Jump to content

Think I have Adware/Malware?


Mario64
 Share

Recommended Posts

My brother installed something, and now when I open Chrome, instead of Google I get this weird site that redirects to Yahoo.

 

I ran a Threat Scan with Malwarebytes. The computer restarted itself. I don't know when, but I can't find the Scan Log. There's only a Protection Log.

 

Afterwards, I uninstalled programs that we didn't know what they were installed today (PlutoTV, Cheat Engine, SearchEngineGo)

 

I rebooted and it's still there. I tried changing the search engine but it's still there.

 

FARBAR RECOVERY TOOL

FRST.TXT

---------------------------------

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-11-2015
Ran by wwjp1 (administrator) on RAJAN-HP (17-11-2015 21:04:13)
Running from C:\Users\wwjp1\Desktop
Loaded Profiles: wwjp1 (Available Profiles: wwjp1 & DefaultAppPool)
Platform: Windows 10 Home (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Dropbox, Inc.) C:\Users\wwjp1\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.3.0.0\Lightshot.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(DivX, LLC) C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2015-01-05] (IDT, Inc.)
HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-17] (Synaptics Incorporated)
HKLM\...\Run: [bTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2015-01-05] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [586296 2010-11-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-03-16] (EasyBits Software AS)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [318520 2011-01-27] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [brStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2629632 2012-09-25] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle Corporation)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [433160 2015-09-04] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861640 2015-06-26] (DivX, LLC)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2725741606-373032390-3845746488-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-2725741606-373032390-3845746488-1000\...\Run: [Dropbox Update] => C:\Users\wwjp1\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-2725741606-373032390-3845746488-1000\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [48145024 2015-10-14] (Skype Technologies S.A.)
HKU\S-1-5-21-2725741606-373032390-3845746488-1000\...\MountPoints2: {a2c21fb5-15c3-11e5-b156-ac7289d69c27} - "G:\.\setup.exe" 
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-09-01] (EasyBits Software Corp.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\wwjp1\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\wwjp1\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\wwjp1\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\wwjp1\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\wwjp1\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\wwjp1\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\wwjp1\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\wwjp1\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-04] (Dropbox, Inc.)
Startup: C:\Users\wwjp1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-11-12]
ShortcutTarget: Dropbox.lnk -> C:\Users\wwjp1\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7ce8e69d-b5a4-468b-8b72-99a809c1bca8}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8ced0640-9072-48aa-8d2a-339b483a0cb2}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggScghaBwBCEBhGIl9dTA1IRwcOeVtdUhRIFFcbcwkMA1xDFAMFIk0FA1ADB0VXfVBdFElXTwhwJVhKAlE8TkdGC1dXFg==
HKU\S-1-5-21-2725741606-373032390-3845746488-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggScghaBwBCEBhGIl9dTA1IRwcOeVtdUhRIFFcbcwkMA1xDFAMFIk0FA1ADB0VXfVBdFElXTwhwJVhKAlE8TkdGC1dXFg==
HKU\S-1-5-21-2725741606-373032390-3845746488-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT/1
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQgKUFsXGAYSbVxaB1xcFQxFchQBA1xCDAwWIgELUQ0TRAcWdh9aFQQTSEcFME0FCFwEURNNfWpdAEsSSXhMMlxzD1YG&q={searchTerms}
SearchScopes: HKLM -> OldSearch URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQgKUFsXGAYSbVxaB1xcFQxFchQBA1xCDAwWIgELUQ0TRAcWdh9aFQQTSEcFME0FCFwEURNNfWpdAEsSSXhMMlxzD1YG&q={searchTerms}
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM -> {54DE77F7-18C5-444D-A178-67280A90ED62} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 -> {54DE77F7-18C5-444D-A178-67280A90ED62} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-2725741606-373032390-3845746488-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQgKUFsXGAYSbVxaB1xcFQxFchQBA1xCDAwWIgELUQ0TRAcWdh9aFQQTSEcFME0FCFwEURNNfWpdAEsSSXhMMlxzD1YG&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2725741606-373032390-3845746488-1000 -> OldSearch URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2725741606-373032390-3845746488-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQgKUFsXGAYSbVxaB1xcFQxFchQBA1xCDAwWIgELUQ0TRAcWdh9aFQQTSEcFME0FCFwEURNNfWpdAEsSSXhMMlxzD1YG&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2725741606-373032390-3845746488-1000 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKU\S-1-5-21-2725741606-373032390-3845746488-1000 -> {54DE77F7-18C5-444D-A178-67280A90ED62} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2725741606-373032390-3845746488-1000 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKU\S-1-5-21-2725741606-373032390-3845746488-1000 -> {C3D40B7B-9D68-4FA6-ABFB-3DE583322718} URL = hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bir-dd__alt__ddc_dss_bd_com&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2725741606-373032390-3845746488-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-2725741606-373032390-3845746488-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-06-26] (Oracle Corporation)
BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-02-18] (HP)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-26] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15] (Adobe Systems Incorporated)
BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-02-18] (HP)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-09-01] (Sun Microsystems, Inc.)
Toolbar: HKU\S-1-5-21-2725741606-373032390-3845746488-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
 
FireFox:
========
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-26] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [No File]
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-09-02] (DivX, LLC)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2011-09-01] (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-14] ()
FF Plugin HKU\S-1-5-21-2725741606-373032390-3845746488-1000: @citrixonline.com/appdetectorplugin -> C:\Users\wwjp1\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-02-25] (Citrix Online)
FF Plugin HKU\S-1-5-21-2725741606-373032390-3845746488-1000: @nsroblox.roblox.com/launcher -> C:\Users\wwjp1\AppData\Local\Roblox\Versions\version-e46474821b6847eb\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-2725741606-373032390-3845746488-1000: @nsroblox.roblox.com/launcher64 -> C:\Users\wwjp1\AppData\Local\Roblox\Versions\version-e46474821b6847eb\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
 
Chrome: 
=======
CHR RestoreOnStartup: Default -> "hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggScghaBwBCEBhGIl9dTA1IRwcOeVtdUhRIFFcbcwkMA1xDFAMFIk0FA1oDB0VXfV5bFElXTwhwJVhKAlE8TkdGC1dXFg=="
CHR StartupUrls: Default -> "hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggScghaBwBCEBhGIl9dTA1IRwcOeVtdUhRIFFcbcwkMA1xDFAMFIk0FA1oDB0VXfV5bFElXTwhwJVhKAlE8TkdGC1dXFg=="
CHR Profile: C:\Users\wwjp1\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\wwjp1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-10]
CHR Extension: (Website Logon) - C:\Users\wwjp1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aepeildmfnnehghlknddebgjghlompfe [2015-01-05]
CHR Extension: (Fruits Slice) - C:\Users\wwjp1\AppData\Local\Google\Chrome\User Data\Default\Extensions\afkpkaagbcebgebfcangeibbcjangpgd [2015-01-05]
CHR Extension: (Angry Birds) - C:\Users\wwjp1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2015-01-05]
CHR Extension: (Google Docs) - C:\Users\wwjp1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-10]
CHR Extension: (Google Drive) - C:\Users\wwjp1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-20]
CHR Extension: (YouTube) - C:\Users\wwjp1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Adblock Plus) - C:\Users\wwjp1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-22]
CHR Extension: (Google Search) - C:\Users\wwjp1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Dropbox for Gmail) - C:\Users\wwjp1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2015-10-09]
CHR Extension: (APNG) - C:\Users\wwjp1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehkepjiconegkhpodgoaeamnpckdbblp [2015-01-30]
CHR Extension: (Block site) - C:\Users\wwjp1\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2015-07-17]
CHR Extension: (Google Sheets) - C:\Users\wwjp1\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-10]
CHR Extension: (Google Docs Offline) - C:\Users\wwjp1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]
CHR Extension: (Click&Clean) - C:\Users\wwjp1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2015-06-05]
CHR Extension: (Eye Dropper) - C:\Users\wwjp1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmdcmlfkchdmnmnmheododdhjedfccka [2015-02-10]
CHR Extension: (Proxy Era) - C:\Users\wwjp1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdhebjohjpgicipoimkglgledckdalke [2015-01-05]
CHR Extension: (Cisco WebEx Extension) - C:\Users\wwjp1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2015-08-17]
CHR Extension: (Grammarly Spell Checker & Grammar Checker) - C:\Users\wwjp1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2015-11-17]
CHR Extension: (Skype Click to Call) - C:\Users\wwjp1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-10-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\wwjp1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-27]
CHR Extension: (Click&Clean App) - C:\Users\wwjp1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2015-10-28]
CHR Extension: (Gmail) - C:\Users\wwjp1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-05]
CHR HKLM-x32\...\Chrome\Extension: [aepeildmfnnehghlknddebgjghlompfe] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-02-11]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
 
Opera: 
=======
OPR StartupUrls: "hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggScghaBwBCEBhGIl9dTA1IRwcOeVtdUhRIFFcbcwkMA1xDFAMFIk0FA1oDB0VXfV5bFElXTwhwJVhKAlE8TkdGC1dXFg=="
OPR Session Restore: -> is enabled.
OPR Extension: (Block site) - C:\Users\wwjp1\AppData\Roaming\Opera Software\Opera Stable\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2015-10-06]
OPR Extension: (Site-specific Preferences) - C:\Users\wwjp1\AppData\Roaming\Opera Software\Opera Stable\Extensions\ialblehgpifdmjmbipnpaheemdobinei [2015-04-13]
OPR Extension: (Download Chrome Extension) - C:\Users\wwjp1\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2015-10-06]
OPR Extension: (SearchMoreKnow) - C:\Users\wwjp1\AppData\Roaming\Opera Software\Opera Stable\Extensions\menkoebeifckdfaomilhhpocikhgcegl [2015-11-17]
OPR Extension: (Adblock Plus) - C:\Users\wwjp1\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2015-09-23]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [901184 2011-01-24] (Intel Corporation) [File not signed]
S3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1298496 2011-01-24] (Intel Corporation) [File not signed]
S2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [991296 2011-01-24] (Intel Corporation) [File not signed]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [347200 2014-12-17] (WildTangent)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2413056 2015-01-05] (Realsil Microelectronics Inc.) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-08-01] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-07-17] (Synaptics Incorporated)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-08-01] (Microsoft Corporation)
S3 w3logsvc; C:\WINDOWS\SysWOW64\inetsrv\w3logsvc.dll [72192 2015-08-01] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-08-01] (Microsoft Corporation)
R2 W3SVC; C:\WINDOWS\SysWOW64\inetsrv\iisw3adm.dll [504832 2015-08-01] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-10-15] (Motorola Solutions, Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-08-01] (Microsoft Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-07-17] (Synaptics Incorporated)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30384 2015-08-01] (HP Inc.)
U3 idsvc; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-17 21:04 - 2015-11-17 21:05 - 00030842 _____ C:\Users\wwjp1\Desktop\FRST.txt
2015-11-17 21:04 - 2015-11-17 21:04 - 00000000 ____D C:\FRST
2015-11-17 21:03 - 2015-11-17 21:04 - 02008576 _____ (Farbar) C:\Users\wwjp1\Desktop\FRST64.exe
2015-11-17 20:55 - 2015-11-17 20:55 - 00016148 _____ C:\WINDOWS\system32\RAJAN-HP_wwjp1_HistoryPrediction.bin
2015-11-17 20:36 - 2015-11-17 20:55 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-17 20:36 - 2015-11-17 20:36 - 00000258 __RSH C:\ProgramData\ntuser.pol
2015-11-17 20:35 - 2015-11-17 20:54 - 00002276 _____ C:\WINDOWS\PFRO.log
2015-11-17 20:35 - 2015-11-17 20:35 - 765813426 _____ C:\WINDOWS\MEMORY.DMP
2015-11-17 20:35 - 2015-11-17 20:35 - 00280696 _____ C:\WINDOWS\Minidump\111715-22265-01.dmp
2015-11-17 20:35 - 2015-11-17 20:35 - 00000000 ____D C:\WINDOWS\Minidump
2015-11-17 19:08 - 2015-11-17 20:51 - 00000000 ____D C:\Users\wwjp1\AppData\Local\PlutoTV
2015-11-17 19:08 - 2015-11-17 19:08 - 00000013 _____ C:\Users\wwjp1\.pluto.tv
2015-11-17 19:07 - 2015-11-17 20:51 - 00000000 ____D C:\Program Files (x86)\Pluto TV
2015-11-17 19:06 - 2015-11-17 19:06 - 00000000 ____D C:\Users\wwjp1\Documents\My Cheat Tables
2015-11-17 19:06 - 2015-11-17 19:06 - 00000000 ____D C:\Users\wwjp1\AppData\Roaming\OpenCandy
2015-11-16 21:16 - 2015-11-16 21:16 - 16743798 _____ C:\Users\wwjp1\Downloads\Super Smash Bros. for 3DS-Wii U - A Real Veteran! (Turbo Gramp's fan-made character trailer).mp4
2015-11-16 18:50 - 2015-11-16 18:56 - 00000000 ____D C:\Users\wwjp1\Downloads\Dedede
2015-11-12 15:45 - 2015-11-12 15:45 - 00000000 ____D C:\Users\wwjp1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-12 15:15 - 2015-11-12 21:38 - 00000000 ____D C:\Users\wwjp1\Downloads\Little Mac
2015-11-11 23:25 - 2015-11-05 00:15 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-11-11 23:25 - 2015-11-05 00:15 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-11-11 23:25 - 2015-11-05 00:14 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-11-11 23:25 - 2015-11-05 00:13 - 00577888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-11 23:25 - 2015-11-05 00:11 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-11-11 23:25 - 2015-11-05 00:06 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-11 23:25 - 2015-11-05 00:06 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-11-11 23:25 - 2015-11-05 00:01 - 00607408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-11-11 23:25 - 2015-11-04 23:56 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-11-11 23:25 - 2015-11-04 23:56 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-11 23:25 - 2015-11-04 23:56 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-11-11 23:25 - 2015-11-04 23:30 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-11-11 23:25 - 2015-11-04 23:24 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-11 23:25 - 2015-11-04 23:23 - 00762888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-11-11 23:25 - 2015-11-04 23:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-11-11 23:25 - 2015-11-04 23:20 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-11-11 23:25 - 2015-11-04 23:18 - 24597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-11-11 23:25 - 2015-11-04 23:18 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-11-11 23:25 - 2015-11-04 23:18 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-11-11 23:25 - 2015-11-04 23:17 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-11-11 23:25 - 2015-11-04 23:12 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2015-11-11 23:25 - 2015-11-04 23:11 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-11-11 23:25 - 2015-11-04 23:10 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-11-11 23:25 - 2015-11-04 23:10 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-11-11 23:25 - 2015-11-04 23:07 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-11-11 23:25 - 2015-11-04 23:06 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-11-11 23:25 - 2015-11-04 23:05 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-11-11 23:25 - 2015-11-04 23:05 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-11 23:25 - 2015-11-04 23:03 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-11-11 23:25 - 2015-11-04 23:03 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-11-11 23:25 - 2015-11-04 23:01 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-11 23:25 - 2015-11-04 23:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-11-11 23:25 - 2015-11-04 23:01 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-11-11 23:25 - 2015-11-04 22:59 - 03587072 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-11-11 23:25 - 2015-11-04 22:59 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-11-11 23:25 - 2015-11-04 22:58 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-11-11 23:25 - 2015-11-04 22:58 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-11-11 23:25 - 2015-11-04 22:56 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-11-11 23:25 - 2015-11-04 22:55 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-11-11 23:25 - 2015-11-04 22:54 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-11-11 23:25 - 2015-11-04 22:47 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-11-11 23:25 - 2015-11-04 22:42 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-11-11 23:25 - 2015-11-04 22:40 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-11-11 23:25 - 2015-11-04 22:35 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-11-11 23:25 - 2015-11-04 22:35 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-11-11 23:25 - 2015-11-04 22:34 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-11-11 23:25 - 2015-11-04 22:33 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-11-11 23:25 - 2015-11-04 22:33 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-11 23:25 - 2015-11-04 22:30 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-11 23:25 - 2015-11-04 22:28 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-11-11 23:25 - 2015-11-04 22:27 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-11-11 23:25 - 2015-11-04 22:27 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-11-11 23:25 - 2015-11-04 22:23 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-11-09 22:19 - 2015-11-09 22:19 - 06539752 _____ (Tim Kosse) C:\Users\wwjp1\Downloads\FileZilla_3.14.1_win64-setup.exe
2015-11-09 22:11 - 2015-11-09 22:11 - 10677192 _____ C:\Users\wwjp1\Downloads\mariomansion.sql
2015-11-08 22:27 - 2015-11-08 22:37 - 00000000 ____D C:\Users\wwjp1\Downloads\Super Sawndz
2015-11-08 22:27 - 2015-11-08 22:27 - 00808000 _____ C:\Users\wwjp1\Downloads\supersawndz_1_0.zip
2015-11-08 22:25 - 2015-11-08 22:27 - 00000000 ____D C:\Users\wwjp1\Downloads\Sawnd
2015-11-08 22:25 - 2015-11-08 22:25 - 01492804 _____ C:\Users\wwjp1\Downloads\sawndz012.rar
2015-11-08 22:00 - 2010-01-20 22:44 - 00000000 ____D C:\Users\wwjp1\Downloads\Gecko1931
2015-11-08 21:59 - 2015-11-08 21:59 - 00856522 _____ C:\Users\wwjp1\Downloads\gecko1931.zip
2015-11-08 20:44 - 2015-11-08 20:44 - 00000000 ____D C:\Users\wwjp1\Downloads\PSA
2015-11-08 20:43 - 2015-11-08 20:44 - 35252884 _____ C:\Users\wwjp1\Downloads\Mr.Legend_And_Wacher_Destruction_Paranoia.zip
2015-11-08 20:39 - 2015-11-08 20:39 - 00715038 _____ C:\WINDOWS\unins000.exe
2015-11-08 20:39 - 2015-11-08 20:39 - 00443445 _____ ( ) C:\Users\wwjp1\Documents\LagarithSetup_1327.exe
2015-11-08 20:39 - 2015-11-08 20:39 - 00001990 _____ C:\WINDOWS\unins000.dat
2015-11-08 20:39 - 2011-12-07 19:37 - 00148992 _____ ( ) C:\WINDOWS\system32\lagarith.dll
2015-11-08 20:39 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\WINDOWS\SysWOW64\lagarith.dll
2015-11-08 20:33 - 2015-11-08 20:33 - 01012720 _____ (DivX, LLC) C:\Users\wwjp1\Documents\DivXInstaller.exe
2015-11-08 19:44 - 2015-10-04 16:06 - 00000000 ____D C:\Users\wwjp1\Downloads\Goku over Pit
2015-11-08 18:56 - 2015-11-08 18:56 - 00000000 ____D C:\Users\wwjp1\AppData\Local\{F7959D9D-EBAE-4F0C-98DA-6BD213084779}
2015-11-08 18:18 - 2015-11-08 18:18 - 00681097 _____ C:\Users\wwjp1\Downloads\ccc7f82fd5cd18096a15d2dd2432c532
2015-11-08 18:18 - 2015-11-08 18:18 - 00480925 _____ C:\Users\wwjp1\Downloads\e8176da12cb83d157d752cd2f7bd1abd
2015-11-08 18:16 - 2015-11-08 18:16 - 01139616 _____ C:\Users\wwjp1\Downloads\c9fdce2935f57eb9e901f7741c1d7b0a
2015-11-08 16:56 - 2015-11-08 16:56 - 00000000 ____D C:\Users\wwjp1\Downloads\HuffYUV
2015-11-08 16:56 - 2000-08-23 19:00 - 00033280 _____ (Disappearing Inc.) C:\WINDOWS\system32\HUFFYUV.DLL
2015-11-08 16:55 - 2015-11-08 16:55 - 00015098 _____ C:\Users\wwjp1\Downloads\huffyuv-2.1.1.zip
2015-11-08 16:51 - 2015-11-08 16:51 - 00001515 _____ C:\Users\wwjp1\Desktop\DivX Movies.lnk
2015-11-08 16:51 - 2015-11-08 16:51 - 00001135 _____ C:\Users\Public\Desktop\DivX Player.lnk
2015-11-08 16:50 - 2015-11-08 16:51 - 00000000 ____D C:\Users\wwjp1\AppData\Roaming\DivX
2015-11-08 16:50 - 2015-11-08 16:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2015-11-08 16:50 - 2015-11-08 16:50 - 00001160 _____ C:\Users\Public\Desktop\DivX Converter.lnk
2015-11-08 16:50 - 2015-11-08 16:50 - 00000000 ____D C:\Program Files\DivX
2015-11-08 16:48 - 2015-11-08 16:51 - 00000000 ____D C:\ProgramData\DivX
2015-11-08 16:48 - 2015-11-08 16:51 - 00000000 ____D C:\Program Files (x86)\DivX
2015-11-08 16:06 - 2015-11-08 16:08 - 00000000 ____D C:\Users\wwjp1\AppData\Local\Screencast-O-Matic-v2
2015-11-08 16:06 - 2015-11-08 16:06 - 00000000 ____D C:\Users\wwjp1\Documents\Screencast-O-Matic
2015-11-07 22:21 - 2015-11-07 22:21 - 10028485 _____ C:\Users\wwjp1\Downloads\Channel Art.pdn
2015-11-07 08:29 - 2015-11-07 08:29 - 00000000 ____D C:\Users\wwjp1\Downloads\Template
2015-11-07 08:28 - 2015-11-07 08:28 - 00326669 _____ C:\Users\wwjp1\Downloads\Channel Art Templates.zip
2015-11-07 08:11 - 2015-11-16 18:30 - 00000350 _____ C:\WINDOWS\Tasks\HPCeeScheduleForwwjp1.job
2015-11-07 08:11 - 2015-11-15 12:28 - 00003242 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForwwjp1
2015-11-04 22:05 - 2015-11-04 22:06 - 00000000 ____D C:\Users\wwjp1\Downloads\RecMeStartService-v19-Windows
2015-11-04 22:05 - 2015-11-04 22:05 - 00545176 _____ C:\Users\wwjp1\Downloads\RecMeStartService-v19-Windows.zip
2015-11-04 16:52 - 2015-11-04 16:52 - 00000000 _____ C:\Users\wwjp1\AppData\Local\{76911B47-DBE5-4FF4-B409-9E2D9AD4B4B8}
2015-11-03 18:15 - 2015-11-03 18:15 - 00000000 ____D C:\Users\wwjp1\AppData\Local\{98F9E9F0-32F3-43D3-88CB-771671F94199}
2015-11-01 19:01 - 2015-11-01 19:01 - 01571296 _____ C:\Users\wwjp1\Downloads\15 Track 15.wma
2015-11-01 19:00 - 2015-11-01 19:00 - 01087240 _____ C:\Users\wwjp1\Downloads\16 Track 16.wma
2015-11-01 18:09 - 2015-11-01 18:13 - 180875794 _____ C:\Users\wwjp1\Downloads\SGM-V2.01.7z
2015-10-29 19:19 - 2015-10-29 19:19 - 00188096 _____ C:\ods.exe
2015-10-26 20:02 - 2015-10-26 20:03 - 00969584 _____ (ROBLOX Corporation) C:\Users\wwjp1\Downloads\RobloxPlayerLauncher (1).exe
2015-10-22 14:15 - 2015-11-12 22:10 - 00001467 _____ C:\Users\wwjp1\Desktop\ROBLOX Player.lnk
2015-10-22 14:15 - 2015-11-12 22:10 - 00001282 _____ C:\Users\wwjp1\Desktop\ROBLOX Studio.lnk
2015-10-22 14:15 - 2015-11-12 22:10 - 00000000 ____D C:\Users\wwjp1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2015-10-21 18:21 - 2015-10-21 18:21 - 00000000 ____D C:\Program Files (x86)\Roblox
2015-10-18 18:49 - 2015-10-18 18:49 - 00000000 ____D C:\Users\wwjp1\AppData\Local\speech
2015-10-18 11:45 - 2015-10-18 11:53 - 00000175 _____ C:\Users\wwjp1\Documents\queries.txt
2015-10-18 10:32 - 2015-10-18 10:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2015-10-18 10:24 - 2015-10-18 10:26 - 114238280 _____ (Bitnami) C:\Users\wwjp1\Downloads\xampp-win32-5.6.12-0-VC11-installer.exe
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-17 21:01 - 2015-08-01 11:34 - 01006528 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-17 20:57 - 2015-02-22 10:34 - 00000000 ___RD C:\Users\wwjp1\Dropbox
2015-11-17 20:57 - 2015-02-22 10:30 - 00000000 ____D C:\Users\wwjp1\AppData\Roaming\Dropbox
2015-11-17 20:56 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-17 20:56 - 2015-01-05 19:59 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-17 20:55 - 2014-11-29 18:20 - 00000000 ____D C:\Users\wwjp1\AppData\LocalLow\AuthenTec
2015-11-17 20:54 - 2015-07-10 07:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-17 20:54 - 2015-07-10 04:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-11-17 20:53 - 2015-02-22 10:33 - 00001053 _____ C:\WINDOWS\wininit.ini
2015-11-17 20:51 - 2015-07-08 15:54 - 00000388 _____ C:\WINDOWS\Tasks\update-S-1-5-21-2725741606-373032390-3845746488-1000.job
2015-11-17 20:51 - 2015-06-18 09:39 - 00000918 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2725741606-373032390-3845746488-1000UA.job
2015-11-17 20:49 - 2015-01-10 12:45 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-11-17 20:39 - 2015-07-15 08:43 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-17 20:35 - 2015-08-01 11:36 - 00000000 ____D C:\Users\wwjp1
2015-11-17 20:22 - 2015-01-05 19:59 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-17 20:14 - 2015-01-10 12:44 - 00001171 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-11-17 20:14 - 2015-01-10 12:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-11-17 20:14 - 2015-01-10 12:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-17 19:08 - 2009-07-13 22:20 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2015-11-17 18:51 - 2015-06-18 09:39 - 00000866 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2725741606-373032390-3845746488-1000Core.job
2015-11-17 17:52 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-17 17:40 - 2015-02-14 16:03 - 00000000 ____D C:\Users\wwjp1\AppData\Roaming\Skype
2015-11-16 22:37 - 2015-01-07 20:02 - 00000000 ____D C:\Users\wwjp1\AppData\Local\CrashDumps
2015-11-16 21:35 - 2015-07-08 15:54 - 00000388 _____ C:\WINDOWS\Tasks\update-sys.job
2015-11-16 21:34 - 2015-01-26 19:49 - 00000000 ____D C:\Users\wwjp1\Documents\Camtasia Studio
2015-11-16 18:26 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-16 18:25 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-11-15 12:24 - 2015-01-05 20:28 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log
2015-11-13 19:32 - 2015-02-02 17:14 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-11-13 18:15 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\rescache
2015-11-12 15:39 - 2015-02-02 17:14 - 00004018 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-11-12 15:14 - 2015-07-10 05:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-11 23:24 - 2015-01-05 20:00 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-11 23:17 - 2015-01-07 21:28 - 00000600 _____ C:\Users\wwjp1\AppData\Local\PUTTY.RND
2015-11-09 22:24 - 2015-01-07 21:26 - 00000000 ____D C:\Users\wwjp1\AppData\Roaming\FileZilla
2015-11-09 19:48 - 2015-08-17 19:04 - 00000000 ____D C:\Users\wwjp1\AppData\LocalLow\WebEx
2015-11-08 23:06 - 2015-02-08 23:38 - 00000000 ____D C:\Users\wwjp1\AppData\Roaming\SoftGrid Client
2015-11-08 22:26 - 2015-07-10 05:59 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2015-11-08 22:26 - 2015-07-10 05:59 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2015-11-08 22:26 - 2015-07-10 05:59 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2015-11-08 22:26 - 2015-07-10 05:59 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2015-11-08 22:26 - 2015-07-10 05:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2015-11-08 22:26 - 2015-07-10 05:59 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2015-11-08 22:26 - 2015-07-10 05:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2015-11-08 22:26 - 2015-07-10 05:59 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2015-11-08 22:26 - 2015-07-10 05:59 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2015-11-08 22:26 - 2015-07-10 05:59 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2015-11-08 22:26 - 2015-07-10 05:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2015-11-08 22:26 - 2015-07-10 05:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2015-11-08 22:26 - 2015-07-10 05:59 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2015-11-08 22:26 - 2015-07-10 05:59 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2015-11-08 22:26 - 2015-07-10 05:59 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2015-11-08 22:26 - 2015-07-10 05:59 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2015-11-08 22:26 - 2015-07-10 05:59 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2015-11-08 22:26 - 2015-07-10 05:59 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2015-11-08 20:41 - 2015-06-28 13:17 - 00000000 ____D C:\Users\wwjp1\Downloads\DeSmuME
2015-11-08 17:09 - 2015-02-25 10:40 - 00000000 ____D C:\ProgramData\Skype
2015-11-05 18:08 - 2015-08-17 19:04 - 00000000 ____D C:\ProgramData\WebEx
2015-11-05 17:11 - 2015-08-24 16:03 - 00003940 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1420505044
2015-11-05 17:11 - 2015-01-05 19:44 - 00001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-11-05 17:11 - 2015-01-05 19:43 - 00000000 ____D C:\Program Files (x86)\Opera
2015-11-04 22:06 - 2015-01-27 11:21 - 00000000 ____D C:\Users\wwjp1\.android
2015-11-03 13:20 - 2015-10-03 08:46 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-11-03 13:20 - 2015-10-03 08:46 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-03 10:07 - 2015-09-18 22:35 - 00000000 ____D C:\Users\wwjp1\Documents\Prithvi's Math
2015-11-01 11:47 - 2015-01-12 17:09 - 00000000 ____D C:\Users\wwjp1\AppData\Roaming\Audacity
2015-10-31 13:51 - 2015-10-11 13:25 - 00000000 ____D C:\Users\wwjp1\Downloads\Smash Replays
2015-10-28 16:32 - 2015-07-08 12:36 - 00000000 ____D C:\Users\wwjp1\Documents\Youcam
2015-10-27 16:01 - 2015-08-01 12:09 - 00002372 _____ C:\Users\wwjp1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-10-27 16:01 - 2015-08-01 12:09 - 00000000 ___RD C:\Users\wwjp1\OneDrive
2015-10-22 14:15 - 2015-01-08 16:47 - 00000250 _____ C:\Users\wwjp1\AppData\LocalLow\rbxcsettings.rbx
2015-10-20 19:40 - 2015-08-17 19:04 - 00000000 ____D C:\Users\wwjp1\AppData\Roaming\webex
2015-10-18 11:14 - 2015-01-11 12:19 - 00000000 ____D C:\xampp
 
==================== Files in the root of some directories =======
 
2015-01-06 21:49 - 2015-01-06 21:49 - 0037607 _____ () C:\Program Files (x86)\Common Files\license.rtf
2015-01-06 21:49 - 2015-01-06 21:49 - 0008046 _____ () C:\Program Files (x86)\Common Files\setupBanner.jpg
2015-01-07 21:28 - 2015-11-11 23:17 - 0000600 _____ () C:\Users\wwjp1\AppData\Local\PUTTY.RND
2015-07-08 15:54 - 2015-07-08 15:54 - 0000003 _____ () C:\Users\wwjp1\AppData\Local\updater.log
2015-07-08 15:54 - 2015-10-03 11:38 - 0000424 _____ () C:\Users\wwjp1\AppData\Local\UserProducts.xml
2015-11-04 16:52 - 2015-11-04 16:52 - 0000000 _____ () C:\Users\wwjp1\AppData\Local\{76911B47-DBE5-4FF4-B409-9E2D9AD4B4B8}
 
Some files in TEMP:
====================
C:\Users\wwjp1\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp7ywjwz.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-11-12 21:14
 
==================== End of FRST.txt ============================
Link to post
Share on other sites

ADDITION.TXT

----------------------

Additional scan result of Farbar Recovery Scan Tool (x64) Version:17-11-2015
Ran by wwjp1 (2015-11-17 21:05:59)
Running from C:\Users\wwjp1\Desktop
Windows 10 Home (X64) (2015-08-01 17:04:18)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2725741606-373032390-3845746488-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2725741606-373032390-3845746488-503 - Limited - Disabled)
Guest (S-1-5-21-2725741606-373032390-3845746488-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2725741606-373032390-3845746488-1002 - Limited - Enabled)
wwjp1 (S-1-5-21-2725741606-373032390-3845746488-1000 - Administrator - Enabled) => C:\Users\wwjp1
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)
Acoustica Mixcraft 7 (64-bit) (HKLM-x32\...\Mixcraft 7-64) (Version: 7.0.0.251 - Acoustica)
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe Flash Player 19 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Anvil Studio 2015 (HKLM-x32\...\{2AE01E55-DB3F-46F3-9BD5-89D18021A675}) (Version: 15.01.14 - Willow Software)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
AuthenTec TrueAPI (Version: 1.2.1.33 - AuthenTec, Inc.) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blio (HKLM-x32\...\{9368DDD5-CE7F-4BD7-A83A-F00FABE338EC}) (Version: 2.2.6699 - K-NFB Reading Technology, Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Brother MFL-Pro Suite MFC-J410W (HKLM-x32\...\{31FD9031-FA28-4F73-9FD1-D7E9997C41CE}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Camtasia Studio 8 (HKLM-x32\...\{474DFABF-E55B-4905-ABAA-40791A6AC77F}) (Version: 8.4.4.1859 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco WebEx Meetings (HKU\S-1-5-21-2725741606-373032390-3845746488-1000\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Citrix Online Launcher (HKLM-x32\...\{1EFF9E6C-76E1-43F9-81FB-BC8C037B0902}) (Version: 1.0.258 - Citrix)
CTools (HKLM-x32\...\{5FD6386C-99A9-4EBC-A247-5EB6C8A9B147}) (Version: 1.0.8 - Chadsoft)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.1.3922 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.93 - DivX, LLC)
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dropbox (HKU\S-1-5-21-2725741606-373032390-3845746488-1000\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Evernote v. 4.2.2 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.2.3979 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE - The Traitor Soul (x32 Version: 2.2.0.95 - WildTangent) Hidden
FileZilla Client 3.13.0 (HKLM-x32\...\FileZilla Client) (Version: 3.13.0 - Tim Kosse)
Finale NotePad 2012 (HKLM-x32\...\Finale NotePad 2012) (Version: 2012..r1.5 - MakeMusic)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version:  - Image-Line)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
FreeMouseAutoClicker 3.7 (HKLM-x32\...\{292F00C5-25EF-4FBE-9873-13EF1F69DEED}_is1) (Version:  - Advanced Mouse Auto Clicker ltd.)
Git version 1.9.5-preview20150319 (HKLM-x32\...\Git_is1) (Version: 1.9.5-preview20150319 - The Git Development Community)
GitHub (HKU\S-1-5-21-2725741606-373032390-3845746488-1000\...\5f7eb300e2ea4ebf) (Version: 2.8.0.5 - GitHub, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
GoToMeeting 7.2.4.3164 (HKU\S-1-5-21-2725741606-373032390-3845746488-1000\...\GoToMeeting) (Version: 7.2.4.3164 - CitrixOnline)
HP 3D DriveGuard (HKLM\...\{0128D231-B23B-409C-A531-39D8D8774BA1}) (Version: 4.1.5.1 - Hewlett-Packard Company)
HP Connection Manager (HKLM-x32\...\{795AADBF-58C2-42D0-B779-E730702A247E}) (Version: 4.0.45.1 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{3C5AB11A-2DDB-49E6-9FC0-CFD88A7DDFE4}) (Version: 1.1.0.0 - Hewlett-Packard)
HP DVB-T TV Tuner 8.0.64.43 (HKLM-x32\...\HP DVB-T TV Tuner) (Version: 8.0.64.43 - )
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP On Screen Display (HKLM-x32\...\{9B9B8EE4-2EDB-41C2-AF2E-63E75D37CDDF}) (Version: 1.1.2 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{872B1C80-38EC-4A31-A25C-980820593900}) (Version: 1.2.3 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{EB58480C-0721-483C-B354-9D35A147999F}) (Version: 2.3.6 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company)
HP SimplePass 2011 (HKLM-x32\...\{BCFAA37D-A6DB-43BF-A351-43F183E52D07}) (Version: 5.1.0.495 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{962CB079-85E6-405F-8704-1C62365AE46F}) (Version: 4.5.10.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E92D47A1-D27D-430A-8368-0BAFD956507D}) (Version: 5.2.9.2 - Hewlett-Packard Company)
HPAsset component for HP Active Support Library (x32 Version: 3.0.2.2 - Hewlett-Packard) Hidden
Huffyuv AVI lossless video codec (Remove Only) (HKLM\...\HUFFYUV) (Version:  - )
HxD Hex Editor version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6381.0 - IDT)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{C7B40C35-85AE-4303-9EEA-1A1EA779664D}) (Version: 1.0.2.0511 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® WiDi (HKLM-x32\...\{0DD706AF-B542-438C-999E-B30C7F625C8D}) (Version: 2.1.39.0 - Intel Corporation)
Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Intel® PROSet/Wireless WiFi Software (HKLM\...\{E2D0B67F-8032-4E11-87C6-C8C721D331B3}) (Version: 15.01.0500.0903 - Intel Corporation)
Java 7 Update 75 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417075FF}) (Version: 7.0.750 - Oracle)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Java SE Development Kit 7 Update 75 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170750}) (Version: 1.7.0.750 - Oracle)
Java SE Development Kit 8 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180450}) (Version: 8.0.450.14 - Oracle Corporation)
Java 6 Update 24 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216024FF}) (Version: 6.0.240 - Oracle)
Java 6 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416045FF}) (Version: 6.0.450 - Oracle)
Java SE Development Kit 6 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160450}) (Version: 1.6.0.450 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Karbonn Mobile Driver (HKLM-x32\...\InstallShield_{0CBC82F7-D557-4C27-B999-C6D14ECFD6C7}) (Version: 1.00.0000 - Karbonn Mobile)
Karbonn Mobile Driver (x32 Version: 1.00.0000 - Karbonn Mobile) Hidden
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Lightshot-5.3.0.0 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.3.0.0 - Skillbrains)
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5131.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio Community 2013 with Update 4 (HKLM-x32\...\{96a8b90c-0a91-4e76-ab34-730c23923d11}) (Version: 12.0.31101 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery P.I. - Stolen in San Francisco (x32 Version: 2.2.0.95 - WildTangent) Hidden
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.4.1.211 - Native Instruments)
NewFreeScreensaver nfsFirePlace3D (HKLM-x32\...\Fire Place 3D New Free Screensaver_is1) (Version:  - Gekkon Ltd.)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.9.2 - Notepad++ Team)
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 27.0.1689.66 (HKLM-x32\...\Opera 27.0.1689.66) (Version: 27.0.1689.66 - Opera Software ASA)
Opera Stable 33.0.1990.58 (HKLM-x32\...\Opera 33.0.1990.58) (Version: 33.0.1990.58 - Opera Software)
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
Pdf995 (HKLM-x32\...\Pdf995) (Version: 15.0s - )
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Pinnacle Instant DVD Recorder (HKLM-x32\...\{C1212AE3-DBB9-4365-8473-F8ABC7B06BBB}) (Version: 2.6.1.127 - Pinnacle Systems)
Pinnacle Video Driver (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.029 - Pinnacle Systems)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
PyQt GPL v5.4.1 for Python v3.4 (x64) (HKLM\...\PyQt GPL v5.4.1 for Python v3.4 (x64)) (Version: 5.4.1 - )
Python 3.4.3 (HKLM-x32\...\{CCD588A7-8D55-49F1-A30C-47FAB40889ED}) (Version: 3.4.16490 - Python Software Foundation)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.83 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden
Reggie! Level Editor Next (HKLM-x32\...\Reggie! Level Editor Next) (Version: Milestone 2 Alpha 3 - RVLution)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.19.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.19.0 - Renesas Electronics Corporation) Hidden
ROBLOX Player for wwjp1 (HKU\S-1-5-21-2725741606-373032390-3845746488-1000\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.103 - RoxioNow)
Ruby 2.2.2-p95 (HKU\S-1-5-21-2725741606-373032390-3845746488-1000\...\{F4249FFD-42CD-4404-9534-170D074544F4}_is1) (Version: 2.2.2-p95 - RubyInstaller Team)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.13 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.13.101 - Skype Technologies S.A.)
Slingo Supreme (x32 Version: 2.2.0.95 - WildTangent) Hidden
SoftMaker FreeOffice (HKLM-x32\...\{8EBB8452-274B-465D-8324-00B0832FBB02}) (Version: 1.0.3490 - SoftMaker Software GmbH)
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.95 - Synaptics Incorporated)
SZS Modifier (HKLM-x32\...\{F6D8F2FE-B9BE-4C7C-98F2-2954B5A26AF2}) (Version: 2.5.2 - ChadSoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Validity WBF DDK (HKLM\...\{79174AF2-6CB1-42F5-981E-66DCA49391D0}) (Version: 4.3.205.0 - Validity Sensors, Inc.)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App (HP Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.12-0 - Bitnami)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2725741606-373032390-3845746488-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\wwjp1\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2725741606-373032390-3845746488-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\wwjp1\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2725741606-373032390-3845746488-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\wwjp1\AppData\Local\Citrix\GoToMeeting\2331\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-2725741606-373032390-3845746488-1000_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\wwjp1\AppData\Local\Roblox\Versions\version-e46474821b6847eb\RobloxProxy64.dll (ROBLOX Corporation)
CustomCLSID: HKU\S-1-5-21-2725741606-373032390-3845746488-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\wwjp1\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2725741606-373032390-3845746488-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\wwjp1\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2725741606-373032390-3845746488-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\wwjp1\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2725741606-373032390-3845746488-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\wwjp1\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2725741606-373032390-3845746488-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\wwjp1\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2725741606-373032390-3845746488-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\wwjp1\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2725741606-373032390-3845746488-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\wwjp1\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2725741606-373032390-3845746488-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\wwjp1\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2725741606-373032390-3845746488-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\wwjp1\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2725741606-373032390-3845746488-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\wwjp1\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
 
==================== Restore Points =========================
 
31-10-2015 15:28:36 Windows Update
08-11-2015 17:36:09 Scheduled Checkpoint
12-11-2015 15:09:10 Windows Update
12-11-2015 15:10:05 Windows Update
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {17A5373C-B074-4729-9ADE-AC782050F2DE} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {2053E609-09D4-4019-9E99-4D4159F24419} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {287C3716-78FF-479F-86BD-0CDA59177753} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {28C4EA79-6612-4560-8248-48C9F949DF24} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {29BC532C-3890-41DA-BEC5-D2C11EE20727} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_245_pepper.exe [2015-11-12] (Adobe Systems Incorporated)
Task: {2EDFFEE1-C089-4D3F-909B-3B7E28B6EB02} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {3080F13B-0D2F-429C-8C6D-4157831BAC6A} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {38D30485-9D8A-49EE-A6C1-4B33393198FC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {43E64552-0BF8-4C3B-B62D-70F521109DE0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {473FC98C-A531-40B9-81D7-B0E52442DBC1} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {4A403F73-EDCB-4552-86D1-3E5A93884BF2} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {4EA3E6B2-D10C-47A9-9532-C339EB88935B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {5558323F-B4F9-410D-B62F-3D9F2AB1F006} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {5CB97B58-C34E-4BAD-9D83-D8DB03F181F4} - System32\Tasks\HPCeeScheduleForwwjp1 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {5FB2571E-6D48-4B7E-84C7-D9118E52E4C2} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {6189F6BE-16CC-4B7F-878B-1271EAB29BB0} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {6DDD0051-4B15-4EF4-AD73-DCCB5D609C49} - System32\Tasks\Opera scheduled Autoupdate 1420505044 => C:\Program Files (x86)\Opera\launcher.exe [2015-10-30] (Opera Software)
Task: {73F2B4D5-2986-4F20-AF00-04FB216E475C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-02-23] (Hewlett-Packard Company)
Task: {76978F8D-73A1-4CF0-9F2C-42177830D4DE} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {7B3103B9-ABD1-40FF-AD2D-FA5773C71542} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {7F6B58A3-99A8-4F78-B818-2E8DFD469269} - System32\Tasks\update-S-1-5-21-2725741606-373032390-3845746488-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {80B1E87F-1CF5-407B-9E7F-115AE9BC8FDC} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {8E4B58DA-498E-40B9-859F-DDD497FECFE1} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {8F44939A-65B3-4D7F-A4F9-9E25F0ABC0A8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2015-11-10] (Microsoft)
Task: {8F849A08-CF6F-4FEE-8A1B-56DC7E261657} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {8FA86B6D-A472-4666-AEA1-4331FA8F7DC1} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2725741606-373032390-3845746488-1000Core => C:\Users\wwjp1\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {90F5E1A9-DAD5-492F-B68E-12F273A3D220} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {91C6EAB8-DCA2-47E7-BF30-7CE7A3BAF39B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-16] (Microsoft Corporation)
Task: {9539B6B1-CA68-44DB-B7F4-61BA240AC1D1} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {96C6A431-15EB-4D77-B173-7D2E25D7FED7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-02-23] (Hewlett-Packard Company)
Task: {9B02C497-2C44-406A-9D75-1A9A72633BB7} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {9F57BC17-FE1D-420C-8202-22BE1613667F} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-03-22] (CyberLink)
Task: {A88D1E90-314A-4ECC-9061-7F01E4BE808D} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {AF7D32DA-CE8F-40D9-9412-46F3E97464D1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {AFF444C4-FD78-4CFD-A2E9-45DE61FA5164} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {B03271DF-EC0C-406C-8CD0-97BBF5F3F1C9} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {B19C807C-8F8D-41E1-BEE3-56560C536610} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {B8B80613-526D-48F2-8F04-673AE326980B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Ghost Resign Task => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\HPResignFileLoader.exe [2015-11-10] (Microsoft)
Task: {B988E828-2014-454F-9EF3-1A2A6BB5788F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {BFA5A9CF-F483-4EDC-98AA-5F01FFD5E748} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-12] (Adobe Systems Incorporated)
Task: {C1BBD12E-0CFD-48BA-B97B-029AD4242336} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {C3EA1B3F-A8E2-4F60-984F-4C61606B0948} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {D9F9AA65-DA9A-4EB9-B51E-C28E8215AF0E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {DC68DD7C-E6C5-4EF4-9185-F990668A613F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {DE8F8AB2-7E13-4383-96D6-A3C1C7A83219} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {E0FF6BA8-473E-4B4B-85FD-AE41E241BEE3} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {E4CDE0BC-842B-49E7-8F22-D36D3DD9E908} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {E9E67342-7A73-442B-8ABC-DD1C676ED7ED} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-01-31] ()
Task: {EBD237F5-6E6B-403B-9B62-A8FB08ACA398} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {ED56B918-2C64-45FF-859E-2F0770BECA6F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {F0B6A89F-F07C-4792-B222-202257CB0D5F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {FEFEF2B7-AECD-48D3-90BB-A7F16EC35F36} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2725741606-373032390-3845746488-1000UA => C:\Users\wwjp1\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_245_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2725741606-373032390-3845746488-1000Core.job => C:\Users\wwjp1\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2725741606-373032390-3845746488-1000UA.job => C:\Users\wwjp1\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForwwjp1.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-2725741606-373032390-3845746488-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-08-01 15:16 - 2015-08-01 15:16 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-01-10 21:43 - 2014-03-05 10:18 - 00040448 _____ () C:\WINDOWS\System32\pdf995mon64.dll
2015-08-19 15:31 - 2015-08-11 04:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-01-11 20:10 - 2005-04-21 23:36 - 00143360 _____ () C:\WINDOWS\system32\BrSNMP64.dll
2015-10-01 16:44 - 2015-09-17 01:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 16:44 - 2015-09-17 01:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-01 16:44 - 2015-09-17 00:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-01 16:45 - 2015-09-17 00:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-01 16:44 - 2015-09-17 00:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-01 16:44 - 2015-09-17 00:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 16:44 - 2015-09-17 00:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-01 20:00 - 2015-06-01 20:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-10-01 20:52 - 2015-11-04 18:44 - 00166416 _____ () C:\Users\wwjp1\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll
2015-11-17 20:56 - 2015-11-17 20:56 - 00071168 _____ () c:\users\wwjp1\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp7ywjwz.dll
2015-03-04 16:45 - 2015-09-02 19:11 - 00012800 _____ () C:\Users\wwjp1\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 16:45 - 2015-09-02 19:11 - 00779776 _____ () C:\Users\wwjp1\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-08-01 09:50 - 2015-09-02 19:11 - 00056320 _____ () C:\Users\wwjp1\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 16:45 - 2015-09-02 19:11 - 00012288 _____ () C:\Users\wwjp1\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-01-11 20:10 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2015-09-04 21:15 - 2014-09-11 17:09 - 01498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2015-09-04 21:15 - 2014-05-19 16:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2015-08-15 07:42 - 2015-08-15 07:42 - 00039384 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2015-11-11 23:24 - 2015-11-06 23:36 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libglesv2.dll
2015-11-11 23:24 - 2015-11-06 23:36 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libegl.dll
2015-11-04 18:23 - 2015-11-04 18:23 - 00172544 _____ () C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\IsdiInterop\cf88a4e813c9e5e732a42bed7d587a5f\IsdiInterop.ni.dll
2011-11-02 03:14 - 2011-05-20 10:05 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2725741606-373032390-3845746488-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\wwjp1\Pictures\wallpaper background.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run32: => "HP Quick Launch"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [uDP Query User{7D5752C3-722D-4562-8D04-A678B882F270}C:\users\wwjp1\documents\pranav's folder\reggienext\riifs.exe] => (Allow) C:\users\wwjp1\documents\pranav's folder\reggienext\riifs.exe
FirewallRules: [TCP Query User{01A7AE49-6F38-4C3B-AB7A-011132520745}C:\users\wwjp1\documents\pranav's folder\reggienext\riifs.exe] => (Allow) C:\users\wwjp1\documents\pranav's folder\reggienext\riifs.exe
FirewallRules: [uDP Query User{82A35BB8-922E-4190-A1C0-114A6615EF3A}C:\users\wwjp1\documents\pranav's folder\stanfordeclipse\eclipse\eclipse.exe] => (Allow) C:\users\wwjp1\documents\pranav's folder\stanfordeclipse\eclipse\eclipse.exe
FirewallRules: [TCP Query User{D3C40582-FA55-4421-BFF1-9BD00FD268DC}C:\users\wwjp1\documents\pranav's folder\stanfordeclipse\eclipse\eclipse.exe] => (Allow) C:\users\wwjp1\documents\pranav's folder\stanfordeclipse\eclipse\eclipse.exe
FirewallRules: [uDP Query User{806D1E75-5936-4BD4-8ED1-B92914EDF808}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{2C6913E5-978E-4E2E-ABF9-6ACD74C2B85B}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [uDP Query User{40C7DECB-5658-49FA-B68D-EF034692DCE9}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{18A44D52-60F0-4C63-9DC4-FDFDBC7BD505}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [uDP Query User{FAEE456E-20E8-44B1-BF37-ECF5243D4619}C:\users\wwjp1\documents\pranav's folder\stanfordeclipse\eclipse\eclipse.exe] => (Allow) C:\users\wwjp1\documents\pranav's folder\stanfordeclipse\eclipse\eclipse.exe
FirewallRules: [TCP Query User{D8E31ADD-C7D5-48AF-A154-8E4C22AAD75E}C:\users\wwjp1\documents\pranav's folder\stanfordeclipse\eclipse\eclipse.exe] => (Allow) C:\users\wwjp1\documents\pranav's folder\stanfordeclipse\eclipse\eclipse.exe
FirewallRules: [uDP Query User{A4F9501F-7D7C-4DB3-8830-69DD054CE273}C:\ruby22\bin\ruby.exe] => (Allow) C:\ruby22\bin\ruby.exe
FirewallRules: [TCP Query User{474CCA1E-F5F4-4104-A272-D93E78559F15}C:\ruby22\bin\ruby.exe] => (Allow) C:\ruby22\bin\ruby.exe
FirewallRules: [{542B534B-AD6C-442E-9C43-5D56CFDEF6EE}] => (Allow) %ProgramFiles% (x86)\TechSmith\Camtasia Studio 8\CamtasiaStudio.exe
FirewallRules: [{E98A2F58-22AD-441D-9F51-535F1A6FF257}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [uDP Query User{2F8DE1C2-15E9-4100-A0AD-AA9BCBB9CECB}C:\users\wwjp1\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\wwjp1\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{0E47D4A1-9281-415C-92DA-3A67FDEAB301}C:\users\wwjp1\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\wwjp1\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{4577F835-E27D-4BDD-BBF5-6D3AC050F17D}] => (Allow) C:\Users\wwjp1\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{E271B303-64EB-4CF5-83B9-CABA7AD3770E}] => (Allow) C:\Users\wwjp1\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [uDP Query User{FFFD10B3-6BD0-46F6-BFF5-3C1BFA278545}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [TCP Query User{A449A5FC-6DD5-46EE-8A63-377C23478F34}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [{D9670FD9-398F-4FE3-9A00-21CA282FC995}] => (Allow) LPort=8317
FirewallRules: [uDP Query User{E9F26636-35EE-466C-8FBE-19A9367D1037}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{F5AC511D-BE04-4C1D-8E23-768F2DFE661F}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [uDP Query User{41295959-9D3D-4DB9-9000-007935C3115D}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{46E5F0B4-01B2-46F6-B431-0A40BEF6A849}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{05340D70-1B3E-4FD1-90B9-3D7EB2353B01}] => (Allow) LPort=54925
FirewallRules: [{96AC0388-F582-4D9B-ACFB-ACF2BB011FB9}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{0ED80308-78B8-4E4E-9BD7-69F30BDC4755}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{FDC9FE93-F86F-45F2-985C-37593B1B639E}] => (Allow) C:\Program Files (x86)\EasyBits For Kids\ezDesktop.exe
FirewallRules: [{E0769C05-94FF-48D8-9A76-F88AEDAF7345}] => (Allow) C:\Windows\system32\ezSharedSvcHost.exe
FirewallRules: [{D9A4D641-4742-414F-A77F-537A0FB33902}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{3C22AAB6-8F99-416B-A484-F897F4B1CD09}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{D35BA76E-7361-4E80-8341-815BF5A6F6F6}] => (Allow) LPort=1900
FirewallRules: [{9DB5467F-44AD-442E-92C7-44926DA6A40B}] => (Allow) LPort=2869
FirewallRules: [{2FFA76E2-47CE-4206-9C75-C2386B2CE27A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{47E1DFAB-F8C7-4883-AFC6-3A7C20BAC2AC}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\RNow.exe
FirewallRules: [{C812BEC1-6F87-4CF0-B263-863E73CBD8B3}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\RNow.exe
FirewallRules: [{EDDACBF2-71BF-4886-B8AC-F72BC2D85093}] => (Allow) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowShell.exe
FirewallRules: [{0D1359AA-6679-4A05-9460-C7A71F084D53}] => (Allow) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowShell.exe
FirewallRules: [{082DD42C-5BB3-48FC-AD58-F9DA3BE82E6B}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{D4D721D6-667E-4A6F-9AA1-E897638022CA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/17/2015 08:56:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mediasrv.exe, version: 1.0.0.49, time stamp: 0x4d382309
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0xb4276194
Faulting process id: 0x148c
Faulting application start time: 0xmediasrv.exe0
Faulting application path: mediasrv.exe1
Faulting module path: mediasrv.exe2
Report Id: mediasrv.exe3
Faulting package full name: mediasrv.exe4
Faulting package-relative application ID: mediasrv.exe5
 
Error: (11/17/2015 08:56:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: obexsrv.exe, version: 1.0.0.49, time stamp: 0x4d3823ba
Faulting module name: obexsrv.exe, version: 1.0.0.49, time stamp: 0x4d3823ba
Exception code: 0xc0000005
Fault offset: 0x00055bee
Faulting process id: 0x1370
Faulting application start time: 0xobexsrv.exe0
Faulting application path: obexsrv.exe1
Faulting module path: obexsrv.exe2
Report Id: obexsrv.exe3
Faulting package full name: obexsrv.exe4
Faulting package-relative application ID: obexsrv.exe5
 
Error: (11/17/2015 08:56:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: devmonsrv.exe, version: 1.0.0.49, time stamp: 0x4d38243e
Faulting module name: devmonsrv.exe, version: 1.0.0.49, time stamp: 0x4d38243e
Exception code: 0xc0000005
Fault offset: 0x00040ebc
Faulting process id: 0x19cc
Faulting application start time: 0xdevmonsrv.exe0
Faulting application path: devmonsrv.exe1
Faulting module path: devmonsrv.exe2
Report Id: devmonsrv.exe3
Faulting package full name: devmonsrv.exe4
Faulting package-relative application ID: devmonsrv.exe5
 
Error: (11/17/2015 08:54:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: obexsrv.exe, version: 1.0.0.49, time stamp: 0x4d3823ba
Faulting module name: obexsrv.exe, version: 1.0.0.49, time stamp: 0x4d3823ba
Exception code: 0xc0000005
Fault offset: 0x00055bee
Faulting process id: 0x8c4
Faulting application start time: 0xobexsrv.exe0
Faulting application path: obexsrv.exe1
Faulting module path: obexsrv.exe2
Report Id: obexsrv.exe3
Faulting package full name: obexsrv.exe4
Faulting package-relative application ID: obexsrv.exe5
 
Error: (11/17/2015 08:54:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: devmonsrv.exe, version: 1.0.0.49, time stamp: 0x4d38243e
Faulting module name: devmonsrv.exe, version: 1.0.0.49, time stamp: 0x4d38243e
Exception code: 0xc0000005
Fault offset: 0x00040ebc
Faulting process id: 0x8bc
Faulting application start time: 0xdevmonsrv.exe0
Faulting application path: devmonsrv.exe1
Faulting module path: devmonsrv.exe2
Report Id: devmonsrv.exe3
Faulting package full name: devmonsrv.exe4
Faulting package-relative application ID: devmonsrv.exe5
 
Error: (11/17/2015 08:48:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mediasrv.exe, version: 1.0.0.49, time stamp: 0x4d382309
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x70d73e16
Faulting process id: 0x1d80
Faulting application start time: 0xmediasrv.exe0
Faulting application path: mediasrv.exe1
Faulting module path: mediasrv.exe2
Report Id: mediasrv.exe3
Faulting package full name: mediasrv.exe4
Faulting package-relative application ID: mediasrv.exe5
 
Error: (11/17/2015 08:48:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: obexsrv.exe, version: 1.0.0.49, time stamp: 0x4d3823ba
Faulting module name: obexsrv.exe, version: 1.0.0.49, time stamp: 0x4d3823ba
Exception code: 0xc0000005
Fault offset: 0x00055bee
Faulting process id: 0x1d88
Faulting application start time: 0xobexsrv.exe0
Faulting application path: obexsrv.exe1
Faulting module path: obexsrv.exe2
Report Id: obexsrv.exe3
Faulting package full name: obexsrv.exe4
Faulting package-relative application ID: obexsrv.exe5
 
Error: (11/17/2015 08:48:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: devmonsrv.exe, version: 1.0.0.49, time stamp: 0x4d38243e
Faulting module name: devmonsrv.exe, version: 1.0.0.49, time stamp: 0x4d38243e
Exception code: 0xc0000005
Fault offset: 0x00040ebc
Faulting process id: 0x1cd4
Faulting application start time: 0xdevmonsrv.exe0
Faulting application path: devmonsrv.exe1
Faulting module path: devmonsrv.exe2
Report Id: devmonsrv.exe3
Faulting package full name: devmonsrv.exe4
Faulting package-relative application ID: devmonsrv.exe5
 
Error: (11/17/2015 08:35:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: devmonsrv.exe, version: 1.0.0.49, time stamp: 0x4d38243e
Faulting module name: devmonsrv.exe, version: 1.0.0.49, time stamp: 0x4d38243e
Exception code: 0xc0000005
Fault offset: 0x00040ebc
Faulting process id: 0x554
Faulting application start time: 0xdevmonsrv.exe0
Faulting application path: devmonsrv.exe1
Faulting module path: devmonsrv.exe2
Report Id: devmonsrv.exe3
Faulting package full name: devmonsrv.exe4
Faulting package-relative application ID: devmonsrv.exe5
 
Error: (11/17/2015 08:35:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: obexsrv.exe, version: 1.0.0.49, time stamp: 0x4d3823ba
Faulting module name: obexsrv.exe, version: 1.0.0.49, time stamp: 0x4d3823ba
Exception code: 0xc0000005
Fault offset: 0x00055bee
Faulting process id: 0x574
Faulting application start time: 0xobexsrv.exe0
Faulting application path: obexsrv.exe1
Faulting module path: obexsrv.exe2
Report Id: obexsrv.exe3
Faulting package full name: obexsrv.exe4
Faulting package-relative application ID: obexsrv.exe5
 
 
System errors:
=============
Error: (11/17/2015 08:56:38 PM) (Source: DCOM) (EventID: 10005) (User: RAJAN-HP)
Description: 1053Bluetooth Media ServiceUnavailable{9AC233E9-AC75-4DB5-85C4-DAB13A484FEA}
 
Error: (11/17/2015 08:56:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Bluetooth Media Service service failed to start due to the following error: 
%%1053
 
Error: (11/17/2015 08:56:38 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Bluetooth Media Service service to connect.
 
Error: (11/17/2015 08:56:37 PM) (Source: DCOM) (EventID: 10005) (User: RAJAN-HP)
Description: 1053Bluetooth OBEX ServiceUnavailable{E9E0D51D-F407-4D91-B294-C111F721A3AF}
 
Error: (11/17/2015 08:56:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Bluetooth OBEX Service service failed to start due to the following error: 
%%1053
 
Error: (11/17/2015 08:56:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Bluetooth OBEX Service service to connect.
 
Error: (11/17/2015 08:56:35 PM) (Source: DCOM) (EventID: 10005) (User: RAJAN-HP)
Description: 1053Bluetooth Device MonitorUnavailable{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}
 
Error: (11/17/2015 08:56:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Bluetooth Device Monitor service failed to start due to the following error: 
%%1053
 
Error: (11/17/2015 08:56:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Bluetooth Device Monitor service to connect.
 
Error: (11/17/2015 08:55:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Bluetooth OBEX Service service failed to start due to the following error: 
%%1053
 
 
CodeIntegrity:
===================================
  Date: 2015-11-16 21:17:55.299
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-11-16 21:17:55.283
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-11-16 21:17:54.938
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-11-16 21:17:54.922
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-11-16 21:17:53.074
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-11-16 21:17:53.059
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-11-16 21:17:52.238
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-11-16 21:17:52.200
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-11-16 21:17:49.235
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-11-16 21:17:49.202
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core i7-2670QM CPU @ 2.20GHz
Percentage of memory in use: 42%
Total physical RAM: 6091.86 MB
Available physical RAM: 3517.79 MB
Total Virtual: 12235.86 MB
Available Virtual: 9601.39 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:578.96 GB) (Free:482.89 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (RECOVERY) (Fixed) (Total:16.91 GB) (Free:1.84 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive j: (NSMBW) (Removable) (Total:1.89 GB) (Free:0.99 GB) FAT
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 73081B05)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=579 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
 
========================================================
Disk: 1 (Size: 1.9 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt ============================
Link to post
Share on other sites

Hello,

    

 

They call me TwinHeadedEagle around here, and I'll try to help your with your issue.

 

     

    

Before we start please read and note the following:

  • We're primarily oriented on malware removal here, so you must know that some issues just cannot be solved and you must be prepared for this. Some tools we use here will remove your browser search history, so backup your important links and all the files whose loss is unacceptable.
  • Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
  • Please be patient. I know it is frustrating when your PC isn't working properly, but malware removal takes time. Keep in mind that private life gets in the way too. Note that we may live in totally different time zones, what may cause some delays between answers.
  • Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
  • Do not paste the logs in your posts, attachments make my work easier. There is a More reply options button, that gives you Upload Files option below which you can use to attach your reports. Always attach reports from all tools.
  • Always execute my instructions in given order. If for some reason you cannot completely follow one instruction, inform me about that.
  • I volunteer to help you, so please, do not ask for help for your company/business PC. Companies are making revenue via computers, so it is good thing to pay someone to repair it.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
:excl: I can't foresee everything, so if anything not covered in my instructions happens, please stop and inform me!

:excl: There are no silly questions. Never be afraid to ask if in doubt!

 

 

 

  warning.gif Rules and policies

 

We won't support any piracy.

That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!

The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!

 

Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.

 

 


FRST.gif Scan with Farbar Recovery Scan Tool

 

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.

    (XP users click run after receipt of Windows Security Warning - Open File).

  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Please upload them into your next reply.
Link to post
Share on other sites

adwcleaner_new.png Fix with AdwCleaner

Please download AdwCleaner by Xplode and save the file to your Desktop.

  • Right-click on adwcleaner_new.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Accept the Terms of use.
  • Wait until the database is updated.
  • Click Scan.
  • When finished, please click Cleaning.
  • Your PC should reboot now.
  • After reboot, logfile will be opened. Copy its content into your next reply.
Note: Reports will be saved in your system partition, usually at C:\Adwcleaner


51a612a8b27e2-Zoek.png Scan with ZOEK

Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)

Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

createsrpoint;autoclean;emptyclsid;emptyalltemp;ipconfig /flushdns >>"%temp%\log.txt";b
  • Right-click on 51a612a8b27e2-Zoek.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)
Post its content into your next reply.
Link to post
Share on other sites

FRST.gif Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.

    (XP users click run after receipt of Windows Security Warning - Open File).

  • Make sure that Addition and Shortcut.txt options are checked.
  • Press Scan button and wait.
  • The tool will produce three logfiles on your desktop: FRST.txt, Shortcut.txt and Addition.txt.
Please attach them into your next reply.
Link to post
Share on other sites

FRST.gif Fix with Farbar Recovery Scan Tool

icon_exclaim.gif This fix was created for this user for use on that particular machine. icon_exclaim.gif

icon_exclaim.gif Running it on another one may cause damage and render the system unstable. icon_exclaim.gif

Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.

    (XP users click run after receipt of Windows Security Warning - Open File).

  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.
Please attach it to your reply.

fixlist.txt

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.