Jump to content

satclark99

Members
  • Posts

    62
  • Joined

  • Last visited

Reputation

0 Neutral
  1. FRST.txt and Addition.txt (too long) attached. Thank you. Addition.txt FRST.txt
  2. JavaRa 1.16 Removal Log.Report follows after line.------------------------------------The JavaRa removal process was started on Tue Jun 02 08:42:36 2015 Found and removed: Software\Classes\JavaPlugin.160_29Found and removed: SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}Found and removed: SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-DEC7-0000-0001-ABCDEFFEDCBA}Found and removed: SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}Found and removed: SOFTWARE\Classes\Installer\Features\F60730A4A66673047777F5728467D401Found and removed: SOFTWARE\Classes\Installer\Products\F60730A4A66673047777F5728467D401Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\A5CCAAC40F5B69B47777ACF82566467CFound and removed: SOFTWARE\Classes\MIME\Database\Content Type\application/java-deployment-toolkitFound and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.7.0.0Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper ObjectsFound and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}Found and removed: SOFTWARE\JavaSoftFound and removed: SOFTWARE\JreMetrics------------------------------------Finished reporting. ----------------------------------- Results of screen317's Security Check version 1.002 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! avast! Antivirus Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Adobe Flash Player 17.0.0.188 Adobe Reader XI Mozilla Firefox (38.0.1) Google Chrome (43.0.2357.65) Google Chrome (43.0.2357.81) ````````Process Check: objlist.exe by Laurent```````` Norton ccSvcHst.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamscheduler.exe AVAST Software Avast AvastSvc.exe AVAST Software Avast afwServ.exe AVAST Software Avast avastui.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 0% ````````````````````End of Log``````````````````````
  3. Hi. My computer is still freezing up. I checked my Task Manager and it runs around CPU 83% and Memory 91% when it freezes up for about 15 minutes or so, and then drops back down to between 20-25% for both. There were some strange processes that I didn't recognize this morning when I checked. I remember one with a person's name in it, but when I went back in to make a note of them, they'd disappeared.)
  4. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 6.8.4 (05.29.2015:1)OS: Windows 7 Home Premium x64Ran by owner on Sat 05/30/2015 at 7:19:10.65~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Tasks ~~~ Registry Values Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_BFB1AAC9AD5759BCC5B883652DF33E69 ~~~ Registry Keys ~~~ Files Successfully deleted: [File] C:\windows\prefetch\GOOGLETOOLBARNOTIFIER.EXE-7AE0A20E.pfSuccessfully deleted: [File] C:\Users\owner\appdata\local\google\chrome\user data\default\local storage\https_static.olark.com_0.localstorageSuccessfully deleted: [File] C:\Users\owner\appdata\local\google\chrome\user data\default\local storage\https_static.olark.com_0.localstorage-journal ~~~ Folders Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{04185D59-7E35-4C3A-B821-CD13C322A82D}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{0829BD6B-45DD-454A-95EA-45604BC7DCF1}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{10A9ABFB-0A81-4279-9E6B-1C9D60AD98BC}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{169FEC7C-5EF5-4C41-AAF7-9DC6D3DFC7FE}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{1D60784D-1D00-41AF-B120-EA7749A9C8A8}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{205560D5-7DD6-4A0F-BCA1-F0A1B3EFF31E}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{22A41300-35E5-487B-8823-281F556079C4}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{298D69B6-A625-450D-B325-A5CDB0D5E67A}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{299EC27F-68BF-4B2C-95E6-F618668E65F1}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{2E157B4C-A4CC-4402-9975-242314F5FDE5}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{37349C58-5208-4655-9FB3-6B0B10CF9A72}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{3BBF2B9B-2372-4329-9E01-9DB04C0D027A}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{3CB488FE-75A5-4C02-B89F-524CF72910F5}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{462E082F-1254-4D2D-A886-010EA8DB0733}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{46B8A14D-671A-4A78-9F96-F3F80EE22699}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{48E726A5-1DA1-4BFB-8E8B-1D0E52D34381}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{4CA661E7-61D6-4B7A-B0DB-A7E9C40DB899}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{4F1E2A43-4B07-4E19-9650-D955A02E5619}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{51D9708C-24CD-4A03-A2E7-3C00E134E706}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{65B79364-EF6C-4597-B9AA-622BA49C9CAB}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{667D5B1B-D05F-49F5-921A-021BB92188E7}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{6D1CB3D2-9A48-41AE-9359-359CC7136941}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{744003A2-1B19-4678-A842-7D43DD1F327A}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{7D727BDE-3141-4629-BED0-A8903E5C1E73}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{80453EC0-B099-4BE6-881C-CE582FFF6BD0}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{80B1F209-AAD8-42B6-8F9B-6973CD78C67C}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{85698EF4-DB7E-473E-AAAD-318035C26C39}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{8A39516D-0346-4336-B18D-18A3072AA03D}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{8A396F1B-6401-49B4-BB12-7EEBD944417A}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{8E8B1288-5109-4099-B09A-76EFF8026958}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{9594ED00-DE4A-4A9C-9233-CD53246E598D}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{96BB7503-7B6B-493C-B4C0-5E633CA436FF}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{9732C701-072B-4040-A35A-38600DCBD89B}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{97CA0FF4-2C4E-4805-8155-BB65ACF4CDDC}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{98BC5B93-9F5D-408B-BD2A-D82C78C44BD8}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{99041A79-FA86-4A10-8896-D07614B4F19B}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{9AC0D1A3-F505-45B0-B94C-965C0631CFC4}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{9D5DEC6D-FBCA-43E1-875F-995D0885F5D8}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{9FD7067A-A9E7-4077-8B84-21300907690B}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{9FDDAEE0-73B9-428E-A270-70C81EC14626}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{AEFF0B5F-A87D-4FF7-9FBE-3B9DE03CBC71}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{AF782E85-8730-4C8E-9393-F392552BE86B}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{B04C8801-B87E-4C60-8BDC-BDECE0D34D52}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{B2B42623-43B5-4CC9-93C0-3C6BD8C00561}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{B3707ED0-D3E5-4FA6-A6F5-16C1863081DE}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{B3FB741E-67C1-4728-B326-5F4A3DA43664}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{B575FDC0-7005-46F1-9623-2EC4AE7E91E7}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{B5D3E6BD-D461-4408-9DA4-76E49A87D3E0}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{BA992444-2C60-477A-A06A-02BB763EB5C7}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{BB9DFBB0-3405-4639-8012-F66B80864F7F}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{C2BE6907-5A69-4482-AA4D-C5F29EF8D264}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{C3C1D3E3-AFB1-47FF-B9F3-F23456414A5A}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{CB81E52B-88AD-4088-9A2F-AEDC01845A0A}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{D00E4723-85A8-4FA8-A62B-6894427973CA}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{D0FAD02E-BCD3-4A9E-805E-0AF2F321DEB3}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{D2A5FFDE-7AE8-4440-B963-13774E0C8FB1}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{D895FE49-A957-4D64-B1B2-D65835734E58}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{E06DFE62-A549-4783-AF6B-F0424B9647F8}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{E2D80C22-D7D3-4CF8-BD17-C7B8597AE2B2}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{E68A59E4-9CEB-4560-A37C-18E552F8D2B3}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{EADCCBA7-89BB-4738-8DD4-5F460301D419}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{ED4B4251-7353-4E74-8636-C97F0147863F}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{F4CBE290-16F8-4622-AD56-749D06D7EC21}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{F765329B-8383-4E58-98DE-4278DD23303B}Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{FD035B81-C34E-4DAB-A40C-A67DE2B27338}Successfully deleted: [Folder] C:\ProgramData\esellerate ~~~ FireFox Emptied folder: C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\bz230fxo.default-1414070530532\minidumps [8 files] ~~~ Chrome [C:\Users\owner\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset [C:\Users\owner\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted: [C:\Users\owner\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset [C:\Users\owner\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:[] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Sat 05/30/2015 at 7:27:37.82End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ----------------------------------------------------------------# AdwCleaner v4.205 - Logfile created 30/05/2015 at 09:18:03# Updated 21/05/2015 by Xplode# Database : 2015-05-25.3 [server]# Operating system : Windows 7 Home Premium Service Pack 1 (x64)# Username : owner - HHGREGG-PC# Running from : C:\Users\owner\Desktop\AdwCleaner.exe# Option : Cleaning ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigckFolder Deleted : C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen[/!\] Not Deleted ( Junction ) : C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigckFile Deleted : C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eofcbnmajmjmplflapaojjnihcjkigck_0.localstorageFile Deleted : C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eofcbnmajmjmplflapaojjnihcjkigck_0.localstorage-journalFile Deleted : C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kbfnbcaeplbcioakkpcpgfkobkghlhen_0.localstorageFile Deleted : C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kbfnbcaeplbcioakkpcpgfkobkghlhen_0.localstorage-journal ***** [ Scheduled tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigckKey Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbhoKey Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local> ***** [ Web browsers ] ***** -\\ Internet Explorer v11.0.9600.17801 -\\ Mozilla Firefox v38.0.1 (x86 en-US) -\\ Google Chrome v43.0.2357.81 -\\ Chromium v ************************* AdwCleaner[R0].txt - [1117 bytes] - [05/02/2015 11:31:51]AdwCleaner[R1].txt - [1393 bytes] - [06/02/2015 06:53:21]AdwCleaner[R2].txt - [2703 bytes] - [30/05/2015 07:39:12]AdwCleaner[R3].txt - [2762 bytes] - [30/05/2015 09:05:05]AdwCleaner[s0].txt - [1468 bytes] - [06/02/2015 06:57:59]AdwCleaner[s1].txt - [2324 bytes] - [30/05/2015 09:18:03] ########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [2383 bytes] ########## ---------------------------------- Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 5/30/2015Scan Time: 10:17:51 AMLogfile: Administrator: Yes Version: 2.01.6.1022Malware Database: v2015.05.30.02Rootkit Database: v2015.05.24.01License: PremiumMalware Protection: EnabledMalicious Website Protection: EnabledSelf-protection: Disabled OS: Windows 7 Service Pack 1CPU: x64File System: NTFSUser: owner Scan Type: Threat ScanResult: CompletedObjects Scanned: 450259Time Elapsed: 1 hr, 9 min, 22 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: DisabledRootkits: EnabledHeuristics: DisabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 0(No malicious items detected) Registry Values: 0(No malicious items detected) Registry Data: 0(No malicious items detected) Folders: 0(No malicious items detected) Files: 0(No malicious items detected) Physical Sectors: 0(No malicious items detected) (end)-------------------------------- ESET Scanner (No Threats Found) --------------------------------Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015Ran by owner (administrator) on HHGREGG-PC on 30-05-2015 18:33:14Running from C:\Users\owner\DownloadsLoaded Profiles: owner (Available Profiles: owner & Guest)Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)Internet Explorer Version 11 (Default browser: FF)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\afwServ.exe(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\LVPrS64H.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe(O2Micro International) C:\Windows\System32\drivers\o2flash.exe(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe(Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFIWmxSvcs64.exe(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFProcSRVC.exe(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\rselect\RSelSvc.exe(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe(TOSHIBA Corporation.) C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\NDSTray.exe(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFSwMgr.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(ESET) C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe(NVIDIA Corporation) C:\Windows\System32\nvcplui.exe(Farbar) C:\Users\owner\Downloads\FRST64 (1).exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [] => [X]HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [503864 2009-07-20] (Conexant Systems, Inc.)HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1810728 2009-07-30] (Synaptics Incorporated)HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [497504 2009-08-21] (TOSHIBA Corporation)HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [711000 2009-08-04] (TOSHIBA Corporation)HKLM\...\Run: [HDMICtrlMan] => C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [1032536 2009-08-03] (TOSHIBA Corporation.)HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2009-08-03] (TOSHIBA Corporation)HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-25] (Avast Software s.r.o.)HKLM-x32\...\Run: [Malwarebytes' Anti-Malware] => "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttrayHKU\S-1-5-21-3310603758-325049908-3132485941-1001\...\Run: [GoogleChromeAutoLaunch_BFB1AAC9AD5759BCC5B883652DF33E69] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-05-22] (Google Inc.)ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-25] (Avast Software s.r.o.)ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\owner\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\owner\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\owner\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-3310603758-325049908-3132485941-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/SearchScopes: HKLM -> {24AB7543-9939-4029-86A4-50C09852A9D7} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNASearchScopes: HKLM-x32 -> {DE06CFEC-A000-4882-9E02-281D41A89459} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNASearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3310603758-325049908-3132485941-1001 -> {DE06CFEC-A000-4882-9E02-281D41A89459} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA_enUS354US354SearchScopes: HKU\S-1-5-21-3310603758-325049908-3132485941-1001 -> {FFAD5398-51D1-4EAA-B3A1-03253AD44343} URL = http://www.bing.com/search?q={searchTerms}&form=BIE9DF&pc=BIE9&src=IE-SearchBoxBHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-24] (Avast Software s.r.o.)BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-01] (Google Inc.)BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-24] (Avast Software s.r.o.)BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-12-17] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)BHO-x32: Act.UI.InternetExplorer.Plugins.AttachFile.CAttachFile -> {D5233FCD-D258-4903-89B8-FB1568E7413D} -> C:\windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No FileToolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-01] (Google Inc.)Toolbar: HKLM-x32 - No Name - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - No FileToolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)Toolbar: HKU\S-1-5-21-3310603758-325049908-3132485941-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No FileDPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cabDPF: HKLM-x32 {3D3B42C2-11BF-4732-A304-A01384B70D68} http://picasaweb.google.com/s/v/63.17/uploader2.cabDPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabHandler-x32: intu-help-qb3 - {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - C:\Program Files (x86)\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll [2012-07-25] (Intuit, Inc.)Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation)Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 FireFox:========FF ProfilePath: C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\bz230fxo.default-1414070530532FF DefaultSearchEngine: GoogleFF DefaultSearchEngine.US: GoogleFF Homepage: hxxp://google.comFF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-15] ()FF Plugin: @microsoft.com/GENUINE -> disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-05-23] (Wacom)FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-11-09] (Adobe Systems)FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-15] ()FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\windows\SysWOW64\npDeployJava1.dll [2013-03-30] (Oracle Corporation)FF Plugin-x32: @microsoft.com/GENUINE -> disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)FF Plugin-x32: @sony.com/eBookLibrary -> C:\Program Files (x86)\Sony\Reader\Data\bin\npebldetectmoz.dll [2010-07-13] (Sony Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-05-23] (Wacom)FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll [2013-12-25] ()FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-11-09] (Adobe Systems)FF Plugin HKU\S-1-5-21-3310603758-325049908-3132485941-1001: @citrixonline.com/appdetectorplugin -> C:\Users\owner\AppData\Local\Citrix\Plugins\94\npappdetector.dll [2013-03-13] (Citrix Online)FF Plugin HKU\S-1-5-21-3310603758-325049908-3132485941-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\owner\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)FF Plugin HKU\S-1-5-21-3310603758-325049908-3132485941-1001: @talk.google.com/O1DPlugin -> C:\Users\owner\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)FF Plugin HKU\S-1-5-21-3310603758-325049908-3132485941-1001: @tools.google.com/Google Update;version=3 -> C:\Users\owner\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)FF Plugin HKU\S-1-5-21-3310603758-325049908-3132485941-1001: @tools.google.com/Google Update;version=9 -> C:\Users\owner\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)FF Plugin HKU\S-1-5-21-3310603758-325049908-3132485941-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\owner\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2015-05-08] (Zoom Video Communications, Inc.)FF Plugin HKU\S-1-5-21-3310603758-325049908-3132485941-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-05-23] (Wacom)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll [2011-06-01] (Catalina Marketing Corporation)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol500.dll [2011-06-01] (Catalina Marketing Corporation)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-10-27] (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-10-27] (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-10-27] (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-10-27] (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-10-27] (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Users\owner\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)FF Plugin ProgramFiles/Appdata: C:\Users\owner\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)FF Extension: Firebug - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\bz230fxo.default-1414070530532\Extensions\firebug@software.joehewitt.com.xpi [2015-04-10]FF Extension: Pin It Button - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\bz230fxo.default-1414070530532\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2014-11-19]FF Extension: Evernote Web Clipper - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\bz230fxo.default-1414070530532\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi [2015-04-08]FF Extension: Skype extension - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-05-16]FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgnFF HKLM-x32\...\Firefox\Extensions: [{6D5C8FC4-DE46-41bf-9092-93F0F78E9115}] - C:\ProgramData\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_2.0.0.48\coFFFwFF HKLM-x32\...\Firefox\Extensions: [{203FB6B2-2E1E-4474-863B-4C483ECCE78E}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNSTFF Extension: Norton Safe Web Lite Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNST [2015-02-05]FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FFFF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-05-24] Chrome: =======CHR Profile: C:\Users\owner\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Bookmark Manager) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-21]CHR Extension: (Avast Online Security) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-05-25]CHR Extension: (Pin It Button) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2014-05-29]CHR Extension: (No Name) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2015-05-30]CHR Extension: (Hangouts) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2015-01-27]CHR Extension: (Chrome Hotword Shared Module) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]CHR Extension: (Google Wallet) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-24] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 ACT! Scheduler; C:\Program Files (x86)\ACT\Act for Windows\Act.Scheduler.exe [81920 2008-08-01] (Sage Software, Inc.) [File not signed]S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2010-11-01] (Adobe Systems) [File not signed]S3 Adobe Version Cue CS4; C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [284016 2008-08-15] (Adobe Systems Incorporated)R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-24] (Avast Software s.r.o.)R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [107448 2015-05-24] (Avast Software s.r.o.)S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [255040 2014-09-07] (WildTangent)S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)S2 MSSQL$ACT7; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe [132504 2013-09-12] (Symantec Corporation)R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe [126392 2009-08-24] (Symantec Corporation)R2 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2012-07-25] (Intuit) [File not signed]S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2009-07-23] (Intuit Inc.) [File not signed]S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2010-04-02] (Sony Corporation) [File not signed]S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-11-14] (Wacom Technology, Corp.)S2 NSL; "C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe" /s "NSL" /m "C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\diMaster.dll" /prefetch:1 ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-25] ()R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-05-24] (Avast Software s.r.o.)R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-25] (Avast Software s.r.o.)R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449896 2015-05-24] (Avast Software s.r.o.)R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-25] (Avast Software s.r.o.)R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-25] ()R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-24] (Avast Software s.r.o.)R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-25] (Avast Software s.r.o.)R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-25] (Avast Software s.r.o.)R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-25] ()R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\0200000.010\ccSetx64.sys [167048 2011-08-08] (Symantec Corporation)S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [21504 2010-06-24] (http://libusb-win32.sourceforge.net) R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-30] (Malwarebytes Corporation)S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)R3 O2SDGRDR; C:\Windows\System32\DRIVERS\o2sdgx64.sys [49696 2009-07-16] (O2Micro )S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-05-30 18:31 - 2015-05-30 18:31 - 00013376 _____ () C:\Users\owner\Desktop\FRST64 (1).exe - Shortcut.lnk2015-05-30 18:30 - 2015-05-30 18:30 - 02108928 _____ (Farbar) C:\Users\owner\Downloads\FRST64 (1).exe2015-05-30 13:08 - 2015-05-30 13:08 - 00000000 ____D () C:\Program Files (x86)\ESET2015-05-30 13:06 - 2015-05-30 13:07 - 02347384 _____ (ESET) C:\Users\owner\Downloads\esetsmartinstaller_enu (2).exe2015-05-30 07:32 - 2015-05-30 07:33 - 02223104 _____ () C:\Users\owner\Desktop\AdwCleaner.exe2015-05-30 07:27 - 2015-05-30 07:27 - 00008708 _____ () C:\Users\owner\Desktop\JRT.txt2015-05-30 07:19 - 2015-05-30 07:19 - 00000207 _____ () C:\windows\tweaking.com-regbackup-HHGREGG-PC-Windows-7-Home-Premium-(64-bit).dat2015-05-30 07:19 - 2015-05-30 07:19 - 00000000 ____D () C:\RegBackup2015-05-30 07:17 - 2015-05-30 07:17 - 00001151 _____ () C:\Users\owner\Desktop\JRT (1).exe - Shortcut.lnk2015-05-30 07:15 - 2015-05-30 07:16 - 02948651 _____ (Thisisu) C:\Users\owner\Downloads\JRT (1).exe2015-05-29 10:46 - 2015-05-29 10:48 - 03060320 ____N (Symantec Corporation) C:\Users\owner\Downloads\NPE (1).exe2015-05-27 00:07 - 2015-05-27 00:07 - 00000017 _____ () C:\Users\owner\AppData\Local\resmon.resmoncfg2015-05-26 07:41 - 2015-05-26 07:41 - 00000895 _____ () C:\Users\owner\Desktop\NTREGOPT.lnk2015-05-26 07:41 - 2015-05-26 07:41 - 00000895 _____ () C:\Users\Guest\Desktop\NTREGOPT.lnk2015-05-26 07:41 - 2015-05-26 07:41 - 00000876 _____ () C:\Users\owner\Desktop\ERUNT.lnk2015-05-26 07:41 - 2015-05-26 07:41 - 00000876 _____ () C:\Users\Guest\Desktop\ERUNT.lnk2015-05-26 07:40 - 2015-05-26 07:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT2015-05-26 07:40 - 2015-05-26 07:41 - 00000000 ____D () C:\Program Files (x86)\ERUNT2015-05-26 07:34 - 2015-05-26 07:34 - 00791393 _____ (Lars Hederer ) C:\Users\owner\Downloads\erunt-setup.exe2015-05-25 23:34 - 2015-05-29 16:41 - 00002040 _____ () C:\Users\owner\Desktop\Rkill.txt2015-05-25 23:33 - 2015-05-25 23:33 - 00013325 _____ () C:\Users\owner\Desktop\rkill.exe - Shortcut.lnk2015-05-25 23:32 - 2015-05-25 23:32 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\owner\Downloads\rkill.exe2015-05-25 18:31 - 2015-05-25 18:31 - 02347384 _____ (ESET) C:\Users\owner\Downloads\esetsmartinstaller_enu (1).exe2015-05-25 17:43 - 2015-05-25 21:47 - 00000000 ____D () C:\sfzone_profile2015-05-25 00:11 - 2015-05-25 00:11 - 00000000 ____D () C:\Users\owner\AppData\Roaming\AVAST Software2015-05-25 00:08 - 2015-05-25 00:08 - 00001993 _____ () C:\Users\Public\Desktop\Avast SafeZone.lnk2015-05-25 00:08 - 2015-05-25 00:08 - 00001933 _____ () C:\Users\Public\Desktop\Avast Internet Security.lnk2015-05-25 00:08 - 2015-05-25 00:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software2015-05-25 00:05 - 2015-05-28 17:02 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update2015-05-25 00:05 - 2015-05-25 00:01 - 00137288 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswStm.sys2015-05-25 00:04 - 2015-05-25 00:01 - 00442264 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswSP.sys2015-05-25 00:04 - 2015-05-25 00:01 - 00272248 _____ () C:\windows\system32\Drivers\aswVmm.sys2015-05-25 00:04 - 2015-05-25 00:01 - 00093528 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswRdr2.sys2015-05-25 00:04 - 2015-05-25 00:01 - 00089944 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswMonFlt.sys2015-05-25 00:04 - 2015-05-25 00:01 - 00065736 _____ () C:\windows\system32\Drivers\aswRvrt.sys2015-05-25 00:04 - 2015-05-25 00:01 - 00029168 _____ () C:\windows\system32\Drivers\aswHwid.sys2015-05-25 00:04 - 2015-05-24 23:59 - 01047320 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswSnx.sys2015-05-25 00:04 - 2015-05-24 23:59 - 00028144 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswKbd.sys2015-05-25 00:01 - 2015-05-25 00:01 - 00364472 _____ (Avast Software s.r.o.) C:\windows\system32\aswBoot.exe2015-05-24 23:59 - 2015-05-24 23:59 - 00043112 _____ (Avast Software s.r.o.) C:\windows\avastSS.scr2015-05-24 23:58 - 2015-05-24 23:58 - 00449896 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswNdisFlt.sys2015-05-24 23:55 - 2015-05-24 23:55 - 00000000 ____D () C:\Program Files\AVAST Software2015-05-24 23:52 - 2015-05-24 23:52 - 00000000 ____D () C:\ProgramData\AVAST Software2015-05-24 23:50 - 2015-05-24 23:51 - 00000000 ____D () C:\Users\owner\Documents\Security2015-05-24 23:49 - 2015-05-24 23:49 - 00001390 _____ () C:\Users\owner\Downloads\avast_internet_security_setup_online.exe - Shortcut.lnk2015-05-24 23:49 - 2015-05-24 23:49 - 00001390 _____ () C:\Users\owner\Desktop\avast_internet_security_setup_online.exe - Shortcut.lnk2015-05-24 23:46 - 2015-05-24 23:47 - 05471128 _____ (Avast Software s.r.o.) C:\Users\owner\Downloads\avast_internet_security_setup_online.exe2015-05-24 13:33 - 2015-05-24 13:34 - 00049232 _____ () C:\Users\owner\Desktop\sfcdetails.txt2015-05-24 09:32 - 2015-02-24 04:17 - 00295552 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe2015-05-23 10:53 - 2015-05-23 10:53 - 00127425 _____ () C:\Users\owner\Downloads\8EFB.tmp2015-05-22 18:31 - 2015-05-22 18:31 - 00000000 ____D () C:\Users\owner\Documents\New folder (12)2015-05-22 18:31 - 2015-05-22 18:31 - 00000000 ____D () C:\Users\owner\Documents\New folder (10)2015-05-22 10:45 - 2015-05-22 10:46 - 00813408 _____ () C:\windows\Minidump\052215-23353-01.dmp2015-05-18 16:43 - 2015-05-18 16:43 - 00002159 _____ () C:\Users\owner\Downloads\CP0007276395P-1.mp4.en.srt2015-05-17 23:40 - 2015-05-17 23:40 - 00118735 _____ () C:\Users\owner\Downloads\CP0045898113P-1.mp4.en.srt2015-05-16 22:14 - 2015-05-22 23:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox2015-05-16 10:39 - 2015-05-22 18:33 - 00000000 ____D () C:\Users\owner\Documents\System Restore2015-05-15 06:54 - 2015-05-22 23:53 - 00000000 ____D () C:\ProgramData\Gyazo2015-05-15 06:54 - 2015-05-15 06:54 - 00000993 _____ () C:\Users\Public\Desktop\Gyazo GIF.lnk2015-05-14 07:42 - 2015-05-01 09:17 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll2015-05-14 07:42 - 2015-05-01 09:16 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll2015-05-13 16:03 - 2015-05-13 16:03 - 00015981 _____ () C:\Users\owner\Downloads\CP0097179133P-1.mp4.en.srt2015-05-13 09:10 - 2015-05-04 21:29 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll2015-05-13 09:10 - 2015-05-04 21:12 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll2015-05-13 09:10 - 2015-04-27 15:28 - 05569984 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe2015-05-13 09:10 - 2015-04-27 15:28 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys2015-05-13 09:10 - 2015-04-27 15:28 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys2015-05-13 09:10 - 2015-04-27 15:26 - 01728960 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll2015-05-13 09:10 - 2015-04-27 15:23 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll2015-05-13 09:10 - 2015-04-27 15:23 - 01254400 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll2015-05-13 09:10 - 2015-04-27 15:23 - 01162752 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll2015-05-13 09:10 - 2015-04-27 15:23 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll2015-05-13 09:10 - 2015-04-27 15:23 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll2015-05-13 09:10 - 2015-04-27 15:23 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll2015-05-13 09:10 - 2015-04-27 15:23 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll2015-05-13 09:10 - 2015-04-27 15:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll2015-05-13 09:10 - 2015-04-27 15:23 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll2015-05-13 09:10 - 2015-04-27 15:23 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll2015-05-13 09:10 - 2015-04-27 15:23 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll2015-05-13 09:10 - 2015-04-27 15:23 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll2015-05-13 09:10 - 2015-04-27 15:23 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll2015-05-13 09:10 - 2015-04-27 15:23 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll2015-05-13 09:10 - 2015-04-27 15:23 - 00113664 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll2015-05-13 09:10 - 2015-04-27 15:23 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll2015-05-13 09:10 - 2015-04-27 15:23 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll2015-05-13 09:10 - 2015-04-27 15:22 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe2015-05-13 09:10 - 2015-04-27 15:22 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe2015-05-13 09:10 - 2015-04-27 15:22 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe2015-05-13 09:10 - 2015-04-27 15:22 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe2015-05-13 09:10 - 2015-04-27 15:22 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\logman.exe2015-05-13 09:10 - 2015-04-27 15:22 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\typeperf.exe2015-05-13 09:10 - 2015-04-27 15:22 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\relog.exe2015-05-13 09:10 - 2015-04-27 15:22 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe2015-05-13 09:10 - 2015-04-27 15:21 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe2015-05-13 09:10 - 2015-04-27 15:11 - 03989440 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe2015-05-13 09:10 - 2015-04-27 15:11 - 03934144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe2015-05-13 09:10 - 2015-04-27 15:08 - 01310744 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll2015-05-13 09:10 - 2015-04-27 15:05 - 00635392 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll2015-05-13 09:10 - 2015-04-27 15:05 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll2015-05-13 09:10 - 2015-04-27 15:05 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll2015-05-13 09:10 - 2015-04-27 15:05 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll2015-05-13 09:10 - 2015-04-27 15:05 - 00092160 _____ (Microsoft Corporation) C:\windows\SysWOW64\sechost.dll2015-05-13 09:10 - 2015-04-27 15:05 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll2015-05-13 09:10 - 2015-04-27 15:04 - 00641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll2015-05-13 09:10 - 2015-04-27 15:04 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll2015-05-13 09:10 - 2015-04-27 15:04 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\tracerpt.exe2015-05-13 09:10 - 2015-04-27 15:04 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\logman.exe2015-05-13 09:10 - 2015-04-27 15:04 - 00040448 _____ (Microsoft Corporation) C:\windows\SysWOW64\typeperf.exe2015-05-13 09:10 - 2015-04-27 15:04 - 00037888 _____ (Microsoft Corporation) C:\windows\SysWOW64\relog.exe2015-05-13 09:10 - 2015-04-27 15:04 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe2015-05-13 09:10 - 2015-04-27 15:03 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll2015-05-13 09:10 - 2015-04-27 15:03 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll2015-05-13 09:10 - 2015-04-27 15:03 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe2015-05-13 09:10 - 2015-04-27 14:06 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll2015-05-13 09:10 - 2015-04-21 22:28 - 00389840 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll2015-05-13 09:10 - 2015-04-21 21:48 - 00342736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll2015-05-13 09:10 - 2015-04-21 13:14 - 24971776 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll2015-05-13 09:10 - 2015-04-21 13:08 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb2015-05-13 09:10 - 2015-04-21 13:07 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll2015-05-13 09:10 - 2015-04-21 12:51 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll2015-05-13 09:10 - 2015-04-21 12:50 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll2015-05-13 09:10 - 2015-04-21 12:50 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec2015-05-13 09:10 - 2015-04-21 12:50 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll2015-05-13 09:10 - 2015-04-21 12:49 - 02885120 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll2015-05-13 09:10 - 2015-04-21 12:48 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll2015-05-13 09:10 - 2015-04-21 12:41 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll2015-05-13 09:10 - 2015-04-21 12:40 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll2015-05-13 09:10 - 2015-04-21 12:37 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll2015-05-13 09:10 - 2015-04-21 12:35 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll2015-05-13 09:10 - 2015-04-21 12:35 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe2015-05-13 09:10 - 2015-04-21 12:35 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe2015-05-13 09:10 - 2015-04-21 12:34 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll2015-05-13 09:10 - 2015-04-21 12:31 - 06025728 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll2015-05-13 09:10 - 2015-04-21 12:26 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe2015-05-13 09:10 - 2015-04-21 12:25 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb2015-05-13 09:10 - 2015-04-21 12:24 - 19691008 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll2015-05-13 09:10 - 2015-04-21 12:22 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll2015-05-13 09:10 - 2015-04-21 12:14 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll2015-05-13 09:10 - 2015-04-21 12:11 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll2015-05-13 09:10 - 2015-04-21 12:11 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll2015-05-13 09:10 - 2015-04-21 12:10 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll2015-05-13 09:10 - 2015-04-21 12:09 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec2015-05-13 09:10 - 2015-04-21 12:09 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll2015-05-13 09:10 - 2015-04-21 12:08 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll2015-05-13 09:10 - 2015-04-21 12:08 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll2015-05-13 09:10 - 2015-04-21 12:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll2015-05-13 09:10 - 2015-04-21 12:04 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll2015-05-13 09:10 - 2015-04-21 12:03 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll2015-05-13 09:10 - 2015-04-21 12:02 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll2015-05-13 09:10 - 2015-04-21 12:00 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll2015-05-13 09:10 - 2015-04-21 11:58 - 00664576 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll2015-05-13 09:10 - 2015-04-21 11:58 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe2015-05-13 09:10 - 2015-04-21 11:57 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll2015-05-13 09:10 - 2015-04-21 11:49 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll2015-05-13 09:10 - 2015-04-21 11:49 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe2015-05-13 09:10 - 2015-04-21 11:48 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll2015-05-13 09:10 - 2015-04-21 11:47 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll2015-05-13 09:10 - 2015-04-21 11:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl2015-05-13 09:10 - 2015-04-21 11:43 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll2015-05-13 09:10 - 2015-04-21 11:40 - 14401536 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll2015-05-13 09:10 - 2015-04-21 11:39 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll2015-05-13 09:10 - 2015-04-21 11:38 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll2015-05-13 09:10 - 2015-04-21 11:36 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll2015-05-13 09:10 - 2015-04-21 11:31 - 04305920 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll2015-05-13 09:10 - 2015-04-21 11:27 - 02352128 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll2015-05-13 09:10 - 2015-04-21 11:26 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll2015-05-13 09:10 - 2015-04-21 11:25 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl2015-05-13 09:10 - 2015-04-21 11:24 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll2015-05-13 09:10 - 2015-04-21 11:17 - 12828672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll2015-05-13 09:10 - 2015-04-21 11:15 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll2015-05-13 09:10 - 2015-04-21 11:03 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll2015-05-13 09:10 - 2015-04-21 11:02 - 01882112 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll2015-05-13 09:10 - 2015-04-21 10:58 - 01310208 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll2015-05-13 09:10 - 2015-04-21 10:56 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll2015-05-13 09:10 - 2015-04-17 23:10 - 00460800 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll2015-05-13 09:10 - 2015-04-17 22:56 - 00342016 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll2015-05-13 09:10 - 2015-04-12 23:28 - 00328704 _____ (Microsoft Corporation) C:\windows\system32\services.exe2015-05-13 09:10 - 2015-03-04 00:41 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\apphelp.dll2015-05-13 09:10 - 2015-03-04 00:41 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\aelupsvc.dll2015-05-13 09:10 - 2015-03-04 00:41 - 00023552 _____ (Microsoft Corporation) C:\windows\system32\sdbinst.exe2015-05-13 09:10 - 2015-03-04 00:41 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\shimeng.dll2015-05-13 09:10 - 2015-03-04 00:11 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\shimeng.dll2015-05-13 09:10 - 2015-03-04 00:10 - 00295936 _____ (Microsoft Corporation) C:\windows\SysWOW64\apphelp.dll2015-05-13 09:10 - 2015-03-04 00:10 - 00020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\sdbinst.exe2015-05-13 09:09 - 2015-04-27 15:23 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll2015-05-13 09:09 - 2015-04-27 15:23 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll2015-05-13 09:09 - 2015-04-27 15:23 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll2015-05-13 09:09 - 2015-04-27 15:23 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll2015-05-13 09:09 - 2015-04-27 15:23 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll2015-05-13 09:09 - 2015-04-27 15:23 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll2015-05-13 09:09 - 2015-04-27 15:23 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll2015-05-13 09:09 - 2015-04-27 15:22 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\diskperf.exe2015-05-13 09:09 - 2015-04-27 15:18 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll2015-05-13 09:09 - 2015-04-27 15:18 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:05 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll2015-05-13 09:09 - 2015-04-27 15:05 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll2015-05-13 09:09 - 2015-04-27 15:05 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll2015-05-13 09:09 - 2015-04-27 15:04 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll2015-05-13 09:09 - 2015-04-27 15:03 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll2015-05-13 09:09 - 2015-04-27 15:03 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\diskperf.exe2015-05-13 09:09 - 2015-04-27 15:03 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll2015-05-13 09:09 - 2015-04-27 15:01 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll2015-05-13 09:09 - 2015-04-27 15:01 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 13:57 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe2015-05-13 09:09 - 2015-04-27 13:57 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe2015-05-13 09:09 - 2015-04-27 13:55 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 13:55 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 13:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 13:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll2015-05-13 09:09 - 2015-04-19 23:17 - 01647104 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll2015-05-13 09:09 - 2015-04-19 23:17 - 01179136 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll2015-05-13 09:09 - 2015-04-19 22:56 - 01250816 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll2015-05-13 09:09 - 2015-04-19 22:11 - 03204608 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys2015-05-13 09:08 - 2015-04-07 23:29 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll2015-05-13 09:08 - 2015-04-07 23:29 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll2015-05-13 09:08 - 2015-04-07 23:14 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll2015-05-13 09:08 - 2015-02-18 03:06 - 00123904 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe2015-05-13 09:08 - 2015-02-18 03:04 - 00142336 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe2015-05-13 09:08 - 2015-01-28 23:19 - 02543104 _____ (Microsoft Corporation) C:\windows\system32\wpdshext.dll2015-05-13 09:08 - 2015-01-28 23:02 - 02311168 _____ (Microsoft Corporation) C:\windows\SysWOW64\wpdshext.dll2015-05-12 11:43 - 2015-05-22 23:53 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Zoom2015-05-12 11:43 - 2015-05-22 23:53 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom2015-05-12 11:43 - 2015-05-12 11:43 - 00133528 _____ (Zoom Video Communications, Inc.) C:\Users\owner\Downloads\Zoom_launcher (1).exe2015-05-12 11:21 - 2015-05-12 11:21 - 00133528 _____ (Zoom Video Communications, Inc.) C:\Users\owner\Downloads\Zoom_launcher.exe2015-05-11 08:51 - 2015-05-11 08:51 - 01311683 _____ () C:\Users\owner\Downloads\Top-15-Ways-to-Make-Money-Online.zip2015-05-10 20:40 - 2015-05-10 21:12 - 00000000 ____D () C:\Users\owner\Downloads\Dollarphotoclub_680988682015-05-10 20:34 - 2015-05-10 20:34 - 01046306 _____ () C:\Users\owner\Downloads\Dollarphotoclub_68098868.zip2015-05-09 18:47 - 2015-05-09 18:47 - 00007148 _____ () C:\Users\owner\Downloads\CP0157666677P-75.mp4.en.srt2015-05-09 15:28 - 2015-05-09 15:28 - 00008214 _____ () C:\Users\owner\Downloads\bloglovin_subscriptions.xml2015-05-09 13:26 - 2015-05-09 13:26 - 00002204 _____ () C:\Users\owner\Downloads\CP0360643936P-19.mp4.en.srt2015-05-08 19:48 - 2015-05-08 19:48 - 00002058 _____ () C:\Users\owner\Downloads\CP0535238036P-1.mp4.en.srt2015-05-08 16:05 - 2015-05-08 16:05 - 00025117 _____ () C:\Users\owner\Downloads\CP0315806205P-1.mp4.en (1).srt2015-05-08 15:54 - 2015-05-08 15:54 - 00025057 _____ () C:\Users\owner\Downloads\CP0315806205P-1.mp4.en.srt2015-05-08 09:16 - 2015-05-08 09:17 - 00804872 _____ () C:\windows\Minidump\050815-23431-01.dmp2015-05-07 21:30 - 2015-05-07 21:30 - 00002863 _____ () C:\Users\owner\Downloads\CP0076905481P-46.mp4.en.srt2015-05-07 19:52 - 2015-05-07 19:52 - 00008271 _____ () C:\Users\owner\Downloads\CP0076905481P-78.mp4.en.srt2015-05-07 10:20 - 2015-05-07 10:20 - 00812904 _____ () C:\windows\Minidump\050715-26925-01.dmp2015-05-07 08:05 - 2015-05-07 08:05 - 00877032 _____ () C:\windows\Minidump\050715-33540-01.dmp2015-05-06 16:39 - 2015-05-06 16:39 - 00003335 _____ () C:\Users\owner\Downloads\CP0023366857P-1.mp4.en.srt2015-05-06 11:20 - 2015-05-06 11:20 - 00002437 _____ () C:\Users\owner\Downloads\CP0100254712P-33.mp4.en.srt2015-05-05 20:58 - 2015-05-05 20:58 - 00006578 _____ () C:\Users\owner\Downloads\CP0323463782P-1.mp4.en(1).srt2015-05-05 20:39 - 2015-05-05 20:39 - 00006575 _____ () C:\Users\owner\Downloads\CP0323463782P-1.mp4.en.srt2015-05-05 15:05 - 2015-05-05 15:05 - 00003831 _____ () C:\Users\owner\Downloads\CP0450385100P-1.mp4.en(1).srt2015-05-05 14:55 - 2015-05-05 14:55 - 00003763 _____ () C:\Users\owner\Downloads\CP0450385100P-1.mp4.en.srt2015-05-05 12:30 - 2015-05-05 12:31 - 00003656 _____ () C:\Users\owner\Downloads\CP0353034608P-4.mp4.en(1).srt2015-05-05 12:23 - 2015-05-05 12:24 - 00003662 _____ () C:\Users\owner\Downloads\CP0353034608P-4.mp4.en.srt2015-05-05 02:26 - 2015-05-05 02:26 - 00024947 _____ () C:\Users\owner\Downloads\CP0168412542P-7.mp4.en.srt2015-05-04 19:15 - 2015-05-04 19:15 - 00011853 _____ () C:\Users\owner\Downloads\CP0387660393P-1.mp4.en.srt2015-05-04 10:35 - 2015-05-04 10:35 - 00000000 ____D () C:\Users\owner\Downloads\facebook-1000014215057052015-05-04 10:25 - 2015-05-04 10:25 - 00001923 _____ () C:\Users\owner\Downloads\CP0220504330P-1.mp4.en(1).srt2015-05-04 10:22 - 2015-05-04 10:23 - 00001924 _____ () C:\Users\owner\Downloads\CP0220504330P-1.mp4.en.srt2015-05-04 02:38 - 2015-05-04 02:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud2015-05-04 02:36 - 2015-05-04 02:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes2015-05-04 02:35 - 2015-05-04 02:36 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A72015-05-04 02:35 - 2015-05-04 02:36 - 00000000 ____D () C:\Program Files\iTunes2015-05-04 02:35 - 2015-05-04 02:35 - 00000000 ____D () C:\Program Files\iPod2015-05-04 02:35 - 2015-05-04 02:35 - 00000000 ____D () C:\Program Files (x86)\iTunes2015-05-04 02:21 - 2015-05-04 02:21 - 00002011 _____ () C:\Users\owner\Downloads\CP0100254712P-38.mp4.en.srt2015-05-02 19:07 - 2015-05-02 19:08 - 00001426 _____ () C:\Users\owner\Downloads\CP0157666677P-61.mp4.en(1).srt2015-05-02 19:03 - 2015-05-02 19:03 - 00001423 _____ () C:\Users\owner\Downloads\CP0157666677P-61.mp4.en.srt2015-05-02 16:03 - 2015-05-02 16:03 - 00003891 _____ () C:\Users\owner\Downloads\CP0468921932P-2.mp4.en.srt2015-05-02 14:23 - 2015-05-02 14:23 - 00004035 _____ () C:\Users\owner\Downloads\CP0468921932P-5.mp4.en.srt2015-05-02 12:51 - 2015-05-02 12:51 - 00002422 _____ () C:\Users\owner\Downloads\CP0195338775P-1.mp4.en.srt2015-05-02 00:08 - 2015-05-29 11:21 - 00000000 ____D () C:\Users\owner\Documents\Maggie Flanigan2015-05-02 00:07 - 2015-05-16 11:00 - 00000000 ____D () C:\Users\owner\Documents\Rev.com2015-05-01 22:25 - 2015-05-01 22:25 - 00602316 _____ () C:\Users\owner\Downloads\book_version_5.idml2015-05-01 21:39 - 2015-05-01 21:39 - 00003608 _____ () C:\Users\owner\Downloads\CP0276004791P-1.mp4.en.srt2015-05-01 19:44 - 2015-05-01 19:44 - 00001037 _____ () C:\Users\owner\Downloads\CP0522524429P-1.mp4.en.srt2015-05-01 18:15 - 2015-05-01 18:15 - 00025925 _____ () C:\Users\owner\Downloads\CP0373945655P-1.mp4.en.srt2015-05-01 10:57 - 2015-05-01 10:58 - 00000000 ____D () C:\Users\owner\Documents\EBT ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-05-30 18:33 - 2015-02-01 15:11 - 00025938 _____ () C:\Users\owner\Downloads\FRST.txt2015-05-30 18:33 - 2015-02-01 15:10 - 00000000 ____D () C:\FRST2015-05-30 18:30 - 2012-04-02 10:08 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job2015-05-30 18:28 - 2012-12-07 15:00 - 00000908 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3310603758-325049908-3132485941-1001UA.job2015-05-30 18:24 - 2010-01-31 15:28 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job2015-05-30 17:24 - 2010-01-31 15:28 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job2015-05-30 16:19 - 2009-07-14 00:51 - 00568712 _____ () C:\windows\setupact.log2015-05-30 15:56 - 2009-10-07 22:10 - 01461095 _____ () C:\windows\WindowsUpdate.log2015-05-30 13:31 - 2012-12-07 15:00 - 00000856 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3310603758-325049908-3132485941-1001Core.job2015-05-30 10:17 - 2014-07-30 12:45 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys2015-05-30 09:31 - 2009-07-14 00:45 - 00018736 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02015-05-30 09:31 - 2009-07-14 00:45 - 00018736 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02015-05-30 09:22 - 2011-03-27 22:01 - 00000000 ____D () C:\windows\SysWOW64\logishrd2015-05-30 09:22 - 2011-03-27 22:01 - 00000000 ____D () C:\windows\system32\logishrd2015-05-30 09:22 - 2009-07-14 01:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT2015-05-30 09:18 - 2015-02-05 11:31 - 00000000 ____D () C:\AdwCleaner2015-05-30 02:00 - 2014-06-13 07:58 - 00000000 ____D () C:\Users\owner\AppData\Local\Adobe2015-05-29 21:07 - 2011-03-28 21:58 - 00000000 ____D () C:\Users\owner\AppData\Local\CrashDumps2015-05-29 14:35 - 2011-06-08 16:37 - 00000000 ____D () C:\Users\owner\AppData\Local\NPE2015-05-29 12:53 - 2009-09-02 22:14 - 00000000 ____D () C:\Program Files (x86)\Java2015-05-28 16:59 - 2011-03-27 22:00 - 00000000 _____ () C:\windows\system32\Drivers\lvuvc.hs2015-05-27 08:12 - 2012-09-24 22:33 - 00000000 ____D () C:\Program Files (x86)\Kobo2015-05-25 21:57 - 2013-05-14 13:47 - 00000000 ___RD () C:\Users\owner\Dropbox2015-05-25 21:57 - 2009-07-14 01:13 - 00006416 _____ () C:\windows\system32\PerfStringBackup.INI2015-05-25 21:56 - 2013-05-14 13:30 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Dropbox2015-05-25 21:53 - 2010-03-15 09:45 - 00000000 ____D () C:\Users\owner\Tracing2015-05-25 18:14 - 2014-07-30 12:45 - 00107736 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys2015-05-25 17:36 - 2009-09-03 01:35 - 01370832 _____ () C:\windows\PFRO.log2015-05-23 17:33 - 2009-09-02 22:26 - 00000000 ____D () C:\Program Files (x86)\TOSHIBA Games2015-05-23 16:58 - 2009-09-02 22:26 - 00000000 ____D () C:\ProgramData\WildTangent2015-05-23 16:58 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games2015-05-22 23:54 - 2014-07-30 12:45 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2015-05-22 23:54 - 2013-03-15 18:47 - 00000000 ____D () C:\Program Files (x86)\Gyazo2015-05-22 23:54 - 2012-09-01 07:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight2015-05-22 23:54 - 2012-05-05 16:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service2015-05-22 23:54 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared2015-05-22 23:53 - 2015-04-20 19:28 - 00000000 ____D () C:\Users\owner\Documents\Sew Caroline2015-05-22 23:53 - 2015-04-06 06:20 - 00000000 ___SD () C:\windows\SysWOW64\GWX2015-05-22 23:53 - 2015-04-06 06:19 - 00000000 ___SD () C:\windows\system32\GWX2015-05-22 23:53 - 2015-03-12 22:03 - 00000000 ____D () C:\Users\owner\Documents\Melly Sews2015-05-22 23:53 - 2015-02-05 10:24 - 00000000 ____D () C:\Users\owner\Downloads\FRST-OlderVersion2015-05-22 23:53 - 2014-12-03 22:55 - 00000000 ____D () C:\Users\owner\Documents\Money Robbins email amazon_files2015-05-22 23:53 - 2014-09-25 23:16 - 00000000 ____D () C:\Users\owner\Documents\Att troubleshoot chat 9.25.14_files2015-05-22 23:53 - 2014-07-30 12:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2015-05-22 23:53 - 2014-04-13 11:29 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon2015-05-22 23:53 - 2013-09-20 17:03 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Blackboard2015-05-22 23:53 - 2013-05-14 13:31 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox2015-05-22 23:53 - 2013-04-29 01:13 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Koox System Optimizer2015-05-22 23:53 - 2013-04-28 23:41 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Audacity2015-05-22 23:53 - 2013-03-15 18:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo2015-05-22 23:53 - 2013-03-13 15:06 - 00000000 ____D () C:\Users\owner\AppData\Local\Citrix2015-05-22 23:53 - 2012-09-01 07:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight2015-05-22 23:53 - 2012-09-01 07:54 - 00000000 ____D () C:\Program Files\Microsoft Silverlight2015-05-22 23:53 - 2012-04-03 17:41 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client2015-05-22 23:53 - 2011-11-16 17:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome2015-05-22 23:53 - 2011-11-09 15:41 - 00000000 ____D () C:\Users\owner\AppData\Local\Akamai2015-05-22 23:53 - 2011-06-15 09:34 - 00000000 ____D () C:\Users\owner\AppData\Local\Tific2015-05-22 23:53 - 2011-06-01 18:56 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Catalina Marketing Corp2015-05-22 23:53 - 2011-06-01 18:56 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Catalina Marketing Corp2015-05-22 23:53 - 2011-04-19 09:41 - 00000000 ____D () C:\Users\owner\AppData\Roaming\MAGIX2015-05-22 23:53 - 2011-04-11 17:58 - 00000000 ____D () C:\Users\owner\Documents\Netflix Setup OrderFinal_files2015-05-22 23:53 - 2011-04-08 11:47 - 00000000 ____D () C:\Users\owner\Documents\No Messages Screen Display for Jebaire Publishing_files2015-05-22 23:53 - 2011-03-21 18:53 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton2015-05-22 23:53 - 2011-01-12 15:32 - 00000000 ____D () C:\Users\owner\AppData\Roaming\FreeFileOpener2015-05-22 23:53 - 2011-01-07 18:43 - 00000000 ____D () C:\Users\owner\Downloads\Basic Ebook info from IBPA_files2015-05-22 23:53 - 2010-11-23 19:12 - 00000000 ____D () C:\Users\owner\Documents\Audible2015-05-22 23:53 - 2010-06-25 15:10 - 00000000 ____D () C:\Users\owner\Documents\My eBooks2015-05-22 23:53 - 2010-06-25 15:08 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobipocket.com2015-05-22 23:53 - 2010-06-14 20:13 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Mozilla2015-05-22 23:53 - 2010-05-20 12:24 - 00000000 __RSD () C:\Users\owner\Documents\My Stationery2015-05-22 23:53 - 2010-05-17 09:30 - 00000000 ____D () C:\Users\owner\Documents\Homeschool2015-05-22 23:53 - 2010-05-11 13:24 - 00000000 ___SD () C:\Users\owner\Documents\My Data Sources2015-05-22 23:53 - 2010-05-07 11:05 - 00000000 ____D () C:\Users\owner\Documents\Jebaire Book Blocks2015-05-22 23:53 - 2010-04-27 07:40 - 00000000 ____D () C:\windows\Minidump2015-05-22 23:53 - 2010-04-02 21:24 - 00000000 ____D () C:\Users\owner\Documents\Jebaire Manuscripts2015-05-22 23:53 - 2010-03-18 12:42 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Skype2015-05-22 23:53 - 2010-03-18 09:03 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Barnes & Noble2015-05-22 23:53 - 2010-03-08 15:51 - 00000000 ____D () C:\Users\owner\AppData\Local\Microsoft Help2015-05-22 23:53 - 2010-02-24 17:15 - 00000000 ____D () C:\ProgramData\FLEXnet2015-05-22 23:53 - 2010-02-16 18:45 - 00000000 ____D () C:\Users\owner\AppData\Roaming\WildTangent2015-05-22 23:53 - 2010-02-16 18:45 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Adobe2015-05-22 23:53 - 2010-02-13 12:48 - 00000000 ____D () C:\Users\owner\AppData\Local\TOSHIBA2015-05-22 23:53 - 2010-02-13 12:47 - 00000000 ___RD () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance2015-05-22 23:53 - 2010-02-13 12:47 - 00000000 ___RD () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories2015-05-22 23:53 - 2010-02-13 12:47 - 00000000 ____D () C:\Users\owner2015-05-22 23:53 - 2009-10-07 22:20 - 00000000 ____D () C:\ProgramData\Microsoft Help2015-05-22 23:53 - 2009-07-14 03:45 - 00000000 ____D () C:\Program Files\Windows Journal2015-05-22 23:53 - 2009-07-14 01:09 - 00000000 ____D () C:\windows\System32\Tasks\WPD2015-05-22 23:53 - 2009-07-13 23:20 - 00000000 __RSD () C:\windows\Media2015-05-22 23:53 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Public\Libraries2015-05-22 23:53 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\AdvancedInstallers2015-05-22 23:53 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\servicing2015-05-22 23:53 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\rescache2015-05-22 23:53 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\PolicyDefinitions2015-05-22 23:53 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\AppCompat2015-05-22 23:52 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\registration2015-05-22 10:45 - 2010-04-27 07:40 - 401271285 _____ () C:\windows\MEMORY.DMP2015-05-22 10:09 - 2009-07-14 01:08 - 00032584 _____ () C:\windows\Tasks\SCHEDLGU.TXT2015-05-20 17:38 - 2014-07-30 12:45 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2015-05-20 13:53 - 2013-09-12 20:41 - 00000000 ____D () C:\Users\owner\Documents\Clark Kids Stuff2015-05-18 10:18 - 2014-11-27 14:02 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk2015-05-16 13:23 - 2012-12-07 15:00 - 00003878 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3310603758-325049908-3132485941-1001UA2015-05-16 13:23 - 2012-12-07 15:00 - 00003482 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3310603758-325049908-3132485941-1001Core2015-05-15 17:19 - 2010-01-31 15:28 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA2015-05-15 17:19 - 2010-01-31 15:28 - 00003642 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore2015-05-15 14:16 - 2012-04-02 10:08 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe2015-05-15 14:16 - 2012-04-02 10:08 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater2015-05-15 14:16 - 2011-06-08 01:53 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl2015-05-15 06:55 - 2015-01-09 10:54 - 00003750 _____ () C:\windows\System32\Tasks\GyazoUpdateTaskMachine2015-05-14 10:06 - 2009-07-14 00:45 - 05120888 _____ () C:\windows\system32\FNTCACHE.DAT2015-05-14 08:21 - 2013-07-15 14:49 - 00000000 ____D () C:\windows\system32\MRT2015-05-14 07:54 - 2010-04-20 08:38 - 140425016 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe2015-05-13 17:05 - 2015-04-10 23:50 - 00000000 ____D () C:\Users\owner\Documents\$$$$$2015-05-06 20:09 - 2013-04-16 11:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive2015-05-06 18:58 - 2013-03-15 18:49 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Gyazo2015-05-04 02:35 - 2014-02-08 20:43 - 00000000 ____D () C:\Program Files\Common Files\Apple2015-05-01 20:41 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\NDF ==================== Files in the root of some directories ======= 2010-02-24 21:56 - 2010-02-24 21:56 - 0000000 ____H () C:\Users\owner\AppData\Roaming\ActUpdate.log2011-11-21 20:44 - 2011-11-21 20:44 - 0044912 _____ () C:\Users\owner\AppData\Roaming\UserTile.png2010-03-31 21:16 - 2013-06-11 23:07 - 0000610 _____ () C:\Users\owner\AppData\Roaming\wklnhst.dat2015-05-27 00:07 - 2015-05-27 00:07 - 0000017 _____ () C:\Users\owner\AppData\Local\resmon.resmoncfg2010-03-18 12:50 - 2010-03-18 12:50 - 0000056 ____H () C:\ProgramData\ezsidmv.dat2010-02-24 21:56 - 2010-04-24 22:39 - 0000088 __RSH () C:\ProgramData\F3446BD02F.sys2010-03-16 15:36 - 2010-03-31 15:46 - 0000609 _____ () C:\ProgramData\hpzinstall.log2010-02-24 21:56 - 2011-09-21 21:52 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys Some files in TEMP:====================C:\Users\owner\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcabfku.dllC:\Users\owner\AppData\Local\Temp\Quarantine.exeC:\Users\owner\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-05-14 19:56 ==================== End of log ============================
  5. I reset the router back to factory settings and restarted both computers. My computer still has a long shut down and very slow start up time and continues to freeze up. When I tried to run ERUNT, I received this message: Unable to create file: C:\windows\ERDNT\5-29-2015\ERDNT.INF Registry backup will continue, but no restore information for the ERDNT program will be saved. This means that later restoration of the registry can only be done manually, by using another OS to copy back the files. **I'm not sure if this is related, but as I mentioned previously, I haven't been able to do a standard system restore on my computer at all. My computer will list the restore points, I'll select one. The restore will fail, and the date I selected is always deleted.
  6. Please Do Not close this topic. I am doing the router reset today. Thank you.
  7. In STEP 01 for ERUNDT, when I click "Yes" to create the folder, I receive this message: ERU for Windows NT says: c:\windows\ERDNT\5-26-2015\ERDNT.INF Registry backup will continue, but no restore information for the ERDNT program will be saved. This means that later restoration of the registry can only be done manually, by using another OS to copy back the files. (***Before this forum I tried system restore a few times and it failed and deleted the requested restore date from the system.) Please advise. Thank you.
  8. Also, my husband's laptop is on the same wireless network and experiencing similar issues. I didn't notice until I began using his today after I couldn't use mine. We both get lots of "Warning: Unresponsive Script" messages that also cause our computer's to stall. Should I run the same scans on his laptop or start a new thread?
  9. Hi and thank you so much for your assistance. After installing ERUNT in step 1, a pop up window says, "Welcome! This program backs up the registry files of your Windows NT/2000/XP system to a folder of your choice. I'm using Windows 7. Should I continue?
  10. Hi. The computer freezes up every few minutes so typing anything has become difficult. Software that I use for work remotely is behaving strangely (stalling, not playing) but it works fine for others who access the software (even using my account), so it's not a software issue. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-05-2015 01Ran by owner (administrator) on HHGREGG-PC on 23-05-2015 10:06:24Running from C:\Users\owner\DownloadsLoaded Profiles: owner (Available Profiles: owner & Guest)Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)Internet Explorer Version 11 (Default browser: FF)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\LVPrS64H.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe(O2Micro International) C:\Windows\System32\drivers\o2flash.exe(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe(Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFIWmxSvcs64.exe(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFProcSRVC.exe(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\rselect\RSelSvc.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe(TOSHIBA Corporation.) C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe(Logitech Inc.) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe(Akamai Technologies, Inc.) C:\Users\owner\AppData\Local\Akamai\netsession_win.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe(Akamai Technologies, Inc.) C:\Users\owner\AppData\Local\Akamai\netsession_win.exe(Dropbox, Inc.) C:\Users\owner\AppData\Roaming\Dropbox\bin\Dropbox.exe(TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\TOSHIBA Web Camera Application\TWebCamera.exe(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe(Sage Software, Inc.) C:\Program Files (x86)\ACT\Act for Windows\Act.Outlook.Service.exe(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE(SAMSUNG ELECTRONICS) C:\Program Files (x86)\Samsung\EmoDio\SMSTray.exe(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe() C:\Program Files (x86)\Toshiba Online Backup\ToshibaOnlineBackup.exe() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\NDSTray.exe(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFSwMgr.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Farbar) C:\Users\owner\Downloads\FRST64 (1).exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [] => [X]HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartupHKLM-x32\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [503864 2009-07-20] (Conexant Systems, Inc.)HKLM-x32\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1810728 2009-07-30] (Synaptics Incorporated)HKLM\...\Run: [ThpSrv] => C:\windows\system32\thpsrv /logonHKLM-x32\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [497504 2009-08-21] (TOSHIBA Corporation)HKLM-x32\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)HKLM-x32\...\Run: [smoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [508216 2009-07-28] (TOSHIBA Corporation)HKLM-x32\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [909624 2009-08-05] (TOSHIBA Corporation)HKLM-x32\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [711000 2009-08-04] (TOSHIBA Corporation)HKLM-x32\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1482080 2009-08-11] (TOSHIBA Corporation)HKLM-x32\...\Run: [HDMICtrlMan] => C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [1032536 2009-08-03] (TOSHIBA Corporation.)HKLM-x32\...\Run: [smartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-07-29] (TOSHIBA Corporation)HKLM-x32\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2009-08-03] (TOSHIBA Corporation)HKLM-x32\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)HKLM-x32\...\Run: [TUSBSleepChargeSrv] => C:\Program Files (x86)\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe [252288 2009-07-02] (TOSHIBA)HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2446648 2009-08-11] (TOSHIBA CORPORATION.)HKLM-x32\...\Run: [Adobe_ID0ENQBO] => C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe [378224 2008-08-15] (Adobe Systems Incorporated)HKLM-x32\...\Run: [Act.Outlook.Service] => C:\Program Files (x86)\ACT\Act for Windows\Act.Outlook.Service.exe [28672 2008-08-01] (Sage Software, Inc.)HKLM-x32\...\Run: [Act! Preloader] => C:\Program Files (x86)\ACT\Act for Windows\ActSage.exe [393216 2008-08-01] (Sage Software, Inc.)HKLM-x32\...\Run: [sMSTray] => C:\Program Files (x86)\Samsung\EmoDio\SMSTray.exe [479232 2009-04-16] (SAMSUNG ELECTRONICS)HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [673616 2009-04-07] (SEIKO EPSON CORPORATION)HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [843776 2009-06-05] (SEIKO EPSON CORPORATION)HKLM-x32\...\Run: [switchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)HKLM-x32\...\Run: [intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [1497352 2011-02-22] (Intuit Inc. All rights reserved.)HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)HKLM-x32\...\Run: [Toshiba Online Backup] => C:\Program Files (x86)\Toshiba Online Backup\ToshibaOnlineBackup.exe [966296 2011-09-19] ()HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)HKLM-x32\...\Run: [bambooCore] => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)HKU\S-1-5-21-3310603758-325049908-3132485941-1001\...\Run: [MyTOSHIBA] => C:\Program Files (x86)\Toshiba\My Toshiba\MyToshiba.exe [264048 2009-08-06] (TOSHIBA)HKU\S-1-5-21-3310603758-325049908-3132485941-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation)HKU\S-1-5-21-3310603758-325049908-3132485941-1001\...\Run: [AdobeBridge] => [X]HKU\S-1-5-21-3310603758-325049908-3132485941-1001\...\Run: [CAHeadless] => C:\Program Files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe [615808 2009-09-18] (Adobe Systems Incorporated)HKU\S-1-5-21-3310603758-325049908-3132485941-1001\...\Run: [EPSONDD461F] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIFJA.EXE [223232 2009-01-26] (SEIKO EPSON CORPORATION)HKU\S-1-5-21-3310603758-325049908-3132485941-1001\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [6129496 2011-01-12] (Logitech Inc.)HKU\S-1-5-21-3310603758-325049908-3132485941-1001\...\Run: [Akamai NetSession Interface] => C:\Users\owner\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)HKU\S-1-5-21-3310603758-325049908-3132485941-1001\...\Run: [MobileDocuments] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exeHKU\S-1-5-21-3310603758-325049908-3132485941-1001\...\Run: [Google Update] => C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-18] (Google Inc.)HKU\S-1-5-21-3310603758-325049908-3132485941-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-09-02] (Google Inc.)HKU\S-1-5-21-3310603758-325049908-3132485941-1001\...\Run: [GoogleChromeAutoLaunch_BFB1AAC9AD5759BCC5B883652DF33E69] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-05-13] (Google Inc.)HKU\S-1-5-21-3310603758-325049908-3132485941-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3095840 2015-04-30] (Nota Inc.)HKU\S-1-5-21-3310603758-325049908-3132485941-1001\...\Run: [Zoom] => [X]Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-05-12]ShortcutTarget: Dropbox.lnk -> C:\Users\owner\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2013-03-06]ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2015-02-20]ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\owner\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\owner\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\owner\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-3310603758-325049908-3132485941-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/SearchScopes: HKLM -> {24AB7543-9939-4029-86A4-50C09852A9D7} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNASearchScopes: HKLM-x32 -> {DE06CFEC-A000-4882-9E02-281D41A89459} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNASearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3310603758-325049908-3132485941-1001 -> {DE06CFEC-A000-4882-9E02-281D41A89459} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA_enUS354US354SearchScopes: HKU\S-1-5-21-3310603758-325049908-3132485941-1001 -> {FFAD5398-51D1-4EAA-B3A1-03253AD44343} URL = http://www.bing.com/search?q={searchTerms}&form=BIE9DF&pc=BIE9&src=IE-SearchBoxBHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-01] (Google Inc.)BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2011-10-18] (Sun Microsystems, Inc.)BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-12-17] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)BHO-x32: Act.UI.InternetExplorer.Plugins.AttachFile.CAttachFile -> {D5233FCD-D258-4903-89B8-FB1568E7413D} -> C:\windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-10-18] (Sun Microsystems, Inc.)Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-01] (Google Inc.)Toolbar: HKLM-x32 - No Name - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - No FileToolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)Toolbar: HKU\S-1-5-21-3310603758-325049908-3132485941-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No FileDPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cabDPF: HKLM-x32 {3D3B42C2-11BF-4732-A304-A01384B70D68} http://picasaweb.google.com/s/v/63.17/uploader2.cabDPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabHandler-x32: intu-help-qb3 - {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - C:\Program Files (x86)\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll [2012-07-25] (Intuit, Inc.)Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation)Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 FireFox:========FF ProfilePath: C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\bz230fxo.default-1414070530532FF DefaultSearchEngine: GoogleFF DefaultSearchEngine.US: GoogleFF Homepage: hxxp://google.comFF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-15] ()FF Plugin: @microsoft.com/GENUINE -> disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-05-23] (Wacom)FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-11-09] (Adobe Systems)FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-15] ()FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\windows\SysWOW64\npDeployJava1.dll [2013-03-30] (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2011-10-03] (Sun Microsystems, Inc.)FF Plugin-x32: @microsoft.com/GENUINE -> disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)FF Plugin-x32: @sony.com/eBookLibrary -> C:\Program Files (x86)\Sony\Reader\Data\bin\npebldetectmoz.dll [2010-07-13] (Sony Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-05-23] (Wacom)FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll [2013-12-25] ()FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-11-09] (Adobe Systems)FF Plugin HKU\S-1-5-21-3310603758-325049908-3132485941-1001: @citrixonline.com/appdetectorplugin -> C:\Users\owner\AppData\Local\Citrix\Plugins\94\npappdetector.dll [2013-03-13] (Citrix Online)FF Plugin HKU\S-1-5-21-3310603758-325049908-3132485941-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\owner\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)FF Plugin HKU\S-1-5-21-3310603758-325049908-3132485941-1001: @talk.google.com/O1DPlugin -> C:\Users\owner\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)FF Plugin HKU\S-1-5-21-3310603758-325049908-3132485941-1001: @tools.google.com/Google Update;version=3 -> C:\Users\owner\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)FF Plugin HKU\S-1-5-21-3310603758-325049908-3132485941-1001: @tools.google.com/Google Update;version=9 -> C:\Users\owner\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)FF Plugin HKU\S-1-5-21-3310603758-325049908-3132485941-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\owner\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2015-05-08] (Zoom Video Communications, Inc.)FF Plugin HKU\S-1-5-21-3310603758-325049908-3132485941-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-05-23] (Wacom)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll [2011-06-01] (Catalina Marketing Corporation)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol500.dll [2011-06-01] (Catalina Marketing Corporation)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-10-27] (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-10-27] (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-10-27] (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-10-27] (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-10-27] (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Users\owner\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)FF Plugin ProgramFiles/Appdata: C:\Users\owner\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)FF Extension: Firebug - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\bz230fxo.default-1414070530532\Extensions\firebug@software.joehewitt.com.xpi [2015-04-10]FF Extension: Pin It Button - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\bz230fxo.default-1414070530532\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2014-11-19]FF Extension: Evernote Web Clipper - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\bz230fxo.default-1414070530532\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi [2015-04-08]FF Extension: Skype extension - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-05-16]FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgnFF HKLM-x32\...\Firefox\Extensions: [{6D5C8FC4-DE46-41bf-9092-93F0F78E9115}] - C:\ProgramData\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_2.0.0.48\coFFFwFF HKLM-x32\...\Firefox\Extensions: [{203FB6B2-2E1E-4474-863B-4C483ECCE78E}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNSTFF Extension: Norton Safe Web Lite Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNST [2015-02-05] Chrome: =======CHR Profile: C:\Users\owner\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Bookmark Manager) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-21]CHR Extension: (Pin It Button) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2014-05-29]CHR Extension: (Hangouts) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2015-01-27]CHR Extension: (Chrome Hotword Shared Module) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]CHR Extension: (Google Wallet) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 ACT! Scheduler; C:\Program Files (x86)\ACT\Act for Windows\Act.Scheduler.exe [81920 2008-08-01] (Sage Software, Inc.) []S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2010-11-01] (Adobe Systems) []S3 Adobe Version Cue CS4; C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [284016 2008-08-15] (Adobe Systems Incorporated)R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1254400 2015-04-27] (Microsoft Corporation)S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [255040 2014-09-07] (WildTangent)S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) []R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)S2 MSSQL$ACT7; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe [132504 2013-09-12] (Symantec Corporation)R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe [126392 2009-08-24] (Symantec Corporation)R2 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2012-07-25] (Intuit) []S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2009-07-23] (Intuit Inc.) []S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2010-04-02] (Sony Corporation) []S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) []S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-11-14] (Wacom Technology, Corp.)S2 NSL; "C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe" /s "NSL" /m "C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\diMaster.dll" /prefetch:1 ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\0200000.010\ccSetx64.sys [167048 2011-08-08] (Symantec Corporation)S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [21504 2010-06-24] (http://libusb-win32.sourceforge.net) R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-23] (Malwarebytes Corporation)R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)R3 O2SDGRDR; C:\Windows\System32\DRIVERS\o2sdgx64.sys [49696 2009-07-16] (O2Micro )S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-05-23 10:05 - 2015-05-23 10:05 - 00001178 _____ () C:\Users\owner\Desktop\FRST64 (1).exe - Shortcut.lnk2015-05-23 10:02 - 2015-05-23 10:02 - 02108416 _____ (Farbar) C:\Users\owner\Downloads\FRST64 (1).exe2015-05-23 08:26 - 2015-05-23 08:26 - 00000000 ____D () C:\Users\owner\AppData\Local\{9FDDAEE0-73B9-428E-A270-70C81EC14626}2015-05-22 18:31 - 2015-05-22 18:31 - 00000000 ____D () C:\Users\owner\Documents\New folder (12)2015-05-22 18:31 - 2015-05-22 18:31 - 00000000 ____D () C:\Users\owner\Documents\New folder (10)2015-05-22 13:11 - 2015-05-22 13:12 - 00000000 ____D () C:\Users\owner\AppData\Local\{80453EC0-B099-4BE6-881C-CE582FFF6BD0}2015-05-22 10:45 - 2015-05-22 10:46 - 00813408 _____ () C:\windows\Minidump\052215-23353-01.dmp2015-05-21 23:46 - 2015-05-21 23:46 - 00000000 ____D () C:\Users\owner\AppData\Local\{46B8A14D-671A-4A78-9F96-F3F80EE22699}2015-05-21 10:59 - 2015-05-21 10:59 - 00000000 ____D () C:\Users\owner\AppData\Local\{169FEC7C-5EF5-4C41-AAF7-9DC6D3DFC7FE}2015-05-20 22:58 - 2015-05-20 22:58 - 00000000 ____D () C:\Users\owner\AppData\Local\{37349C58-5208-4655-9FB3-6B0B10CF9A72}2015-05-20 10:56 - 2015-05-20 10:56 - 00000000 ____D () C:\Users\owner\AppData\Local\{CB81E52B-88AD-4088-9A2F-AEDC01845A0A}2015-05-19 10:54 - 2015-05-19 22:55 - 00000000 ____D () C:\Users\owner\AppData\Local\{744003A2-1B19-4678-A842-7D43DD1F327A}2015-05-18 16:43 - 2015-05-18 16:43 - 00002159 _____ () C:\Users\owner\Downloads\CP0007276395P-1.mp4.en.srt2015-05-18 10:53 - 2015-05-18 22:54 - 00000000 ____D () C:\Users\owner\AppData\Local\{9AC0D1A3-F505-45B0-B94C-965C0631CFC4}2015-05-17 23:40 - 2015-05-17 23:40 - 00118735 _____ () C:\Users\owner\Downloads\CP0045898113P-1.mp4.en.srt2015-05-17 10:52 - 2015-05-17 22:53 - 00000000 ____D () C:\Users\owner\AppData\Local\{BA992444-2C60-477A-A06A-02BB763EB5C7}2015-05-16 22:14 - 2015-05-22 23:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox2015-05-16 10:39 - 2015-05-22 18:33 - 00000000 ____D () C:\Users\owner\Documents\System Restore2015-05-15 19:37 - 2015-05-16 19:59 - 00000000 ____D () C:\Users\owner\AppData\Local\{462E082F-1254-4D2D-A886-010EA8DB0733}2015-05-15 07:36 - 2015-05-15 07:36 - 00000000 ____D () C:\Users\owner\AppData\Local\{48E726A5-1DA1-4BFB-8E8B-1D0E52D34381}2015-05-15 06:54 - 2015-05-22 23:53 - 00000000 ____D () C:\ProgramData\Gyazo2015-05-15 06:54 - 2015-05-15 06:54 - 00000993 _____ () C:\Users\Public\Desktop\Gyazo GIF.lnk2015-05-14 19:35 - 2015-05-14 19:35 - 00000000 ____D () C:\Users\owner\AppData\Local\{B04C8801-B87E-4C60-8BDC-BDECE0D34D52}2015-05-14 07:42 - 2015-05-01 09:17 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll2015-05-14 07:42 - 2015-05-01 09:16 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll2015-05-13 16:03 - 2015-05-13 16:03 - 00015981 _____ () C:\Users\owner\Downloads\CP0097179133P-1.mp4.en.srt2015-05-13 11:20 - 2015-05-14 07:35 - 00000000 ____D () C:\Users\owner\AppData\Local\{85698EF4-DB7E-473E-AAAD-318035C26C39}2015-05-13 09:10 - 2015-05-04 21:29 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll2015-05-13 09:10 - 2015-05-04 21:12 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll2015-05-13 09:10 - 2015-04-27 15:28 - 05569984 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe2015-05-13 09:10 - 2015-04-27 15:28 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys2015-05-13 09:10 - 2015-04-27 15:28 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys2015-05-13 09:10 - 2015-04-27 15:26 - 01728960 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll2015-05-13 09:10 - 2015-04-27 15:23 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll2015-05-13 09:10 - 2015-04-27 15:23 - 01254400 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll2015-05-13 09:10 - 2015-04-27 15:23 - 01162752 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll2015-05-13 09:10 - 2015-04-27 15:23 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll2015-05-13 09:10 - 2015-04-27 15:23 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll2015-05-13 09:10 - 2015-04-27 15:23 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll2015-05-13 09:10 - 2015-04-27 15:23 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll2015-05-13 09:10 - 2015-04-27 15:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll2015-05-13 09:10 - 2015-04-27 15:23 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll2015-05-13 09:10 - 2015-04-27 15:23 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll2015-05-13 09:10 - 2015-04-27 15:23 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll2015-05-13 09:10 - 2015-04-27 15:23 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll2015-05-13 09:10 - 2015-04-27 15:23 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll2015-05-13 09:10 - 2015-04-27 15:23 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll2015-05-13 09:10 - 2015-04-27 15:23 - 00113664 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll2015-05-13 09:10 - 2015-04-27 15:23 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll2015-05-13 09:10 - 2015-04-27 15:23 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll2015-05-13 09:10 - 2015-04-27 15:22 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe2015-05-13 09:10 - 2015-04-27 15:22 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe2015-05-13 09:10 - 2015-04-27 15:22 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe2015-05-13 09:10 - 2015-04-27 15:22 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe2015-05-13 09:10 - 2015-04-27 15:22 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\logman.exe2015-05-13 09:10 - 2015-04-27 15:22 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\typeperf.exe2015-05-13 09:10 - 2015-04-27 15:22 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\relog.exe2015-05-13 09:10 - 2015-04-27 15:22 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe2015-05-13 09:10 - 2015-04-27 15:21 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe2015-05-13 09:10 - 2015-04-27 15:11 - 03989440 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe2015-05-13 09:10 - 2015-04-27 15:11 - 03934144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe2015-05-13 09:10 - 2015-04-27 15:08 - 01310744 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll2015-05-13 09:10 - 2015-04-27 15:05 - 00635392 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll2015-05-13 09:10 - 2015-04-27 15:05 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll2015-05-13 09:10 - 2015-04-27 15:05 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll2015-05-13 09:10 - 2015-04-27 15:05 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll2015-05-13 09:10 - 2015-04-27 15:05 - 00092160 _____ (Microsoft Corporation) C:\windows\SysWOW64\sechost.dll2015-05-13 09:10 - 2015-04-27 15:05 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll2015-05-13 09:10 - 2015-04-27 15:04 - 00641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll2015-05-13 09:10 - 2015-04-27 15:04 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll2015-05-13 09:10 - 2015-04-27 15:04 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\tracerpt.exe2015-05-13 09:10 - 2015-04-27 15:04 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\logman.exe2015-05-13 09:10 - 2015-04-27 15:04 - 00040448 _____ (Microsoft Corporation) C:\windows\SysWOW64\typeperf.exe2015-05-13 09:10 - 2015-04-27 15:04 - 00037888 _____ (Microsoft Corporation) C:\windows\SysWOW64\relog.exe2015-05-13 09:10 - 2015-04-27 15:04 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe2015-05-13 09:10 - 2015-04-27 15:03 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll2015-05-13 09:10 - 2015-04-27 15:03 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll2015-05-13 09:10 - 2015-04-27 15:03 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe2015-05-13 09:10 - 2015-04-27 14:06 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll2015-05-13 09:10 - 2015-04-21 22:28 - 00389840 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll2015-05-13 09:10 - 2015-04-21 21:48 - 00342736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll2015-05-13 09:10 - 2015-04-21 13:14 - 24971776 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll2015-05-13 09:10 - 2015-04-21 13:08 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb2015-05-13 09:10 - 2015-04-21 13:07 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll2015-05-13 09:10 - 2015-04-21 12:51 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll2015-05-13 09:10 - 2015-04-21 12:50 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll2015-05-13 09:10 - 2015-04-21 12:50 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec2015-05-13 09:10 - 2015-04-21 12:50 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll2015-05-13 09:10 - 2015-04-21 12:49 - 02885120 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll2015-05-13 09:10 - 2015-04-21 12:48 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll2015-05-13 09:10 - 2015-04-21 12:41 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll2015-05-13 09:10 - 2015-04-21 12:40 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll2015-05-13 09:10 - 2015-04-21 12:37 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll2015-05-13 09:10 - 2015-04-21 12:35 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll2015-05-13 09:10 - 2015-04-21 12:35 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe2015-05-13 09:10 - 2015-04-21 12:35 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe2015-05-13 09:10 - 2015-04-21 12:34 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll2015-05-13 09:10 - 2015-04-21 12:31 - 06025728 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll2015-05-13 09:10 - 2015-04-21 12:26 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe2015-05-13 09:10 - 2015-04-21 12:25 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb2015-05-13 09:10 - 2015-04-21 12:24 - 19691008 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll2015-05-13 09:10 - 2015-04-21 12:22 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll2015-05-13 09:10 - 2015-04-21 12:14 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll2015-05-13 09:10 - 2015-04-21 12:11 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll2015-05-13 09:10 - 2015-04-21 12:11 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll2015-05-13 09:10 - 2015-04-21 12:10 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll2015-05-13 09:10 - 2015-04-21 12:09 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec2015-05-13 09:10 - 2015-04-21 12:09 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll2015-05-13 09:10 - 2015-04-21 12:08 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll2015-05-13 09:10 - 2015-04-21 12:08 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll2015-05-13 09:10 - 2015-04-21 12:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll2015-05-13 09:10 - 2015-04-21 12:04 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll2015-05-13 09:10 - 2015-04-21 12:03 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll2015-05-13 09:10 - 2015-04-21 12:02 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll2015-05-13 09:10 - 2015-04-21 12:00 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll2015-05-13 09:10 - 2015-04-21 11:58 - 00664576 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll2015-05-13 09:10 - 2015-04-21 11:58 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe2015-05-13 09:10 - 2015-04-21 11:57 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll2015-05-13 09:10 - 2015-04-21 11:49 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll2015-05-13 09:10 - 2015-04-21 11:49 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe2015-05-13 09:10 - 2015-04-21 11:48 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll2015-05-13 09:10 - 2015-04-21 11:47 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll2015-05-13 09:10 - 2015-04-21 11:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl2015-05-13 09:10 - 2015-04-21 11:43 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll2015-05-13 09:10 - 2015-04-21 11:40 - 14401536 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll2015-05-13 09:10 - 2015-04-21 11:39 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll2015-05-13 09:10 - 2015-04-21 11:38 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll2015-05-13 09:10 - 2015-04-21 11:36 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll2015-05-13 09:10 - 2015-04-21 11:31 - 04305920 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll2015-05-13 09:10 - 2015-04-21 11:27 - 02352128 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll2015-05-13 09:10 - 2015-04-21 11:26 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll2015-05-13 09:10 - 2015-04-21 11:25 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl2015-05-13 09:10 - 2015-04-21 11:24 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll2015-05-13 09:10 - 2015-04-21 11:17 - 12828672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll2015-05-13 09:10 - 2015-04-21 11:15 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll2015-05-13 09:10 - 2015-04-21 11:03 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll2015-05-13 09:10 - 2015-04-21 11:02 - 01882112 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll2015-05-13 09:10 - 2015-04-21 10:58 - 01310208 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll2015-05-13 09:10 - 2015-04-21 10:56 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll2015-05-13 09:10 - 2015-04-17 23:10 - 00460800 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll2015-05-13 09:10 - 2015-04-17 22:56 - 00342016 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll2015-05-13 09:10 - 2015-04-12 23:28 - 00328704 _____ (Microsoft Corporation) C:\windows\system32\services.exe2015-05-13 09:10 - 2015-03-04 00:41 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\apphelp.dll2015-05-13 09:10 - 2015-03-04 00:41 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\aelupsvc.dll2015-05-13 09:10 - 2015-03-04 00:41 - 00023552 _____ (Microsoft Corporation) C:\windows\system32\sdbinst.exe2015-05-13 09:10 - 2015-03-04 00:41 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\shimeng.dll2015-05-13 09:10 - 2015-03-04 00:11 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\shimeng.dll2015-05-13 09:10 - 2015-03-04 00:10 - 00295936 _____ (Microsoft Corporation) C:\windows\SysWOW64\apphelp.dll2015-05-13 09:10 - 2015-03-04 00:10 - 00020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\sdbinst.exe2015-05-13 09:09 - 2015-04-27 15:23 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll2015-05-13 09:09 - 2015-04-27 15:23 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll2015-05-13 09:09 - 2015-04-27 15:23 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll2015-05-13 09:09 - 2015-04-27 15:23 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll2015-05-13 09:09 - 2015-04-27 15:23 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll2015-05-13 09:09 - 2015-04-27 15:23 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll2015-05-13 09:09 - 2015-04-27 15:23 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll2015-05-13 09:09 - 2015-04-27 15:22 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\diskperf.exe2015-05-13 09:09 - 2015-04-27 15:18 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll2015-05-13 09:09 - 2015-04-27 15:18 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 15:05 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll2015-05-13 09:09 - 2015-04-27 15:05 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll2015-05-13 09:09 - 2015-04-27 15:05 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll2015-05-13 09:09 - 2015-04-27 15:04 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll2015-05-13 09:09 - 2015-04-27 15:03 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll2015-05-13 09:09 - 2015-04-27 15:03 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\diskperf.exe2015-05-13 09:09 - 2015-04-27 15:03 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll2015-05-13 09:09 - 2015-04-27 15:01 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll2015-05-13 09:09 - 2015-04-27 15:01 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 13:57 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe2015-05-13 09:09 - 2015-04-27 13:57 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe2015-05-13 09:09 - 2015-04-27 13:55 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 13:55 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 13:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll2015-05-13 09:09 - 2015-04-27 13:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll2015-05-13 09:09 - 2015-04-19 23:17 - 01647104 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll2015-05-13 09:09 - 2015-04-19 23:17 - 01179136 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll2015-05-13 09:09 - 2015-04-19 22:56 - 01250816 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll2015-05-13 09:09 - 2015-04-19 22:11 - 03204608 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys2015-05-13 09:08 - 2015-04-07 23:29 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll2015-05-13 09:08 - 2015-04-07 23:29 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll2015-05-13 09:08 - 2015-04-07 23:14 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll2015-05-13 09:08 - 2015-02-18 03:06 - 00123904 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe2015-05-13 09:08 - 2015-02-18 03:04 - 00142336 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe2015-05-13 09:08 - 2015-01-28 23:19 - 02543104 _____ (Microsoft Corporation) C:\windows\system32\wpdshext.dll2015-05-13 09:08 - 2015-01-28 23:02 - 02311168 _____ (Microsoft Corporation) C:\windows\SysWOW64\wpdshext.dll2015-05-12 23:19 - 2015-05-12 23:19 - 00000000 ____D () C:\Users\owner\AppData\Local\{9732C701-072B-4040-A35A-38600DCBD89B}2015-05-12 11:43 - 2015-05-22 23:53 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Zoom2015-05-12 11:43 - 2015-05-22 23:53 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom2015-05-12 11:43 - 2015-05-12 11:43 - 00133528 _____ (Zoom Video Communications, Inc.) C:\Users\owner\Downloads\Zoom_launcher (1).exe2015-05-12 11:21 - 2015-05-12 11:21 - 00133528 _____ (Zoom Video Communications, Inc.) C:\Users\owner\Downloads\Zoom_launcher.exe2015-05-12 11:19 - 2015-05-12 11:19 - 00000000 ____D () C:\Users\owner\AppData\Local\{1D60784D-1D00-41AF-B120-EA7749A9C8A8}2015-05-11 08:51 - 2015-05-11 08:51 - 01311683 _____ () C:\Users\owner\Downloads\Top-15-Ways-to-Make-Money-Online.zip2015-05-10 20:40 - 2015-05-10 21:12 - 00000000 ____D () C:\Users\owner\Downloads\Dollarphotoclub_680988682015-05-10 20:34 - 2015-05-10 20:34 - 01046306 _____ () C:\Users\owner\Downloads\Dollarphotoclub_68098868.zip2015-05-09 22:39 - 2015-05-11 23:19 - 00000000 ____D () C:\Users\owner\AppData\Local\{B575FDC0-7005-46F1-9623-2EC4AE7E91E7}2015-05-09 18:47 - 2015-05-09 18:47 - 00007148 _____ () C:\Users\owner\Downloads\CP0157666677P-75.mp4.en.srt2015-05-09 15:28 - 2015-05-09 15:28 - 00008214 _____ () C:\Users\owner\Downloads\bloglovin_subscriptions.xml2015-05-09 13:26 - 2015-05-09 13:26 - 00002204 _____ () C:\Users\owner\Downloads\CP0360643936P-19.mp4.en.srt2015-05-08 19:48 - 2015-05-08 19:48 - 00002058 _____ () C:\Users\owner\Downloads\CP0535238036P-1.mp4.en.srt2015-05-08 16:05 - 2015-05-08 16:05 - 00025117 _____ () C:\Users\owner\Downloads\CP0315806205P-1.mp4.en (1).srt2015-05-08 15:54 - 2015-05-08 15:54 - 00025057 _____ () C:\Users\owner\Downloads\CP0315806205P-1.mp4.en.srt2015-05-08 10:38 - 2015-05-09 10:38 - 00000000 ____D () C:\Users\owner\AppData\Local\{205560D5-7DD6-4A0F-BCA1-F0A1B3EFF31E}2015-05-08 09:16 - 2015-05-08 09:17 - 00804872 _____ () C:\windows\Minidump\050815-23431-01.dmp2015-05-07 22:38 - 2015-05-07 22:38 - 00000000 ____D () C:\Users\owner\AppData\Local\{65B79364-EF6C-4597-B9AA-622BA49C9CAB}2015-05-07 21:30 - 2015-05-07 21:30 - 00002863 _____ () C:\Users\owner\Downloads\CP0076905481P-46.mp4.en.srt2015-05-07 19:52 - 2015-05-07 19:52 - 00008271 _____ () C:\Users\owner\Downloads\CP0076905481P-78.mp4.en.srt2015-05-07 10:37 - 2015-05-07 10:37 - 00000000 ____D () C:\Users\owner\AppData\Local\{298D69B6-A625-450D-B325-A5CDB0D5E67A}2015-05-07 10:20 - 2015-05-07 10:20 - 00812904 _____ () C:\windows\Minidump\050715-26925-01.dmp2015-05-07 08:05 - 2015-05-07 08:05 - 00877032 _____ () C:\windows\Minidump\050715-33540-01.dmp2015-05-06 16:39 - 2015-05-06 16:39 - 00003335 _____ () C:\Users\owner\Downloads\CP0023366857P-1.mp4.en.srt2015-05-06 11:20 - 2015-05-06 11:20 - 00002437 _____ () C:\Users\owner\Downloads\CP0100254712P-33.mp4.en.srt2015-05-05 20:58 - 2015-05-05 20:58 - 00006578 _____ () C:\Users\owner\Downloads\CP0323463782P-1.mp4.en(1).srt2015-05-05 20:39 - 2015-05-05 20:39 - 00006575 _____ () C:\Users\owner\Downloads\CP0323463782P-1.mp4.en.srt2015-05-05 15:05 - 2015-05-05 15:05 - 00003831 _____ () C:\Users\owner\Downloads\CP0450385100P-1.mp4.en(1).srt2015-05-05 14:55 - 2015-05-05 14:55 - 00003763 _____ () C:\Users\owner\Downloads\CP0450385100P-1.mp4.en.srt2015-05-05 12:30 - 2015-05-05 12:31 - 00003656 _____ () C:\Users\owner\Downloads\CP0353034608P-4.mp4.en(1).srt2015-05-05 12:23 - 2015-05-05 12:24 - 00003662 _____ () C:\Users\owner\Downloads\CP0353034608P-4.mp4.en.srt2015-05-05 02:26 - 2015-05-05 02:26 - 00024947 _____ () C:\Users\owner\Downloads\CP0168412542P-7.mp4.en.srt2015-05-04 19:15 - 2015-05-04 19:15 - 00011853 _____ () C:\Users\owner\Downloads\CP0387660393P-1.mp4.en.srt2015-05-04 10:35 - 2015-05-04 10:35 - 00000000 ____D () C:\Users\owner\Downloads\facebook-1000014215057052015-05-04 10:25 - 2015-05-04 10:25 - 00001923 _____ () C:\Users\owner\Downloads\CP0220504330P-1.mp4.en(1).srt2015-05-04 10:22 - 2015-05-04 10:23 - 00001924 _____ () C:\Users\owner\Downloads\CP0220504330P-1.mp4.en.srt2015-05-04 02:38 - 2015-05-04 02:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud2015-05-04 02:36 - 2015-05-04 02:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes2015-05-04 02:35 - 2015-05-04 02:36 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A72015-05-04 02:35 - 2015-05-04 02:36 - 00000000 ____D () C:\Program Files\iTunes2015-05-04 02:35 - 2015-05-04 02:35 - 00000000 ____D () C:\Program Files\iPod2015-05-04 02:35 - 2015-05-04 02:35 - 00000000 ____D () C:\Program Files (x86)\iTunes2015-05-04 02:21 - 2015-05-04 02:21 - 00002011 _____ () C:\Users\owner\Downloads\CP0100254712P-38.mp4.en.srt2015-05-02 19:07 - 2015-05-02 19:08 - 00001426 _____ () C:\Users\owner\Downloads\CP0157666677P-61.mp4.en(1).srt2015-05-02 19:03 - 2015-05-02 19:03 - 00001423 _____ () C:\Users\owner\Downloads\CP0157666677P-61.mp4.en.srt2015-05-02 16:03 - 2015-05-02 16:03 - 00003891 _____ () C:\Users\owner\Downloads\CP0468921932P-2.mp4.en.srt2015-05-02 14:23 - 2015-05-02 14:23 - 00004035 _____ () C:\Users\owner\Downloads\CP0468921932P-5.mp4.en.srt2015-05-02 12:51 - 2015-05-02 12:51 - 00002422 _____ () C:\Users\owner\Downloads\CP0195338775P-1.mp4.en.srt2015-05-02 00:08 - 2015-05-20 07:30 - 00000000 ____D () C:\Users\owner\Documents\Maggie Flanigan2015-05-02 00:07 - 2015-05-16 11:00 - 00000000 ____D () C:\Users\owner\Documents\Rev.com2015-05-01 22:25 - 2015-05-01 22:25 - 00602316 _____ () C:\Users\owner\Downloads\book_version_5.idml2015-05-01 21:39 - 2015-05-01 21:39 - 00003608 _____ () C:\Users\owner\Downloads\CP0276004791P-1.mp4.en.srt2015-05-01 19:44 - 2015-05-01 19:44 - 00001037 _____ () C:\Users\owner\Downloads\CP0522524429P-1.mp4.en.srt2015-05-01 18:15 - 2015-05-01 18:15 - 00025925 _____ () C:\Users\owner\Downloads\CP0373945655P-1.mp4.en.srt2015-05-01 10:57 - 2015-05-01 10:58 - 00000000 ____D () C:\Users\owner\Documents\EBT2015-04-30 10:28 - 2015-05-06 22:36 - 00000000 ____D () C:\Users\owner\AppData\Local\{B3FB741E-67C1-4728-B326-5F4A3DA43664}2015-04-29 11:03 - 2015-04-29 11:03 - 02359035 _____ () C:\Users\owner\Downloads\facebook-100001421505705.zip2015-04-29 10:26 - 2015-04-29 22:26 - 00000000 ____D () C:\Users\owner\AppData\Local\{E06DFE62-A549-4783-AF6B-F0424B9647F8}2015-04-29 00:38 - 2015-04-29 00:38 - 00006805 _____ () C:\Users\owner\Downloads\sample8.mp4.en.srt2015-04-28 18:12 - 2015-04-28 18:12 - 00003608 _____ () C:\Users\owner\Downloads\sample7.mp4.en.srt2015-04-26 13:12 - 2015-04-26 13:12 - 00002917 _____ () C:\Users\owner\Downloads\sample6.mp4.en.srt2015-04-25 21:56 - 2015-04-28 22:26 - 00000000 ____D () C:\Users\owner\AppData\Local\{6D1CB3D2-9A48-41AE-9359-359CC7136941}2015-04-23 22:30 - 2015-04-23 22:30 - 00000000 ____D () C:\Users\owner\AppData\Local\{4F1E2A43-4B07-4E19-9650-D955A02E5619}2015-04-23 22:02 - 2015-04-23 23:21 - 01257449 _____ () C:\Users\owner\Downloads\HEADER-FOOTER Sugar and Tank.ai ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-05-23 10:06 - 2015-02-01 15:11 - 00031284 _____ () C:\Users\owner\Downloads\FRST.txt2015-05-23 10:06 - 2015-02-01 15:10 - 00000000 ____D () C:\FRST2015-05-23 09:31 - 2012-12-07 15:00 - 00000908 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3310603758-325049908-3132485941-1001UA.job2015-05-23 09:31 - 2012-04-02 10:08 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job2015-05-23 09:31 - 2010-01-31 15:28 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job2015-05-23 09:31 - 2009-07-14 00:51 - 00564680 _____ () C:\windows\setupact.log2015-05-23 08:47 - 2009-10-07 22:10 - 01117620 _____ () C:\windows\WindowsUpdate.log2015-05-23 08:32 - 2010-01-31 15:28 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job2015-05-23 08:27 - 2013-05-14 13:47 - 00000000 ___RD () C:\Users\owner\Dropbox2015-05-23 08:27 - 2013-05-14 13:30 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Dropbox2015-05-23 08:25 - 2014-07-30 12:45 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys2015-05-23 08:25 - 2010-03-15 09:45 - 00000000 ____D () C:\Users\owner\Tracing2015-05-23 00:05 - 2009-07-14 00:45 - 00018736 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02015-05-23 00:05 - 2009-07-14 00:45 - 00018736 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02015-05-22 23:57 - 2011-03-27 22:01 - 00000000 ____D () C:\windows\SysWOW64\logishrd2015-05-22 23:57 - 2011-03-27 22:01 - 00000000 ____D () C:\windows\system32\logishrd2015-05-22 23:57 - 2009-07-14 01:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT2015-05-22 23:54 - 2014-07-30 12:45 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2015-05-22 23:54 - 2013-03-15 18:47 - 00000000 ____D () C:\Program Files (x86)\Gyazo2015-05-22 23:54 - 2012-09-01 07:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight2015-05-22 23:54 - 2012-05-05 16:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service2015-05-22 23:54 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared2015-05-22 23:53 - 2015-04-20 19:28 - 00000000 ____D () C:\Users\owner\Documents\Sew Caroline2015-05-22 23:53 - 2015-04-06 06:20 - 00000000 ___SD () C:\windows\SysWOW64\GWX2015-05-22 23:53 - 2015-04-06 06:19 - 00000000 ___SD () C:\windows\system32\GWX2015-05-22 23:53 - 2015-03-12 22:03 - 00000000 ____D () C:\Users\owner\Documents\Melly Sews2015-05-22 23:53 - 2015-02-05 10:24 - 00000000 ____D () C:\Users\owner\Downloads\FRST-OlderVersion2015-05-22 23:53 - 2014-12-03 22:55 - 00000000 ____D () C:\Users\owner\Documents\Money Robbins email amazon_files2015-05-22 23:53 - 2014-09-25 23:16 - 00000000 ____D () C:\Users\owner\Documents\Att troubleshoot chat 9.25.14_files2015-05-22 23:53 - 2014-07-30 12:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2015-05-22 23:53 - 2014-04-13 11:29 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon2015-05-22 23:53 - 2013-09-20 17:03 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Blackboard2015-05-22 23:53 - 2013-05-14 13:31 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox2015-05-22 23:53 - 2013-04-29 01:13 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Koox System Optimizer2015-05-22 23:53 - 2013-04-28 23:41 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Audacity2015-05-22 23:53 - 2013-03-15 18:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo2015-05-22 23:53 - 2013-03-13 15:06 - 00000000 ____D () C:\Users\owner\AppData\Local\Citrix2015-05-22 23:53 - 2012-09-01 07:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight2015-05-22 23:53 - 2012-09-01 07:54 - 00000000 ____D () C:\Program Files\Microsoft Silverlight2015-05-22 23:53 - 2012-04-03 17:41 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client2015-05-22 23:53 - 2011-11-16 17:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome2015-05-22 23:53 - 2011-11-09 15:41 - 00000000 ____D () C:\Users\owner\AppData\Local\Akamai2015-05-22 23:53 - 2011-06-15 09:34 - 00000000 ____D () C:\Users\owner\AppData\Local\Tific2015-05-22 23:53 - 2011-06-01 18:56 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Catalina Marketing Corp2015-05-22 23:53 - 2011-06-01 18:56 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Catalina Marketing Corp2015-05-22 23:53 - 2011-04-19 09:41 - 00000000 ____D () C:\Users\owner\AppData\Roaming\MAGIX2015-05-22 23:53 - 2011-04-11 17:58 - 00000000 ____D () C:\Users\owner\Documents\Netflix Setup OrderFinal_files2015-05-22 23:53 - 2011-04-08 11:47 - 00000000 ____D () C:\Users\owner\Documents\No Messages Screen Display for Jebaire Publishing_files2015-05-22 23:53 - 2011-03-21 18:53 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton2015-05-22 23:53 - 2011-01-12 15:32 - 00000000 ____D () C:\Users\owner\AppData\Roaming\FreeFileOpener2015-05-22 23:53 - 2011-01-07 18:43 - 00000000 ____D () C:\Users\owner\Downloads\Basic Ebook info from IBPA_files2015-05-22 23:53 - 2010-11-23 19:12 - 00000000 ____D () C:\Users\owner\Documents\Audible2015-05-22 23:53 - 2010-06-25 15:10 - 00000000 ____D () C:\Users\owner\Documents\My eBooks2015-05-22 23:53 - 2010-06-25 15:08 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobipocket.com2015-05-22 23:53 - 2010-06-14 20:13 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Mozilla2015-05-22 23:53 - 2010-05-20 12:24 - 00000000 __RSD () C:\Users\owner\Documents\My Stationery2015-05-22 23:53 - 2010-05-17 09:30 - 00000000 ____D () C:\Users\owner\Documents\Homeschool2015-05-22 23:53 - 2010-05-11 13:24 - 00000000 ___SD () C:\Users\owner\Documents\My Data Sources2015-05-22 23:53 - 2010-05-07 11:05 - 00000000 ____D () C:\Users\owner\Documents\Jebaire Book Blocks2015-05-22 23:53 - 2010-04-27 07:40 - 00000000 ____D () C:\windows\Minidump2015-05-22 23:53 - 2010-04-02 21:24 - 00000000 ____D () C:\Users\owner\Documents\Jebaire Manuscripts2015-05-22 23:53 - 2010-03-18 12:42 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Skype2015-05-22 23:53 - 2010-03-18 09:03 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Barnes & Noble2015-05-22 23:53 - 2010-03-08 15:51 - 00000000 ____D () C:\Users\owner\AppData\Local\Microsoft Help2015-05-22 23:53 - 2010-02-24 17:15 - 00000000 ____D () C:\ProgramData\FLEXnet2015-05-22 23:53 - 2010-02-16 18:45 - 00000000 ____D () C:\Users\owner\AppData\Roaming\WildTangent2015-05-22 23:53 - 2010-02-16 18:45 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Adobe2015-05-22 23:53 - 2010-02-13 12:48 - 00000000 ____D () C:\Users\owner\AppData\Local\TOSHIBA2015-05-22 23:53 - 2010-02-13 12:47 - 00000000 ___RD () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance2015-05-22 23:53 - 2010-02-13 12:47 - 00000000 ___RD () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories2015-05-22 23:53 - 2010-02-13 12:47 - 00000000 ____D () C:\Users\owner2015-05-22 23:53 - 2009-10-07 22:20 - 00000000 ____D () C:\ProgramData\Microsoft Help2015-05-22 23:53 - 2009-07-14 03:45 - 00000000 ____D () C:\Program Files\Windows Journal2015-05-22 23:53 - 2009-07-14 01:09 - 00000000 ____D () C:\windows\System32\Tasks\WPD2015-05-22 23:53 - 2009-07-13 23:20 - 00000000 __RSD () C:\windows\Media2015-05-22 23:53 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Public\Libraries2015-05-22 23:53 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\AdvancedInstallers2015-05-22 23:53 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\servicing2015-05-22 23:53 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\rescache2015-05-22 23:53 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\PolicyDefinitions2015-05-22 23:53 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\AppCompat2015-05-22 23:52 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\registration2015-05-22 13:28 - 2012-12-07 15:00 - 00000856 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3310603758-325049908-3132485941-1001Core.job2015-05-22 10:45 - 2010-04-27 07:40 - 401271285 _____ () C:\windows\MEMORY.DMP2015-05-22 10:09 - 2009-07-14 01:08 - 00032584 _____ () C:\windows\Tasks\SCHEDLGU.TXT2015-05-22 07:41 - 2014-06-13 07:58 - 00000000 ____D () C:\Users\owner\AppData\Local\Adobe2015-05-21 19:49 - 2011-03-28 21:58 - 00000000 ____D () C:\Users\owner\AppData\Local\CrashDumps2015-05-20 17:38 - 2014-07-30 12:45 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2015-05-20 13:53 - 2013-09-12 20:41 - 00000000 ____D () C:\Users\owner\Documents\Clark Kids Stuff2015-05-18 10:18 - 2014-11-27 14:02 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk2015-05-18 09:43 - 2009-09-03 01:35 - 01370042 _____ () C:\windows\PFRO.log2015-05-16 13:23 - 2012-12-07 15:00 - 00003878 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3310603758-325049908-3132485941-1001UA2015-05-16 13:23 - 2012-12-07 15:00 - 00003482 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3310603758-325049908-3132485941-1001Core2015-05-15 17:19 - 2010-01-31 15:28 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA2015-05-15 17:19 - 2010-01-31 15:28 - 00003642 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore2015-05-15 14:16 - 2012-04-02 10:08 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe2015-05-15 14:16 - 2012-04-02 10:08 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater2015-05-15 14:16 - 2011-06-08 01:53 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl2015-05-15 06:55 - 2015-01-09 10:54 - 00003750 _____ () C:\windows\System32\Tasks\GyazoUpdateTaskMachine2015-05-14 10:14 - 2009-07-14 01:13 - 00006416 _____ () C:\windows\system32\PerfStringBackup.INI2015-05-14 10:06 - 2009-07-14 00:45 - 05120888 _____ () C:\windows\system32\FNTCACHE.DAT2015-05-14 08:21 - 2013-07-15 14:49 - 00000000 ____D () C:\windows\system32\MRT2015-05-14 07:54 - 2010-04-20 08:38 - 140425016 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe2015-05-13 17:05 - 2015-04-10 23:50 - 00000000 ____D () C:\Users\owner\Documents\$$$$$2015-05-12 13:34 - 2011-03-27 22:00 - 00000000 _____ () C:\windows\system32\Drivers\lvuvc.hs2015-05-06 20:09 - 2013-04-16 11:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive2015-05-06 18:58 - 2013-03-15 18:49 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Gyazo2015-05-04 02:35 - 2014-02-08 20:43 - 00000000 ____D () C:\Program Files\Common Files\Apple2015-05-01 20:41 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\NDF2015-04-23 22:01 - 2015-04-22 13:31 - 01276072 _____ () C:\Users\owner\Downloads\HEADER-FOOTER.ai2015-04-23 15:46 - 2011-03-27 22:24 - 00000000 ____D () C:\Users\owner\Documents\SightSpeed Recordings2015-04-23 10:14 - 2015-04-22 08:48 - 00000000 ____D () C:\Users\owner\AppData\Local\{B2B42623-43B5-4CC9-93C0-3C6BD8C00561} ==================== Files in the root of some directories ======= 2010-02-24 21:56 - 2010-02-24 21:56 - 0000000 ____H () C:\Users\owner\AppData\Roaming\ActUpdate.log2011-11-21 20:44 - 2011-11-21 20:44 - 0044912 _____ () C:\Users\owner\AppData\Roaming\UserTile.png2010-03-31 21:16 - 2013-06-11 23:07 - 0000610 _____ () C:\Users\owner\AppData\Roaming\wklnhst.dat2010-03-18 12:50 - 2010-03-18 12:50 - 0000056 ____H () C:\ProgramData\ezsidmv.dat2010-02-24 21:56 - 2010-04-24 22:39 - 0000088 __RSH () C:\ProgramData\F3446BD02F.sys2010-03-16 15:36 - 2010-03-31 15:46 - 0000609 _____ () C:\ProgramData\hpzinstall.log2010-02-24 21:56 - 2011-09-21 21:52 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys Some files in TEMP:====================C:\Users\owner\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprnkzxy.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-05-14 19:56 ==================== End of log ============================
  11. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.4.2 (02.02.2015:1) OS: Windows 7 Home Premium x64 Ran by owner on Mon 02/09/2015 at 19:50:34.59 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{056720EE-9B35-4C5B-BEB5-CD3A851F91B8} Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{175FA8F6-C59C-4F88-ACD9-96F26596FF44} Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{1F0B358C-7C7E-47CF-864A-6D748D765D7C} Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{333727F8-B4D2-42E1-9FEF-EE325CF7F26E} Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{3B269B5F-97C2-44ED-9A15-AB7DE975D3A2} Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{5DD95C9D-AC89-4694-BD8F-A9FF922A7FB4} Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{5E7A5BFA-BBB1-448B-826C-D8E10FAEAA54} Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{9507E5BE-5C6D-45B9-AFB6-1CC26EA40B1A} Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{9674D660-DBAD-47A8-A4D7-3523B3506B0C} Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{96BF47B3-8F37-4530-AF23-49E3824880D7} Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{A7549A7C-5213-46D8-8C5C-1ACF7FA00558} Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{BA19B610-17D2-4353-9A9F-B26EB7AC6DBF} Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{EA4151BF-EFFB-4A0B-916A-DBEB7CD262EF} Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{F0E86032-519A-4AA8-9103-772031BA602C} ~~~ FireFox Emptied folder: C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\bz230fxo.default-1414070530532\minidumps [2 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Mon 02/09/2015 at 19:56:01.89 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Results of screen317's Security Check version 0.99.96 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Java 6 Update 29 Java version 32-bit out of Date! Java 64-bit 8 Update 31 Adobe Flash Player 16.0.0.305 Adobe Reader XI Mozilla Firefox (35.0.1) Google Chrome (40.0.2214.111) Google Chrome (40.0.2214.94) ````````Process Check: objlist.exe by Laurent```````` Norton ccSvcHst.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Malwarebytes Anti-Malware mbamscheduler.exe Toshiba Online Backup ToshibaOnlineBackup.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 0% ````````````````````End of Log``````````````````````
  12. I pressed "CLEAN" on the Adware Cleaner as you directed. I no longer see the trojan quarantined in Malwarebytes after the reboot. Is it still there? Should I continue with Junkware removal? Malwarebytes log: Malwarebytes Anti-Malware www.malwarebytes.org Update, 2/6/2015 5:04:50 AM, SYSTEM, HHGREGG-PC, Scheduler, Malware Database, 2015.2.6.1, 2015.2.6.3, Protection, 2/6/2015 5:05:33 AM, SYSTEM, HHGREGG-PC, Protection, Refresh, Starting, Protection, 2/6/2015 5:05:33 AM, SYSTEM, HHGREGG-PC, Protection, Malicious Website Protection, Stopping, Protection, 2/6/2015 5:05:39 AM, SYSTEM, HHGREGG-PC, Protection, Malicious Website Protection, Stopped, Protection, 2/6/2015 5:07:59 AM, SYSTEM, HHGREGG-PC, Protection, Refresh, Success, Protection, 2/6/2015 5:07:59 AM, SYSTEM, HHGREGG-PC, Protection, Malicious Website Protection, Starting, Protection, 2/6/2015 5:08:00 AM, SYSTEM, HHGREGG-PC, Protection, Malicious Website Protection, Started, Protection, 2/6/2015 6:00:59 AM, SYSTEM, HHGREGG-PC, Protection, Malware Protection, Starting, Protection, 2/6/2015 6:00:59 AM, SYSTEM, HHGREGG-PC, Protection, Malware Protection, Started, Protection, 2/6/2015 6:00:59 AM, SYSTEM, HHGREGG-PC, Protection, Malicious Website Protection, Starting, Protection, 2/6/2015 6:01:12 AM, SYSTEM, HHGREGG-PC, Protection, Malicious Website Protection, Started, (end) ========================================= Adware Cleaner Log # AdwCleaner v4.109 - Report created 06/02/2015 at 05:53:21 # Updated 24/01/2015 by Xplode # Database : 2015-02-05.2 [Live] # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : owner - HHGREGG-PC # Running from : C:\Users\owner\Downloads\adwcleaner_4.109.exe # Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Found : C:\Program Files (x86)\Norton Safe Web Lite ***** [ Scheduled Tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - 127.0.0.1:9421;<local>;*.local Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{92780B25-18CC-41C8-B9BE-3C9C571A8263} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3D2C9DE6-9ADE-4252-A241-E43723B0CE02} ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17496 -\\ Mozilla Firefox v35.0.1 (x86 en-US) -\\ Google Chrome v40.0.2214.111 -\\ Chromium v ************************* AdwCleaner[R0].txt - [1117 octets] - [05/02/2015 10:31:51] AdwCleaner[R1].txt - [1253 octets] - [06/02/2015 05:53:21] ########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1313 octets] ########## # AdwCleaner v4.109 - Report created 06/02/2015 at 05:53:21 # Updated 24/01/2015 by Xplode # Database : 2015-02-05.2 [Live] # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : owner - HHGREGG-PC # Running from : C:\Users\owner\Downloads\adwcleaner_4.109.exe # Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Found : C:\Program Files (x86)\Norton Safe Web Lite ***** [ Scheduled Tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - 127.0.0.1:9421;<local>;*.local Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{92780B25-18CC-41C8-B9BE-3C9C571A8263} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3D2C9DE6-9ADE-4252-A241-E43723B0CE02} ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17496 -\\ Mozilla Firefox v35.0.1 (x86 en-US) -\\ Google Chrome v40.0.2214.111 -\\ Chromium v ************************* AdwCleaner[R0].txt - [1117 octets] - [05/02/2015 10:31:51] AdwCleaner[R1].txt - [1253 octets] - [06/02/2015 05:53:21] ########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1313 octets] ##########
  13. Malwarebytes detected a Trojan.Agent today. It is quarantined, What should I do next?
  14. In the adware cleaner nothing shows up after the scan. Should I still click "CLEAN"? --------------------------------- Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-02-2015 01 Ran by owner at 2015-02-05 09:24:37 Run:3 Running from C:\Users\owner\Downloads Loaded Profiles: owner & (Available profiles: owner & Guest) Boot Mode: Normal ============================================== Content of fixlist: ***************** AlternateDataStreams: C:\Users\owner\AppData\Local\Temporary Internet Files:7a67AtiXEUkuba0vBEFTQIm6z AlternateDataStreams: C:\Users\owner\AppData\Local\Temporary Internet Files:lVZtRx4Vkxw1LTFa7Y4KyFisTMU AlternateDataStreams: C:\Users\owner\AppData\Local\Temporary Internet Files:TiXn4110lxlY4ZlOHQOJdntDfpfn EmptyTemp: ***************** "C:\Users\owner\AppData\Local\Temporary Internet Files" => ":7a67AtiXEUkuba0vBEFTQIm6z" ADS not found. "C:\Users\owner\AppData\Local\Temporary Internet Files" => ":lVZtRx4Vkxw1LTFa7Y4KyFisTMU" ADS not found. "C:\Users\owner\AppData\Local\Temporary Internet Files" => ":TiXn4110lxlY4ZlOHQOJdntDfpfn" ADS not found. EmptyTemp: => Removed 380.4 MB temporary data. The system needed a reboot. ==== End of Fixlog 09:25:49 ====
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.