Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware blocking SItes such as PayPal and Bleeping Computer


  • This topic is locked This topic is locked
54 replies to this topic

#1 fasteddyktm

fasteddyktm

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:04:14 AM

Posted 20 January 2016 - 11:25 AM

   My browsers (Opera Edge and Chrome) on my PC cannot connect to PayPal, Gmail is slow, I am able to connect with my laptop, tablet, smartphone wifes PC etc all on the same network. I am using my laptop to send this as the PC was blocked from uploading the Additions.txt file? I have looked at internet settings, Flushed the DNS, reset winsock etc with no luck, I have been messing a bit with Kodi lately and have downloaded a few files that might be an issue, one being sopcast. I hope someone can help.   

 

Thanks

 

Ed..

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-01-2016
Ran by fasteddy (administrator) on PC64BIT (20-01-2016 10:40:00)
Running from C:\Users\fasteddy\Downloads
Loaded Profiles: fasteddy (Available Profiles: fasteddy)
Platform: Windows 10 Pro Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
() C:\Program Files (x86)\ELOG\elogd.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(TechSmith Corporation) C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILAE.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 12\Snagit32.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 12\SnagPriv.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 12\TscHelp.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 12\SnagitEditor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1512.54020.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1804616 2015-11-27] (NVIDIA Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe_ID0ENQBO] => C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe [378224 2008-08-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24952456 2015-12-08] (Dropbox, Inc.)
HKU\S-1-5-21-836043816-1783305695-3436958112-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22790776 2015-11-04] (Google)
HKU\S-1-5-21-836043816-1783305695-3436958112-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILAE.EXE [307280 2015-11-18] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-836043816-1783305695-3436958112-1001\...\Run: [GoogleChromeAutoLaunch_1814C532EEB499C790819406F1F86FE0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [748360 2016-01-12] (Google Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 12.lnk [2015-09-15]
ShortcutTarget: Snagit 12.lnk -> C:\Program Files (x86)\TechSmith\Snagit 12\Snagit32.exe (TechSmith Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 192.168.11.1
Tcpip\..\Interfaces\{242734fe-2f77-46f2-949d-38ff08e2301a}: [DhcpNameServer] 192.168.11.1
Tcpip\..\Interfaces\{6c4aad13-64ac-4077-b959-ad40a60d7df1}: [DhcpNameServer] 192.168.43.1
 
Internet Explorer:
==================
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-09-10] (Adobe Systems Incorporated.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-09-10] (Adobe Systems Incorporated.)
 
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-29] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-29] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/ig
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxps://www.livelaps.com/","hxxp://www.speedtest.net/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll => No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Profile: C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Floorplanner) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\abopacaefhbognnmeigicfpgnmpideag [2015-08-03]
CHR Extension: (Lucidchart Diagrams - Online) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apboafhkiegglekeafbckfjldecefkhn [2016-01-19]
CHR Extension: (Google Drive) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (MindMeister) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdehgigffdnkjpaindemkaniebfaepjm [2016-01-07]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-08-03]
CHR Extension: (Gliffy Diagrams) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmicilclplefnflapjmnngmkkkkpfad [2015-08-03]
CHR Extension: (YouTube) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-30]
CHR Extension: (Smartsheet Project Management) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cindmhdfkimaeggbebfjkmkdfiohldbm [2015-08-03]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2016-01-19]
CHR Extension: (Google Search) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Category Tabs for Google Keep™) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlahcjmefibiedeecoegjilekaebchhl [2015-12-09]
CHR Extension: (Gmail Offline) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2015-08-03]
CHR Extension: (Google Calendar) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2015-10-14]
CHR Extension: (Conclave) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcakebalijmchimjjkbjjfiicjddofib [2015-08-03]
CHR Extension: (Full Screen Weather) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg [2015-08-03]
CHR Extension: (Google Docs Offline) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2016-01-19]
CHR Extension: (Avast Online Security) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-02]
CHR Extension: (Google Keep) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcfcmgpnmpinpidjdgejehjchlbglpde [2015-11-02]
CHR Extension: (NinjaMock) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgiegfdifagakbonggdpbnkgallhjadj [2015-08-03]
CHR Extension: (Kindle Cloud Reader) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2015-08-03]
CHR Extension: (Panel View for Keep) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb [2015-11-02]
CHR Extension: (The Brain Shaker) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jffonbajomllfeoikanfboknplfhgapk [2015-08-03]
CHR Extension: (Blackball Pool) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjkhefodfbgjpcmahghmfggbcpjabnag [2015-08-03]
CHR Extension: (Conceptboard) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnacnlekfaehkfdbkohnhpmdagnfaeio [2015-08-03]
CHR Extension: (Cloud Caster - cloud based podcast player) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfmpmohmkfjakbneilaohmnadpmldna [2015-08-07]
CHR Extension: (BB10 / PlayBook App Manager) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmbaalodpmjjhpobkgljnelbpblnikkp [2015-08-03]
CHR Extension: (Wave Accounting) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\knpkfcpnjfbniadmfchjpcigfhookhaa [2015-08-03]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-08-03]
CHR Extension: (Capture Webpage Screenshot Entirely. FireShot) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2015-12-06]
CHR Extension: (Ghostery) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-12-30]
CHR Extension: (Mobincube - FREE smartphone App builder) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfbnofjiempfokaedcfllenpopocpjid [2015-08-03]
CHR Extension: (Moqups · Mockups, Wireframes & Prototyping) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlfbhphohgafllkjnakmdppmmkjfbnke [2015-08-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-03]
CHR Extension: (Gmail) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-03]
CHR HKU\S-1-5-21-836043816-1783305695-3436958112-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\fasteddy\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2015-08-03]
CHR HKU\S-1-5-21-836043816-1783305695-3436958112-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 Adobe Version Cue CS4; C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [284016 2008-08-15] (Adobe Systems Incorporated)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-27] ()
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-20] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-20] (Dropbox, Inc.)
R2 elogd; C:\Program Files (x86)\ELOG\elogd.exe [1673728 2015-08-05] () [File not signed]
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [162896 2015-11-18] (SEIKO EPSON CORPORATION)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-04-29] (Intel Corporation)
R2 TechSmith Uploader Service; C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3408384 2015-01-26] (TechSmith Corporation) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-27] ()
S3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek                                            )
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
S3 netr28ux; C:\Windows\System32\drivers\netr28ux.sys [2196480 2015-10-30] (MediaTek Inc.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-20 10:40 - 2016-01-20 10:40 - 00024176 _____ C:\Users\fasteddy\Downloads\FRST.txt
2016-01-20 10:39 - 2016-01-20 10:40 - 00000000 ____D C:\FRST
2016-01-20 10:37 - 2016-01-20 10:38 - 02370560 _____ (Farbar) C:\Users\fasteddy\Downloads\FRST64.exe
2016-01-19 20:21 - 2016-01-19 20:21 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-01-19 13:47 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2016-01-19 13:47 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2016-01-19 13:43 - 2016-01-19 13:44 - 66591701 _____ C:\Users\fasteddy\Downloads\kodi-15.2-Isengard.exe
2016-01-19 13:38 - 2016-01-19 13:38 - 21403160 _____ (LastPass) C:\Users\fasteddy\Downloads\lastpass_x64.exe
2016-01-19 12:02 - 2016-01-19 15:31 - 00000000 ____D C:\Users\fasteddy\AppData\LocalLow\Oracle
2016-01-19 12:02 - 2016-01-19 15:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-01-19 12:02 - 2016-01-19 12:02 - 00000000 ____D C:\Users\fasteddy\AppData\Roaming\Sun
2016-01-19 12:02 - 2016-01-19 12:02 - 00000000 ____D C:\Users\fasteddy\AppData\LocalLow\Sun
2016-01-19 12:02 - 2016-01-19 12:02 - 00000000 ____D C:\Users\fasteddy\.oracle_jre_usage
2016-01-19 12:02 - 2016-01-19 12:02 - 00000000 ____D C:\ProgramData\Oracle
2016-01-19 12:02 - 2016-01-19 12:02 - 00000000 ____D C:\Program Files\Java
2016-01-19 11:40 - 2016-01-19 15:31 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-01-19 11:40 - 2016-01-19 11:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-01-19 11:03 - 2016-01-19 11:03 - 00000000 ____D C:\$SysReset
2016-01-17 19:27 - 2016-01-19 14:13 - 00000000 ____D C:\Users\fasteddy\AppData\Roaming\.ACEStream
2016-01-17 19:27 - 2016-01-17 19:35 - 00000000 ___HD C:\_acestream_cache_
2016-01-17 19:24 - 2016-01-19 14:13 - 00000000 ____D C:\Program Files (x86)\SopCast
2016-01-16 19:07 - 2016-01-16 19:07 - 00018411 _____ C:\Users\fasteddy\Downloads\undefined (13).csv
2016-01-15 19:09 - 2014-08-25 15:07 - 12423420 _____ C:\wzrhpg300nh-pro-v24sp2-14998b.enc
2016-01-15 19:08 - 2014-08-25 15:07 - 12423420 _____ C:\Users\fasteddy\Desktop\wzrhpg300nh-pro-v24sp2-14998b.enc
2016-01-15 16:53 - 2016-01-15 16:54 - 16901595 _____ C:\Users\fasteddy\Downloads\wzrhpg300nh2-pro-v24sp2-19154b.zip
2016-01-14 19:51 - 2016-01-14 19:51 - 54279949 _____ C:\Users\fasteddy\Downloads\vpngate-client-2015.10.20-build-9599.133826.zip
2016-01-14 19:50 - 2016-01-14 19:51 - 54281365 _____ C:\Users\fasteddy\Downloads\vpngate-client-2016.01.15-build-9599.134520.zip
2016-01-14 18:33 - 2016-01-14 18:33 - 00174479 _____ C:\Users\fasteddy\Downloads\Nepg Scoring Template.xlsx - Sheet1.pdf
2016-01-14 10:19 - 2016-01-14 10:19 - 00017430 _____ C:\Users\fasteddy\Downloads\undefined (12).csv
2016-01-13 12:36 - 2016-01-13 12:37 - 26128412 _____ C:\Users\fasteddy\Desktop\wzr-hp-g300nh-dd-wrt-webupgrade-MULTI.bin
2016-01-13 11:45 - 2016-01-13 11:45 - 00000660 _____ C:\Users\fasteddy\Downloads\Livelaps.com Vehicle – Fuel Transactions from 2015-05-01 to 2016-01-13.csv
2016-01-13 11:44 - 2016-01-13 11:44 - 00000838 _____ C:\Users\fasteddy\Downloads\Livelaps.com Expense by Vendor from 2015-02-01 to 2016-01-13.csv
2016-01-13 08:57 - 2016-01-13 08:57 - 00021874 _____ C:\Users\fasteddy\Desktop\nvrambak.bin
2016-01-13 07:42 - 2016-01-13 07:42 - 00012673 _____ C:\Users\fasteddy\Downloads\openvpn (1).zip
2016-01-13 07:19 - 2016-01-13 07:19 - 00012673 _____ C:\Users\fasteddy\Downloads\openvpn.zip
2016-01-13 07:05 - 2016-01-13 07:05 - 00022039 _____ C:\Users\fasteddy\Desktop\backup wrt route 111316 nvrambak.bin
2016-01-12 22:14 - 2016-01-12 22:19 - 352496879 _____ C:\Users\fasteddy\Downloads\wzrhpg300nhus345.zip
2016-01-12 21:26 - 2016-01-12 21:26 - 12900830 _____ C:\Users\fasteddy\Downloads\wzrhpg300nh-pro-v24sp2-14998b (1).zip
2016-01-12 21:09 - 2016-01-12 21:09 - 00000360 _____ C:\Users\fasteddy\Downloads\MemberList (1).csv
2016-01-12 10:02 - 2016-01-12 10:02 - 00016884 _____ C:\Users\fasteddy\Downloads\undefined (11).csv
2016-01-11 15:25 - 2016-01-11 15:25 - 00066558 _____ C:\Users\fasteddy\Downloads\undefined (10).csv
2016-01-11 15:18 - 2016-01-11 15:18 - 00015784 _____ C:\Users\fasteddy\Downloads\undefined (9).csv
2016-01-11 10:01 - 2016-01-11 10:01 - 00000147 _____ C:\Users\fasteddy\Desktop\test33.csv
2016-01-11 10:00 - 2016-01-11 10:00 - 00000138 _____ C:\Users\fasteddy\Downloads\test33.csv
2016-01-10 17:52 - 2016-01-10 17:52 - 00000204 ____H C:\Users\fasteddy\.swfinfo
2016-01-10 11:08 - 2016-01-10 11:10 - 00032820 _____ C:\Users\fasteddy\Desktop\Livelaps Touch Scoring System.pdf
2016-01-10 10:20 - 2016-01-10 10:20 - 00000308 _____ C:\Users\fasteddy\Downloads\Almosta.csv
2016-01-09 18:14 - 2016-01-09 18:14 - 00000088 _____ C:\Users\fasteddy\Downloads\livestream (1).txt
2016-01-09 18:13 - 2016-01-09 18:13 - 00000088 _____ C:\Users\fasteddy\Downloads\livestream.txt
2016-01-09 17:14 - 2016-01-09 17:14 - 04501395 _____ C:\Users\fasteddy\Downloads\TCPro-ScreenShots.pdf
2016-01-09 11:02 - 2016-01-09 11:02 - 00000661 _____ C:\Users\fasteddy\Desktop\Sky_Sports.txt
2016-01-09 09:09 - 2016-01-09 09:09 - 00128778 _____ C:\Users\fasteddy\Desktop\Roy Busse Trophy 1977.pdf
2016-01-08 15:44 - 2016-01-10 11:11 - 00057472 _____ C:\Users\fasteddy\Desktop\LiveLaps Touchless Scoring System.pdf
2016-01-08 10:55 - 2016-01-08 10:55 - 00004383 _____ C:\Users\fasteddy\Desktop\test.csv
2016-01-08 10:51 - 2016-01-08 10:51 - 00000138 _____ C:\Users\fasteddy\Downloads\test.csv
2016-01-08 10:47 - 2016-01-08 10:49 - 00013420 _____ C:\Users\fasteddy\Desktop\LiveLaps - Promoters.csv
2016-01-08 09:12 - 2016-01-08 09:12 - 00014524 _____ C:\Users\fasteddy\Downloads\undefined (8).csv
2016-01-07 19:30 - 2016-01-07 19:30 - 00000000 ____D C:\Users\fasteddy\AppData\Roaming\Titanium
2016-01-07 19:30 - 2016-01-07 19:30 - 00000000 ____D C:\Users\fasteddy\AppData\Roaming\Apple Computer
2016-01-07 19:30 - 2016-01-07 19:30 - 00000000 ____D C:\Users\fasteddy\AppData\Local\Apple Computer
2016-01-07 19:29 - 2016-01-19 15:31 - 00000000 ____D C:\Program Files\pia_manager
2016-01-07 19:02 - 2016-01-07 19:02 - 00061761 _____ C:\Users\fasteddy\Desktop\plugin.video.SuperStreams2-1-1.zip
2016-01-07 18:19 - 2016-01-07 18:19 - 01759982 _____ C:\Users\fasteddy\Desktop\plugin.program.addoninstaller-1.2.5.zip
2016-01-07 15:16 - 2016-01-07 15:16 - 00055417 _____ C:\Users\fasteddy\Desktop\repository.tknorris.beta-1.0.5.zip
2016-01-07 07:49 - 2016-01-07 07:49 - 00185517 _____ C:\Users\fasteddy\Downloads\Speedsville_Enduro_Results_2015_Official.pdf
2016-01-07 07:42 - 2016-01-07 07:42 - 00014084 _____ C:\Users\fasteddy\Downloads\undefined (7).csv
2016-01-06 19:41 - 2016-01-19 14:10 - 00000000 ____D C:\Users\fasteddy\AppData\Roaming\Kodi
2016-01-06 19:33 - 2016-01-06 19:36 - 24562142 _____ C:\Users\fasteddy\Downloads\wzrhpg300nh2-193.zip
2016-01-06 19:32 - 2016-01-06 19:33 - 12900830 _____ C:\Users\fasteddy\Downloads\wzrhpg300nh-pro-v24sp2-14998b.zip
2016-01-06 16:18 - 2016-01-06 16:18 - 00294279 _____ C:\Users\fasteddy\Downloads\T-Shirt_vector- Black T-shirt white logos.pdf
2016-01-06 14:26 - 2016-01-06 14:26 - 01765888 _____ C:\Users\fasteddy\Downloads\14611 XLS (2).xls
2016-01-06 14:25 - 2016-01-06 14:26 - 00299742 _____ C:\Users\fasteddy\Desktop\rfid_tag_graphic.pdf
2016-01-06 10:26 - 2016-01-06 10:26 - 00013585 _____ C:\Users\fasteddy\Downloads\undefined (6).csv
2016-01-04 17:11 - 2016-01-04 17:11 - 00000000 ____D C:\Users\fasteddy\AppData\Roaming\NVIDIA
2016-01-04 16:11 - 2016-01-04 16:11 - 00012064 _____ C:\Users\fasteddy\Downloads\undefined (5).csv
2016-01-04 15:33 - 2016-01-04 15:36 - 01765888 _____ C:\Users\fasteddy\Downloads\V1 XLS.xls
2016-01-04 08:53 - 2016-01-04 08:53 - 01842688 _____ C:\Users\fasteddy\Downloads\14611 xls (1).xls
2016-01-04 07:03 - 2016-01-04 07:03 - 00010988 _____ C:\Users\fasteddy\Downloads\undefined (4).csv
2016-01-03 17:37 - 2016-01-03 17:37 - 00010236 _____ C:\Users\fasteddy\Downloads\Tutorial Race One.csv
2016-01-03 17:18 - 2016-01-03 17:18 - 00000250 _____ C:\Users\fasteddy\Downloads\racesetuptemplate (2).csv
2016-01-03 17:14 - 2016-01-03 17:14 - 00000138 _____ C:\Users\fasteddy\Downloads\testing.csv
2016-01-03 12:08 - 2016-01-03 12:08 - 00009789 _____ C:\Users\fasteddy\Downloads\undefined (3).csv
2016-01-03 08:46 - 2016-01-03 08:46 - 00009708 _____ C:\Users\fasteddy\Downloads\undefined (2).csv
2016-01-02 22:21 - 2016-01-02 22:24 - 00000000 ____D C:\Users\fasteddy\Desktop\Tutorials
2016-01-02 22:20 - 2016-01-02 22:32 - 00000000 ____D C:\Users\fasteddy\Desktop\Tag Encoding
2016-01-02 22:20 - 2016-01-02 22:20 - 00000000 ____D C:\Users\fasteddy\Desktop\Backup Scoring
2016-01-01 14:52 - 2016-01-01 14:52 - 00000000 ____D C:\Users\fasteddy\Desktop\CellScore
2016-01-01 13:04 - 2016-01-01 13:04 - 00034816 _____ C:\Users\fasteddy\Downloads\Out Check BackupSheets.xls
2015-12-31 08:57 - 2015-12-31 08:57 - 01842688 _____ C:\Users\fasteddy\Downloads\14611 xls.xls
2015-12-30 10:12 - 2015-12-30 10:12 - 00000563 _____ C:\Users\fasteddy\Downloads\sprint 2 test_registrations (3).csv
2015-12-29 21:49 - 2015-12-29 21:49 - 00000380 _____ C:\WINDOWS\Tasks\DriverToolkit Autorun.job
2015-12-26 20:22 - 2015-12-26 20:22 - 00001276 _____ C:\Users\fasteddy\Downloads\Christmas Test_registrations.csv
2015-12-26 19:09 - 2015-12-26 19:09 - 00001039 _____ C:\Users\fasteddy\Downloads\sprint 2 test_registrations (2).csv
2015-12-26 18:59 - 2015-12-26 18:59 - 00000529 _____ C:\Users\fasteddy\Downloads\sprint 2 test_registrations (1).csv
2015-12-26 10:55 - 2015-12-26 10:55 - 00000321 _____ C:\Users\fasteddy\Downloads\sprint 2 test_registrations.csv
2015-12-25 11:31 - 2015-12-25 11:31 - 00002615 _____ C:\Users\fasteddy\Downloads\youth competitor database sample (1).csv
2015-12-25 10:14 - 2015-12-25 10:14 - 00014109 _____ C:\Users\fasteddy\Desktop\Atlas Credit Card Purchase.pdf
2015-12-25 10:11 - 2016-01-20 10:11 - 00000935 _____ C:\WINDOWS\Tasks\EPSON XP-410 Series Update {5F7EF405-BF52-4425-BE23-A17B718046C4}.job
2015-12-25 10:11 - 2016-01-20 10:11 - 00000749 _____ C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {5F7EF405-BF52-4425-BE23-A17B718046C4}.job
2015-12-25 10:11 - 2015-12-25 10:11 - 00004132 _____ C:\WINDOWS\System32\Tasks\EPSON XP-410 Series Update {5F7EF405-BF52-4425-BE23-A17B718046C4}
2015-12-25 10:11 - 2015-12-25 10:11 - 00003954 _____ C:\WINDOWS\System32\Tasks\EPSON XP-410 Series Invitation {5F7EF405-BF52-4425-BE23-A17B718046C4}
2015-12-25 10:11 - 2015-12-25 10:11 - 00000000 ____D C:\Program Files\Common Files\EPSON
2015-12-25 09:40 - 2016-01-19 15:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit
2015-12-25 09:40 - 2015-12-25 09:40 - 00001136 _____ C:\Users\Public\Desktop\DriverToolkit.lnk
2015-12-25 09:39 - 2015-12-25 09:39 - 02449376 _____ (Megaify Software ) C:\Users\fasteddy\Downloads\DriverToolkitInstaller (2).exe
2015-12-25 09:17 - 2015-12-25 09:18 - 00436179 _____ C:\Users\fasteddy\Downloads\Copy of WICS Quote (ICS-15-19-Q) live laps.pdf
2015-12-24 12:36 - 2015-12-24 12:36 - 00150000 _____ C:\Users\fasteddy\Downloads\tag_encoding (3).csv
2015-12-24 12:36 - 2015-12-24 12:36 - 00150000 _____ C:\Users\fasteddy\Downloads\tag_encoding (1).csv
2015-12-23 20:27 - 2015-12-23 20:27 - 00170000 _____ C:\Users\fasteddy\Downloads\tag_encoding.csv
2015-12-23 10:16 - 2015-12-23 10:16 - 00064992 _____ C:\Users\fasteddy\Downloads\undefined (1).csv
2015-12-22 18:25 - 2015-12-22 18:25 - 00001020 _____ C:\Users\fasteddy\Downloads\tag_encoding (2).csv
2015-12-22 18:20 - 2015-12-22 18:20 - 00064740 _____ C:\Users\fasteddy\Downloads\undefined.csv
2015-12-21 13:28 - 2015-12-21 13:28 - 00002615 _____ C:\Users\fasteddy\Downloads\youth competitor database sample.csv
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-20 10:39 - 2015-10-30 01:28 - 00000000 ____D C:\Windows
2016-01-20 10:37 - 2015-10-30 02:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-20 10:37 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-20 10:18 - 2015-08-03 05:51 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-20 10:13 - 2015-08-20 18:08 - 00000928 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-01-20 10:11 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-01-19 20:32 - 2015-08-03 06:26 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-19 20:29 - 2015-10-30 02:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-19 20:28 - 2015-08-03 12:21 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-19 20:23 - 2015-08-03 12:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-19 20:23 - 2015-08-03 12:21 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-19 20:22 - 2015-08-03 12:38 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-19 20:22 - 2015-08-03 12:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-19 20:22 - 2015-08-03 07:38 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-01-19 20:21 - 2012-07-26 00:26 - 00000167 _____ C:\WINDOWS\win.ini
2016-01-19 19:13 - 2015-08-20 18:08 - 00000924 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-01-19 18:44 - 2015-10-30 02:21 - 00000000 ____D C:\WINDOWS\INF
2016-01-19 18:44 - 2015-08-07 17:14 - 00879220 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-19 18:40 - 2015-08-10 08:43 - 00000000 ___RD C:\Users\fasteddy\Dropbox
2016-01-19 18:40 - 2015-08-03 10:47 - 00000000 ____D C:\Users\fasteddy\AppData\Local\Dropbox
2016-01-19 18:39 - 2015-08-03 07:39 - 00000000 ___RD C:\Users\fasteddy\Google Drive
2016-01-19 18:38 - 2015-11-28 08:56 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-19 18:38 - 2015-11-28 08:40 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-19 18:38 - 2015-08-03 05:51 - 00000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-19 18:37 - 2015-10-30 01:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-01-19 15:31 - 2015-10-30 01:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-01-19 15:31 - 2015-08-04 20:45 - 00000000 ____D C:\ProgramData\FLEXnet
2016-01-19 15:31 - 2015-08-03 06:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-01-19 15:28 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\registration
2016-01-19 15:27 - 2015-08-03 05:39 - 00000000 ____D C:\Users\fasteddy\AppData\Roaming\Adobe
2016-01-19 15:26 - 2015-08-03 05:50 - 00000000 ____D C:\Users\fasteddy\AppData\Local\Google
2016-01-19 15:03 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-01-19 13:32 - 2015-08-07 17:12 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-19 12:33 - 2015-11-28 08:43 - 00000000 ____D C:\Users\fasteddy
2016-01-13 07:23 - 2015-12-05 03:04 - 00001395 _____ C:\Users\fasteddy\Desktop\ca.crt
2016-01-04 17:11 - 2015-08-04 20:11 - 00000000 ____D C:\Users\fasteddy\AppData\Local\Adobe
2016-01-02 20:40 - 2015-10-30 02:26 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-01-02 20:40 - 2015-10-30 02:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-30 10:06 - 2015-11-28 08:36 - 02940984 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-25 12:11 - 2015-11-18 15:50 - 00000000 ____D C:\ProgramData\EPSON
2015-12-25 09:53 - 2015-08-03 08:25 - 00000000 ____D C:\Users\fasteddy\AppData\Local\ElevatedDiagnostics
2015-12-25 09:40 - 2015-08-03 08:51 - 00000000 ____D C:\Program Files (x86)\DriverToolkit
 
==================== Files in the root of some directories =======
 
2015-10-23 06:28 - 2015-10-26 19:40 - 0005632 _____ () C:\Users\fasteddy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-19 20:43 - 2015-08-25 07:48 - 0007606 _____ () C:\Users\fasteddy\AppData\Local\Resmon.ResmonCfg
2015-11-28 08:40 - 2015-11-28 08:40 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Some files in TEMP:
====================
C:\Users\fasteddy\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptko3zb.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-01-19 12:47
 
==================== End of FRST.txt ============================

Attached Files



BC AdBot (Login to Remove)

 


#2 Bezukhov

Bezukhov

    Bleepin' Jazz Fan!


  • Members
  • 2,720 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Providence, R.I.
  • Local time:05:14 AM

Posted 23 January 2016 - 08:18 AM

Hello, fasteddyktm. Sorry for the delay. My name is Bezukhov, and I will be helping you through this matter. Please give me a little more time to study your log.
To err is Human. To blame it on someone else is even more Human.

#3 fasteddyktm

fasteddyktm
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:04:14 AM

Posted 23 January 2016 - 11:14 AM

Thanks,  I will be monitoring the site, looking forward to getting this resolved, appreciate the help.

 

Thanks



#4 fasteddyktm

fasteddyktm
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:04:14 AM

Posted 24 January 2016 - 08:14 PM

Wonder what happened to Bezukhov, hope he is ok??

 

 

Ed..



#5 Bezukhov

Bezukhov

    Bleepin' Jazz Fan!


  • Members
  • 2,720 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Providence, R.I.
  • Local time:05:14 AM

Posted 25 January 2016 - 02:04 AM

Wonder what happened to Bezukhov, hope he is ok??
 
 
Ed..


Sorry, still working on it. Should have something today.
To err is Human. To blame it on someone else is even more Human.

#6 fasteddyktm

fasteddyktm
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:04:14 AM

Posted 25 January 2016 - 07:35 AM

Thanks...  :)



#7 Bezukhov

Bezukhov

    Bleepin' Jazz Fan!


  • Members
  • 2,720 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Providence, R.I.
  • Local time:05:14 AM

Posted 25 January 2016 - 06:13 PM

Thank you for your patience. Before we get to work here are a few things to keep in mind:
  • Please do not run any tools on your own while we solve this. Some are rather powerful, and using one at the wrong moment can have catastrophic effects. Also please refrain from seeking help for this problem elsewhere. Too many cooks spoils the broth.
  • Next, it is important that the instructions given be performed in the order given. We may need one tool to finish its job before another one starts.
  • If at any time my instructions are not clear stop and ask for clarification.
  • Rather than attach any logs to your post it is better that you copy and paste them instead, except if instructed otherwise.
  • Any program that I ask you run should only be run once.
  • As soon as your computer is clean I will let you know.
  • Please try to complete any tasks and reply in 24 hours. I will try to do likewise.
  • If you have any pirated software on your system I must ask that you remove them. No need for you to tell me if you do. Many times such programs are the source of many an infection, which makes cleaning a sick computer just that more difficult. And it's also against BleepingComputer's rules.
  • Lastly, do not make any changes to your computer from here on out until you get an "All Clear" from me.
First up:
  • Going over your log I noticed that you have Kodi, Sopcast and Hola installed.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
  • It is pretty much certain that if you continue to use P2P programs, you will get infected again.
    I would recommend that you uninstall Kodi, Sopcast and Hola, however that choice is up to you. If you choose to remove these programs, you can do so via Start > Control Panel > Add/Remove Programs.. Use the "Add/Remove" feature for Kodi and Sopcast. For Hola:
  • Click the menu icon "" at the top right of the browser window, choose "Tools" and choose "Extensions" to open a new "Options" tab.
  • Look for the one named "Hola"
  • Click on the "Trash Can" to delete it completely.
  • From what I've researched both Gmail and Paypal don't play nice with VPNs. So ditching Hola might help in that regard.
Next:
  • In Search, type firewall, and then select Windows Firewall.
  • Select Turn Windows Firewall on or off. You might be asked for an admin password or to confirm your choice.
Last,
  • Please move the Farbar Recovery Scan Tool to your desktop.
  • Click on FRST.exe and run it from the desktop. When the window for FRST appears, make sure that you click on the Addition.txt box.
  • Copy and paste both FRST.txt and Addition.txt in your next reply
Any questions or concerns don't hesitate to bring them to my attention. And let me know if your computer is feeling better after completing the above instructions.
To err is Human. To blame it on someone else is even more Human.

#8 fasteddyktm

fasteddyktm
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:04:14 AM

Posted 25 January 2016 - 06:47 PM

Removed Kodi and Hola, could not find Sopcast??

 

I was able to get into Paypal after removing Hola, I didn't even know that was there??

 

Thanks for your help.

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-01-2016
Ran by fasteddy (administrator) on PC64BIT (25-01-2016 18:42:29)
Running from C:\Users\fasteddy\Desktop
Loaded Profiles: fasteddy (Available Profiles: fasteddy)
Platform: Windows 10 Pro Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
() C:\Program Files (x86)\ELOG\elogd.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(TechSmith Corporation) C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILAE.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 12\Snagit32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 12\SnagPriv.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 12\TscHelp.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 12\SnagitEditor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1804616 2015-11-27] (NVIDIA Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe_ID0ENQBO] => C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe [378224 2008-08-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24952456 2015-12-08] (Dropbox, Inc.)
HKU\S-1-5-21-836043816-1783305695-3436958112-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22790776 2015-11-04] (Google)
HKU\S-1-5-21-836043816-1783305695-3436958112-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILAE.EXE [307280 2015-11-18] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-836043816-1783305695-3436958112-1001\...\Run: [GoogleChromeAutoLaunch_1814C532EEB499C790819406F1F86FE0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [748360 2016-01-12] (Google Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 12.lnk [2015-09-15]
ShortcutTarget: Snagit 12.lnk -> C:\Program Files (x86)\TechSmith\Snagit 12\Snagit32.exe (TechSmith Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 192.168.11.1
Tcpip\..\Interfaces\{242734fe-2f77-46f2-949d-38ff08e2301a}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{242734fe-2f77-46f2-949d-38ff08e2301a}: [DhcpNameServer] 192.168.11.1
Tcpip\..\Interfaces\{6c4aad13-64ac-4077-b959-ad40a60d7df1}: [DhcpNameServer] 192.168.43.1
 
Internet Explorer:
==================
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-09-10] (Adobe Systems Incorporated.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-09-10] (Adobe Systems Incorporated.)
 
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-29] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-29] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/ig
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxps://www.livelaps.com/","hxxp://www.speedtest.net/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll => No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Profile: C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Floorplanner) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\abopacaefhbognnmeigicfpgnmpideag [2015-08-03]
CHR Extension: (Lucidchart Diagrams - Online) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apboafhkiegglekeafbckfjldecefkhn [2016-01-19]
CHR Extension: (Google Drive) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (MindMeister) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdehgigffdnkjpaindemkaniebfaepjm [2016-01-07]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-08-03]
CHR Extension: (Gliffy Diagrams) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmicilclplefnflapjmnngmkkkkpfad [2015-08-03]
CHR Extension: (YouTube) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-30]
CHR Extension: (Smartsheet Project Management) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cindmhdfkimaeggbebfjkmkdfiohldbm [2015-08-03]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2016-01-22]
CHR Extension: (Google Search) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Category Tabs for Google Keep™) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlahcjmefibiedeecoegjilekaebchhl [2015-12-09]
CHR Extension: (Gmail Offline) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2015-08-03]
CHR Extension: (Google Calendar) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2015-10-14]
CHR Extension: (Conclave) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcakebalijmchimjjkbjjfiicjddofib [2015-08-03]
CHR Extension: (Full Screen Weather) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg [2015-08-03]
CHR Extension: (Google Docs Offline) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18]
CHR Extension: (Avast Online Security) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-02]
CHR Extension: (Google Keep) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcfcmgpnmpinpidjdgejehjchlbglpde [2015-11-02]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2016-01-22]
CHR Extension: (NinjaMock) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgiegfdifagakbonggdpbnkgallhjadj [2015-08-03]
CHR Extension: (Kindle Cloud Reader) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2015-08-03]
CHR Extension: (Panel View for Keep) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb [2015-11-02]
CHR Extension: (The Brain Shaker) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jffonbajomllfeoikanfboknplfhgapk [2015-08-03]
CHR Extension: (Blackball Pool) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjkhefodfbgjpcmahghmfggbcpjabnag [2015-08-03]
CHR Extension: (Conceptboard) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnacnlekfaehkfdbkohnhpmdagnfaeio [2015-08-03]
CHR Extension: (Cloud Caster - cloud based podcast player) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfmpmohmkfjakbneilaohmnadpmldna [2015-08-07]
CHR Extension: (BB10 / PlayBook App Manager) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmbaalodpmjjhpobkgljnelbpblnikkp [2015-08-03]
CHR Extension: (Wave Accounting) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\knpkfcpnjfbniadmfchjpcigfhookhaa [2015-08-03]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-08-03]
CHR Extension: (Capture Webpage Screenshot Entirely. FireShot) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2015-12-06]
CHR Extension: (Ghostery) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-12-30]
CHR Extension: (Mobincube - FREE smartphone App builder) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfbnofjiempfokaedcfllenpopocpjid [2015-08-03]
CHR Extension: (Moqups · Mockups, Wireframes & Prototyping) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlfbhphohgafllkjnakmdppmmkjfbnke [2015-08-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-03]
CHR Extension: (Gmail) - C:\Users\fasteddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-03]
CHR HKU\S-1-5-21-836043816-1783305695-3436958112-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\fasteddy\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2015-08-03]
CHR HKU\S-1-5-21-836043816-1783305695-3436958112-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 Adobe Version Cue CS4; C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [284016 2008-08-15] (Adobe Systems Incorporated)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-27] ()
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-20] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-20] (Dropbox, Inc.)
R2 elogd; C:\Program Files (x86)\ELOG\elogd.exe [1673728 2015-08-05] () [File not signed]
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [162896 2015-11-18] (SEIKO EPSON CORPORATION)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-04-29] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 TechSmith Uploader Service; C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3408384 2015-01-26] (TechSmith Corporation) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-27] ()
S3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek                                            )
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
S3 netr28ux; C:\Windows\System32\drivers\netr28ux.sys [2196480 2015-10-30] (MediaTek Inc.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-25 18:42 - 2016-01-25 18:42 - 00024189 _____ C:\Users\fasteddy\Desktop\FRST.txt
2016-01-25 14:21 - 2016-01-25 14:21 - 00004277 _____ C:\Users\fasteddy\Downloads\undefined (18).csv
2016-01-25 07:50 - 2016-01-25 07:50 - 00000000 ____D C:\WINDOWS\LastGood
2016-01-25 07:07 - 2016-01-25 07:07 - 00000138 _____ C:\Users\fasteddy\Downloads\ccccc.csv
2016-01-25 06:32 - 2016-01-25 06:32 - 00045940 _____ C:\Users\fasteddy\Desktop\sumterplanbtestwithwait.csv
2016-01-25 06:30 - 2016-01-25 06:30 - 00066961 _____ C:\Users\fasteddy\Downloads\undefined (17).csv
2016-01-25 06:25 - 2016-01-25 14:24 - 00045193 _____ C:\Users\fasteddy\Desktop\sumterplanbtest.csv
2016-01-25 06:18 - 2016-01-25 06:18 - 00066961 _____ C:\Users\fasteddy\Downloads\undefined (16).csv
2016-01-25 06:12 - 2016-01-25 06:12 - 00048926 _____ C:\Users\fasteddy\Downloads\Rnd _1 Sumter National Enduro, Sumter, SC_registrations.csv
2016-01-25 06:03 - 2016-01-25 06:03 - 00000250 _____ C:\Users\fasteddy\Downloads\sumterplanbtest.csv
2016-01-23 14:14 - 2016-01-23 14:14 - 00005439 _____ C:\Users\fasteddy\Downloads\billed_mobility_usage(20151112-20151211).csv
2016-01-22 14:33 - 2016-01-22 14:45 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-01-22 14:33 - 2016-01-22 14:33 - 00001171 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-01-22 14:33 - 2016-01-22 14:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-01-22 14:33 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-01-22 14:33 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-01-22 14:33 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-01-22 14:30 - 2016-01-22 14:30 - 22908888 _____ (Malwarebytes ) C:\Users\fasteddy\Downloads\mbam-setup-2.2.0.1024.exe
2016-01-21 11:47 - 2016-01-21 11:47 - 00034814 _____ C:\Users\fasteddy\Downloads\3289_2016-01-20.txt
2016-01-21 10:38 - 2016-01-21 10:39 - 00002279 _____ C:\Users\fasteddy\Downloads\Christmas Test_registrations (1).csv
2016-01-20 23:36 - 2016-01-20 23:36 - 00001061 _____ C:\Users\fasteddy\Desktop\Unlocking Samsungs.txt
2016-01-20 21:29 - 2016-01-20 21:30 - 00035607 _____ C:\Users\fasteddy\Downloads\undefined (14).csv
2016-01-20 19:12 - 2016-01-20 19:12 - 00000250 _____ C:\Users\fasteddy\Downloads\racesetuptemplate (3).csv
2016-01-20 10:39 - 2016-01-25 18:42 - 00000000 ____D C:\FRST
2016-01-20 10:37 - 2016-01-20 10:38 - 02370560 _____ (Farbar) C:\Users\fasteddy\Desktop\FRST64.exe
2016-01-19 20:21 - 2016-01-19 20:21 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-01-19 20:20 - 2016-01-04 21:51 - 07477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-19 20:20 - 2016-01-04 21:51 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-01-19 20:20 - 2016-01-04 21:51 - 01141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-01-19 20:20 - 2016-01-04 21:50 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-19 20:20 - 2016-01-04 21:50 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-19 20:20 - 2016-01-04 21:50 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-19 20:20 - 2016-01-04 21:49 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-19 20:20 - 2016-01-04 21:48 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-19 20:20 - 2016-01-04 21:45 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-01-19 20:20 - 2016-01-04 21:42 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-01-19 20:20 - 2016-01-04 21:37 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-19 20:20 - 2016-01-04 21:37 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-19 20:20 - 2016-01-04 21:37 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-19 20:20 - 2016-01-04 21:37 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-19 20:20 - 2016-01-04 21:37 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-19 20:20 - 2016-01-04 21:37 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-19 20:20 - 2016-01-04 21:37 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-01-19 20:20 - 2016-01-04 21:36 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-01-19 20:20 - 2016-01-04 21:33 - 02180128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-19 20:20 - 2016-01-04 21:33 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-19 20:20 - 2016-01-04 21:33 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-19 20:20 - 2016-01-04 21:33 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-19 20:20 - 2016-01-04 21:33 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-19 20:20 - 2016-01-04 21:33 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-01-19 20:20 - 2016-01-04 21:33 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-19 20:20 - 2016-01-04 21:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-01-19 20:20 - 2016-01-04 21:27 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-19 20:20 - 2016-01-04 21:24 - 00796352 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-01-19 20:20 - 2016-01-04 21:23 - 01804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-19 20:20 - 2016-01-04 21:23 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-01-19 20:20 - 2016-01-04 21:23 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-19 20:20 - 2016-01-04 21:23 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-19 20:20 - 2016-01-04 21:21 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-19 20:20 - 2016-01-04 21:17 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-19 20:20 - 2016-01-04 21:16 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-19 20:20 - 2016-01-04 20:59 - 22393856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-01-19 20:20 - 2016-01-04 20:57 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-19 20:20 - 2016-01-04 20:57 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll
2016-01-19 20:20 - 2016-01-04 20:57 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-01-19 20:20 - 2016-01-04 20:56 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-01-19 20:20 - 2016-01-04 20:54 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-01-19 20:20 - 2016-01-04 20:53 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2016-01-19 20:20 - 2016-01-04 20:52 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-19 20:20 - 2016-01-04 20:51 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-01-19 20:20 - 2016-01-04 20:51 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-01-19 20:20 - 2016-01-04 20:50 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-01-19 20:20 - 2016-01-04 20:50 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-01-19 20:20 - 2016-01-04 20:50 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-01-19 20:20 - 2016-01-04 20:49 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-01-19 20:20 - 2016-01-04 20:49 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-01-19 20:20 - 2016-01-04 20:49 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-19 20:20 - 2016-01-04 20:49 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-01-19 20:20 - 2016-01-04 20:49 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-01-19 20:20 - 2016-01-04 20:49 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
2016-01-19 20:20 - 2016-01-04 20:48 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-19 20:20 - 2016-01-04 20:48 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-19 20:20 - 2016-01-04 20:48 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-01-19 20:20 - 2016-01-04 20:47 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-01-19 20:20 - 2016-01-04 20:47 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-19 20:20 - 2016-01-04 20:47 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-19 20:20 - 2016-01-04 20:45 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-19 20:20 - 2016-01-04 20:45 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-01-19 20:20 - 2016-01-04 20:44 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2016-01-19 20:20 - 2016-01-04 20:43 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-01-19 20:20 - 2016-01-04 20:43 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-19 20:20 - 2016-01-04 20:43 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-01-19 20:20 - 2016-01-04 20:42 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-01-19 20:20 - 2016-01-04 20:41 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-01-19 20:20 - 2016-01-04 20:41 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-19 20:20 - 2016-01-04 20:41 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-01-19 20:20 - 2016-01-04 20:40 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-19 20:20 - 2016-01-04 20:40 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-01-19 20:20 - 2016-01-04 20:39 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-01-19 20:20 - 2016-01-04 20:39 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-19 20:20 - 2016-01-04 20:39 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-01-19 20:20 - 2016-01-04 20:39 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-19 20:20 - 2016-01-04 20:38 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-19 20:20 - 2016-01-04 20:36 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-19 20:20 - 2016-01-04 20:36 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-19 20:20 - 2016-01-04 20:33 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-19 20:20 - 2016-01-04 20:30 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-01-19 20:20 - 2016-01-04 20:30 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-01-19 20:20 - 2016-01-04 20:29 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-01-19 20:20 - 2016-01-04 20:28 - 07826432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-01-19 20:20 - 2016-01-04 20:28 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-01-19 20:20 - 2016-01-04 20:28 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-19 20:20 - 2016-01-04 20:25 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-01-19 13:47 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2016-01-19 13:47 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2016-01-19 13:43 - 2016-01-19 13:44 - 66591701 _____ C:\Users\fasteddy\Downloads\kodi-15.2-Isengard.exe
2016-01-19 13:38 - 2016-01-19 13:38 - 21403160 _____ (LastPass) C:\Users\fasteddy\Downloads\lastpass_x64.exe
2016-01-19 12:02 - 2016-01-19 15:31 - 00000000 ____D C:\Users\fasteddy\AppData\LocalLow\Oracle
2016-01-19 12:02 - 2016-01-19 15:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-01-19 12:02 - 2016-01-19 12:02 - 00000000 ____D C:\Users\fasteddy\AppData\Roaming\Sun
2016-01-19 12:02 - 2016-01-19 12:02 - 00000000 ____D C:\Users\fasteddy\AppData\LocalLow\Sun
2016-01-19 12:02 - 2016-01-19 12:02 - 00000000 ____D C:\Users\fasteddy\.oracle_jre_usage
2016-01-19 12:02 - 2016-01-19 12:02 - 00000000 ____D C:\ProgramData\Oracle
2016-01-19 12:02 - 2016-01-19 12:02 - 00000000 ____D C:\Program Files\Java
2016-01-19 11:40 - 2016-01-22 14:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-01-19 11:40 - 2016-01-19 11:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-01-19 11:03 - 2016-01-19 11:03 - 00000000 ____D C:\$SysReset
2016-01-17 19:27 - 2016-01-19 14:13 - 00000000 ____D C:\Users\fasteddy\AppData\Roaming\.ACEStream
2016-01-17 19:27 - 2016-01-17 19:35 - 00000000 ___HD C:\_acestream_cache_
2016-01-17 19:24 - 2016-01-19 14:13 - 00000000 ____D C:\Program Files (x86)\SopCast
2016-01-16 19:07 - 2016-01-16 19:07 - 00018411 _____ C:\Users\fasteddy\Downloads\undefined (13).csv
2016-01-15 19:09 - 2014-08-25 15:07 - 12423420 _____ C:\wzrhpg300nh-pro-v24sp2-14998b.enc
2016-01-15 19:08 - 2014-08-25 15:07 - 12423420 _____ C:\Users\fasteddy\Desktop\wzrhpg300nh-pro-v24sp2-14998b.enc
2016-01-15 16:53 - 2016-01-15 16:54 - 16901595 _____ C:\Users\fasteddy\Downloads\wzrhpg300nh2-pro-v24sp2-19154b.zip
2016-01-14 19:51 - 2016-01-14 19:51 - 54279949 _____ C:\Users\fasteddy\Downloads\vpngate-client-2015.10.20-build-9599.133826.zip
2016-01-14 19:50 - 2016-01-14 19:51 - 54281365 _____ C:\Users\fasteddy\Downloads\vpngate-client-2016.01.15-build-9599.134520.zip
2016-01-14 18:33 - 2016-01-14 18:33 - 00174479 _____ C:\Users\fasteddy\Downloads\Nepg Scoring Template.xlsx - Sheet1.pdf
2016-01-14 10:19 - 2016-01-14 10:19 - 00017430 _____ C:\Users\fasteddy\Downloads\undefined (12).csv
2016-01-13 12:36 - 2016-01-13 12:37 - 26128412 _____ C:\Users\fasteddy\Desktop\wzr-hp-g300nh-dd-wrt-webupgrade-MULTI.bin
2016-01-13 11:45 - 2016-01-13 11:45 - 00000660 _____ C:\Users\fasteddy\Downloads\Livelaps.com Vehicle – Fuel Transactions from 2015-05-01 to 2016-01-13.csv
2016-01-13 11:44 - 2016-01-13 11:44 - 00000838 _____ C:\Users\fasteddy\Downloads\Livelaps.com Expense by Vendor from 2015-02-01 to 2016-01-13.csv
2016-01-13 08:57 - 2016-01-13 08:57 - 00021874 _____ C:\Users\fasteddy\Desktop\nvrambak.bin
2016-01-13 07:42 - 2016-01-13 07:42 - 00012673 _____ C:\Users\fasteddy\Downloads\openvpn (1).zip
2016-01-13 07:19 - 2016-01-13 07:19 - 00012673 _____ C:\Users\fasteddy\Downloads\openvpn.zip
2016-01-13 07:05 - 2016-01-13 07:05 - 00022039 _____ C:\Users\fasteddy\Desktop\backup wrt route 111316 nvrambak.bin
2016-01-12 22:14 - 2016-01-12 22:19 - 352496879 _____ C:\Users\fasteddy\Downloads\wzrhpg300nhus345.zip
2016-01-12 21:26 - 2016-01-12 21:26 - 12900830 _____ C:\Users\fasteddy\Downloads\wzrhpg300nh-pro-v24sp2-14998b (1).zip
2016-01-12 21:09 - 2016-01-12 21:09 - 00000360 _____ C:\Users\fasteddy\Downloads\MemberList (1).csv
2016-01-12 10:02 - 2016-01-12 10:02 - 00016884 _____ C:\Users\fasteddy\Downloads\undefined (11).csv
2016-01-11 15:25 - 2016-01-11 15:25 - 00066558 _____ C:\Users\fasteddy\Downloads\undefined (10).csv
2016-01-11 15:18 - 2016-01-11 15:18 - 00015784 _____ C:\Users\fasteddy\Downloads\undefined (9).csv
2016-01-11 10:01 - 2016-01-11 10:01 - 00000147 _____ C:\Users\fasteddy\Desktop\test33.csv
2016-01-11 10:00 - 2016-01-11 10:00 - 00000138 _____ C:\Users\fasteddy\Downloads\test33.csv
2016-01-10 17:52 - 2016-01-10 17:52 - 00000204 ____H C:\Users\fasteddy\.swfinfo
2016-01-10 11:08 - 2016-01-10 11:10 - 00032820 _____ C:\Users\fasteddy\Desktop\Livelaps Touch Scoring System.pdf
2016-01-10 10:20 - 2016-01-10 10:20 - 00000308 _____ C:\Users\fasteddy\Downloads\Almosta.csv
2016-01-09 18:14 - 2016-01-09 18:14 - 00000088 _____ C:\Users\fasteddy\Downloads\livestream (1).txt
2016-01-09 18:13 - 2016-01-09 18:13 - 00000088 _____ C:\Users\fasteddy\Downloads\livestream.txt
2016-01-09 17:14 - 2016-01-09 17:14 - 04501395 _____ C:\Users\fasteddy\Downloads\TCPro-ScreenShots.pdf
2016-01-09 11:02 - 2016-01-09 11:02 - 00000661 _____ C:\Users\fasteddy\Desktop\Sky_Sports.txt
2016-01-09 09:09 - 2016-01-09 09:09 - 00128778 _____ C:\Users\fasteddy\Desktop\Roy Busse Trophy 1977.pdf
2016-01-08 15:44 - 2016-01-10 11:11 - 00057472 _____ C:\Users\fasteddy\Desktop\LiveLaps Touchless Scoring System.pdf
2016-01-08 10:55 - 2016-01-08 10:55 - 00004383 _____ C:\Users\fasteddy\Desktop\test.csv
2016-01-08 10:51 - 2016-01-08 10:51 - 00000138 _____ C:\Users\fasteddy\Downloads\test.csv
2016-01-08 10:47 - 2016-01-25 05:58 - 00082531 _____ C:\Users\fasteddy\Desktop\LiveLaps - Promoters.csv
2016-01-08 09:12 - 2016-01-08 09:12 - 00014524 _____ C:\Users\fasteddy\Downloads\undefined (8).csv
2016-01-07 19:30 - 2016-01-07 19:30 - 00000000 ____D C:\Users\fasteddy\AppData\Roaming\Titanium
2016-01-07 19:30 - 2016-01-07 19:30 - 00000000 ____D C:\Users\fasteddy\AppData\Roaming\Apple Computer
2016-01-07 19:30 - 2016-01-07 19:30 - 00000000 ____D C:\Users\fasteddy\AppData\Local\Apple Computer
2016-01-07 19:29 - 2016-01-19 15:31 - 00000000 ____D C:\Program Files\pia_manager
2016-01-07 19:02 - 2016-01-07 19:02 - 00061761 _____ C:\Users\fasteddy\Desktop\plugin.video.SuperStreams2-1-1.zip
2016-01-07 18:19 - 2016-01-07 18:19 - 01759982 _____ C:\Users\fasteddy\Desktop\plugin.program.addoninstaller-1.2.5.zip
2016-01-07 15:16 - 2016-01-07 15:16 - 00055417 _____ C:\Users\fasteddy\Desktop\repository.tknorris.beta-1.0.5.zip
2016-01-07 07:49 - 2016-01-07 07:49 - 00185517 _____ C:\Users\fasteddy\Downloads\Speedsville_Enduro_Results_2015_Official.pdf
2016-01-07 07:42 - 2016-01-07 07:42 - 00014084 _____ C:\Users\fasteddy\Downloads\undefined (7).csv
2016-01-06 19:41 - 2016-01-19 14:10 - 00000000 ____D C:\Users\fasteddy\AppData\Roaming\Kodi
2016-01-06 19:33 - 2016-01-06 19:36 - 24562142 _____ C:\Users\fasteddy\Downloads\wzrhpg300nh2-193.zip
2016-01-06 19:32 - 2016-01-06 19:33 - 12900830 _____ C:\Users\fasteddy\Downloads\wzrhpg300nh-pro-v24sp2-14998b.zip
2016-01-06 16:18 - 2016-01-06 16:18 - 00294279 _____ C:\Users\fasteddy\Downloads\T-Shirt_vector- Black T-shirt white logos.pdf
2016-01-06 14:26 - 2016-01-06 14:26 - 01765888 _____ C:\Users\fasteddy\Downloads\14611 XLS (2).xls
2016-01-06 14:25 - 2016-01-06 14:26 - 00299742 _____ C:\Users\fasteddy\Desktop\rfid_tag_graphic.pdf
2016-01-06 10:26 - 2016-01-06 10:26 - 00013585 _____ C:\Users\fasteddy\Downloads\undefined (6).csv
2016-01-04 17:11 - 2016-01-04 17:11 - 00000000 ____D C:\Users\fasteddy\AppData\Roaming\NVIDIA
2016-01-04 16:11 - 2016-01-04 16:11 - 00012064 _____ C:\Users\fasteddy\Downloads\undefined (5).csv
2016-01-04 15:33 - 2016-01-04 15:36 - 01765888 _____ C:\Users\fasteddy\Downloads\V1 XLS.xls
2016-01-04 08:53 - 2016-01-04 08:53 - 01842688 _____ C:\Users\fasteddy\Downloads\14611 xls (1).xls
2016-01-04 07:03 - 2016-01-04 07:03 - 00010988 _____ C:\Users\fasteddy\Downloads\undefined (4).csv
2016-01-03 17:37 - 2016-01-03 17:37 - 00010236 _____ C:\Users\fasteddy\Downloads\Tutorial Race One.csv
2016-01-03 17:18 - 2016-01-03 17:18 - 00000250 _____ C:\Users\fasteddy\Downloads\racesetuptemplate (2).csv
2016-01-03 17:14 - 2016-01-03 17:14 - 00000138 _____ C:\Users\fasteddy\Downloads\testing.csv
2016-01-03 12:08 - 2016-01-03 12:08 - 00009789 _____ C:\Users\fasteddy\Downloads\undefined (3).csv
2016-01-03 08:46 - 2016-01-03 08:46 - 00009708 _____ C:\Users\fasteddy\Downloads\undefined (2).csv
2016-01-02 22:21 - 2016-01-02 22:24 - 00000000 ____D C:\Users\fasteddy\Desktop\Tutorials
2016-01-02 22:20 - 2016-01-02 22:32 - 00000000 ____D C:\Users\fasteddy\Desktop\Tag Encoding
2016-01-02 22:20 - 2016-01-02 22:20 - 00000000 ____D C:\Users\fasteddy\Desktop\Backup Scoring
2016-01-01 14:52 - 2016-01-01 14:52 - 00000000 ____D C:\Users\fasteddy\Desktop\CellScore
2016-01-01 13:04 - 2016-01-01 13:04 - 00034816 _____ C:\Users\fasteddy\Downloads\Out Check BackupSheets.xls
2015-12-31 08:57 - 2015-12-31 08:57 - 01842688 _____ C:\Users\fasteddy\Downloads\14611 xls.xls
2015-12-30 10:12 - 2015-12-30 10:12 - 00000563 _____ C:\Users\fasteddy\Downloads\sprint 2 test_registrations (3).csv
2015-12-29 21:49 - 2015-12-29 21:49 - 00000380 _____ C:\WINDOWS\Tasks\DriverToolkit Autorun.job
2015-12-26 20:22 - 2015-12-26 20:22 - 00001276 _____ C:\Users\fasteddy\Downloads\Christmas Test_registrations.csv
2015-12-26 19:09 - 2015-12-26 19:09 - 00001039 _____ C:\Users\fasteddy\Downloads\sprint 2 test_registrations (2).csv
2015-12-26 18:59 - 2015-12-26 18:59 - 00000529 _____ C:\Users\fasteddy\Downloads\sprint 2 test_registrations (1).csv
2015-12-26 10:55 - 2015-12-26 10:55 - 00000321 _____ C:\Users\fasteddy\Downloads\sprint 2 test_registrations.csv
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-25 18:18 - 2015-08-03 05:51 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-25 18:13 - 2015-08-20 18:08 - 00000928 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-01-25 18:11 - 2015-12-25 10:11 - 00000935 _____ C:\WINDOWS\Tasks\EPSON XP-410 Series Update {5F7EF405-BF52-4425-BE23-A17B718046C4}.job
2016-01-25 18:11 - 2015-12-25 10:11 - 00000749 _____ C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {5F7EF405-BF52-4425-BE23-A17B718046C4}.job
2016-01-25 18:11 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-01-25 09:18 - 2015-08-03 05:51 - 00000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-25 07:50 - 2015-10-30 02:21 - 00000000 ____D C:\WINDOWS\INF
2016-01-25 07:50 - 2015-10-30 01:28 - 00000000 ____D C:\Windows
2016-01-25 07:09 - 2015-08-07 17:14 - 00879220 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-25 07:05 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-25 07:04 - 2015-08-10 08:43 - 00000000 ___RD C:\Users\fasteddy\Dropbox
2016-01-25 07:04 - 2015-08-03 10:47 - 00000000 ____D C:\Users\fasteddy\AppData\Local\Dropbox
2016-01-25 07:03 - 2015-08-03 07:39 - 00000000 ___RD C:\Users\fasteddy\Google Drive
2016-01-25 07:02 - 2015-11-28 08:56 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-25 07:02 - 2015-11-28 08:43 - 00000000 ____D C:\Users\fasteddy
2016-01-25 07:02 - 2015-11-28 08:40 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-25 07:02 - 2015-08-20 18:08 - 00000924 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-01-25 06:11 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-01-24 01:52 - 2015-10-30 02:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-21 03:29 - 2015-08-03 12:38 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-21 03:29 - 2015-08-03 12:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-20 23:57 - 2015-10-30 01:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-01-20 23:56 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-19 20:32 - 2015-08-03 06:26 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-19 20:29 - 2015-10-30 02:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-19 20:28 - 2015-08-03 12:21 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-19 20:23 - 2015-08-03 12:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-19 20:23 - 2015-08-03 12:21 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-19 20:22 - 2015-08-03 07:38 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-01-19 20:21 - 2012-07-26 00:26 - 00000167 _____ C:\WINDOWS\win.ini
2016-01-19 15:31 - 2015-12-25 09:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit
2016-01-19 15:31 - 2015-10-30 01:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-01-19 15:31 - 2015-08-04 20:45 - 00000000 ____D C:\ProgramData\FLEXnet
2016-01-19 15:31 - 2015-08-03 06:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-01-19 15:28 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\registration
2016-01-19 15:27 - 2015-08-03 05:39 - 00000000 ____D C:\Users\fasteddy\AppData\Roaming\Adobe
2016-01-19 15:26 - 2015-08-03 05:50 - 00000000 ____D C:\Users\fasteddy\AppData\Local\Google
2016-01-19 13:32 - 2015-08-07 17:12 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-13 07:23 - 2015-12-05 03:04 - 00001395 _____ C:\Users\fasteddy\Desktop\ca.crt
2016-01-04 17:11 - 2015-08-04 20:11 - 00000000 ____D C:\Users\fasteddy\AppData\Local\Adobe
2016-01-02 20:40 - 2015-10-30 02:26 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-01-02 20:40 - 2015-10-30 02:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-30 10:06 - 2015-11-28 08:36 - 02940984 _____ C:\WINDOWS\system32\FNTCACHE.DAT
 
==================== Files in the root of some directories =======
 
2015-10-23 06:28 - 2015-10-26 19:40 - 0005632 _____ () C:\Users\fasteddy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-19 20:43 - 2015-08-25 07:48 - 0007606 _____ () C:\Users\fasteddy\AppData\Local\Resmon.ResmonCfg
2015-11-28 08:40 - 2015-11-28 08:40 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Some files in TEMP:
====================
C:\Users\fasteddy\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptko3zb.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-01-20 11:16
 
==================== End of FRST.txt ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:18-01-2016
Ran by fasteddy (2016-01-25 18:42:44)
Running from C:\Users\fasteddy\Desktop
Windows 10 Pro (X64) (2015-11-28 14:00:42)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-836043816-1783305695-3436958112-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-836043816-1783305695-3436958112-503 - Limited - Disabled)
fasteddy (S-1-5-21-836043816-1783305695-3436958112-1001 - Administrator - Enabled) => C:\Users\fasteddy
Guest (S-1-5-21-836043816-1783305695-3436958112-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-836043816-1783305695-3436958112-1003 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 15.06 beta (x64) (HKLM\...\7-Zip) (Version: 15.06 - Igor Pavlov)
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.2.443 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.)
Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 4 Master Collection (HKLM-x32\...\Adobe_b2d6abde968e6f277ddbfd501383e02) (Version: 4.0 - Adobe Systems Incorporated)
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 Plugin (HKLM-x32\...\{03DEEAD2-F3B7-45BF-9006-A25D015F00D2}) (Version: 10.0.2.54 - Adobe Systems, Inc.)
Adobe Fonts All x64 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS4 Icon Handler x64 (Version: 6.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe PDF Library Files x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (64 Bit) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Type Support x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (Version: 1.1 - Adobe Systems Incorporated) Hidden
Canon Inkjet Printer Driver Add-On Module (HKLM\...\CANONIJINBOXADDON100) (Version:  - )
Canon MP Drivers (HKLM-x32\...\{58F8C6D9-5B55-486A-A322-4E8D87670031}) (Version:  - )
Canon MP Toolbox 4.1 (HKLM-x32\...\{4669544E-20E4-4E56-8B44-2E6E1200051F}) (Version:  - )
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DriverToolkit version 8.5.0.0 (HKLM-x32\...\{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1) (Version: 8.5.0.0 - Megaify Software)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.35 - Dropbox, Inc.) Hidden
ELOG electronic logbook (remove only) (HKLM-x32\...\ELOG) (Version:  - )
EPSON XP-410 Series Printer Uninstall (HKLM\...\EPSON XP-410 Series) (Version:  - SEIKO EPSON Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.)
Google Drive (HKLM-x32\...\{1C3D2F92-D25E-4D98-B810-3F3B0857BF26}) (Version: 1.26.0707.2863 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
HandBrake 0.10.2 (HKLM-x32\...\HandBrake) (Version: 0.10.2 - )
Intel® Chipset Device Software (x32 Version: 10.0.17 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.2.1000 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4170 - Intel Corporation)
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Standard 2010 (HKLM-x32\...\Office14.STANDARDR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
NVIDIA 3D Vision Driver 358.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.91 - NVIDIA Corporation)
NVIDIA Graphics Driver 358.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.91 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Opera Stable 34.0.2036.39 (HKLM-x32\...\Opera 34.0.2036.39) (Version: 34.0.2036.39 - Opera Software)
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (Version: 5.0 - Adobe Systems Incorporated) Hidden
Pixel Bender Toolkit (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Snagit 12 (HKLM-x32\...\{4FC332FE-CBE3-4AE0-B531-35048FD81912}) (Version: 12.4.1 - TechSmith Corporation)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {05746D53-4205-487D-8904-A3ED81DD7A4D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {2072E332-2B4B-4C49-A4B3-5DB90A9EF68B} - System32\Tasks\EPSON XP-410 Series Update {5F7EF405-BF52-4425-BE23-A17B718046C4} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE [2015-11-18] (SEIKO EPSON CORPORATION)
Task: {2DF38C93-3779-41D5-8EFA-0F5C82730609} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-20] (Dropbox, Inc.)
Task: {42E5D317-C76B-4C30-9691-15A7CCA77BBC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-19] (Microsoft Corporation)
Task: {47649F92-527A-4F96-BE0C-F2F1ABE9AE3B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-03] (Google Inc.)
Task: {48782400-A398-42F1-A9D5-4D910C4CDADB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {59500E84-0E37-4E9F-AB0B-E0E56EAF8062} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {5CA3B810-2004-4C9A-9505-574EF7ED5DD7} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-20] (Dropbox, Inc.)
Task: {75298804-937F-4EC8-8D5C-5699E56B93E2} - System32\Tasks\EPSON XP-410 Series Invitation {5F7EF405-BF52-4425-BE23-A17B718046C4} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE [2015-11-18] (SEIKO EPSON CORPORATION)
Task: {86B304CD-1564-403E-B302-A9B8202E78BB} - System32\Tasks\Opera scheduled Autoupdate 1450279808 => C:\Program Files (x86)\Opera\launcher.exe [2015-12-15] (Opera Software)
Task: {8C35E1DF-8000-4C5E-8431-56A4435A93B6} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {9B203C8A-9E55-4C26-836C-5E0CAA2393CE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {A798F0B0-2AE6-44A2-AD29-72FEEFE0BA45} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {AD845EA6-E588-4D2E-A500-342F310DF5E7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {B164309D-4E87-4332-A489-D728DD25C3D1} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {B286E23F-7FA4-40FD-916A-A8CE74D90CAE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-03] (Google Inc.)
Task: {BFFCD5C0-AF1B-4EDC-9C29-42DB52591106} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {C0B5D09E-370F-47C5-BA9F-7736BA25AC45} - System32\Tasks\TechSmith Updater => C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [2015-08-11] (TechSmith Corporation)
Task: {C24E9F65-B7FB-4492-85EA-8E38F0237128} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {FAD5E7B5-8E83-48E6-B012-B7286533DBC0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {5F7EF405-BF52-4425-BE23-A17B718046C4}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-410 Series Update {5F7EF405-BF52-4425-BE23-A17B718046C4}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE:/EXE:{5F7EF405-BF52-4425-BE23-A17B718046C4} /F:UpdateWORKGROUP\PC64BIT$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-10-30 02:18 - 2015-10-30 02:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-11-28 08:40 - 2015-11-05 10:08 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-11-28 08:40 - 2014-01-27 22:16 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2015-08-05 05:08 - 2015-08-05 05:08 - 01673728 _____ () C:\Program Files (x86)\ELOG\elogd.exe
2015-12-03 16:21 - 2015-11-22 05:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-01-24 01:52 - 2016-01-24 01:52 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-03 16:21 - 2015-11-22 05:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-12-18 09:33 - 2015-12-06 23:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-18 09:33 - 2015-12-06 23:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-18 09:33 - 2015-12-06 23:00 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2016-01-19 20:20 - 2016-01-04 20:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-19 20:20 - 2016-01-04 20:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-19 20:20 - 2016-01-04 20:24 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-19 20:20 - 2016-01-04 20:26 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-01-19 20:20 - 2016-01-04 20:24 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2015-12-09 20:52 - 2015-12-09 21:02 - 00012800 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2015-12-09 20:52 - 2015-12-09 21:02 - 11542016 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2015-11-19 12:30 - 2015-11-19 12:36 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2015-11-28 08:40 - 2016-01-25 07:02 - 00035472 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2015-11-28 08:40 - 2014-01-27 22:16 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2016-01-24 01:52 - 2016-01-24 01:52 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-24 01:52 - 2016-01-24 01:52 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2014-10-28 09:38 - 2014-10-28 09:38 - 02099200 _____ () C:\Program Files (x86)\TechSmith\Snagit 12\opencv_core249.dll
2014-10-28 09:38 - 2014-10-28 09:38 - 01914368 _____ () C:\Program Files (x86)\TechSmith\Snagit 12\opencv_imgproc249.dll
2016-01-19 13:32 - 2016-01-12 11:35 - 01590088 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libglesv2.dll
2016-01-19 13:32 - 2016-01-12 11:35 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libegl.dll
2016-01-25 07:03 - 2016-01-25 07:03 - 00098816 _____ () C:\Users\fasteddy\AppData\Local\Temp\_MEI53202\win32api.pyd
2016-01-25 07:03 - 2016-01-25 07:03 - 00110080 _____ () C:\Users\fasteddy\AppData\Local\Temp\_MEI53202\pywintypes27.dll
2016-01-25 07:03 - 2016-01-25 07:03 - 00364544 _____ () C:\Users\fasteddy\AppData\Local\Temp\_MEI53202\pythoncom27.dll
2016-01-25 07:03 - 2016-01-25 07:03 - 00046080 _____ () C:\Users\fasteddy\AppData\Local\Temp\_MEI53202\_socket.pyd
2016-01-25 07:03 - 2016-01-25 07:03 - 01208320 _____ () C:\Users\fasteddy\AppData\Local\Temp\_MEI53202\_ssl.pyd
2016-01-25 07:03 - 2016-01-25 07:03 - 00320512 _____ () C:\Users\fasteddy\AppData\Local\Temp\_MEI53202\win32com.shell.shell.pyd
2016-01-25 07:03 - 2016-01-25 07:03 - 00776704 _____ () C:\Users\fasteddy\AppData\Local\Temp\_MEI53202\_hashlib.pyd
2016-01-25 07:03 - 2016-01-25 07:03 - 01176576 _____ () C:\Users\fasteddy\AppData\Local\Temp\_MEI53202\wx._core_.pyd
2016-01-25 07:03 - 2016-01-25 07:03 - 00806400 _____ () C:\Users\fasteddy\AppData\Local\Temp\_MEI53202\wx._gdi_.pyd
2016-01-25 07:03 - 2016-01-25 07:03 - 00816128 _____ () C:\Users\fasteddy\AppData\Local\Temp\_MEI53202\wx._windows_.pyd
2016-01-25 07:03 - 2016-01-25 07:03 - 01067008 _____ () C:\Users\fasteddy\AppData\Local\Temp\_MEI53202\wx._controls_.pyd
2016-01-25 07:03 - 2016-01-25 07:03 - 00733184 _____ () C:\Users\fasteddy\AppData\Local\Temp\_MEI53202\wx._misc_.pyd
2016-01-25 07:03 - 2016-01-25 07:03 - 00682496 _____ () C:\Users\fasteddy\AppData\Local\Temp\_MEI53202\pysqlite2._sqlite.pyd
2016-01-25 07:03 - 2016-01-25 07:03 - 00088064 _____ () C:\Users\fasteddy\AppData\Local\Temp\_MEI53202\_ctypes.pyd
2016-01-25 07:03 - 2016-01-25 07:03 - 00119808 _____ () C:\Users\fasteddy\AppData\Local\Temp\_MEI53202\win32file.pyd
2016-01-25 07:03 - 2016-01-25 07:03 - 00108544 _____ () C:\Users\fasteddy\AppData\Local\Temp\_MEI53202\win32security.pyd
2016-01-25 07:03 - 2016-01-25 07:03 - 00007168 _____ () C:\Users\fasteddy\AppData\Local\Temp\_MEI53202\hashobjs_ext.pyd
2016-01-25 07:03 - 2016-01-25 07:03 - 00017920 _____ () C:\Users\fasteddy\AppData\Local\Temp\_MEI53202\thumbnails_ext.pyd
2016-01-25 07:03 - 2016-01-25 07:03 - 00079360 _____ () C:\Users\fasteddy\AppData\Local\Temp\_MEI53202\usb_ext.pyd
2016-01-25 07:03 - 2016-01-25 07:03 - 00167936 _____ () C:\Users\fasteddy\AppData\Local\Temp\_MEI53202\win32gui.pyd
2016-01-25 07:03 - 2016-01-25 07:03 - 00018432 _____ () C:\Users\fasteddy\AppData\Local\Temp\_MEI53202\win32event.pyd
2016-01-25 07:03 - 2016-01-25 07:03 - 00128512 _____ () C:\Users\fasteddy\AppData\Local\Temp\_MEI53202\_elementtree.pyd
2016-01-25 07:03 - 2016-01-25 07:03 - 00127488 _____ () C:\Users\fasteddy\AppData\Local\Temp\_MEI53202\pyexpat.pyd
2016-01-25 07:03 - 2016-01-25 07:03 - 00013824 _____ () C:\Users\fasteddy\AppData\Local\Temp\_MEI53202\common.time34.pyd
2016-01-25 07:03 - 2016-01-25 07:03 - 00036864 _____ () C:\Users\fasteddy\AppData\Local\Temp\_MEI53202\_psutil_windows.pyd
2016-01-25 07:03 - 2016-01-25 07:03 - 00038912 _____ () C:\Users\fasteddy\AppData\Local\Temp\_MEI53202\win32inet.pyd
2016-01-25 07:03 - 2016-01-25 07:03 - 00525640 _____ () C:\Users\fasteddy\AppData\Local\Temp\_MEI53202\windows._lib_cacheinvalidation.pyd
2016-01-25 07:03 - 2016-01-25 07:03 - 00011264 _____ () C:\Users\fasteddy\AppData\Local\Temp\_MEI53202\win32crypt.pyd
2016-01-25 07:03 - 2016-01-25 07:03 - 00077312 _____ () C:\Users\fasteddy\AppData\Local\Temp\_MEI53202\wx._html2.pyd
2016-01-25 07:03 - 2016-01-25 07:03 - 00027136 _____ () C:\Users\fasteddy\AppData\Local\Temp\_MEI53202\_multiprocessing.pyd
2016-01-25 07:03 - 2016-01-25 07:03 - 00020480 _____ () C:\Users\fasteddy\AppData\Local\Temp\_MEI53202\_yappi.pyd
2016-01-25 07:03 - 2016-01-25 07:03 - 00035840 _____ () C:\Users\fasteddy\AppData\Local\Temp\_MEI53202\win32process.pyd
2016-01-25 07:03 - 2016-01-25 07:03 - 00686080 _____ () C:\Users\fasteddy\AppData\Local\Temp\_MEI53202\unicodedata.pyd
2016-01-25 07:03 - 2016-01-25 07:03 - 00123392 _____ () C:\Users\fasteddy\AppData\Local\Temp\_MEI53202\wx._wizard.pyd
2016-01-25 07:03 - 2016-01-25 07:03 - 00024064 _____ () C:\Users\fasteddy\AppData\Local\Temp\_MEI53202\win32pipe.pyd
2016-01-25 07:03 - 2016-01-25 07:03 - 00010240 _____ () C:\Users\fasteddy\AppData\Local\Temp\_MEI53202\select.pyd
2016-01-25 07:03 - 2016-01-25 07:03 - 00025600 _____ () C:\Users\fasteddy\AppData\Local\Temp\_MEI53202\win32pdh.pyd
2016-01-25 07:03 - 2016-01-25 07:03 - 00017408 _____ () C:\Users\fasteddy\AppData\Local\Temp\_MEI53202\win32profile.pyd
2016-01-25 07:03 - 2016-01-25 07:03 - 00022528 _____ () C:\Users\fasteddy\AppData\Local\Temp\_MEI53202\win32ts.pyd
2016-01-25 07:03 - 2016-01-25 07:03 - 00078848 _____ () C:\Users\fasteddy\AppData\Local\Temp\_MEI53202\wx._animate.pyd
2015-12-11 10:27 - 2015-10-30 19:59 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2015-12-11 10:27 - 2015-10-30 20:00 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2015-12-11 10:27 - 2015-12-08 16:36 - 00022848 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Random.OSRNG.winrandom.pyd
2015-12-11 10:27 - 2015-12-08 16:36 - 00023352 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Util._counter.pyd
2015-12-11 10:27 - 2015-12-08 16:36 - 00042296 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Cipher._AES.pyd
2015-12-11 10:27 - 2015-10-30 19:59 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2015-12-11 10:27 - 2015-10-30 19:59 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2015-12-11 10:27 - 2015-10-30 19:59 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2015-12-11 10:27 - 2015-12-08 16:36 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2015-12-11 10:27 - 2015-10-30 20:00 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2015-12-11 10:27 - 2015-10-30 19:59 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2015-12-11 10:27 - 2015-12-08 16:36 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2015-12-11 10:27 - 2015-10-30 19:59 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2015-12-11 10:27 - 2015-12-08 16:36 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2015-12-11 10:27 - 2015-10-30 20:00 - 00109520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2015-12-11 10:27 - 2015-12-08 16:36 - 01737032 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2015-12-11 10:27 - 2015-12-08 16:36 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2015-12-11 10:27 - 2015-12-08 16:36 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-11 10:27 - 2015-12-08 16:36 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2015-12-11 10:27 - 2015-12-08 16:36 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2015-12-11 10:27 - 2015-10-30 20:00 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2015-12-11 10:27 - 2015-10-30 20:00 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2015-12-11 10:27 - 2015-10-30 20:00 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2015-12-11 10:27 - 2015-12-08 16:36 - 00021320 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd
2015-12-11 10:27 - 2015-10-30 20:00 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2015-12-11 10:27 - 2015-10-30 20:00 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2015-12-11 10:27 - 2015-10-30 20:00 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2015-12-11 10:27 - 2015-10-30 20:00 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2015-12-11 10:27 - 2015-10-30 20:00 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2015-12-11 10:27 - 2015-10-30 20:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2015-12-11 10:27 - 2015-10-30 20:00 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2015-12-11 10:27 - 2015-12-08 16:36 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2015-12-11 10:27 - 2015-10-30 20:00 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2015-12-11 10:27 - 2015-10-30 20:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2015-12-11 10:27 - 2015-12-08 16:36 - 00117056 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2015-12-11 10:27 - 2015-12-08 16:36 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2015-10-02 08:15 - 2015-11-04 19:04 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2015-12-11 10:27 - 2015-12-08 16:36 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-11 10:27 - 2015-10-30 19:59 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2015-12-11 10:27 - 2015-10-30 19:59 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2015-12-11 10:27 - 2015-10-30 20:00 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
2015-12-11 10:27 - 2015-12-08 16:36 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2015-12-11 10:27 - 2015-12-08 16:36 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2015-12-11 10:27 - 2015-12-08 16:36 - 00021304 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Util.strxor.pyd
2015-12-11 10:27 - 2015-10-30 20:00 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2015-12-11 10:27 - 2015-12-08 16:36 - 00084792 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2015-12-11 10:27 - 2015-12-08 16:36 - 01826608 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2015-12-11 10:27 - 2015-10-30 20:00 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2015-12-11 10:27 - 2015-12-08 16:36 - 03891504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2015-12-11 10:27 - 2015-12-08 16:36 - 01950000 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2015-12-11 10:27 - 2015-12-08 16:36 - 00519984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2015-12-11 10:27 - 2015-12-08 16:36 - 00133936 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2015-12-11 10:27 - 2015-12-08 16:36 - 00225080 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2015-12-11 10:27 - 2015-12-08 16:36 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2015-12-11 10:27 - 2015-12-08 16:36 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-12-11 10:27 - 2015-12-08 16:36 - 00486704 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2015-12-11 10:27 - 2015-12-08 16:36 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2015-08-20 18:14 - 2015-10-30 20:01 - 00019920 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-08-20 18:14 - 2015-10-30 20:00 - 00786904 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-08-20 18:14 - 2015-10-30 20:00 - 00063448 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-08-20 18:14 - 2015-10-30 20:00 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll
2014-04-29 18:23 - 2014-04-29 18:23 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2012-07-26 00:26 - 2015-08-04 20:43 - 00000857 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
127.0.0.1 activate.adobe.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-836043816-1783305695-3436958112-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 208.67.222.222 - 208.67.220.220
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-836043816-1783305695-3436958112-1001\...\StartupApproved\Run: => "OneDrive"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{C566CE95-815C-45B7-95FC-B6D01CE8F232}] => (Allow) LPort=1900
FirewallRules: [{07613A02-910F-4D21-93F6-663F8F8F0DB0}] => (Allow) LPort=2869
FirewallRules: [{94E82D0F-49A9-4365-80C4-40F279FFCD83}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C3A7CD78-C478-4DBA-9542-6EE518335E0C}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
FirewallRules: [{F805379C-0542-490C-ABE5-C0D537CFF37D}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
FirewallRules: [{11D9E645-9536-4118-9212-8D48A2A55FCB}] => (Allow) LPort=51001
FirewallRules: [{306FEDF3-5F72-4573-88AB-FEE813060EE5}] => (Allow) LPort=51000
FirewallRules: [{C364A21F-6761-40C1-8BD7-9479923C5334}] => (Allow) LPort=3704
FirewallRules: [{FA49A2A0-8896-420B-8A89-89A6AC1FC5C1}] => (Allow) LPort=3703
FirewallRules: [{F5F1D762-3813-4D25-857B-2F8B76E6EC26}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{ECAF78AF-FA1B-42A1-9330-E57662456351}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{DF9F143D-C826-4248-86CB-46487DCA5AF8}] => (Allow) LPort=5353
FirewallRules: [{D2752A54-6C1A-4619-998C-8605677C1ABB}] => (Allow) LPort=8298
FirewallRules: [{A037583F-162A-4D04-9986-01A872651EB0}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{B27EDF9D-AD91-46CF-80C7-47D95CF941EF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
15-01-2016 10:21:32 Scheduled Checkpoint
19-01-2016 13:47:12 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
19-01-2016 13:47:41 Installed DirectX
 
==================== Faulty Device Manager Devices =============
 
Name: MP730
Description: MP730
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: USB Scanner Device
Description: USB Scanner Device
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbscan
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/25/2016 06:48:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ShellExperienceHost.exe, version: 10.0.10586.35, time stamp: 0x566505bc
Faulting module name: QuickActions.dll, version: 0.0.0.0, time stamp: 0x56650458
Exception code: 0xc0000005
Fault offset: 0x0000000000001931
Faulting process id: 0x614
Faulting application start time: 0xShellExperienceHost.exe0
Faulting application path: ShellExperienceHost.exe1
Faulting module path: ShellExperienceHost.exe2
Report Id: ShellExperienceHost.exe3
Faulting package full name: ShellExperienceHost.exe4
Faulting package-relative application ID: ShellExperienceHost.exe5
 
Error: (01/19/2016 01:47:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (01/19/2016 01:47:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (01/19/2016 11:17:50 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1772) SRUJet: Error -1811 (0xfffff8ed) occurred while opening logfile C:\WINDOWS\system32\SRU\SRU001E3.log.
 
Error: (01/17/2016 07:24:14 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
 
Error: (01/15/2016 10:21:41 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (01/15/2016 09:54:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: googledrivesync.exe, version: 1.26.707.2863, time stamp: 0x509418e4
Faulting module name: pyexpat.pyd, version: 0.0.0.0, time stamp: 0x55b99e69
Exception code: 0xc0000005
Fault offset: 0x00011160
Faulting process id: 0xe00
Faulting application start time: 0xgoogledrivesync.exe0
Faulting application path: googledrivesync.exe1
Faulting module path: googledrivesync.exe2
Report Id: googledrivesync.exe3
Faulting package full name: googledrivesync.exe4
Faulting package-relative application ID: googledrivesync.exe5
 
Error: (01/12/2016 10:22:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ASSetWiz.exe, version: 3.4.0.6, time stamp: 0x4c5761ec
Faulting module name: ASSetWiz.exe, version: 3.4.0.6, time stamp: 0x4c5761ec
Exception code: 0x40000015
Fault offset: 0x0006eb54
Faulting process id: 0x2240
Faulting application start time: 0xASSetWiz.exe0
Faulting application path: ASSetWiz.exe1
Faulting module path: ASSetWiz.exe2
Report Id: ASSetWiz.exe3
Faulting package full name: ASSetWiz.exe4
Faulting package-relative application ID: ASSetWiz.exe5
 
Error: (01/12/2016 11:23:42 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
 
Error: (01/10/2016 10:28:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC64Bit)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
 
System errors:
=============
Error: (01/25/2016 07:02:12 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 6:59:18 AM on ‎1/‎25/‎2016 was unexpected.
 
Error: (01/23/2016 08:27:45 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (01/23/2016 06:07:40 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (01/23/2016 04:26:09 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer PLAYBOOK-A25D
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{242734FE-2F77-46F2-949D-38FF08E2301A}.
The master browser is stopping or an election is being forced.
 
Error: (01/22/2016 07:23:56 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (01/22/2016 06:14:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (01/22/2016 04:43:45 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (01/22/2016 03:11:33 PM) (Source: DCOM) (EventID: 10016) (User: PC64Bit)
Description: application-specificLocalActivation{9E175B6D-F52A-11D8-B9A5-505054503030}{9E175B9C-F52A-11D8-B9A5-505054503030}PC64BitfasteddyS-1-5-21-836043816-1783305695-3436958112-1001LocalHost (Using LRPC)Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbweS-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194
 
Error: (01/22/2016 03:11:27 PM) (Source: DCOM) (EventID: 10016) (User: PC64Bit)
Description: application-specificLocalActivation{9E175B6D-F52A-11D8-B9A5-505054503030}{9E175B9C-F52A-11D8-B9A5-505054503030}PC64BitfasteddyS-1-5-21-836043816-1783305695-3436958112-1001LocalHost (Using LRPC)Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbweS-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194-4256926629-1688279915-2739229046-3928706915
 
Error: (01/22/2016 03:11:22 PM) (Source: DCOM) (EventID: 10016) (User: PC64Bit)
Description: application-specificLocalActivation{9E175B6D-F52A-11D8-B9A5-505054503030}{9E175B9C-F52A-11D8-B9A5-505054503030}PC64BitfasteddyS-1-5-21-836043816-1783305695-3436958112-1001LocalHost (Using LRPC)Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbweS-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194-2385269614-3243675-834220592-3047885450
 
 
CodeIntegrity:
===================================
  Date: 2016-01-25 14:21:04.800
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-01-25 14:21:04.791
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-01-25 14:21:04.779
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-01-25 14:21:04.762
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-01-25 10:24:27.045
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-01-25 07:10:20.307
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-01-25 07:10:20.273
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-01-25 06:18:34.065
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-01-25 06:18:33.250
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-01-25 06:18:33.219
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-4590 CPU @ 3.30GHz
Percentage of memory in use: 33%
Total physical RAM: 8135.18 MB
Available physical RAM: 5442.39 MB
Total Virtual: 9415.18 MB
Available Virtual: 6081.5 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:595.73 GB) (Free:493.5 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:465.76 GB) (Free:223.15 GB) NTFS
Drive e: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: () (Fixed) (Total:931.41 GB) (Free:94.31 GB) NTFS ==>[system with boot components (obtained from drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: F5ECA731)
Partition 1: (Active) - (Size=595.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
 
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 000ABC80)
Partition 1: (Not Active) - (Size=243 MB) - (Type=83)
Partition 2: (Not Active) - (Size=931.3 GB) - (Type=05)
 
========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: D8161B65)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
 
========================================================
Disk: 3 (Size: 931.5 GB) (Disk ID: 5FDE460F)
Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================


#9 fasteddyktm

fasteddyktm
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:04:14 AM

Posted 26 January 2016 - 04:10 PM

Just a note, I now cannot get into my Gmail account on this PC, am able to on all other devices..   :(

 

Ed..



#10 Bezukhov

Bezukhov

    Bleepin' Jazz Fan!


  • Members
  • 2,720 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Providence, R.I.
  • Local time:05:14 AM

Posted 26 January 2016 - 05:37 PM

Great to hear that you can use Paypal again. :thumbup2:
Sorry about the Gmail. :(
Were you able to use it at any point after you deleted Hola?

From your last log I noticed that your Firewall is still disabled. Did you encounter any problems with the steps I gave in my last post? Let me know.

In the meantime a couple of more tasks.

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.
Next:

Download attached txt.gif fixlist.txt 83bytes 2 downloads file and save it to the Desktop.

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

Last

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • The tool will start to update the database, please wait a bit.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[C#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
Any questions? Just ask. And let me know how your computer is running after any instructions are finished.
To err is Human. To blame it on someone else is even more Human.

#11 fasteddyktm

fasteddyktm
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:04:14 AM

Posted 26 January 2016 - 05:43 PM

Do you want me to enable firewall??  yesterday I took it mean you wanted me to toogle from the state it was in to another, I had it enabled and then unenabled it before running the scan.

 

Ed..



#12 fasteddyktm

fasteddyktm
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:04:14 AM

Posted 26 January 2016 - 06:42 PM

Enabled the firewall before running the scan, Gmail stopped work right after I removed Hola..
 
I cannot download filelist.yxt file as the forum says I do not have permission to do so??
 
 I've attached all I can do for now??? 
 
 
 
 
Farbar Service Scanner Version: 03-01-2016
Ran by fasteddy (administrator) on 26-01-2016 at 17:47:22
Running from "C:\Users\fasteddy\Desktop"
Microsoft Windows 10 Pro  (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is unreachable
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
 
 
System Restore:
============
 
System Restore Policy: 
========================
 
 
Security Center:
============
 
 
Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is set to Demand. The default start type is Auto.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.
 
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
 
 
**** End of log ****


#13 Bezukhov

Bezukhov

    Bleepin' Jazz Fan!


  • Members
  • 2,720 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Providence, R.I.
  • Local time:05:14 AM

Posted 27 January 2016 - 11:39 AM

Try these steps instead of downloading the attachment:
  • Open Notepad: Right click on the Start Button--> Click Run--> Type Notepad in the Search box.
  • Copy what's in the box below:
2016-01-17 19:24 - 2016-01-19 14:13 - 00000000 ____D C:\Program Files (x86)\SopCast
Reg: reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile /v EnableFirewall /t REG_DWORD /d 00000001 /f
  • Paste it into the Notepad Window
  • Save it as fixlist.txt
  • Then follow the rest of the steps here
  • Note: It's important that both files, FRST64.exe and fixlist.txt are in the same location or the fix will not work
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Run FRST64.exe and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply
Please run Farbar Service Scanner again
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.
If you run into any more difficulties with the steps above, don't worry. Do go ahead and run this:

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database, please wait a bit.
  • Click on I agree button.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button...a logfile (AdwCleaner[S#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
Let me know if there's any improvement, or any problems, and how your computer is running.
To err is Human. To blame it on someone else is even more Human.

#14 fasteddyktm

fasteddyktm
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:04:14 AM

Posted 27 January 2016 - 12:31 PM

 
  Things are running OK, for some reason I can access gmail again but at Google hangouts doe not want to open. I'm starting to think that something is turning off my firewalls, I will try to pay more attention to that..
 
 Also having a hard time posting these replies have to try numerous time to get it to go???
 
 
 
Fix result of Farbar Recovery Scan Tool (x64) Version:18-01-2016
Ran by fasteddy (2016-01-27 11:49:33) Run:1
Running from C:\Users\fasteddy\Desktop
Loaded Profiles: fasteddy (Available Profiles: fasteddy)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
2016-01-17 19:24 - 2016-01-19 14:13 - 00000000 ____D C:\Program Files (x86)\SopCast
Reg: reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile /v EnableFirewall /t REG_DWORD /d 00000001 /f
*****************
 
C:\Program Files (x86)\SopCast => moved successfully
 
========= reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile /v EnableFirewall /t REG_DWORD /d 00000001 /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
==== End of Fixlog 11:49:33 ====
 
 
 
Farbar Service Scanner Version: 03-01-2016
Ran by fasteddy (administrator) on 27-01-2016 at 11:50:57
Running from "C:\Users\fasteddy\Desktop"
Microsoft Windows 10 Pro  (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is unreachable
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Policy: 
========================
 
 
Security Center:
============
 
 
Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is set to Demand. The default start type is Auto.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.
 
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
 
 
**** End of log ****
 
 
 
# AdwCleaner v5.031 - Logfile created 27/01/2016 at 11:51:56
# Updated 25/01/2016 by Xplode
# Database : 2016-01-25.3 [Server]
# Operating system : Windows 10 Pro  (x64)
# Username : fasteddy - PC64BIT
# Running from : C:\Users\fasteddy\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
Folder Found : C:\_acestream_cache_
Folder Found : C:\Program Files (x86)\DriverToolkit
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit
Folder Found : C:\Users\fasteddy\AppData\Local\DriverToolkit
Folder Found : C:\Users\fasteddy\AppData\Roaming\.acestream
 
***** [ Files ] *****
 
 
***** [ DLL ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\DriverToolkit
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1
 
***** [ Web browsers ] *****
 
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1015 bytes] ##########
 


#15 Bezukhov

Bezukhov

    Bleepin' Jazz Fan!


  • Members
  • 2,720 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Providence, R.I.
  • Local time:05:14 AM

Posted 28 January 2016 - 09:30 AM

For some good news your Firewall is up and running.

1) I was thinking about the trouble you had trying to download that attached file, and the explanation for that may just have been that you were not logged in when you tried.

2) Updates to your computer are not set to install automatically. This is a security issue, best to let Windows update automatically. I need to know if this was a conscious decision on your part.

3) AdwCleaner flagged a program on your computer called "Driver Toolkit". I can remove it for you if you so desire, unless this program is something you know about and need.

In the mean time I need you to run this fix:
  • Open Notepad: Right click on the Start Button--> Click Run--> Type Notepad in the Search box.
  • Copy what's in the box below:
2016-01-17 19:27 - 2016-01-19 14:13 - 00000000 ____D C:\Users\fasteddy\AppData\Roaming\.ACEStream
2016-01-17 19:27 - 2016-01-17 19:35 - 00000000 ___HD C:\_acestream_cache_
Reg: reg query HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
Reg: reg query HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile /s
CMD: ipconfig /flushdns
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ip reset
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
CMD: netsh winsock reset
  • Paste it into the Notepad Window
  • Save it as fixlist.txt
  • Then follow the rest of the steps here
  • Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Run FRST64.exe and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply
Next up:

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Report IE Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List Installed Programs
  • List Devices
Click Go and post the result (MTB.txt). A copy of MTB.txt will be saved in the same directory the tool is run.

In your response please let me know about "Driver Toolkit and your "Update" status and post the contents of Fixlog.txt and MTB.txt. Don't hesitate to inform me of any questions you have, and let me know how your computer is doing.
To err is Human. To blame it on someone else is even more Human.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users