C4F-CC9B-4D00-BC53-B4C806A6C7AB}) (Version: 1.3.1675 - LogMeIn, Inc.)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
marketxls (HKU\S-1-5-21-312271826-1430807147-1564925630-1000\...\e88597d31993e0d1) (Version: 2.0.0.4 - Technitya.com)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{BF5ABBDB-D3AA-4BCB-8D10-FCD4A4BB7F93}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.6366.2036 - Microsoft Corporation)
Microsoft Office Configuration Analyzer Tool 1.2 (HKLM-x32\...\{3F2A8BF0-392F-4063-80FC-7A637A45DAB9}) (Version: 1.2.1 - Microsoft Corporation)
Microsoft OLE DB Provider for Visual FoxPro (HKLM-x32\...\{CD5DC4AA-7D62-48D9-B756-5925471001FE}) (Version: 9.0.0.3504 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-312271826-1430807147-1564925630-1000\...\OneDriveSetup.exe) (Version: 17.3.5951.0827 - Microsoft Corporation)
Microsoft Power Query for Excel (HKLM-x32\...\{4AA84DF8-182A-459D-A050-A71BDBFBE9DC}) (Version: 2.26.4128.242 - Microsoft Corporation)
Microsoft Report Viewer 2014 Runtime (HKLM-x32\...\{327E9C0D-1687-414F-923E-F5979E549548}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{705AFC05-AD2F-473E-A2ED-BED746D473F2}) (Version: 12.1.4213.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Policies  (HKLM-x32\...\{1C30FE7E-8A8C-4492-89D6-10CB20C3B0EB}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Setup (English) (HKLM\...\{0EEBDCCA-EF5D-4896-9FEA-D7D410A57E8A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL Compiler Service  (HKLM\...\{5BC5068F-1F64-4D2D-948F-E75F30B850CB}) (Version: 12.1.4213.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{FF7DDA05-6EA7-4C01-B44A-3E57F8B9B97B}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{E3F613C1-105F-4717-BFE7-007729A95D67}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.1.4100.1 - Microsoft Corporation)
Millennium Remote Support (HKLM-x32\...\{BD838A01-5EDF-426E-B4B8-C7E879160FAB}) (Version: 3.0.3821 - Harms Software Inc.)
Millennium SpaFolio Workstation (HKLM-x32\...\{1E460626-4CB8-45AB-8894-CA3C829E3452}) (Version: 12.1.55 - Harms Software Inc.)
MorphVOX Junior (HKLM-x32\...\{E741AE90-F491-4EB2-B160-33B0CCD85CB1}) (Version: 2.8.0 - Screaming Bee)
Movavi Photo Editor (HKLM-x32\...\Movavi Photo Editor) (Version: 1.1.0 - Movavi)
Movavi Screen Capture Studio 4 (HKLM-x32\...\Movavi Screen Capture Studio 4) (Version: 4.2.1 - MOVAVI)
Movavi Video Suite 14 (HKLM-x32\...\Movavi Video Suite 14) (Version: 14.0.1 - Movavi)
Mozilla Firefox 25.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 25.0.1 (x86 en-US)) (Version: 25.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MySQL Connector/C 6.1 (HKLM\...\{BDD417A0-EBEC-46E4-8879-426B9C617C53}) (Version: 6.1.3 - Oracle Corporation)
MySQL Connector/ODBC 5.1 (HKLM-x32\...\{6F206B58-E2F7-4A70-ACAC-8E0ABFBC62F6}) (Version: 5.1.8 - Oracle Corporation)
MySQL Connector/ODBC 5.3 (HKLM\...\{43E572BC-B21F-4BEC-94CA-2D4AA6F53246}) (Version: 5.3.2 - Oracle Corporation)
MySQL For Excel 1.2.1 (HKLM-x32\...\{EC5F887C-FCEE-45D7-BF7B-C0EA767CC45B}) (Version: 1.2.1 - Oracle)
MySQL Installer (HKLM-x32\...\{F0A890B5-DE46-4468-A1DF-8F4DE5C478D0}) (Version: 1.3.6.0 - Oracle Corporation)
MySQL Notifier 1.1.5 (HKLM-x32\...\{DB02F4B3-3FC4-4FED-B2A2-7CDCF88D87D3}) (Version: 1.1.5 - Oracle)
MySQL Server 5.6 (HKLM\...\{FB2E13E5-05CE-4C27-B645-A6FB7D0AB412}) (Version: 5.6.19 - Oracle Corporation)
MySQL Utilities (HKLM-x32\...\{E967FF67-DE28-4BB0-857C-87A825CCF003}) (Version: 1.3.6 - Oracle)
MySQL Workbench 6.1 CE (HKLM-x32\...\{207EB27E-0075-4CFD-8340-A5E386EB85F8}) (Version: 6.1.6 - Oracle Corporation)
Neat (HKLM-x32\...\Neat) (Version: 5.7.1.474 - The Neat Company)
Neat ADF Scanner 2008 Driver (HKLM\...\{8A2BC7D4-A7D3-45D5-B3D2-394718C53C41}) (Version: 2.0.1.5 - The Neat Company)
Neat ADF Scanner Driver (HKLM\...\{A55F1206-BFA7-4027-92B8-CE4EFDBC3CF2}) (Version: 2.0.2.5 - The Neat Company)
Neat Core Files (x32 Version: 5.7.1.474 - The Neat Company) Hidden
Neat Mobile Scanner (Silver) Driver (HKLM\...\{D1108D4B-72F8-419F-88C5-ABB8DC09B3C7}) (Version: 2.0.1.5 - The Neat Company)
Neat Mobile Scanner 2008 Driver (HKLM\...\{DDE25FC9-892D-4D24-9325-3BAA5C15ACA9}) (Version: 2.0.1.4 - The Neat Company)
Neat Mobile Scanner Driver (HKLM\...\{7EA2D88A-C8B7-4102-8644-0A437B6FC143}) (Version: 2.0.1.2 - The Neat Company)
NeatConnect Scanner Driver (HKLM\...\{6895EF47-6BD8-468E-BA09-B33636C65B7C}) (Version: 2.0.2.26 - The Neat Company)
Nero12EssTSST (HKLM-x32\...\{1DEC64C1-7F34-44CD-BC35-8E0A096300CF}) (Version: 12.0.01100 - Nero AG)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.82 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.82 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6326.1010 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6326.1010 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6326.1010 - Microsoft Corporation) Hidden
Office Mix (HKLM-x32\...\{7d7a9f69-8ca1-4121-8d4d-e8ff22f6e163}) (Version: 0.1.5556.0 - Microsoft Corporation)
Office Mix 32-bit (x32 Version: 0.1.5556.0 - Microsoft) Hidden
ownCloud (HKLM-x32\...\ownCloud) (Version: 1.7.1.4382 - ownCloud)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayOn (HKLM-x32\...\{49aba847-f84d-44dd-99db-2653cf780413}) (Version: 4.0.8.13007 - MediaMall Technologies, Inc.)
PlayOn (x32 Version: 4.0.8 - MediaMall Technologies, Inc.) Hidden
PlayOn Dependencies (x32 Version: 1.0.0.0 - MediaMall Technologies, Inc.) Hidden
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Pro Surveillance System(EN) (HKLM-x32\...\{0C51C53B-2CEA-41FA-9CFA-1A402EC3E5F6}) (Version: 4.04.0 - DH)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
QuickBooks (x32 Version: 22.0.4016.2206 - Intuit Inc.) Hidden
QuickBooks File Doctor (HKLM-x32\...\{A39730D7-3C42-4F26-978B-523E808EEADB}) (Version: 3.6.1 - Intuit)
QuickBooks Premier: Retail Edition 2012 (HKLM-x32\...\{25CB69E9-6497-4901-AD72-00DC9F6ED03B}) (Version: 22.0.4016.2206 - Intuit Inc.)
QuickBooks Runtime Redistributable (HKLM\...\{F2A4F809-2DE6-4D27-888B-4D2BB8DAF20E}) (Version: 1.00.0000 - Intuit Inc.)
QuickBooks_VC10_Debug (HKLM-x32\...\{2421E8FE-AE35-493A-94F5-66307E006ECF}) (Version: 1.00.0000 - Intuit Inc.)
Quicken 2013 (HKLM-x32\...\{034DD4BB-F0D6-4ECF-B064-8E39E3EF7076}) (Version: 22.1.12.7 - Intuit)
Quicken 2015 (HKLM-x32\...\{00C2D443-43D9-4550-ABEA-318288E23E57}) (Version: 24.1.8.1 - Intuit)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7335 - Realtek Semiconductor Corp.)
Repetier-Host version 0.95F (HKLM\...\{1143F758-929B-4EEB-8784-46CCB622F037}_is1) (Version: 0.95F - repetier)
Research Wizard 4.0 (HKLM-x32\...\{D47B71EA-3842-45FC-89B4-15A18CD689F1}) (Version:  - )
RoboForm 7-9-16-7 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-16-7 - Siber Systems)
Scrivener Update (HKLM-x32\...\Scrivener 1610) (Version: 1710 - Literature and Latte)
Send To Neat (HKLM\...\{237E305C-B625-466A-88CE-1E121BF4FDB1}) (Version: 1.1.0.0 - The Neat Company)
Service Pack 1 for SQL Server 2014 (KB3058865) (64-bit) (HKLM\...\KB3058865) (Version: 12.1.4100.1 - Microsoft Corporation)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
Snagit 11 (HKLM-x32\...\{90D0FC4B-D653-4F49-BB97-A48C74A52E71}) (Version: 11.4.3 - TechSmith Corporation)
Snagit 12 (HKLM-x32\...\{4FC332FE-CBE3-4AE0-B531-35048FD81912}) (Version: 12.4.1 - TechSmith Corporation)
Sparkol Tawe (HKLM-x32\...\{C55DB134-D318-450A-9606-D43439D6705F}) (Version: 1.1.34 - Sparkol)
Sparkol VideoScribe (HKLM-x32\...\Sparkol VideoScribe 2.3.1027) (Version: 2.3.1027 - Sparkol)
Sparkol VideoScribe (x32 Version: 2.3.1027 - Sparkol) Hidden
SQL Server 2014 Client Tools (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Common Files (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Documentation Components (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Full text search (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Management Studio (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Reporting Services (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.1.4100.1 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
Stock Investor Professional (HKLM-x32\...\{6BA8FF81-C7E9-11D1-B885-444553540000}) (Version: 4.0 - AAII)
System Requirements Lab for Intel (HKLM-x32\...\{53C63F43-B827-42D9-8886-4698D91EA33B}) (Version: 4.5.15.0 - Husdawg, LLC)
Tableau 9.0 (9000.15.0506.1800) (HKLM\...\{11E70C24-DF27-4A68-B498-29FA8371A34C}) (Version: 9.0.2816 - Tableau Software)
TakeStock 2 (HKLM-x32\...\{76C78974-B5D4-4DF8-8614-8D06981050F8}) (Version: 2.0.27 - Ravi Bhavnani)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
Toolkit 6 (HKLM-x32\...\{E2E8BDDE-6F1B-4A5D-870D-2748DA79360C}) (Version:  - )
Tunatic (HKLM-x32\...\Tunatic) (Version:  - )
TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
TurboTax 2014 (HKLM-x32\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.3-3 - Wacom Technology Corp.)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.8-3 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebViewer Plugin (HKLM-x32\...\InstallShield_{2DEF112F-847B-4DC4-9FC9-97EB52E2D7FC}) (Version: 2.1.0.03 - Samsung Techwin Co., Ltd.)
WebViewer Plugin (x32 Version: 2.1.0.03 - Samsung Techwin Co., Ltd.) Hidden
WinZip 20.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EF}) (Version: 20.0.11659 - WinZip Computing, S.L. )
Wise Program Uninstaller 1.82 (HKLM-x32\...\Wise Program Uninstaller_is1) (Version: 1.82 - WiseCleaner.com, Inc.)
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-3 - Bitnami)
xBaseView DBF Viewer 10.0 (HKLM-x32\...\xBaseView DBF Viewer) (Version: 10.0 - Mutex LLC)
YNAB 4 version 4.3.820 (HKLM-x32\...\com.ynab.YNAB4.LiveCaptive_is1) (Version: 4.3.820 - YouNeedABudget.com)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-312271826-1430807147-1564925630-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\ELLIS7\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-312271826-1430807147-1564925630-1000_Classes\CLSID\{58D31640-602B-4753-AB1B-89B87EE3B2B8}\InprocServer32 -> C:\Users\ELLIS7\AppData\Local\Apps\2.0\YW0OB4NQ.9EJ\6N9Q9BYG.4N1\marketxls_c345630e3d1f4aa0_0002.0000_33a06f4da3ad1d0c\adxloader64.MarketXLS.dll ()
CustomCLSID: HKU\S-1-5-21-312271826-1430807147-1564925630-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-312271826-1430807147-1564925630-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\2759\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-312271826-1430807147-1564925630-1000_Classes\CLSID\{BD22D1CE-1AAB-47ED-9FF0-C34606E926A3}\InprocServer32 -> C:\Users\ELLIS7\AppData\Roaming\cubby\cubbyext64.dll (LogMeIn, Inc.)
CustomCLSID: HKU\S-1-5-21-312271826-1430807147-1564925630-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-312271826-1430807147-1564925630-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\ELLIS7\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-312271826-1430807147-1564925630-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-312271826-1430807147-1564925630-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-312271826-1430807147-1564925630-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\ELLIS7\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-312271826-1430807147-1564925630-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\ELLIS7\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-312271826-1430807147-1564925630-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ELLIS7\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-312271826-1430807147-1564925630-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ELLIS7\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-312271826-1430807147-1564925630-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ELLIS7\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-312271826-1430807147-1564925630-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ELLIS7\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-312271826-1430807147-1564925630-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ELLIS7\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-312271826-1430807147-1564925630-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ELLIS7\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-312271826-1430807147-1564925630-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ELLIS7\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-312271826-1430807147-1564925630-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ELLIS7\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-312271826-1430807147-1564925630-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\ELLIS7\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {04C052FC-E810-456E-8D28-13AC0760D7F6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-312271826-1430807147-1564925630-1000Core1d0bf314c593375 => C:\Users\ELLIS7\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {08E39ED9-0FB2-4BFB-82B9-EC642BDFCF25} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {0B26E7A6-63AB-40E0-A0FE-371FC644EB8C} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {0DB06084-F6CD-4EBE-A601-80701428CFF6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {0FF7BF81-5B6C-465D-A017-EDCCD8983D57} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {1D68A8CD-9984-469B-A566-22968501FACE} - \{3397F2DC-896C-4CAE-9F33-5004A911A2DE} -> No File <==== ATTENTION
Task: {24B9668A-84ED-434C-BDB2-D7EA0743C771} - \{2B1F5A5B-4404-4542-BE6C-E85C25C9C4B6} -> No File <==== ATTENTION
Task: {2F48F58C-D9C4-4F94-917A-6FD9A2F29221} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-312271826-1430807147-1564925630-1000UA => C:\Users\ELLIS7\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-06] (Dropbox, Inc.)
Task: {326178DC-0195-4A57-AB87-7EE257AE0DC4} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-11-09] (Oracle Corporation)
Task: {34B62D67-9744-4CB8-9903-6A622686425B} - \SUPERAntiSpyware Scheduled Task 11ed0e90-85df-49b4-bc9a-c9f990b32883 -> No File <==== ATTENTION
Task: {36322908-33A1-4329-8AAD-566D97CDDEC4} - \{ED306046-6CED-4949-91B9-4BB73CBAE130} -> No File <==== ATTENTION
Task: {37A0DF39-5160-4AC9-A7E2-6B3475BB551B} - \{4E56404A-80B6-4690-8520-CCD384FBF426} -> No File <==== ATTENTION
Task: {3A59D7ED-83FA-4461-9BE5-B970D9E42522} - \{D279A2C9-349C-4688-97FF-60CEAAB9EE29} -> No File <==== ATTENTION
Task: {44A9D010-2CA3-4548-9E92-8F209D0942BC} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2013-01-25] (ASUSTek Computer Inc.)
Task: {48C760E8-E52F-49C7-B5B4-3DCF44E8233A} - System32\Tasks\Google Updater and Installer => C:\Users\ELLIS7\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {4CACB576-D671-4157-A27E-948078FCE962} - \{3D704084-232B-419D-904E-BFDAF78BBB59} -> No File <==== ATTENTION
Task: {4CD1D84F-1645-4CD7-804D-4624FC1AE3CB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-312271826-1430807147-1564925630-1000UA => C:\Users\ELLIS7\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {4E6CDFE3-8460-4B4D-96AF-E38E30D1033F} - \{0A6A111D-3FBC-47E6-AA8F-B4374307E762} -> No File <==== ATTENTION
Task: {51C06B4C-6371-447F-AA75-9386CCDD5045} - System32\Tasks\TechSmith Updater => C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [2015-08-11] (TechSmith Corporation)
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {5C76C7B6-8AC5-4D23-9783-4A96FDD01C07} - System32\Tasks\Amazon Music Helper => C:\Users\ELLIS7\AppData\Local\Amazon Music\Amazon Music Helper.exe
Task: {64DFEC8D-0026-4874-A5BC-D66A623F1B97} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {68CED19D-E550-4F0B-9FCF-35FC90C3EE4E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-312271826-1430807147-1564925630-1000Core => C:\Users\ELLIS7\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {6C41908E-313B-4939-9AB6-50B0038FF77C} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-312271826-1430807147-1564925630-1000Core => C:\Users\ELLIS7\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-06] (Dropbox, Inc.)
Task: {6F91D95D-E342-4BFD-B666-D4529C83CCE5} - System32\Tasks\AdobeAAMUpdater-1.0-ELLIS7-PC-ELLIS7 => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-10-30] (Adobe Systems Incorporated)
Task: {78BFF6DD-71C8-42AC-9FF4-A8DBE3B1BDCE} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/test-pass.html?aaa=KICMJMNJIMKMKMIMPMNJCNMMHMJMKJCNLMOMOMNMCNOJOMHMJMCNOJKMHMKJGMKJKMJMOJHMMMKMJNJICMIMCNGMCNOMJMFMOMOMCNPMCNGMJMPMPMFMJMCNOMCNIMJMPMOMCNNMJNPICMOMFMEKMICNJJCKFMIMKMJMJNHICMMJBJKJLIMJJNBJCMKLDLDLGLMKIMJNKJCMJNNICMJNDJCMKJBJJNMJCMMMFMOMNMGMPMFMPMJNFICMGJLJKJBJLIGJLIGJKJMIBNKJHIKJ"
Task: {7F28856F-71CD-4A5A-BAD7-0719B6040AC5} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2015-10-08] (Siber Systems)
Task: {82A7D685-2633-4E1C-80B6-32AC80B00EBB} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-12-18] (Microsoft Corporation)
Task: {848A1B64-7E7F-4351-AA9B-30FA4606AB13} - \{BB912B0D-5873-49A6-BAE2-57AD68297F76} -> No File <==== ATTENTION
Task: {8BDA42E6-E173-4B14-9807-C85EB261133D} - System32\Tasks\G2MUploadTask-S-1-5-21-312271826-1430807147-1564925630-1000 => C:\Program Files (x86)\Citrix\GoToMeeting\4190\g2mupload.exe [2015-12-30] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {93325627-B96D-4505-B5BB-E36CDCAC2751} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2015-12-01] (Apple Inc.)
Task: {98445AD3-5443-49A7-8DA3-9269FF4DC82F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)
Task: {A46DC0F6-00A1-4D62-A5EA-0EC5CD0EC73D} - \{71B5E49C-F334-4E5C-807C-03F0766D38BB} -> No File <==== ATTENTION
Task: {A856F4AA-9A66-495F-A2F4-985B50F0E056} - System32\Tasks\MySQLNotifierTask => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1.5\MySQLNotifier.exe [2013-11-25] (Oracle Corporation)
Task: {B0130F1A-AC96-4DF1-8CF1-4773C3618F51} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-02] (Adobe Systems Incorporated)
Task: {B0881078-E323-4F71-9A29-E38D15709698} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-12-04] (Microsoft Corporation)
Task: {B410CEEF-3FD3-4A46-9EC6-4ABF1AE33299} - \{5B794BA4-FD50-4A84-9D1F-F5409C1CF20A} -> No File <==== ATTENTION
Task: {B83051BC-36FD-40B6-B084-A037D504C0E1} - \SUPERAntiSpyware Scheduled Task 0be4286c-6999-40ce-9179-937abcc76091 -> No File <==== ATTENTION
Task: {B8470951-0E8A-44D0-9153-9F583DDAE3D7} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {BAF12543-5D2D-4093-BEB2-A93C9CBC99DC} - \{06898F7A-C8E8-4162-A579-02960181C951} -> No File <==== ATTENTION
Task: {BDA2DACE-044B-44AC-A49A-9318F41709F6} - \{E5E0AA7B-D1EB-4D2C-903D-39FFCDCFF01B} -> No File <==== ATTENTION
Task: {BEE8FD67-A4EA-41C2-B1FF-C451959064CC} - \{6F911FD2-ECFB-4571-9B17-A1F4B0D2E8A4} -> No File <==== ATTENTION
Task: {C0A58C5B-46D1-4C76-AF50-2B48F3173649} - \{5A9F4367-0BA6-44AF-9D97-E185C0812DF1} -> No File <==== ATTENTION
Task: {C30AA6AE-FF90-41F9-ABE4-20D97A613676} - System32\Tasks\GoogleUpdateTaskMachineCore1d0bf3673b8ff8f => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {C487DB70-AAA4-4155-A16B-129FD67E0CF8} - System32\Tasks\G2MUpdateTask-S-1-5-21-312271826-1430807147-1564925630-1000 => C:\Program Files (x86)\Citrix\GoToMeeting\4190\g2mupdate.exe [2015-12-30] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {C8A472B7-AF6F-4725-8563-A8FF8675E470} - \{713E30B9-F4A5-4424-BC63-E7534CFA6F77} -> No File <==== ATTENTION
Task: {CD8B9602-F0F2-46BE-B2EC-995DF619BF31} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-12-04] (Microsoft Corporation)
Task: {D73051A8-450A-421A-B6AC-3A182D14C6C6} - \{CF2B4EEC-575C-4418-99B5-01FB2F4ADDFB} -> No File <==== ATTENTION
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {EB6B8DE0-3FEB-4317-907D-022C01767A6E} - \{879C2F53-8B1E-42A8-843F-B15CC3E410B0} -> No File <==== ATTENTION
Task: {F3FBE1FA-15CA-4176-BBEA-B530276356BD} - \{51305CE8-FF33-48F7-A9A9-F861E65D4888} -> No File <==== ATTENTION
Task: {F4FF5F9A-AC31-48D1-B95A-B9FA6E18E830} - \{366A67F4-32FC-41A4-BFD7-920468DF91B2} -> No File <==== ATTENTION
Task: {F65D3C96-4407-4F58-BCBB-3D4AE7217B16} - \{EE6AC3AA-D8A0-4F2A-80D5-D87C4C934A3B} -> No File <==== ATTENTION
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-312271826-1430807147-1564925630-1000Core1d0c272af1ed7b.job => C:\Users\ELLIS7\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-312271826-1430807147-1564925630-1000UA.job => C:\Users\ELLIS7\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-312271826-1430807147-1564925630-1000.job => C:\Program Files (x86)\Citrix\GoToMeeting\4190\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-312271826-1430807147-1564925630-1000.job => C:\Program Files (x86)\Citrix\GoToMeeting\4190\g2mupload.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bf3673b8ff8f.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1475e64c64e67.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-312271826-1430807147-1564925630-1000Core.job => C:\Users\ELLIS7\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-312271826-1430807147-1564925630-1000Core1d0bf314c593375.job => C:\Users\ELLIS7\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-312271826-1430807147-1564925630-1000UA.job => C:\Users\ELLIS7\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\TechSmith Updater.job => C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2014-09-08 17:42 - 2013-11-14 03:05 - 00054784 _____ () C:\Windows\System32\sdtnpm.dll
2015-05-15 15:26 - 2015-05-15 15:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 04:45 - 2015-10-13 04:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-06-25 09:13 - 2013-05-07 14:45 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2015-12-05 19:16 - 2015-12-04 03:52 - 00162472 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2014-05-06 12:04 - 2014-05-06 12:04 - 12941824 _____ () C:\Program Files (x86)\Canon\Easy-WebPrint EX\bin\mysqld.exe
2014-12-17 06:44 - 2014-12-17 06:44 - 00059904 _____ () C:\Program Files (x86)\ownCloud\shellext\OCUtil_x64.dll
2015-08-26 02:44 - 2015-08-26 02:44 - 00055576 _____ () C:\Program Files\CCleaner\branding.dll
2013-09-11 04:53 - 2015-08-06 19:44 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-06-25 09:13 - 2016-01-11 16:09 - 00028160 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2014-06-25 09:13 - 2012-05-07 11:04 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2015-10-13 04:46 - 2015-10-13 04:46 - 01040144 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-05-15 15:27 - 2015-05-15 15:27 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 04:45 - 2015-10-13 04:45 - 00237328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2014-04-03 16:48 - 2014-04-03 16:48 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-04-01 18:08 - 2014-04-01 18:08 - 00244736 _____ () C:\Program Files (x86)\ATT\8.4.1.12\ma\node_modules\motive-activex-wrapper\build\Release\NodeActiveXWrapper.node
2014-04-01 18:08 - 2014-04-01 18:08 - 00271360 _____ () C:\Program Files (x86)\ATT\8.4.1.12\ma\node_modules\motive-osbridge\build\Release\MotiveOSBridgeNodeModule.node
2014-04-01 18:08 - 2014-04-01 18:08 - 00237056 _____ () C:\Program Files (x86)\ATT\8.4.1.12\ma\node_modules\motive-xmpps\build\Release\MotiveXMPPSNode.node
2013-04-24 08:55 - 2013-04-24 08:55 - 01581056 _____ () C:\Program Files (x86)\ATT\8.4.1.12\ma\node_modules\libxmljs\build\Release\xmljs.node
2013-04-18 17:55 - 2013-04-18 17:55 - 00068608 _____ () C:\Program Files (x86)\ATT\8.4.1.12\ma\node_modules\dnode\node_modules\weak\build\Release\weakref.node
2016-01-04 21:11 - 2015-12-10 22:54 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll
2016-01-04 21:11 - 2015-12-10 22:54 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll
2015-06-16 15:50 - 2015-06-16 15:50 - 04710400 ____R () C:\Program Files (x86)\TechSmith\Snagit 12\PDFNetC.dll
2015-06-16 15:50 - 2015-06-16 15:50 - 02099200 _____ () C:\Program Files (x86)\TechSmith\Snagit 12\opencv_core249.dll
2015-06-16 15:50 - 2015-06-16 15:50 - 01914368 _____ () C:\Program Files (x86)\TechSmith\Snagit 12\opencv_imgproc249.dll
2016-01-04 22:51 - 2015-12-24 07:46 - 16792256 _____ () C:\Users\ELLIS7\AppData\Local\Google\Chrome\User Data\PepperFlash\20.0.0.267\pepflashplayer.dll
2015-06-06 17:26 - 2015-06-06 17:26 - 00593920 _____ () C:\Users\ELLIS7\AppData\Local\Apps\2.0\YW0OB4NQ.9EJ\6N9Q9BYG.4N1\marketxls_c345630e3d1f4aa0_0002.0000_33a06f4da3ad1d0c\adxloader.MarketXLS.dll
2015-10-23 19:00 - 2015-10-23 19:00 - 00586240 _____ () C:\Program Files\WinZip\adxloader.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns1
AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns2
AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns3
AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns4
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2015-09-04 17:41 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1       localhost
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-312271826-1430807147-1564925630-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.1.254 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: SBAMSvc => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Intuit Data Protect.lnk => C:\Windows\pss\Intuit Data Protect.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SoftwareUpdater.lnk => C:\Windows\pss\SoftwareUpdater.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^ELLIS7^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Send to OneNote.lnk => C:\Windows\pss\Send to OneNote.lnk.Startup
MSCONFIG\startupreg: AppleIEDAV => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: GoogleChromeAutoLaunch_336ADEA2984D967F8E6E6EDE8C033298 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: GoogleChromeAutoLaunch_93854D7DDE0EE5A3DCFE2D149EF5A464 => "C:\Users\ELLIS7\AppData\Local\Google\Chrome SxS\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: iCloudDrive => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: MySQL Notifier => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1.5\MySqlNotifier.exe
MSCONFIG\startupreg: ownCloud => C:\Program Files (x86)\ownCloud\owncloud.exe
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: SkyDrive => "C:\Users\ELLIS7\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{01156826-22F3-45E6-BE84-4D7262F07F6E}] => (Allow) C:\Program Files (x86)\MediaMall\MediaMallServer.exe
FirewallRules: [{D9CEB60C-335C-4469-A05A-1F20E2DCD393}] => (Allow) C:\Program Files (x86)\MediaMall\SettingsManager.exe
FirewallRules: [{47940856-759C-4B94-BA3A-4FA48656CB95}] => (Allow) C:\Program Files (x86)\MediaMall\PlayOn.exe
FirewallRules: [{92BC2F09-3114-4AAB-8373-46590C666B50}] => (Allow) C:\Program Files (x86)\MediaMall\PlayMark.exe
FirewallRules: [{FA3B9C84-16A2-4423-8627-CE645E0A4261}] => (Allow) C:\Program Files (x86)\MediaMall\Surfer.exe
 
==================== Restore Points =========================
 
05-01-2016 21:24:28 Windows Update
09-01-2016 15:22:13 Windows Update
10-01-2016 19:00:26 Windows Backup
11-01-2016 17:11:39 JRT Pre-Junkware Removal
 
==================== Faulty Device Manager Devices =============
 
Name: USB Mass Storage Device
Description: USB Mass Storage Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Compatible USB storage device
Service: USBSTOR
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/12/2016 11:01:00 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (01/12/2016 11:01:00 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (01/12/2016 08:26:57 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program EXCEL.EXE version 16.0.6366.2036 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1108
 
Start Time: 01d14d37de1ce1a1
 
Termination Time: 0
 
Application Path: C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE
 
Report Id: 1cc3c2ab-b930-11e5-ac5b-6c71d99492e9
 
Error: (01/12/2016 08:04:37 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (01/12/2016 05:57:28 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418220
 
Error: (01/11/2016 05:22:02 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (01/11/2016 04:10:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Pen_Tablet.exe, version: 5.3.3.3, time stamp: 0x52d4123e
Faulting module name: Pen_Tablet.exe, version: 5.3.3.3, time stamp: 0x52d4123e
Exception code: 0xc0000005
Fault offset: 0x000000000019b9f3
Faulting process id: 0x211c
Faulting application start time: 0xPen_Tablet.exe0
Faulting application path: Pen_Tablet.exe1
Faulting module path: Pen_Tablet.exe2
Report Id: Pen_Tablet.exe3
 
Error: (01/11/2016 04:10:12 PM) (Source: Report Server Windows Service (MSSQLSERVER)) (EventID: 107) (User: )
Description: Report Server Windows Service (MSSQLSERVER) cannot connect to the report server database.
 
Error: (01/11/2016 04:07:42 PM) (Source: Report Server Windows Service (MSSQLSERVER)) (EventID: 107) (User: )
Description: Report Server Windows Service (MSSQLSERVER) cannot connect to the report server database.
 
Error: (01/11/2016 04:01:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Pen_Tablet.exe, version: 5.3.3.3, time stamp: 0x52d4123e
Faulting module name: Pen_Tablet.exe, version: 5.3.3.3, time stamp: 0x52d4123e
Exception code: 0xc0000005
Fault offset: 0x000000000019b9f3
Faulting process id: 0x1ecc
Faulting application start time: 0xPen_Tablet.exe0
Faulting application path: Pen_Tablet.exe1
Faulting module path: Pen_Tablet.exe2
Report Id: Pen_Tablet.exe3
 
 
System errors:
=============
Error: (01/12/2016 11:31:09 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (01/12/2016 11:31:05 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)
 
Error: (01/12/2016 11:21:09 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (01/12/2016 11:21:05 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)
 
Error: (01/12/2016 11:11:09 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (01/12/2016 11:11:05 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)
 
Error: (01/12/2016 11:01:09 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (01/12/2016 11:01:05 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)
 
Error: (01/12/2016 10:51:09 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (01/12/2016 10:51:05 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)
 
 
CodeIntegrity:
===================================
  Date: 2016-01-12 11:28:06.253
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-01-12 10:11:55.557
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-01-12 09:24:46.429
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-01-12 08:32:55.422
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-01-12 07:59:37.782
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-01-12 07:53:32.746
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-01-12 05:23:37.667
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-01-12 01:26:01.209
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-01-12 00:56:11.922
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-01-12 00:26:41.433
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4770K CPU @ 3.50GHz
Percentage of memory in use: 52%
Total physical RAM: 16322.71 MB
Available physical RAM: 7706.5 MB
Total Virtual: 32643.64 MB
Available Virtual: 23048.21 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:1862.92 GB) (Free:1468.29 GB) NTFS
Drive e: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS
Drive f: (WD) (Fixed) (Total:1863.01 GB) (Free:147.45 GB) NTFS
Drive g: (UltraPlusPAK) (Fixed) (Total:298.09 GB) (Free:209.25 GB) NTFS
Drive h: () (Fixed) (Total:931.41 GB) (Free:489.82 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 94DAE6A9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 4DEF95C1)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: 00034CA4)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
 
========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 298.1 GB) (Disk ID: 62231050)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================
 
Any help will be appreciated.
 

Attached Files



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 40,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:16 PM

Posted 14 January 2016 - 11:18 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:
CMD: ipconfig /flushdns
CMD: ipconfig /release
CMD: ipconfig /renew

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-312271826-1430807147-1564925630-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
Toolbar: HKU\S-1-5-21-312271826-1430807147-1564925630-1000 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  No File
Toolbar: HKU\S-1-5-21-312271826-1430807147-1564925630-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
FF HKU\S-1-5-21-312271826-1430807147-1564925630-1000\...\Firefox\Extensions: [{3f34ed98-04e6-4252-9646-d930abe8bd3b}] - C:\Program Files (x86)\findAdeal\135.xpi => not found
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-09-17] <==== ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [lggaaajacmlhgbpldaboipiinndchjgm] - C:\Program Files (x86)\MediaMall\toolbar\ce.crx <not found>
CHR Extension: (SIP Caller click to call) - C:\Users\ELLIS7\AppData\Local\Google\Chrome\User Data\Default\Extensions\ceiljlhenjgjmffkmfccjoehdpppcgfg [2016-01-05]
R4 IOMap; C:\Windows\SysWOW64\drivers\IOMap64.sys [0 2013-11-26] () <==== ATTENTION (zero byte File/Folder)
S4 LMIRfsClientNP; no ImagePath
CustomCLSID: HKU\S-1-5-21-312271826-1430807147-1564925630-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-312271826-1430807147-1564925630-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> no filepath
Task: {1D68A8CD-9984-469B-A566-22968501FACE} - \{3397F2DC-896C-4CAE-9F33-5004A911A2DE} -> No File <==== ATTENTION
Task: {24B9668A-84ED-434C-BDB2-D7EA0743C771} - \{2B1F5A5B-4404-4542-BE6C-E85C25C9C4B6} -> No File <==== ATTENTION
Task: {34B62D67-9744-4CB8-9903-6A622686425B} - \SUPERAntiSpyware Scheduled Task 11ed0e90-85df-49b4-bc9a-c9f990b32883 -> No File <==== ATTENTION
Task: {36322908-33A1-4329-8AAD-566D97CDDEC4} - \{ED306046-6CED-4949-91B9-4BB73CBAE130} -> No File <==== ATTENTION
Task: {37A0DF39-5160-4AC9-A7E2-6B3475BB551B} - \{4E56404A-80B6-4690-8520-CCD384FBF426} -> No File <==== ATTENTION
Task: {3A59D7ED-83FA-4461-9BE5-B970D9E42522} - \{D279A2C9-349C-4688-97FF-60CEAAB9EE29} -> No File <==== ATTENTION
Task: {4CACB576-D671-4157-A27E-948078FCE962} - \{3D704084-232B-419D-904E-BFDAF78BBB59} -> No File <==== ATTENTION
Task: {4E6CDFE3-8460-4B4D-96AF-E38E30D1033F} - \{0A6A111D-3FBC-47E6-AA8F-B4374307E762} -> No File <==== ATTENTION
Task: {848A1B64-7E7F-4351-AA9B-30FA4606AB13} - \{BB912B0D-5873-49A6-BAE2-57AD68297F76} -> No File <==== ATTENTION
Task: {A46DC0F6-00A1-4D62-A5EA-0EC5CD0EC73D} - \{71B5E49C-F334-4E5C-807C-03F0766D38BB} -> No File <==== ATTENTION
Task: {B410CEEF-3FD3-4A46-9EC6-4ABF1AE33299} - \{5B794BA4-FD50-4A84-9D1F-F5409C1CF20A} -> No File <==== ATTENTION
Task: {B83051BC-36FD-40B6-B084-A037D504C0E1} - \SUPERAntiSpyware Scheduled Task 0be4286c-6999-40ce-9179-937abcc76091 -> No File <==== ATTENTION
Task: {BAF12543-5D2D-4093-BEB2-A93C9CBC99DC} - \{06898F7A-C8E8-4162-A579-02960181C951} -> No File <==== ATTENTION
Task: {BDA2DACE-044B-44AC-A49A-9318F41709F6} - \{E5E0AA7B-D1EB-4D2C-903D-39FFCDCFF01B} -> No File <==== ATTENTION
Task: {BEE8FD67-A4EA-41C2-B1FF-C451959064CC} - \{6F911FD2-ECFB-4571-9B17-A1F4B0D2E8A4} -> No File <==== ATTENTION
Task: {C0A58C5B-46D1-4C76-AF50-2B48F3173649} - \{5A9F4367-0BA6-44AF-9D97-E185C0812DF1} -> No File <==== ATTENTION
Task: {C8A472B7-AF6F-4725-8563-A8FF8675E470} - \{713E30B9-F4A5-4424-BC63-E7534CFA6F77} -> No File <==== ATTENTION
Task: {D73051A8-450A-421A-B6AC-3A182D14C6C6} - \{CF2B4EEC-575C-4418-99B5-01FB2F4ADDFB} -> No File <==== ATTENTION
Task: {EB6B8DE0-3FEB-4317-907D-022C01767A6E} - \{879C2F53-8B1E-42A8-843F-B15CC3E410B0} -> No File <==== ATTENTION
Task: {F3FBE1FA-15CA-4176-BBEA-B530276356BD} - \{51305CE8-FF33-48F7-A9A9-F861E65D4888} -> No File <==== ATTENTION
Task: {F4FF5F9A-AC31-48D1-B95A-B9FA6E18E830} - \{366A67F4-32FC-41A4-BFD7-920468DF91B2} -> No File <==== ATTENTION
Task: {F65D3C96-4407-4F58-BCBB-3D4AE7217B16} - \{EE6AC3AA-D8A0-4F2A-80D5-D87C4C934A3B} -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns1
AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns2
AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns3
AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns4
C:\Windows\SysWOW64\drivers\IOMap64.sys
C:\Users\ELLIS7\AppData\Local\Google\Chrome\User Data\Default\Extensions\ceiljlhenjgjmffkmfccjoehdpppcgfg
End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Remove these old versions of Java via the Control Panel > Programs and Features applet.

Java 7 Update 79 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417079FF}) (Version: 7.0.790 - Oracle)
Java 7 Update 79 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217079FF}) (Version: 7.0.790 - Oracle)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)

Keep the latest version
Java 8 Update 66

Please post the Fixlog.txt file and let me know what problem persists.

#3 nasdaq

nasdaq

  • Malware Response Team
  • 40,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:16 PM

Posted 19 January 2016 - 11:17 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

#4 nasdaq

nasdaq

  • Malware Response Team
  • 40,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:16 PM

Posted 19 January 2016 - 03:31 PM

The topic is opened.

#5 ETraub

ETraub

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:16 PM

Posted 20 January 2016 - 04:00 AM

I wasn't able to post a fix log to my topic soon enough, so it was closed. I asked the Moderator to open it and he did and asked me to post the latest Fixlog.txt to the forum. I have tried in vain to do so and am told that I do not have permission to post to that log. My username is ETraub (nickname is Ellis_T). The Forum is this forum. And the topic is "Familiar Issue:Malwarebytes perpetually blocks outbound viruses." The Moderator is nasdaq. 

 

I'm frustrated because I've done what I was asked and can't post it. 

 

Here is the result of what he wanted me to post. Perhaps someone can transfer this somewhere where it belongs and let me know how to proceed.

 

TIA

 

Fix result of Farbar Recovery Scan Tool (x64) Version:10-01-2015 01
Ran by ELLIS7 (2016-01-19 15:45:56) Run:1
Running from C:\Users\ELLIS7\Downloads
Loaded Profiles: ELLIS7 & ReportServer & MSSQLFDLauncher & MSSQLSERVER (Available Profiles: ELLIS7 & Admin & ReportServer & MSSQLFDLauncher & MSSQLSERVER)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
start
 
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
CMD: ipconfig /flushdns
CMD: ipconfig /release
CMD: ipconfig /renew
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-312271826-1430807147-1564925630-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
Toolbar: HKU\S-1-5-21-312271826-1430807147-1564925630-1000 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  No File
Toolbar: HKU\S-1-5-21-312271826-1430807147-1564925630-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
FF HKU\S-1-5-21-312271826-1430807147-1564925630-1000\...\Firefox\Extensions: [{3f34ed98-04e6-4252-9646-d930abe8bd3b}] - C:\Program Files (x86)\findAdeal\135.xpi => not found
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-09-17] <==== ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [lggaaajacmlhgbpldaboipiinndchjgm] - C:\Program Files (x86)\MediaMall\toolbar\ce.crx <not found>
CHR Extension: (SIP Caller click to call) - C:\Users\ELLIS7\AppData\Local\Google\Chrome\User Data\Default\Extensions\ceiljlhenjgjmffkmfccjoehdpppcgfg [2016-01-05]
R4 IOMap; C:\Windows\SysWOW64\drivers\IOMap64.sys [0 2013-11-26] () <==== ATTENTION (zero byte File/Folder)
S4 LMIRfsClientNP; no ImagePath
CustomCLSID: HKU\S-1-5-21-312271826-1430807147-1564925630-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-312271826-1430807147-1564925630-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> no filepath
Task: {1D68A8CD-9984-469B-A566-22968501FACE} - \{3397F2DC-896C-4CAE-9F33-5004A911A2DE} -> No File <==== ATTENTION
Task: {24B9668A-84ED-434C-BDB2-D7EA0743C771} - \{2B1F5A5B-4404-4542-BE6C-E85C25C9C4B6} -> No File <==== ATTENTION
Task: {34B62D67-9744-4CB8-9903-6A622686425B} - \SUPERAntiSpyware Scheduled Task 11ed0e90-85df-49b4-bc9a-c9f990b32883 -> No File <==== ATTENTION
Task: {36322908-33A1-4329-8AAD-566D97CDDEC4} - \{ED306046-6CED-4949-91B9-4BB73CBAE130} -> No File <==== ATTENTION
Task: {37A0DF39-5160-4AC9-A7E2-6B3475BB551B} - \{4E56404A-80B6-4690-8520-CCD384FBF426} -> No File <==== ATTENTION
Task: {3A59D7ED-83FA-4461-9BE5-B970D9E42522} - \{D279A2C9-349C-4688-97FF-60CEAAB9EE29} -> No File <==== ATTENTION
Task: {4CACB576-D671-4157-A27E-948078FCE962} - \{3D704084-232B-419D-904E-BFDAF78BBB59} -> No File <==== ATTENTION
Task: {4E6CDFE3-8460-4B4D-96AF-E38E30D1033F} - \{0A6A111D-3FBC-47E6-AA8F-B4374307E762} -> No File <==== ATTENTION
Task: {848A1B64-7E7F-4351-AA9B-30FA4606AB13} - \{BB912B0D-5873-49A6-BAE2-57AD68297F76} -> No File <==== ATTENTION
Task: {A46DC0F6-00A1-4D62-A5EA-0EC5CD0EC73D} - \{71B5E49C-F334-4E5C-807C-03F0766D38BB} -> No File <==== ATTENTION
Task: {B410CEEF-3FD3-4A46-9EC6-4ABF1AE33299} - \{5B794BA4-FD50-4A84-9D1F-F5409C1CF20A} -> No File <==== ATTENTION
Task: {B83051BC-36FD-40B6-B084-A037D504C0E1} - \SUPERAntiSpyware Scheduled Task 0be4286c-6999-40ce-9179-937abcc76091 -> No File <==== ATTENTION
Task: {BAF12543-5D2D-4093-BEB2-A93C9CBC99DC} - \{06898F7A-C8E8-4162-A579-02960181C951} -> No File <==== ATTENTION
Task: {BDA2DACE-044B-44AC-A49A-9318F41709F6} - \{E5E0AA7B-D1EB-4D2C-903D-39FFCDCFF01B} -> No File <==== ATTENTION
Task: {BEE8FD67-A4EA-41C2-B1FF-C451959064CC} - \{6F911FD2-ECFB-4571-9B17-A1F4B0D2E8A4} -> No File <==== ATTENTION
Task: {C0A58C5B-46D1-4C76-AF50-2B48F3173649} - \{5A9F4367-0BA6-44AF-9D97-E185C0812DF1} -> No File <==== ATTENTION
Task: {C8A472B7-AF6F-4725-8563-A8FF8675E470} - \{713E30B9-F4A5-4424-BC63-E7534CFA6F77} -> No File <==== ATTENTION
Task: {D73051A8-450A-421A-B6AC-3A182D14C6C6} - \{CF2B4EEC-575C-4418-99B5-01FB2F4ADDFB} -> No File <==== ATTENTION
Task: {EB6B8DE0-3FEB-4317-907D-022C01767A6E} - \{879C2F53-8B1E-42A8-843F-B15CC3E410B0} -> No File <==== ATTENTION
Task: {F3FBE1FA-15CA-4176-BBEA-B530276356BD} - \{51305CE8-FF33-48F7-A9A9-F861E65D4888} -> No File <==== ATTENTION
Task: {F4FF5F9A-AC31-48D1-B95A-B9FA6E18E830} - \{366A67F4-32FC-41A4-BFD7-920468DF91B2} -> No File <==== ATTENTION
Task: {F65D3C96-4407-4F58-BCBB-3D4AE7217B16} - \{EE6AC3AA-D8A0-4F2A-80D5-D87C4C934A3B} -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns1
AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns2
AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns3
AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns4
C:\Windows\SysWOW64\drivers\IOMap64.sys
C:\Users\ELLIS7\AppData\Local\Google\Chrome\User Data\Default\Extensions\ceiljlhenjgjmffkmfccjoehdpppcgfg
End
*****************
 
Restore point was successfully created.
Processes closed successfully.
 
=========  ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
 
=========  ipconfig /release =========
 
 
Windows IP Configuration
 
No operation can be performed on Bluetooth Network Connection 2 while it has its media disconnected.
 
Ethernet adapter Bluetooth Network Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : 
   Link-local IPv6 Address . . . . . : fe80::ecc7:efd8:4a43:bdc0%10
   Default Gateway . . . . . . . . . : 
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : 
   Link-local IPv6 Address . . . . . : fe80::8ee:a1b7:5c69:76f9%9
   Default Gateway . . . . . . . . . : 
 
Tunnel adapter Local Area Connection* 13:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter isatap.attlocal.net:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter isatap.{2A3809E8-5C15-4768-B1D9-CEEFE05F2B0B}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
========= End of CMD: =========
 
 
=========  ipconfig /renew =========
 
 
Windows IP Configuration
 
No operation can be performed on Bluetooth Network Connection 2 while it has its media disconnected.
 
Ethernet adapter Bluetooth Network Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : attlocal.net
   Link-local IPv6 Address . . . . . : fe80::ecc7:efd8:4a43:bdc0%10
   IPv4 Address. . . . . . . . . . . : 192.168.1.95
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.254
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : attlocal.net
   Link-local IPv6 Address . . . . . : fe80::8ee:a1b7:5c69:76f9%9
   IPv4 Address. . . . . . . . . . . : 192.168.1.87
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.254
 
Tunnel adapter Local Area Connection* 13:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter isatap.attlocal.net:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : attlocal.net
 
Tunnel adapter isatap.{2A3809E8-5C15-4768-B1D9-CEEFE05F2B0B}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
========= End of CMD: =========
 
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-312271826-1430807147-1564925630-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\S-1-5-21-312271826-1430807147-1564925630-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} => value removed successfully
HKCR\CLSID\{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} => key not found. 
HKU\S-1-5-21-312271826-1430807147-1564925630-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => value removed successfully
HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => key not found. 
HKU\S-1-5-21-312271826-1430807147-1564925630-1000\Software\Mozilla\Firefox\Extensions\\{3f34ed98-04e6-4252-9646-d930abe8bd3b} => value removed successfully
C:\Program Files (x86)\mozilla firefox\firefox.cfg => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lggaaajacmlhgbpldaboipiinndchjgm" => key removed successfully
C:\Users\ELLIS7\AppData\Local\Google\Chrome\User Data\Default\Extensions\ceiljlhenjgjmffkmfccjoehdpppcgfg => moved successfully
IOMap => Unable to stop service.
IOMap => service could not remove
LMIRfsClientNP => service removed successfully
"HKU\S-1-5-21-312271826-1430807147-1564925630-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}" => key removed successfully
"HKU\S-1-5-21-312271826-1430807147-1564925630-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1D68A8CD-9984-469B-A566-22968501FACE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D68A8CD-9984-469B-A566-22968501FACE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3397F2DC-896C-4CAE-9F33-5004A911A2DE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{24B9668A-84ED-434C-BDB2-D7EA0743C771}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24B9668A-84ED-434C-BDB2-D7EA0743C771}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2B1F5A5B-4404-4542-BE6C-E85C25C9C4B6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{34B62D67-9744-4CB8-9903-6A622686425B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{34B62D67-9744-4CB8-9903-6A622686425B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SUPERAntiSpyware Scheduled Task 11ed0e90-85df-49b4-bc9a-c9f990b32883" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{36322908-33A1-4329-8AAD-566D97CDDEC4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{36322908-33A1-4329-8AAD-566D97CDDEC4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{ED306046-6CED-4949-91B9-4BB73CBAE130}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{37A0DF39-5160-4AC9-A7E2-6B3475BB551B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{37A0DF39-5160-4AC9-A7E2-6B3475BB551B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4E56404A-80B6-4690-8520-CCD384FBF426}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3A59D7ED-83FA-4461-9BE5-B970D9E42522}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3A59D7ED-83FA-4461-9BE5-B970D9E42522}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D279A2C9-349C-4688-97FF-60CEAAB9EE29}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4CACB576-D671-4157-A27E-948078FCE962}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4CACB576-D671-4157-A27E-948078FCE962}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3D704084-232B-419D-904E-BFDAF78BBB59}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4E6CDFE3-8460-4B4D-96AF-E38E30D1033F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4E6CDFE3-8460-4B4D-96AF-E38E30D1033F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0A6A111D-3FBC-47E6-AA8F-B4374307E762}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{848A1B64-7E7F-4351-AA9B-30FA4606AB13}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{848A1B64-7E7F-4351-AA9B-30FA4606AB13}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BB912B0D-5873-49A6-BAE2-57AD68297F76}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A46DC0F6-00A1-4D62-A5EA-0EC5CD0EC73D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A46DC0F6-00A1-4D62-A5EA-0EC5CD0EC73D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{71B5E49C-F334-4E5C-807C-03F0766D38BB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B410CEEF-3FD3-4A46-9EC6-4ABF1AE33299}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B410CEEF-3FD3-4A46-9EC6-4ABF1AE33299}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5B794BA4-FD50-4A84-9D1F-F5409C1CF20A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B83051BC-36FD-40B6-B084-A037D504C0E1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B83051BC-36FD-40B6-B084-A037D504C0E1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SUPERAntiSpyware Scheduled Task 0be4286c-6999-40ce-9179-937abcc76091" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BAF12543-5D2D-4093-BEB2-A93C9CBC99DC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BAF12543-5D2D-4093-BEB2-A93C9CBC99DC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{06898F7A-C8E8-4162-A579-02960181C951}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BDA2DACE-044B-44AC-A49A-9318F41709F6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BDA2DACE-044B-44AC-A49A-9318F41709F6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E5E0AA7B-D1EB-4D2C-903D-39FFCDCFF01B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BEE8FD67-A4EA-41C2-B1FF-C451959064CC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BEE8FD67-A4EA-41C2-B1FF-C451959064CC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6F911FD2-ECFB-4571-9B17-A1F4B0D2E8A4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C0A58C5B-46D1-4C76-AF50-2B48F3173649}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C0A58C5B-46D1-4C76-AF50-2B48F3173649}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5A9F4367-0BA6-44AF-9D97-E185C0812DF1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C8A472B7-AF6F-4725-8563-A8FF8675E470}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8A472B7-AF6F-4725-8563-A8FF8675E470}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{713E30B9-F4A5-4424-BC63-E7534CFA6F77}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D73051A8-450A-421A-B6AC-3A182D14C6C6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D73051A8-450A-421A-B6AC-3A182D14C6C6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CF2B4EEC-575C-4418-99B5-01FB2F4ADDFB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EB6B8DE0-3FEB-4317-907D-022C01767A6E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB6B8DE0-3FEB-4317-907D-022C01767A6E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{879C2F53-8B1E-42A8-843F-B15CC3E410B0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3FBE1FA-15CA-4176-BBEA-B530276356BD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3FBE1FA-15CA-4176-BBEA-B530276356BD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{51305CE8-FF33-48F7-A9A9-F861E65D4888}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F4FF5F9A-AC31-48D1-B95A-B9FA6E18E830}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F4FF5F9A-AC31-48D1-B95A-B9FA6E18E830}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{366A67F4-32FC-41A4-BFD7-920468DF91B2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F65D3C96-4407-4F58-BCBB-3D4AE7217B16}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F65D3C96-4407-4F58-BCBB-3D4AE7217B16}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{EE6AC3AA-D8A0-4F2A-80D5-D87C4C934A3B}" => key removed successfully
C:\ProgramData\Nalpeiron => ":user.ns1" ADS removed successfully.
C:\ProgramData\Nalpeiron => ":user.ns2" ADS removed successfully.
C:\ProgramData\Nalpeiron => ":user.ns3" ADS removed successfully.
C:\ProgramData\Nalpeiron => ":user.ns4" ADS removed successfully.
C:\Windows\SysWOW64\drivers\IOMap64.sys => moved successfully
"C:\Users\ELLIS7\AppData\Local\Google\Chrome\User Data\Default\Extensions\ceiljlhenjgjmffkmfccjoehdpppcgfg" => not found.
EmptyTemp: => 122.3 MB temporary data Removed.
 
 
The system needed a reboot.
 
==== End of Fixlog 15:47:39 ====

 



#6 nasdaq

nasdaq

  • Malware Response Team
  • 40,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:16 PM

Posted 20 January 2016 - 10:35 AM

ETraub

I have merged your topic.

What problem persists with this computer?

#7 nasdaq

nasdaq

  • Malware Response Team
  • 40,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:16 PM

Posted 26 January 2016 - 08:41 AM

Are you still with me?

#8 nasdaq

nasdaq

  • Malware Response Team
  • 40,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:16 PM

Posted 01 February 2016 - 08:45 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users