Jump to content

Search the Community

Showing results for tags 'sleep'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 3 results

  1. Following on the heels of older reports of MBAM causing 'freezes', my laptop started snoozing after downloading the latest release... Initially, though it's a trial version of the premium flavor, 'Malware Protection" is disabled and cannot be switched on. After several un-/reinstalls the behavior hasn't changed: a few moments into a scan 'sleep' mode is entered; wake-up lasts only long enough to flash the screen before reverting to 'sleep'. ....of interest is that the AVAST! service seems to unexpectedly get STOPped lately, but prior to downloading MBAM. The 'cure' seems to be.shut down and..don't use MBAM. No, have not got to run it in SAFE mode yet but I shall and will report on that. Meanwhile I may have a previous version I can use...maybe. FRST.txt Addition.txt
  2. That's pretty much it. It's also restarted a couple of times when it was on. I'm not a noob, but I'm far from an expert. I look in Event Viewer after it happens, and it seemed like there was definitely something going on, but I don't have the skills to tell what it is. I've run MBAM and BitDefender and found nothing (or found stuff that didn't fix the problem. I've cut and pasted or attached the Farbar Recovery files. Thanks for any help. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-12-2015 Ran by Matt (administrator) on SWEENMAN (01-01-2016 16:25:26) Running from C:\Users\Matt\Downloads Loaded Profiles: Matt (Available Profiles: Matt & Administrator) Platform: Windows 10 Home (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Microsoft) C:\Program Files (x86)\Lenovo\GamePortal\Services\IdeaTouch.LocalDataServer.Game.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft) C:\Program Files (x86)\Lenovo\EducationPortal\Services\IdeaTouch.LocalDataServer.Education.exe (LENOVO INCORPORATED.) C:\Program Files\lenovo\iMController\SystemAgentService.exe (Microsoft) C:\Program Files (x86)\Lenovo\Lenovo Dashboard\DdMgr.exe (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe () C:\Windows\jmesoft\Service.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe () C:\Program Files (x86)\WizMouse\WizMouse.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe (Amazon.com Inc.) C:\Users\Matt\AppData\Local\Amazon Cloud Drive\AmazonCloudDrive.exe (Lenovo) C:\Windows\jmesoft\hotkey.exe () C:\Windows\jmesoft\JME_LOAD.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe (Microsoft Corporation) C:\Windows\System32\MdRes.exe (Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (Kerish Products) C:\Program Files (x86)\Kerish Doctor\KerishDoctor.exe (Microsoft Corporation) C:\Windows\System32\InstallAgent.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Bongiovi Acoustics) C:\Program Files\Bongiovi Acoustics\Digital Power Station\Digital Power Station.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Google Inc.) C:\Users\Matt\AppData\Local\Programs\Google\MusicManager\MusicManager.exe (Comfort Software Group) C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe () C:\Program Files\Everything\Everything.exe () C:\Program Files\Everything\Everything.exe (VideoLAN) C:\Program Files\VideoLAN\VLC\vlc.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [igfxTray] => C:\windows\system32\igfxtray.exe [396688 2015-07-17] () HKLM\...\Run: [bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1695744 2015-06-12] (Bitdefender) HKLM-x32\...\Run: [jmekey] => C:\windows\jmesoft\hotkey.exe HKLM-x32\...\Run: [jmesoft] => C:\Windows\jmesoft\ServiceLoader.exe HKLM-x32\...\Run: [LVT] => C:\Program Files\Lenovo\LVT\LJYZ.exe [886112 2011-11-24] (Lenovo) HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-10-06] (Oracle Corporation) HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2621240 2015-11-18] (Malwarebytes Corporation) HKLM\...\Policies\Explorer: [NoRecentDocsNetHood] 0 HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0 HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig] <===== ATTENTION HKU\S-1-5-21-3806041126-2152684015-2072828150-1001\...\Run: [bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-06-12] (Bitdefender) HKU\S-1-5-21-3806041126-2152684015-2072828150-1001\...\Run: [Google Update] => C:\Users\Matt\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.) HKU\S-1-5-21-3806041126-2152684015-2072828150-1001\...\Run: [Amazon Cloud Drive] => C:\Users\Matt\AppData\Local\Amazon Cloud Drive\AmazonCloudDrive.exe [1939264 2015-12-10] (Amazon.com Inc.) HKU\S-1-5-21-3806041126-2152684015-2072828150-1001\...\Policies\system: [NoDispAppearancePage] 0 HKU\S-1-5-21-3806041126-2152684015-2072828150-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-3806041126-2152684015-2072828150-1001\...\Policies\Explorer: [NoPreviewPane] 0 HKU\S-1-5-21-3806041126-2152684015-2072828150-1001\...\Policies\Explorer: [NoTrayContextMenu] 0 HKU\S-1-5-21-3806041126-2152684015-2072828150-1001\...\Policies\Explorer: [NoSetTaskbar] 0 HKU\S-1-5-21-3806041126-2152684015-2072828150-1001\...\Policies\Explorer: [NoViewContextMenu] 0 HKU\S-1-5-21-3806041126-2152684015-2072828150-1001\...\Policies\Explorer: [NoWinkeys] 0 HKU\S-1-5-21-3806041126-2152684015-2072828150-1001\...\Policies\Explorer: [NoTrayItemsDisplay] 0 HKU\S-1-5-21-3806041126-2152684015-2072828150-1001\...\Policies\Explorer: [HideClock] 0 HKU\S-1-5-21-3806041126-2152684015-2072828150-1001\...\Policies\Explorer: [HideSCANetwork] 0 HKU\S-1-5-21-3806041126-2152684015-2072828150-1001\...\Policies\Explorer: [HideSCAVolume] 0 ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 10.4.75.8 10.4.75.6 Tcpip\..\Interfaces\{b7a82a89-03f8-45d9-b60a-65270b3eec38}: [DhcpNameServer] 209.222.18.222 209.222.18.218 Tcpip\..\Interfaces\{c5735d39-658c-47e6-a04e-3ea9fa18c3ef}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{c5735d39-658c-47e6-a04e-3ea9fa18c3ef}: [DhcpNameServer] 10.4.75.8 10.4.75.6 Tcpip\..\Interfaces\{d7988758-0ccc-4645-a431-b6c554292081}: [DhcpNameServer] 10.4.75.8 10.4.75.6 Internet Explorer: ================== HKU\S-1-5-21-3806041126-2152684015-2072828150-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-3806041126-2152684015-2072828150-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-3806041126-2152684015-2072828150-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://home.lenovo.com HKU\S-1-5-21-3806041126-2152684015-2072828150-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://home.lenovo.com SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\.DEFAULT -> {796618C8-A71E-40E6-892F-590BADEFE11C} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3806041126-2152684015-2072828150-1001 -> DefaultScope {796618C8-A71E-40E6-892F-590BADEFE11C} URL = SearchScopes: HKU\S-1-5-21-3806041126-2152684015-2072828150-1001 -> {796618C8-A71E-40E6-892F-590BADEFE11C} URL = BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-10-29] (IObit) BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-04-03] (Bitdefender) BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-12-15] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation) BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-04-03] (Bitdefender) BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-10] (Oracle Corporation) BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-04-01] (IObit) BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-10] (Oracle Corporation) Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-04-03] (Bitdefender) Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-04-03] (Bitdefender) Toolbar: HKU\S-1-5-21-3806041126-2152684015-2072828150-1001 -> Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-04-03] (Bitdefender) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-08-23] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\q1a8ceyu.default-1451193856212 FF DefaultSearchEngine.US: Google FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-28] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-28] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-12] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-12] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-10] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-10] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-08-23] (Microsoft Corporation) FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll [2013-08-17] (Nitro PDF) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3806041126-2152684015-2072828150-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Matt\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google) FF Plugin HKU\S-1-5-21-3806041126-2152684015-2072828150-1001: @talk.google.com/O1DPlugin -> C:\Users\Matt\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google) FF Plugin HKU\S-1-5-21-3806041126-2152684015-2072828150-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Matt\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.) FF Plugin HKU\S-1-5-21-3806041126-2152684015-2072828150-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Matt\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.) FF Plugin HKU\S-1-5-21-3806041126-2152684015-2072828150-1001: intel.com/AppUp -> C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp.dll [2013-07-18] (Intel) FF Plugin HKU\S-1-5-21-3806041126-2152684015-2072828150-1001: intel.com/AppUpx64 -> C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp_x64.dll [2013-07-18] (Intel) FF Plugin ProgramFiles/Appdata: C:\Users\Matt\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google) FF Plugin ProgramFiles/Appdata: C:\Users\Matt\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google) FF Extension: DownThemAll! - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\q1a8ceyu.default-1451193856212\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-12-27] FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\q1a8ceyu.default-1451193856212\extensions\artur.dubovoy@gmail.com [2015-12-27] FF Extension: Empty Cache Button - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\q1a8ceyu.default-1451193856212\extensions\{4cc4a13b-94a6-7568-370d-5f9de54a9c7f} [2015-12-27] FF Extension: DisableBackspaceNavigation - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\q1a8ceyu.default-1451193856212\extensions\{40520fe7-6336-4df2-bab1-1f1f8e11bf27}.xpi [2015-12-27] FF Extension: about:addons-memory - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\q1a8ceyu.default-1451193856212\Extensions\about-addons-memory@tn123.org.xpi [2015-12-27] FF Extension: Fess Google Bookmark Extension - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\q1a8ceyu.default-1451193856212\Extensions\GBE@fess16.blogspot.com.xpi [2015-12-27] FF Extension: Wiktionary and Google Translate - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\q1a8ceyu.default-1451193856212\Extensions\googledictionary@toptip.ca.xpi [2015-12-27] FF Extension: Gmail Notifier (restartless) - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\q1a8ceyu.default-1451193856212\Extensions\jid0-GjwrPchS3Ugt7xydvqVK4DQk8Ls@jetpack.xpi [2015-12-31] FF Extension: Translate This! - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\q1a8ceyu.default-1451193856212\Extensions\jid0-k75TfRGfOXPHfEZmJ9cKu5eCgLc@jetpack.xpi [2015-12-27] FF Extension: RAMBack - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\q1a8ceyu.default-1451193856212\Extensions\ramback@pavlov.net.xpi [2015-12-27] FF Extension: FastestFox - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\q1a8ceyu.default-1451193856212\Extensions\smarterwiki@wikiatic.com.xpi [2015-12-27] FF Extension: Free Memory Button - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\q1a8ceyu.default-1451193856212\Extensions\tb-free-memory-single@codefisher.org.xpi [2015-12-27] FF Extension: Thumbnail Zoom Plus - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\q1a8ceyu.default-1451193856212\Extensions\thumbnailZoom@dadler.github.com.xpi [2015-12-27] FF Extension: TinEye Reverse Image Search - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\q1a8ceyu.default-1451193856212\Extensions\tineye@ideeinc.com.xpi [2015-12-27] FF Extension: uBlock Origin - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\q1a8ceyu.default-1451193856212\Extensions\uBlock0@raymondhill.net.xpi [2015-12-29] FF Extension: Google Shortcuts - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\q1a8ceyu.default-1451193856212\Extensions\{5C46D283-ABDE-4dce-B83C-08881401921C}.xpi [2015-12-27] FF Extension: ReminderFox - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\q1a8ceyu.default-1451193856212\Extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae} [2015-12-27] FF Extension: StumbleUpon - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\q1a8ceyu.default-1451193856212\Extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}.xpi [2015-12-27] FF Extension: Download YouTube Videos as MP4 - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\q1a8ceyu.default-1451193856212\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2015-12-27] FF Extension: Video DownloadHelper - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\q1a8ceyu.default-1451193856212\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-12-27] FF Extension: Adblock Plus - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\q1a8ceyu.default-1451193856212\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-27] FF HKLM\...\Firefox\Extensions: [bdwteffv19@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\\antispam32\bdwteff FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\\antispam32\bdwteff [2015-12-15] FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2015-06-22] [not signed] FF HKLM-x32\...\Firefox\Extensions: [bdwteffv19@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\\antispam32\bdwteff FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext Chrome: ======= CHR Profile: C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-14] CHR Extension: (Google Docs) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-14] CHR Extension: (Google Drive) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-26] CHR Extension: (ShowPassword) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiclfnbhommljbjcoelobnnnibemabl [2015-12-09] CHR Extension: (YouTube) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-10] CHR Extension: (Right-Click Search IMDb) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbchccggcmgoabfolahgafbfapoejkcn [2015-09-14] CHR Extension: (Google Search) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01] CHR Extension: (Right-Click Search Wikipedia) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\eikmpmafdimllogceehaijmnlndineje [2015-09-14] CHR Extension: (Video Downloader professional) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2015-09-14] CHR Extension: (Bitdefender Wallet) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabcmochhfpldjekobfaaggijgohadih [2015-11-08] CHR Extension: (Google Play Music) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2015-12-09] CHR Extension: (Google Sheets) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-14] CHR Extension: (Google Docs Offline) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-23] CHR Extension: (AdBlock) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-12-09] CHR Extension: (Spell Checker for Chrome) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfpdnkkdgghlpdgldicfgnnnkhdfhocg [2015-09-15] CHR Extension: (Add to Google Bookmarks (context menu)) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\keobkeaihgkidbpfjojklhjjlfjgaejp [2015-09-14] CHR Extension: (Chrome Web Store Payments) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-14] CHR Extension: (WebRTC Network Limiter) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\npeicpdbkakmehahjeeohfdhnlpdklia [2015-11-08] CHR Extension: (Gmail) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-14] CHR Profile: C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Profile 1 CHR Extension: (Google Slides) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-14] CHR Extension: (Docs) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-14] CHR Extension: (Google Drive) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-14] CHR Extension: (YouTube) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-14] CHR Extension: (Google Search) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-14] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-09-14] CHR Extension: (Gmail) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-14] CHR HKU\S-1-5-21-3806041126-2152684015-2072828150-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [821024 2015-08-05] (IObit) S3 atserv; C:\Program Files\Bitdefender\Bitdefender Anti-Theft\atserv.exe [495776 2013-10-07] (Bitdefender) S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-12-09] (Bitdefender) S3 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2802360 2015-11-24] (Microsoft Corporation) R2 Dashboard Service; C:\Program Files (x86)\Lenovo\Lenovo Dashboard\DdMgr.exe [25184 2013-08-09] (Microsoft) [File not signed] S3 Everything; C:\Program Files\Everything\Everything.exe [1441792 2014-08-05] () [File not signed] R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-04] (Intel Corporation) R2 IdeaTouch.LocalDataServer.Education; C:\Program Files (x86)\Lenovo\EducationPortal\Services\IdeaTouch.LocalDataServer.Education.exe [7680 2012-05-17] (Microsoft) [File not signed] R2 IdeaTouch.LocalDataServer.Game; C:\Program Files (x86)\Lenovo\GamePortal\Services\IdeaTouch.LocalDataServer.Game.exe [7680 2013-01-17] (Microsoft) [File not signed] R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-17] (Intel Corporation) R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed] S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-12] (Intel Corporation) R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-08-16] () [File not signed] R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584632 2015-03-06] (LENOVO INCORPORATED.) S3 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-29] (IObit) S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1674720 2013-09-25] () S4 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1872152 2015-05-10] (Maxthon) R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [739640 2015-11-18] (Malwarebytes Corporation) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes) S3 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-08-17] (Nitro PDF Software) S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-12-09] (Electronic Arts) S4 reaConverter_service; C:\Program Files (x86)\reaConverter 7 Standard\rc_service.exe [2129408 2015-06-19] () [File not signed] R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-08-25] () S4 SuperRam; C:\Program Files (x86)\PGWARE\SuperRam\SuperRamService.exe [1939608 2015-08-09] (PGWARE LLC) R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-10-27] (Bitdefender) S3 UPDATESRV_ANTITHEFT; C:\Program Files\Bitdefender\Bitdefender Anti-Theft\updatesrv.exe [67320 2013-10-04] (Bitdefender) R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1545376 2015-06-18] (Bitdefender) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580144 2015-08-06] (WiseCleaner.com) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 ampa; C:\WINDOWS\system32\ampa.sys [17008 2013-12-18] () S3 ampa; C:\WINDOWS\SysWOW64\ampa.sys [17008 2013-12-18] () R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1369288 2015-05-28] (BitDefender) R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [271272 2015-05-29] (BitDefender) R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [747120 2015-05-28] (BitDefender) S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender) R1 BdfNdisf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [98768 2014-12-15] (BitDefender LLC) R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-07-29] (BitDefender LLC) S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL) S3 BDSandBox; C:\WINDOWS\system32\drivers\bdsandbox.sys [82824 2015-01-09] (BitDefender SRL) S3 DigiartyVirtualCDBus; C:\Windows\System32\drivers\DigiartyVirtualCDBus.sys [276256 2015-10-23] (Digiarty Software, Inc.) R3 digitalpower; C:\Windows\system32\drivers\digitalpower.sys [29184 2015-07-30] (Bongiovi Acoustics) R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-11-18] () R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160032 2015-04-29] (BitDefender LLC) S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [43664 2015-09-13] () S4 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [36944 2014-03-04] (IObit) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-01] (Malwarebytes) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-12] (Intel Corporation) R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] () S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] () R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-24] (Realtek Semiconductor Corp.) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-08-28] (Realtek ) R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [4164352 2015-06-05] (Realtek Semiconductor Corporation ) R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit) U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [34808 2015-09-13] () R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [477272 2015-06-02] (BitDefender S.R.L.) S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () R3 VMC412; C:\Windows\System32\Drivers\VMC412.sys [241920 2015-06-19] (Vimicro Corporation) R3 vmuacflt; C:\Windows\System32\Drivers\vmuacflt.sys [24576 2015-08-28] (Vimicro Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation) S3 WiseHDInfo; C:\Windows\WiseHDInfo64.dll [14800 2015-10-11] (wisecleaner.com) R1 WiseTdiFw; C:\WINDOWS\WiseTdiFw64.sys [31272 2015-01-12] (WiseCleaner.com) [File not signed] S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink) S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-01-01 16:25 - 2016-01-01 16:27 - 00033677 _____ C:\Users\Matt\Downloads\FRST.txt 2016-01-01 16:22 - 2016-01-01 16:25 - 02370560 _____ (Farbar) C:\Users\Matt\Downloads\FRST64.exe 2016-01-01 16:09 - 2016-01-01 16:09 - 00016148 _____ C:\WINDOWS\system32\SWEENMAN_Matt_HistoryPrediction.bin 2016-01-01 15:41 - 2016-01-01 15:41 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2016-01-01 02:30 - 2016-01-01 02:30 - 00000222 _____ C:\Users\Matt\Desktop\Sherlock Holmes and The Hound of The Baskervilles.url 2016-01-01 00:54 - 2016-01-01 00:54 - 00000222 _____ C:\Users\Matt\Desktop\The 39 Steps.url 2015-12-29 10:05 - 2016-01-01 15:38 - 00151379 ____N C:\WINDOWS\Minidump\010116-31562-01.dmp 2015-12-28 22:21 - 2016-01-01 15:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-12-28 15:11 - 2015-12-28 15:11 - 00000222 _____ C:\Users\Matt\Desktop\Paradise Island - VR MMO.url 2015-12-27 00:24 - 2015-12-27 00:24 - 00000000 ____D C:\Users\Matt\Desktop\Old Firefox Data 2015-12-26 00:52 - 2015-12-26 00:52 - 00001357 _____ C:\Users\Public\Desktop\Wise Memory Optimizer.lnk 2015-12-23 22:07 - 2015-12-23 22:07 - 00001168 _____ C:\Users\Public\Desktop\Soft Organizer.lnk 2015-12-23 21:41 - 2015-12-23 21:41 - 00000000 ____D C:\Users\Matt\Documents\Add-in Express 2015-12-23 21:08 - 2016-01-01 04:51 - 00000000 ____D C:\Users\Matt\AppData\Roaming\CDisplayEx 2015-12-23 21:08 - 2015-12-23 21:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDisplayEx 2015-12-23 21:08 - 2015-12-23 21:08 - 00000000 ____D C:\Program Files\CDisplayEx 2015-12-23 10:07 - 2015-12-29 10:05 - 00151379 ____N C:\WINDOWS\Minidump\122915-33781-01.dmp 2015-12-22 01:44 - 2015-12-22 01:44 - 00000000 ____D C:\Users\Matt\AppData\Local\Nico Mak Computing 2015-12-21 20:27 - 2015-12-21 20:27 - 00383976 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-12-20 17:58 - 2015-12-20 17:58 - 91820032 _____ C:\WINDOWS\system32\config\SOFTWARE.iobit 2015-12-20 17:58 - 2015-12-20 17:58 - 01552384 _____ C:\WINDOWS\system32\config\DEFAULT.iobit 2015-12-20 17:58 - 2015-12-20 17:58 - 00061440 _____ C:\WINDOWS\system32\config\SAM.iobit 2015-12-20 17:58 - 2015-12-20 17:58 - 00028672 _____ C:\WINDOWS\system32\config\SECURITY.iobit 2015-12-20 03:40 - 2015-12-20 03:40 - 00000000 ____D C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Batch File Renamer v2.4 2015-12-20 03:40 - 2015-12-20 03:40 - 00000000 ____D C:\Program Files (x86)\Batch File Renamer v2.4 2015-12-17 21:56 - 2015-12-17 21:56 - 00000000 ____D C:\Users\Matt\Desktop\12-24 10pm Sanjiv 2015-12-17 00:41 - 2015-12-17 00:41 - 00000000 ____D C:\Users\Matt\AppData\Roaming\Faasoft Audio Converter 2015-12-17 00:40 - 2015-12-17 00:40 - 00001214 _____ C:\Users\Public\Desktop\Faasoft Audio Converter.lnk 2015-12-17 00:40 - 2015-12-17 00:40 - 00000000 ____D C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Faasoft 2015-12-17 00:40 - 2015-12-17 00:40 - 00000000 ____D C:\Program Files (x86)\Faasoft 2015-12-16 21:18 - 2015-12-16 21:18 - 00000000 ____D C:\Users\Matt\Documents\Coolmuster 2015-12-16 21:18 - 2015-12-16 21:18 - 00000000 ____D C:\Users\Matt\AppData\Roaming\Coolmuster 2015-12-16 21:17 - 2015-12-16 21:17 - 00000000 ____D C:\Users\Matt\Documents\Coolmuster files 2015-12-16 21:17 - 2015-12-16 21:17 - 00000000 ____D C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Coolmuster 2015-12-16 21:17 - 2015-12-16 21:17 - 00000000 ____D C:\Program Files (x86)\Coolmuster 2015-12-16 20:13 - 2016-01-01 01:12 - 00000000 ____D C:\Users\Matt\AppData\Roaming\Amazon Cloud Drive 2015-12-16 20:13 - 2015-12-16 20:14 - 00000000 ____D C:\Users\Matt\AppData\Local\Amazon Cloud Drive 2015-12-16 20:13 - 2015-12-16 20:13 - 00001311 _____ C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Cloud Drive.lnk 2015-12-16 20:13 - 2015-12-16 20:13 - 00001299 _____ C:\Users\Matt\Desktop\Amazon Cloud Drive.lnk 2015-12-13 04:23 - 2015-12-13 04:24 - 00000000 ____D C:\Program Files (x86)\ChrisPC Win Experience Index 2015-12-13 04:23 - 2015-12-13 04:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChrisPC Win Experience Index 2015-12-11 19:48 - 2015-12-16 21:22 - 00000000 ____D C:\Users\Matt\Desktop\cloud 2015-12-11 19:32 - 2015-12-11 19:33 - 00038699 _____ C:\Users\Matt\Desktop\8 a play by Dustin Lance Black.txt 2015-12-09 01:16 - 2015-11-30 19:32 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-12-09 01:16 - 2015-11-30 19:32 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-12-08 19:26 - 2015-12-08 19:26 - 00000000 ____D C:\Users\Matt\AppData\Local\TempTaskUpdateDetection4FB29C82-646C-4369-B0A4-42192944377C 2015-12-08 19:00 - 2015-11-24 23:44 - 21872640 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2015-12-08 19:00 - 2015-11-24 23:42 - 24592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-12-08 18:59 - 2015-12-01 02:01 - 02115936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2015-12-08 18:59 - 2015-12-01 01:03 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gpuenergydrv.sys 2015-12-08 18:59 - 2015-12-01 00:54 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2015-12-08 18:59 - 2015-12-01 00:51 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2015-12-08 18:59 - 2015-12-01 00:49 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-12-08 18:59 - 2015-12-01 00:02 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-12-08 18:59 - 2015-11-30 23:59 - 05455360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2015-12-08 18:59 - 2015-11-25 00:42 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2015-12-08 18:59 - 2015-11-25 00:42 - 00168288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe 2015-12-08 18:59 - 2015-11-25 00:41 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2015-12-08 18:59 - 2015-11-25 00:40 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2015-12-08 18:59 - 2015-11-25 00:33 - 03622272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-12-08 18:59 - 2015-11-25 00:32 - 00113184 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll 2015-12-08 18:59 - 2015-11-25 00:27 - 01366680 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2015-12-08 18:59 - 2015-11-25 00:12 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2015-12-08 18:59 - 2015-11-25 00:11 - 01532984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2015-12-08 18:59 - 2015-11-25 00:09 - 01310880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2015-12-08 18:59 - 2015-11-25 00:01 - 02879024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-12-08 18:59 - 2015-11-24 23:59 - 00092992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll 2015-12-08 18:59 - 2015-11-24 23:49 - 01569280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll 2015-12-08 18:59 - 2015-11-24 23:49 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll 2015-12-08 18:59 - 2015-11-24 23:49 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll 2015-12-08 18:59 - 2015-11-24 23:49 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll 2015-12-08 18:59 - 2015-11-24 23:48 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EthernetMediaManager.dll 2015-12-08 18:59 - 2015-11-24 23:48 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMediaManager.dll 2015-12-08 18:59 - 2015-11-24 23:37 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2015-12-08 18:59 - 2015-11-24 23:36 - 01710592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll 2015-12-08 18:59 - 2015-11-24 23:36 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys 2015-12-08 18:59 - 2015-11-24 23:35 - 00929792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2015-12-08 18:59 - 2015-11-24 23:35 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe 2015-12-08 18:59 - 2015-11-24 23:34 - 12504576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-12-08 18:59 - 2015-11-24 23:31 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll 2015-12-08 18:59 - 2015-11-24 23:30 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll 2015-12-08 18:59 - 2015-11-24 23:30 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys 2015-12-08 18:59 - 2015-11-24 23:30 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys 2015-12-08 18:59 - 2015-11-24 23:29 - 01649152 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll 2015-12-08 18:59 - 2015-11-24 23:29 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll 2015-12-08 18:59 - 2015-11-24 23:28 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-12-08 18:59 - 2015-11-24 23:28 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll 2015-12-08 18:59 - 2015-11-24 23:27 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2015-12-08 18:59 - 2015-11-24 23:26 - 00849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll 2015-12-08 18:59 - 2015-11-24 23:26 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll 2015-12-08 18:59 - 2015-11-24 23:25 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2015-12-08 18:59 - 2015-11-24 23:25 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll 2015-12-08 18:59 - 2015-11-24 23:23 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-12-08 18:59 - 2015-11-24 23:23 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2015-12-08 18:59 - 2015-11-24 23:23 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll 2015-12-08 18:59 - 2015-11-24 23:22 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2015-12-08 18:59 - 2015-11-24 23:22 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2015-12-08 18:59 - 2015-11-24 23:22 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll 2015-12-08 18:59 - 2015-11-24 23:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll 2015-12-08 18:59 - 2015-11-24 23:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL 2015-12-08 18:59 - 2015-11-24 23:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL 2015-12-08 18:59 - 2015-11-24 23:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL 2015-12-08 18:59 - 2015-11-24 23:19 - 01795584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2015-12-08 18:59 - 2015-11-24 23:19 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2015-12-08 18:59 - 2015-11-24 23:18 - 01233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll 2015-12-08 18:59 - 2015-11-24 23:17 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll 2015-12-08 18:59 - 2015-11-24 23:16 - 01442816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll 2015-12-08 18:59 - 2015-11-24 23:16 - 00786432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe 2015-12-08 18:59 - 2015-11-24 23:13 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2015-12-08 18:59 - 2015-11-24 23:11 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll 2015-12-08 18:59 - 2015-11-24 23:10 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2015-12-08 18:59 - 2015-11-24 23:10 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll 2015-12-08 18:59 - 2015-11-24 23:10 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-12-08 18:59 - 2015-11-24 23:10 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll 2015-12-08 18:59 - 2015-11-24 23:08 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll 2015-12-08 18:59 - 2015-11-24 23:07 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll 2015-12-08 18:59 - 2015-11-24 23:05 - 11263488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-12-08 18:59 - 2015-11-24 23:04 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2015-12-08 18:59 - 2015-11-24 23:04 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll 2015-12-08 18:59 - 2015-11-24 23:04 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll 2015-12-08 18:59 - 2015-11-24 23:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll 2015-12-08 18:59 - 2015-11-24 23:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL 2015-12-08 18:59 - 2015-11-24 23:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL 2015-12-08 18:59 - 2015-11-24 23:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL 2015-12-08 18:59 - 2015-11-24 21:52 - 00775312 _____ C:\WINDOWS\SysWOW64\locale.nls 2015-12-08 18:59 - 2015-11-24 21:52 - 00775312 _____ C:\WINDOWS\system32\locale.nls 2015-12-06 18:34 - 2015-12-06 18:34 - 00000992 _____ C:\Users\Public\Desktop\TEncoder Video Converter.lnk 2015-12-06 01:35 - 2015-12-06 03:31 - 00001600 _____ C:\Users\Matt\Desktop\A vs X.txt 2015-12-05 02:10 - 2015-12-17 03:40 - 00005357 _____ C:\Users\Matt\Desktop\Secret Wars.txt 2015-12-05 00:19 - 2016-01-01 16:24 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-12-05 00:19 - 2016-01-01 15:41 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-12-03 20:10 - 2015-12-31 02:17 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit 2015-12-03 20:10 - 2015-12-03 20:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit 2015-12-03 20:09 - 2015-12-03 20:10 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit 2015-12-02 22:36 - 2015-12-02 22:36 - 00000000 ____D C:\Users\Matt\AppData\Roaming\WinRAR 2015-12-02 22:35 - 2015-12-02 22:35 - 00001059 _____ C:\Users\Public\Desktop\WinRAR.lnk 2015-12-02 22:35 - 2015-12-02 22:35 - 00000000 ____D C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-12-02 22:35 - 2015-12-02 22:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-12-02 22:34 - 2015-12-02 22:34 - 00000000 ____D C:\Program Files\WinRAR ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-01-01 16:25 - 2015-03-24 18:31 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-01-01 16:25 - 2015-01-16 19:17 - 00000000 ____D C:\FRST 2016-01-01 16:24 - 2014-11-23 15:59 - 00000000 ____D C:\Users\Matt\AppData\Roaming\vlc 2016-01-01 16:23 - 2015-01-14 20:15 - 00000000 ___RD C:\Users\Matt\Desktop\, 2016-01-01 16:09 - 2015-05-19 18:14 - 00000000 ____D C:\Users\Matt\AppData\Roaming\Everything 2016-01-01 16:06 - 2015-01-14 19:45 - 00000000 ____D C:\Users\Matt\AppData\Local\ElevatedDiagnostics 2016-01-01 15:57 - 2014-12-25 21:59 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-01-01 15:54 - 2015-07-10 06:04 - 00000000 ___HD C:\Program Files\WindowsApps 2016-01-01 15:54 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-01-01 15:52 - 2014-05-29 10:11 - 00000000 ____D C:\Users\Matt\AppData\Local\Packages 2016-01-01 15:50 - 2015-08-09 15:50 - 00004152 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{05EE332D-EF33-4BA3-8ECD-7AC4E1D2ED90} 2016-01-01 15:45 - 2015-11-27 22:15 - 00000000 ____D C:\Program Files (x86)\Kerish Doctor 2016-01-01 15:42 - 2014-11-22 22:40 - 00003374 _____ C:\WINDOWS\System32\Tasks\WizMouse 2016-01-01 15:41 - 2014-09-17 22:22 - 00000000 __SHD C:\Users\Matt\IntelGraphicsProfiles 2016-01-01 15:40 - 2015-08-09 04:15 - 00000000 ____D C:\Users\Matt 2016-01-01 15:40 - 2015-07-10 04:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM 2016-01-01 15:39 - 2015-07-10 07:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-01-01 15:38 - 2015-08-28 21:21 - 00000000 ____D C:\WINDOWS\Minidump 2016-01-01 15:38 - 2014-12-25 21:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-01-01 04:51 - 2015-09-12 19:51 - 00000000 ____D C:\Users\Matt\AppData\Roaming\BitTorrent 2016-01-01 03:02 - 2015-02-23 14:59 - 00000000 ___RD C:\Users\Matt\Downloads\[TV] 2016-01-01 02:34 - 2014-11-22 23:40 - 00000000 ____D C:\Program Files (x86)\Steam 2016-01-01 01:07 - 2014-11-23 02:00 - 00000000 ____D C:\Users\Matt\AppData\Roaming\Mp3tag 2015-12-31 20:43 - 2015-08-09 04:31 - 00876942 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-12-31 20:43 - 2015-07-10 06:02 - 00000000 ____D C:\WINDOWS\INF 2015-12-31 19:13 - 2015-07-10 04:05 - 00000000 ____D C:\Windows 2015-12-31 18:52 - 2015-07-10 05:55 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-12-30 18:54 - 2014-11-23 02:31 - 00000000 ____D C:\Users\Matt\AppData\Local\CrashDumps 2015-12-29 20:59 - 2015-09-29 22:10 - 00000000 ____D C:\Users\Matt\.cr3 2015-12-26 23:16 - 2015-07-10 04:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2015-12-26 23:15 - 2014-12-18 19:51 - 00232601 _____ C:\bdlog.txt 2015-12-26 00:52 - 2015-09-28 17:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\WiseCleaner 2015-12-26 00:52 - 2015-01-15 20:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Memory Optimizer 2015-12-24 20:44 - 2014-11-24 02:08 - 00000000 ____D C:\Users\Matt\AppData\Roaming\dvdcss 2015-12-24 19:11 - 2015-05-25 16:52 - 00000929 _____ C:\Users\Matt\Desktop\..lnk 2015-12-22 23:18 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\Registration 2015-12-22 22:14 - 2014-11-26 21:33 - 00000000 ____D C:\Program Files (x86)\Mp3tag 2015-12-22 02:56 - 2014-01-17 19:20 - 00000000 ____D C:\Program Files\lenovo 2015-12-20 17:59 - 2015-08-09 08:07 - 00000000 ___DC C:\WINDOWS\Panther 2015-12-20 17:38 - 2014-11-28 00:39 - 00000000 ____D C:\Users\Matt\AppData\Roaming\Wise Care 365 2015-12-20 14:21 - 2014-11-25 19:27 - 00000000 ____D C:\ProgramData\IObit 2015-12-17 21:22 - 2015-05-17 22:40 - 00000000 ____D C:\Users\Matt\AppData\Roaming\calibre 2015-12-17 01:24 - 2014-12-30 02:24 - 00000000 ____D C:\Users\Matt\AppData\Roaming\M8 Software 2015-12-16 20:51 - 2014-11-22 23:39 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-12-16 20:41 - 2014-11-22 23:39 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-12-16 04:47 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\rescache 2015-12-16 00:33 - 2014-11-28 02:10 - 00000000 ____D C:\Users\Matt\AppData\Roaming\Mozilla 2015-12-15 19:31 - 2015-07-10 06:04 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2015-12-15 19:30 - 2015-08-22 22:05 - 00000000 ____D C:\Program Files\Microsoft Office 15 2015-12-11 19:50 - 2015-03-29 21:05 - 00000000 ____D C:\Users\Matt\AppData\Local\Amazon.com Inc 2015-12-11 01:01 - 2014-11-22 22:41 - 00000000 ____D C:\Users\Matt\AppData\Local\Amazon 2015-12-10 23:40 - 2014-12-31 00:07 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-12-10 23:40 - 2014-12-31 00:07 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2015-12-10 23:36 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\oobe 2015-12-09 01:25 - 2014-12-31 00:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-12-08 22:39 - 2015-08-09 07:42 - 00301728 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2015-12-06 18:34 - 2015-11-26 02:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TEncoder Video Converter 2015-12-06 18:34 - 2015-11-26 02:12 - 00000000 ____D C:\Program Files\TEncoder Video Converter 2015-12-05 00:19 - 2015-05-16 17:55 - 00003750 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2015-12-05 00:19 - 2014-11-22 22:36 - 00003982 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2015-12-04 22:28 - 2015-03-24 18:03 - 00000000 ____D C:\Program Files (x86)\National Geographic 2015-12-03 19:11 - 2015-07-10 06:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2015-12-03 19:11 - 2014-01-17 19:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2015-12-03 00:49 - 2014-05-28 21:37 - 00000000 ____D C:\Users\Matt\Documents\My Kindle Content 2015-12-02 22:06 - 2015-05-17 22:40 - 00000000 ____D C:\Program Files (x86)\Calibre2 2015-12-02 22:06 - 2014-11-25 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management 2015-12-02 19:19 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\NDF ==================== Files in the root of some directories ======= 2015-09-09 21:56 - 2015-09-09 21:56 - 0001189 _____ () C:\Users\Matt\AppData\Local\recently-used.xbel 2014-11-22 21:15 - 2014-11-22 21:16 - 0000193 _____ () C:\Users\Matt\AppData\Local\RegisteredPackageInformation.xml 2015-09-12 22:04 - 2015-09-12 22:04 - 0007592 _____ () C:\Users\Matt\AppData\Local\Resmon.ResmonCfg 2015-02-07 19:16 - 2015-02-07 19:17 - 0000416 _____ () C:\Users\Matt\AppData\Local\winconf.pxt 2015-08-09 11:55 - 2015-08-09 11:55 - 0518613 _____ () C:\ProgramData\1439138746.bdinstall.bin 2015-03-04 22:53 - 2015-03-04 22:53 - 0740775 _____ () C:\ProgramData\AndyDrivers.zip 2015-08-09 04:12 - 2015-08-09 04:12 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2015-08-24 20:44 - 2015-12-27 05:14 - 0019535 _____ () C:\ProgramData\empty.ico 2015-07-14 22:48 - 2015-07-14 22:48 - 0005672 _____ () C:\ProgramData\SMRResults501.dat Files to move or delete: ==================== C:\ProgramData\SMRResults501.dat ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-12-30 19:56 ==================== End of FRST.txt ============================ Addition.txt
  3. On four different Dell laptops, I amintermittently getting a 9f blue screen of death. In each case, the blue screen was reported when the computer was coming out of sleep. I sent the minidumps to Dell for analysis, and their final analysis (after some initial misdiagnosis about the WLAN card), was that malwarebytes was running a scan while the computer was sleeping and locking up the computer. Indeed, on my computer (I'm the sysadmin), the mbam scan was set to run at about 2 am. My computer was one of the computers having the problem. Are there any known issues of mbam causing blue screens of death while trying to run a scan while the computer is asleep? I'm attaching the blue screens of death from three of the machines to this entry. Thanks, Dave minidump1.zip minidump2.zip minidump3.zip
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.