Jump to content

FRST Log


Recommended Posts

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-12-2015
Ran by Ty (administrator) on TY-PC (05-12-2015 16:50:25)
Running from C:\Users\Ty\Desktop
Loaded Profiles: Ty (Available Profiles: Ty)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\System Control Manager\MSIService.exe
() C:\Program Files (x86)\NTI\NTI Backup Now EZ 4\ScheduleService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Sentelic Corporation) C:\Program Files\FSP\FspUip.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Spotify Ltd) C:\Users\Ty\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Nico Mak Computing) C:\Program Files\WinZip\FAHWindow64.exe
(Nico Mak Computing) C:\Program Files\WinZip\WZUpdateNotifier.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\LockIndicator\LockIndicator.exe
(msi) C:\Program Files (x86)\MSI\msi LED Manager\SLM.exe
() C:\Program Files (x86)\MSI\MSI VGA Overclock Tool\VGAOCAP.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(NTI Corporation) C:\Program Files (x86)\NTI\NTI Backup Now EZ 4\Bunez4Tray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(ArcaneSanctum.Net) C:\Users\Ty\Desktop\NegativeScreen.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11777128 2011-02-14] (Realtek Semiconductor)
HKLM\...\Run: [THXCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
HKLM\...\Run: [fspuip] => C:\Program Files\FSP\fspuip.exe [5803520 2015-12-04] (Sentelic Corporation)
HKLM\...\Run: [bTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [intelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2011-01-05] (Intel® Corporation)
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [1441792 2014-08-05] ()
HKLM-x32\...\Run: [MGSysCtrl] => C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe [2482176 2011-02-17] (Micro-Star International Co., Ltd.)
HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [LockIndicator] => C:\Program Files (x86)\MSI\LockIndicator\LockIndicator.exe [1699016 2011-06-24] (Micro-Star International Co., Ltd.)
HKLM-x32\...\Run: [msi LED Manager] => C:\Program Files (x86)\msi\msi LED Manager\SLM.exe [2795008 2010-07-29] (msi)
HKLM-x32\...\Run: [VGAOCAP] => C:\Program Files (x86)\MSI\MSI VGA Overclock Tool\VGAOCAP.exe [89088 2012-06-06] ()
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe [1349632 2010-06-11] (Creative Technology Ltd)
HKLM-x32\...\Run: [updReg] => C:\Windows\UpdReg.EXE
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-04] (AVAST Software)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24952456 2015-11-30] (Dropbox, Inc.)
HKLM-x32\...\Run: [backupNowEZ4Tray] => C:\Program Files (x86)\NTI\NTI Backup Now EZ 4\Bunez4Tray.exe [1093832 2015-07-17] (NTI Corporation)
HKU\S-1-5-21-3314788180-3748886331-2302103882-1000\...\Run: [GoogleChromeAutoLaunch_7545F5730BA02FFBC23122E3B127CB09] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [741704 2015-11-24] (Google Inc.)
HKU\S-1-5-21-3314788180-3748886331-2302103882-1000\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50748544 2015-12-01] (Skype Technologies S.A.)
HKU\S-1-5-21-3314788180-3748886331-2302103882-1000\...\Run: [spotify Web Helper] => C:\Users\Ty\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2345584 2015-12-05] (Spotify Ltd)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-12-04] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-30] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2015-12-04]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk [2015-12-04]
ShortcutTarget: Update Notifier.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2015-12-04]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7F058229-ABC2-42E3-ADCC-3AB361DB306C}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A7254B8E-48AB-43D4-83CC-94562F946C3D}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-12-05] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-12-04] (AVAST Software)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-05] (Oracle Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-05] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-04] (AVAST Software)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-05] (Oracle Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)
 
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-05] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1222172.dll [2015-11-18] (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-05] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-04]
 
Chrome: 
=======
CHR Profile: C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-04]
CHR Extension: (Google Docs) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-04]
CHR Extension: (Google Drive) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-04]
CHR Extension: (Webpage Screenshot) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk [2015-12-04]
CHR Extension: (MEGA) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2015-12-04]
CHR Extension: (YouTube) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-04]
CHR Extension: (Google Cast) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-12-05]
CHR Extension: (Culinote) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbmbmdpabeoinbnckfnnhpljocfljfp [2015-12-04]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2015-12-04]
CHR Extension: (Google Search) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-04]
CHR Extension: (Netflix) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh [2015-12-04]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2015-12-04]
CHR Extension: (Facebook Unseen) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmdhkalcecemojegheiohcghkamlipof [2015-12-04]
CHR Extension: (Dropbox for Gmail) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2015-12-04]
CHR Extension: (Facebook Quick Links) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\elnjjchffmejafnnpaidbjjfhnhbmlie [2015-12-04]
CHR Extension: (Google Play Music) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2015-12-04]
CHR Extension: (Google Sheets) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-04]
CHR Extension: (Plex) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpniocchabmgenibceglhnfeimmdhdfm [2015-12-04]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2015-12-04]
CHR Extension: (VideoCast (VLC/Chromecast)) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\gclhodkofgoighinmongpkpncdpalejb [2015-12-04]
CHR Extension: (Google Docs Offline) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-04]
CHR Extension: (Facebook One) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\gigempibmkmpklaojfkmgaeflckfdohp [2015-12-04]
CHR Extension: (AdBlock) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-12-04]
CHR Extension: (Avast Online Security) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-12-04]
CHR Extension: (VLC Capture) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\goppbgmjnldonmjemebdmcjfefbgoloh [2015-12-04]
CHR Extension: (FireRTC) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\iaamfpbohecgihgnbhmppgekdjkbolah [2015-12-04]
CHR Extension: (Google Play Music) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2015-12-04]
CHR Extension: (Auto Refresh) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifooldnmmcmlbdennkpdnlnbgbmfalko [2015-12-04]
CHR Extension: (Watch Series Tv Shows Free 
 WatchSer...) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgblgjobdodnmdcoakmfpfloppeafdin [2015-12-04]
CHR Extension: (Start - A Better New Tab) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgifkabikplflflabkllnpidlbjjpgbp [2015-12-04]
CHR Extension: (Google Play) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-12-04]
CHR Extension: (Pocket) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2015-12-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-04]
CHR Extension: (Instagram for Chrome) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb [2015-12-04]
CHR Extension: (Gmail) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-04]
CHR Profile: C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-05]
CHR Extension: (Google Docs) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-05]
CHR Extension: (Google Drive) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-05]
CHR Extension: (YouTube) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-05]
CHR Extension: (Google Cast) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-12-05]
CHR Extension: (Google Search) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-05]
CHR Extension: (Google Sheets) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-05]
CHR Extension: (Google Docs Offline) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-05]
CHR Extension: (Avast Online Security) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-12-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-05]
CHR Extension: (Gmail) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-05]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-12-04]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-04] (AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-05] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-05] (Dropbox, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 Micro Star SCM; C:\Program Files (x86)\System Control Manager\MSIService.exe [160768 2009-07-09] (Micro-Star International Co., Ltd.) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-01-05] ()
R2 NTI Backup Now EZ 4 Scheduler; C:\Program Files (x86)\NTI\NTI Backup Now EZ 4\ScheduleService.exe [95944 2015-07-17] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-12-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-12-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-12-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-12-04] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1055560 2015-12-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [450504 2015-12-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [155304 2015-12-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-12-04] (AVAST Software)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 fspad_win764; C:\Windows\System32\DRIVERS\fspad_win764.sys [67584 2015-12-04] (Sentelic Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-12-05 16:50 - 2015-12-05 16:50 - 00025228 _____ C:\Users\Ty\Desktop\FRST.txt
2015-12-05 16:50 - 2015-12-05 16:50 - 00000000 ____D C:\FRST
2015-12-05 13:37 - 2015-12-05 13:37 - 02369024 _____ (Farbar) C:\Users\Ty\Desktop\FRST64.exe
2015-12-05 04:12 - 2015-12-05 04:12 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_btmaux_01009.Wdf
2015-12-05 04:06 - 2015-12-05 04:06 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
2015-12-05 03:14 - 2015-12-05 13:09 - 00000000 ____D C:\Users\Ty\Desktop\usbdeview-x64
2015-12-05 03:13 - 2015-12-05 03:14 - 00109623 _____ C:\Users\Ty\Desktop\usbdeview-x64.zip
2015-12-05 03:01 - 2015-12-05 03:01 - 00000000 ____D C:\Users\Ty\Tracing
2015-12-05 02:50 - 2015-12-05 16:50 - 00000000 ____D C:\Users\Ty\AppData\Roaming\Skype
2015-12-05 02:43 - 2015-12-05 02:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTI Backup Now EZ 4
2015-12-05 02:32 - 2015-12-05 02:32 - 00110176 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-12-05 02:31 - 2015-12-05 02:38 - 84416776 _____ (NTI Corporation) C:\Users\Ty\Desktop\NTI_Backup_Now_EZ_4.0.2.56_Toshiba_Update.exe
2015-12-05 02:31 - 2015-12-05 02:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-12-05 02:31 - 2015-12-05 02:31 - 00000000 ____D C:\Program Files\Java
2015-12-05 02:14 - 2015-12-05 02:14 - 00001150 _____ C:\Users\Ty\Desktop\Dropbox.lnk
2015-12-05 02:14 - 2015-12-05 02:14 - 00000000 ____D C:\Users\Ty\AppData\Roaming\Dropbox
2015-12-05 02:14 - 2015-12-05 02:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-12-05 02:13 - 2015-12-05 16:35 - 00000896 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-12-05 02:13 - 2015-12-05 13:18 - 00000900 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-12-05 02:13 - 2015-12-05 03:01 - 00000000 ____D C:\Users\Ty\AppData\Roaming\Spotify
2015-12-05 02:13 - 2015-12-05 02:52 - 00000000 ____D C:\Users\Ty\AppData\Local\Spotify
2015-12-05 02:13 - 2015-12-05 02:14 - 00000000 ____D C:\Users\Ty\AppData\Local\Dropbox
2015-12-05 02:13 - 2015-12-05 02:14 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-12-05 02:13 - 2015-12-05 02:13 - 00003896 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2015-12-05 02:13 - 2015-12-05 02:13 - 00003776 _____ C:\Windows\System32\Tasks\klcp_update
2015-12-05 02:13 - 2015-12-05 02:13 - 00003644 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2015-12-05 02:13 - 2015-12-05 02:13 - 00001785 _____ C:\Users\Ty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-12-05 02:13 - 2015-12-05 02:13 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-05 02:13 - 2015-12-05 02:13 - 00000000 ____D C:\Users\Ty\AppData\Local\CEF
2015-12-05 02:13 - 2015-12-05 02:13 - 00000000 ____D C:\ProgramData\Skype
2015-12-05 02:13 - 2015-12-05 02:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-05 02:13 - 2015-12-05 02:13 - 00000000 ____D C:\ProgramData\Dropbox
2015-12-05 02:12 - 2015-12-05 02:12 - 00001090 _____ C:\Users\Public\Desktop\Google Drive.lnk
2015-12-05 02:12 - 2015-12-05 02:12 - 00000881 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-12-05 02:12 - 2015-12-05 02:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-12-05 02:12 - 2015-12-05 02:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-12-05 02:12 - 2015-12-05 02:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-12-05 02:12 - 2015-12-05 02:12 - 00000000 ____D C:\Program Files\VideoLAN
2015-12-05 02:12 - 2015-12-05 02:12 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2015-12-05 02:11 - 2015-12-05 02:11 - 00001138 _____ C:\Users\Public\Desktop\Picasa 3.lnk
2015-12-05 02:11 - 2015-12-05 02:11 - 00001075 _____ C:\Users\Public\Desktop\MediaMonkey.lnk
2015-12-05 02:11 - 2015-12-05 02:11 - 00000000 ____D C:\Users\Ty\AppData\Roaming\MediaMonkey
2015-12-05 02:11 - 2015-12-05 02:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2015-12-05 02:11 - 2015-12-05 02:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey
2015-12-05 02:11 - 2015-12-05 02:11 - 00000000 ____D C:\ProgramData\MediaMonkey
2015-12-05 02:11 - 2015-12-05 02:11 - 00000000 ____D C:\Program Files (x86)\MediaMonkey
2015-12-05 02:11 - 2015-12-05 02:10 - 00002160 _____ C:\Users\Ty\Desktop\Microsoft OneDrive.lnk
2015-12-05 02:10 - 2015-12-05 15:12 - 00000000 ____D C:\Users\Ty\AppData\Roaming\Everything
2015-12-05 02:10 - 2015-12-05 02:10 - 00002160 _____ C:\Users\Ty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-12-05 02:10 - 2015-12-05 02:10 - 00002114 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-12-05 02:10 - 2015-12-05 02:10 - 00002114 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-12-05 02:10 - 2015-12-05 02:10 - 00001891 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
2015-12-05 02:10 - 2015-12-05 02:10 - 00001879 _____ C:\Users\Public\Desktop\ImgBurn.lnk
2015-12-05 02:10 - 2015-12-05 02:10 - 00000000 ___RD C:\Users\Ty\OneDrive
2015-12-05 02:10 - 2015-12-05 02:10 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2015-12-05 02:10 - 2015-12-05 02:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2015-12-05 02:10 - 2015-12-05 02:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Everything
2015-12-05 02:10 - 2015-12-05 02:10 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2015-12-05 02:10 - 2015-12-05 02:10 - 00000000 ____D C:\Program Files\Everything
2015-12-05 02:10 - 2015-12-05 02:10 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2015-12-05 02:10 - 2015-12-05 02:10 - 00000000 ____D C:\Program Files (x86)\ImgBurn
2015-12-05 02:09 - 2015-12-05 02:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-12-05 02:09 - 2015-12-05 02:10 - 00000000 ____D C:\Users\Ty\.oracle_jre_usage
2015-12-05 02:09 - 2015-12-05 02:09 - 00000000 ____D C:\Users\Ty\AppData\Roaming\Sun
2015-12-05 02:09 - 2015-12-05 02:09 - 00000000 ____D C:\Users\Ty\AppData\LocalLow\Sun
2015-12-05 02:09 - 2015-12-05 02:08 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-12-05 02:08 - 2015-12-05 02:08 - 00000000 ____D C:\Users\Ty\AppData\LocalLow\Oracle
2015-12-05 02:08 - 2015-12-05 02:08 - 00000000 ____D C:\ProgramData\Oracle
2015-12-05 02:08 - 2015-12-05 02:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-05 02:08 - 2015-12-05 02:08 - 00000000 ____D C:\Program Files (x86)\Java
2015-12-05 02:07 - 2015-12-05 02:07 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-05 02:07 - 2015-12-05 02:07 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-05 02:03 - 2015-12-05 02:26 - 00778462 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-12-05 01:58 - 2015-12-05 01:58 - 01497400 _____ (Microsoft Corporation) C:\Users\Ty\Downloads\NDP46-KB3045560-Web.exe
2015-12-05 01:54 - 2015-12-05 02:43 - 00002082 _____ C:\Users\Public\Desktop\NTI Backup Now EZ 4.lnk
2015-12-05 01:54 - 2015-12-05 02:43 - 00000000 ____D C:\ProgramData\BUNEZv4
2015-12-05 01:54 - 2015-12-05 01:54 - 00000000 ____D C:\ProgramData\NTIReg
2015-12-05 01:54 - 2015-12-05 01:54 - 00000000 ____D C:\Program Files (x86)\NTI
2015-12-05 01:52 - 2015-12-05 02:39 - 00000000 ____D C:\Users\Ty\AppData\Local\Downloaded Installations
2015-12-05 01:33 - 2015-12-05 01:33 - 00307200 _____ (Secure By Design Inc.) C:\Users\Ty\Downloads\EAE2.tmp
2015-12-05 01:28 - 2015-12-05 01:28 - 00000000 ____D C:\Users\Ty\AppData\Local\Microsoft Corporation
2015-12-05 01:27 - 2015-12-05 01:27 - 00000000 ____D C:\204beddba6edcd78a9
2015-12-05 01:27 - 2015-10-27 18:43 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-05 01:17 - 2015-12-05 01:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-05 01:17 - 2015-12-05 01:17 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-05 01:17 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-05 01:17 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-05 01:06 - 2015-12-05 01:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-12-05 01:06 - 2015-12-05 01:06 - 00000000 ____D C:\Program Files\7-Zip
2015-12-05 00:55 - 2015-12-05 01:53 - 00000000 ____D C:\Users\Ty\Downloads\Binary-legacy
2015-12-05 00:54 - 2015-12-05 00:54 - 00075540 _____ C:\Users\Ty\Downloads\Binary-legacy.zip
2015-12-05 00:45 - 2015-12-05 00:45 - 00002407 _____ C:\Users\Ty\Desktop\Tyler 2 - Chrome.lnk
2015-12-05 00:45 - 2015-12-05 00:45 - 00002363 _____ C:\Users\Ty\Desktop\Tyler - Chrome.lnk
2015-12-04 23:39 - 2015-12-04 23:39 - 00000000 ____D C:\Users\Ty\AppData\Roaming\Intel
2015-12-04 23:38 - 2015-12-04 23:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2015-12-04 23:38 - 2015-12-04 23:38 - 00000000 ____D C:\ProgramData\Intel
2015-12-04 23:38 - 2015-12-04 23:38 - 00000000 ____D C:\Program Files\Common Files\Intel
2015-12-04 23:38 - 2015-12-04 23:38 - 00000000 ____D C:\Program Files (x86)\Cisco
2015-12-04 23:03 - 2010-11-30 14:40 - 09888360 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtsUVStoricon.dll
2015-12-04 22:42 - 2015-12-05 13:18 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-04 22:42 - 2015-12-04 22:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-04 22:42 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-12-04 22:39 - 2015-12-04 22:39 - 00002297 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2015-12-04 22:39 - 2015-12-04 22:39 - 00000000 ____D C:\Users\Ty\AppData\Local\Nico Mak Computing
2015-12-04 22:39 - 2015-12-04 22:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2015-12-04 22:38 - 2015-12-04 22:40 - 00000000 ____D C:\Users\Ty\AppData\Local\WinZip
2015-12-04 22:38 - 2015-12-04 22:39 - 00000000 ____D C:\ProgramData\WinZip
2015-12-04 22:38 - 2015-12-04 22:38 - 00000000 ____D C:\ProgramData\UniqueId
2015-12-04 22:38 - 2015-12-04 22:38 - 00000000 ____D C:\Program Files\WinZip
2015-12-04 21:25 - 2015-12-05 02:14 - 00000000 ____D C:\Users\Ty\AppData\Local\ElevatedDiagnostics
2015-12-04 21:16 - 2015-12-04 21:16 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2015-12-04 20:45 - 2015-12-04 20:45 - 00000000 ____D C:\Users\Ty\AppData\Local\WindowsUpdate
2015-12-04 20:41 - 2015-12-04 20:41 - 00000040 ____H C:\Windows\system32\ivireg.ivr
2015-12-04 20:41 - 2015-12-04 20:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel
2015-12-04 20:41 - 2007-04-17 11:51 - 00014112 _____ (InterVideo) C:\Windows\system32\Drivers\regi.sys
2015-12-04 20:40 - 2015-12-04 20:40 - 00000000 ____D C:\ProgramData\Corel
2015-12-04 20:40 - 2015-12-04 20:40 - 00000000 ____D C:\Program Files (x86)\Corel
2015-12-04 20:37 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-12-04 20:35 - 2015-12-04 20:35 - 00000000 ____D C:\Users\Ty\Downloads\windvd_nb_w7_3264_1005830 (1)
2015-12-04 20:35 - 2015-12-04 20:35 - 00000000 ____D C:\Users\Ty\Downloads\thx_w7_nb
2015-12-04 20:31 - 2015-12-04 23:38 - 00000000 ____D C:\Program Files\Intel
2015-12-04 20:22 - 2015-12-05 01:09 - 00000000 ____D C:\Users\Ty\AppData\Local\FSP
2015-12-04 20:19 - 2015-12-04 20:18 - 00386096 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-12-04 20:18 - 2015-12-05 12:16 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-12-04 20:18 - 2015-12-04 20:18 - 01055560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-12-04 20:18 - 2015-12-04 20:18 - 00450504 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-12-04 20:18 - 2015-12-04 20:18 - 00273784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-12-04 20:18 - 2015-12-04 20:18 - 00155304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-12-04 20:18 - 2015-12-04 20:18 - 00097648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-12-04 20:18 - 2015-12-04 20:18 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-12-04 20:18 - 2015-12-04 20:18 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-12-04 20:18 - 2015-12-04 20:18 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-12-04 20:18 - 2015-12-04 20:18 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-12-04 20:18 - 2015-12-04 20:18 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2015-12-04 20:18 - 2015-12-04 20:18 - 00000000 ____D C:\Users\Ty\AppData\Roaming\AVAST Software
2015-12-04 20:18 - 2015-12-04 20:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-12-04 20:18 - 2015-12-04 20:18 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-04 20:17 - 2015-12-04 20:17 - 00000000 ____D C:\ProgramData\AVAST Software
2015-12-04 20:17 - 2015-12-04 20:17 - 00000000 ____D C:\Program Files\AVAST Software
2015-12-04 20:15 - 2015-12-04 20:15 - 00003132 _____ C:\Windows\System32\Tasks\{20230828-2103-4CD8-8543-FE5D1703C1A9}
2015-12-04 20:14 - 2015-12-04 20:15 - 145410632 _____ C:\Users\Ty\Downloads\windvd_nb_w7_3264_1005830 (1).zip
2015-12-04 20:13 - 2015-12-04 20:15 - 145410632 _____ C:\Users\Ty\Downloads\windvd_nb_w7_3264_1005830.zip
2015-12-04 20:13 - 2015-12-04 20:14 - 12018495 _____ C:\Users\Ty\Downloads\thx_w7_nb.zip
2015-12-04 20:12 - 2015-12-04 20:12 - 00000000 ____D C:\Users\Ty\Downloads\bt_intel centrino_highspeedadapter_1.0.78.20535_al00
2015-12-04 20:12 - 2015-12-04 20:12 - 00000000 ____D C:\Program Files\FSP
2015-12-04 20:11 - 2015-12-04 20:11 - 00000000 ____D C:\Users\Ty\Downloads\touchpad_stl_8.8.8.6_w700
2015-12-04 20:11 - 2015-12-04 20:11 - 00000000 ____D C:\Program Files\DIFX
2015-12-04 20:10 - 2015-12-04 20:12 - 156311218 _____ C:\Users\Ty\Downloads\bt_intel centrino_highspeedadapter_1.0.78.20535_al00.zip
2015-12-04 20:10 - 2015-12-04 20:10 - 41069552 _____ C:\Users\Ty\Downloads\touchpad_stl_8.8.8.6_w700.zip
2015-12-04 20:10 - 2015-12-04 20:10 - 01661264 _____ C:\Users\Ty\Downloads\wl_3870_3.0.11.0_w700.zip
2015-12-04 20:10 - 2015-12-04 20:10 - 00000000 ____D C:\Users\Ty\Downloads\wl_3870_3.0.11.0_w700
2015-12-04 20:09 - 2015-12-04 20:10 - 00000000 ____D C:\Users\Ty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2015-12-04 20:08 - 2015-12-04 20:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
2015-12-04 20:08 - 2015-12-04 20:08 - 00000000 ____D C:\ProgramData\Downloaded Installations
2015-12-04 20:08 - 2015-12-04 20:08 - 00000000 ____D C:\Program Files (x86)\Renesas Electronics
2015-12-04 20:07 - 2015-12-05 16:35 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-04 20:07 - 2015-12-05 15:12 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-04 20:07 - 2015-12-05 04:06 - 00000000 ____D C:\Users\Ty\AppData\Local\Google
2015-12-04 20:07 - 2015-12-05 02:12 - 00000000 ____D C:\Program Files (x86)\Google
2015-12-04 20:07 - 2015-12-04 20:07 - 00003886 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-04 20:07 - 2015-12-04 20:07 - 00003634 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-04 20:07 - 2015-12-04 20:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-04 20:06 - 2015-12-04 20:07 - 00000000 ____D C:\Users\Ty\AppData\Local\Deployment
2015-12-04 20:06 - 2015-12-04 20:06 - 00000000 ____D C:\Users\Ty\AppData\Local\Apps\2.0
2015-12-04 20:02 - 2015-12-04 20:02 - 00000159 ___RH C:\Windows\ctfile.rfc
2015-12-04 20:02 - 2015-12-04 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2015-12-04 20:02 - 2010-05-04 11:00 - 00237056 _____ C:\Windows\system32\APOMgr64.DLL
2015-12-04 20:02 - 2010-05-04 10:59 - 00182272 _____ C:\Windows\SysWOW64\APOMngr.DLL
2015-12-04 20:02 - 2010-05-04 10:45 - 00006619 ____N C:\Windows\system32\THXCfg64.ini
2015-12-04 20:02 - 2010-05-04 10:45 - 00001200 ____N C:\Windows\THXCfg_SP_APOIM.ini
2015-12-04 20:02 - 2010-03-23 16:46 - 00001099 ____N C:\Windows\THXCfg_HP_APOIM.ini
2015-12-04 20:02 - 2010-03-23 16:46 - 00001099 ____N C:\Windows\THXCfg_APOIM.ini
2015-12-04 20:02 - 2009-12-29 16:52 - 00089088 _____ C:\Windows\system32\CmdRtr64.DLL
2015-12-04 20:02 - 2009-12-29 16:50 - 00073728 _____ C:\Windows\SysWOW64\CmdRtr.DLL
2015-12-04 20:02 - 2009-10-15 13:38 - 00017920 ____N (Creative Technology Ltd.) C:\Windows\system32\THXCfg64.dll
2015-12-04 20:02 - 2009-10-01 16:42 - 00141312 ____N (Creative Technology Ltd.) C:\Windows\system32\THXCfg64.exe
2015-12-04 20:02 - 2000-05-11 01:00 - 00090112 ____N (Creative Technology Ltd.) C:\Windows\Updreg.EXE
2015-12-04 20:01 - 2015-12-04 20:01 - 00000000 ____D C:\Program Files (x86)\Creative
2015-12-04 19:44 - 2015-12-04 20:46 - 00060704 _____ C:\Users\Ty\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-04 19:44 - 2015-12-04 19:44 - 00000000 ____D C:\Users\Ty\AppData\Roaming\Intel Corporation
2015-12-04 19:44 - 2015-12-04 19:44 - 00000000 ____D C:\Users\Ty\AppData\Local\msi
2015-12-04 19:37 - 2015-12-04 19:37 - 00002627 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI VGA Overclock.lnk
2015-12-04 19:36 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-04 19:36 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-04 19:36 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-04 19:36 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-04 19:36 - 2014-05-14 08:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-04 19:36 - 2014-05-14 08:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-04 19:36 - 2014-05-14 08:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-04 19:36 - 2014-05-14 08:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-04 19:36 - 2014-05-14 08:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-04 19:36 - 2014-05-14 08:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-04 19:36 - 2014-05-14 08:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-04 19:36 - 2014-05-14 08:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-04 19:36 - 2014-05-14 08:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-04 19:36 - 2014-05-14 08:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-04 19:36 - 2011-02-01 13:06 - 00008192 _____ C:\Windows\system32\Drivers\IntelMEFWVer.dll
2015-12-04 19:34 - 2015-12-05 14:49 - 00000000 ____D C:\Program Files (x86)\MSI
2015-12-04 19:34 - 2015-12-04 19:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2015-12-04 19:34 - 2010-06-23 17:10 - 00344680 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2015-12-04 19:34 - 2010-01-06 00:39 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2015-12-04 19:34 - 2009-12-03 17:27 - 00074272 _____ C:\Windows\system32\RtNicProp64.dll
2015-12-04 19:33 - 2015-12-04 19:33 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-12-04 19:33 - 2012-02-01 16:16 - 00568600 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys
2015-12-04 19:32 - 2015-12-04 20:30 - 00000000 ___HD C:\Program Files (x86)\Temp
2015-12-04 19:32 - 2015-12-04 19:32 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2015-12-04 19:32 - 2015-12-04 19:32 - 00000000 ____D C:\Program Files\Realtek
2015-12-04 19:32 - 2011-02-15 17:56 - 02741736 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-12-04 19:32 - 2011-02-15 17:07 - 00397912 _____ (Creative Technology Ltd.) C:\Windows\system32\MBTHX64.dll
2015-12-04 19:32 - 2011-02-15 17:07 - 00309848 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBTHX32.dll
2015-12-04 19:32 - 2011-02-15 11:24 - 00000176 _____ C:\Windows\system32\Drivers\RTHDAEQ0.dat
2015-12-04 19:32 - 2011-02-14 17:37 - 00084072 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInst64.dll
2015-12-04 19:32 - 2011-02-11 14:39 - 01247848 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-12-04 19:32 - 2011-02-09 15:56 - 01284712 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2015-12-04 19:32 - 2011-01-28 23:03 - 02841704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2015-12-04 19:32 - 2011-01-25 13:58 - 02358888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-12-04 19:32 - 2011-01-24 14:20 - 00638056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-12-04 19:32 - 2011-01-20 14:47 - 01943616 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-12-04 19:32 - 2010-11-29 18:47 - 02578576 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2015-12-04 19:32 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2015-12-04 19:32 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2015-12-04 19:32 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2015-12-04 19:32 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2015-12-04 19:32 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2015-12-04 19:32 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2015-12-04 19:32 - 2010-11-03 18:31 - 01146984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-12-04 19:32 - 2010-11-03 18:31 - 00332392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2015-12-04 19:32 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-12-04 19:32 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2015-12-04 19:32 - 2010-07-22 16:37 - 00200800 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-12-04 19:32 - 2010-07-02 19:40 - 00080984 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll
2015-12-04 19:32 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2015-12-04 19:32 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2015-12-04 19:32 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2015-12-04 19:32 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2015-12-04 19:32 - 2009-11-18 18:42 - 02197264 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2015-12-04 19:32 - 2009-11-18 07:12 - 00032344 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\MBfilt64.sys
2015-12-04 19:32 - 2009-11-17 18:12 - 00108960 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2015-12-04 19:31 - 2015-12-04 23:03 - 00000000 ____D C:\Windows\SysWOW64\sda
2015-12-04 19:31 - 2015-12-04 23:03 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-12-04 19:31 - 2010-11-30 14:40 - 00307304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\rtsuvstor.sys
2015-12-04 19:31 - 2010-11-11 14:14 - 00017512 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\diskperf64.sys
2015-12-04 19:16 - 2015-12-04 19:16 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-04 19:14 - 2015-12-04 19:14 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-12-04 19:14 - 2011-04-08 08:01 - 20491880 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-12-04 19:14 - 2011-04-08 08:01 - 18580072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-12-04 19:14 - 2011-04-08 08:01 - 15063656 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-12-04 19:14 - 2011-04-08 08:01 - 13048168 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-12-04 19:14 - 2011-04-08 08:01 - 13011560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-12-04 19:14 - 2011-04-08 08:01 - 12871272 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-12-04 19:14 - 2011-04-08 08:01 - 10085480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-12-04 19:14 - 2011-04-08 08:01 - 08131176 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-12-04 19:14 - 2011-04-08 08:01 - 06607976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-12-04 19:14 - 2011-04-08 08:01 - 06048872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-12-04 19:14 - 2011-04-08 08:01 - 04943976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-12-04 19:14 - 2011-04-08 08:01 - 03113576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-12-04 19:14 - 2011-04-08 08:01 - 02897512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-12-04 19:14 - 2011-04-08 08:01 - 02482792 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2015-12-04 19:14 - 2011-04-08 08:01 - 02253416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2015-12-04 19:14 - 2011-04-08 08:01 - 02221672 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-12-04 19:14 - 2011-04-08 08:01 - 01986152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-12-04 19:14 - 2011-04-08 08:01 - 01615976 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6420100.dll
2015-12-04 19:14 - 2011-04-08 08:01 - 01359976 _____ (NVIDIA Corporation) C:\Windows\system32\nvgenco642040.dll
2015-12-04 19:14 - 2011-04-08 08:01 - 00067176 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-12-04 19:14 - 2011-04-08 08:01 - 00057960 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-12-04 19:14 - 2011-04-08 08:01 - 00011240 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvBridge.kmd
2015-12-04 19:14 - 2011-04-08 08:01 - 00007621 _____ C:\Windows\system32\nvinfo.pb
2015-12-04 19:14 - 2011-03-03 21:29 - 01359976 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco642040.dll
2015-12-04 19:14 - 2011-03-03 21:29 - 00174184 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-12-04 19:14 - 2011-03-03 21:29 - 00029288 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-12-04 19:13 - 2015-12-04 19:14 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-12-04 19:12 - 2015-12-04 19:12 - 00000000 ____D C:\NVIDIA
2015-12-04 19:02 - 2015-12-05 01:54 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-12-04 19:02 - 2015-12-04 19:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Control Manager
2015-12-04 19:02 - 2015-12-04 19:02 - 00000000 ____D C:\Program Files (x86)\System Control Manager
2015-12-04 19:02 - 2009-12-18 11:54 - 00003584 _____ (Windows ® Win 7 DDK provider) C:\Windows\SysWOW64\msiapcfg.dll
2015-12-04 19:02 - 2008-05-23 17:02 - 00012288 _____ C:\Windows\MSIECO
2015-12-04 18:59 - 2015-12-04 20:04 - 00000000 ____D C:\Program Files (x86)\Intel
2015-12-04 18:59 - 2015-12-04 18:59 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2015-12-04 18:59 - 2015-12-04 18:59 - 00000000 ____D C:\Intel
2015-12-04 18:59 - 2011-04-15 16:00 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2015-12-04 18:58 - 2015-12-05 16:47 - 00003902 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{4F098DB5-0DC0-460F-BBBC-FC716A10698E}
2015-12-04 18:58 - 2015-12-04 18:58 - 00001447 _____ C:\Users\Ty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-12-04 18:58 - 2015-12-04 18:58 - 00001413 _____ C:\Users\Ty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-12-04 18:58 - 2015-12-04 18:58 - 00000000 ____D C:\Users\Ty\AppData\Local\VirtualStore
2015-12-04 18:57 - 2015-12-05 03:01 - 00000000 ____D C:\Users\Ty
2015-12-04 18:57 - 2015-12-04 18:57 - 00000020 ___SH C:\Users\Ty\ntuser.ini
2015-12-04 18:57 - 2015-12-04 18:57 - 00000000 _SHDL C:\Users\Ty\My Documents
2015-12-04 18:57 - 2015-12-04 18:57 - 00000000 _SHDL C:\Users\Ty\Documents\My Videos
2015-12-04 18:57 - 2015-12-04 18:57 - 00000000 _SHDL C:\Users\Ty\Documents\My Pictures
2015-12-04 18:57 - 2015-12-04 18:57 - 00000000 _SHDL C:\Users\Ty\Documents\My Music
2015-12-04 18:57 - 2011-04-12 00:28 - 00000000 ____D C:\Users\Ty\AppData\Roaming\Media Center Programs
2015-12-04 18:53 - 2015-12-04 18:53 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-12-04 18:53 - 2015-12-04 18:53 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-12-04 18:50 - 2015-12-04 18:57 - 00000000 ____D C:\Windows\Panther
2015-11-05 20:36 - 2015-11-05 20:36 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2015-11-05 20:36 - 2015-11-05 20:36 - 00018600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr110_clr0400.dll
2015-11-05 20:36 - 2015-11-05 20:36 - 00018600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2015-11-05 20:36 - 2015-11-05 20:36 - 00018600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp110_clr0400.dll
2015-11-05 20:34 - 2015-11-05 20:34 - 00030400 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2015-11-05 20:34 - 2015-11-05 20:34 - 00018592 _____ (Microsoft Corporation) C:\Windows\system32\msvcr110_clr0400.dll
2015-11-05 20:34 - 2015-11-05 20:34 - 00018592 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2015-11-05 20:34 - 2015-11-05 20:34 - 00018592 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110_clr0400.dll
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-12-05 16:50 - 2009-07-13 19:20 - 00000000 ____D C:\Windows
2015-12-05 16:43 - 2009-07-13 21:13 - 00785756 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-05 16:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\inf
2015-12-05 16:42 - 2009-07-13 20:45 - 00021840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-05 16:42 - 2009-07-13 20:45 - 00021840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-05 16:34 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-05 02:16 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-12-05 00:12 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\system32\NDF
2015-12-04 23:07 - 2009-07-13 20:45 - 00275352 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-04 20:49 - 2009-07-13 21:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-12-04 20:12 - 2012-09-07 11:48 - 01623040 _____ (Sentelic Corporation.) C:\Windows\SysWOW64\StlFspAPI32.dll
2015-12-04 20:11 - 2012-09-07 11:48 - 02219008 _____ (Sentelic Corporation.) C:\Windows\system32\StlFspAPI64.dll
2015-12-04 20:11 - 2012-09-07 11:11 - 00067584 _____ (Sentelic Corporation) C:\Windows\system32\Drivers\fspad_win764.sys
2015-12-04 20:11 - 2012-09-07 10:47 - 00064512 _____ (Sentelic Corporation) C:\Windows\system32\fspadco.dll
2015-12-04 20:03 - 2009-07-13 21:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-12-04 19:36 - 2009-07-13 19:20 - 00000000 __RHD C:\Users\Public\Libraries
2015-12-04 19:14 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Help
2015-12-04 18:57 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2015-12-04 18:52 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\system32\sysprep
2015-12-04 18:50 - 2009-07-13 21:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
 
Some files in TEMP:
====================
C:\Users\Ty\AppData\Local\Temp\YSPCUNLR.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-12-04 18:51
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-12-2015
Ran by Ty (2015-12-05 16:51:29)
Running from C:\Users\Ty\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2015-12-05 02:57:52)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3314788180-3748886331-2302103882-500 - Administrator - Disabled)
Guest (S-1-5-21-3314788180-3748886331-2302103882-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3314788180-3748886331-2302103882-1002 - Limited - Enabled)
Ty (S-1-5-21-3314788180-3748886331-2302103882-1000 - Administrator - Enabled) => C:\Users\Ty
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 15.12 (x64) (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.2.172 - Adobe Systems, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.830 - Corel Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.12.4 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.77 - Dropbox, Inc.) Hidden
Everything 1.3.4.686 (x64) (HKLM\...\Everything) (Version:  - )
Finger Sensing Pad Driver (HKLM\...\{E86906FF-C63D-4EAF-ACE7-5F8D55FBEA9A}) (Version: 8.8.8.6 - Sentelic)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.73 - Google Inc.)
Google Drive (HKLM-x32\...\{1C3D2F92-D25E-4D98-B810-3F3B0857BF26}) (Version: 1.26.0707.2863 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
i-Charger (HKLM-x32\...\i-Charger_is1) (Version:  - msi, Inc.)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{006B5C65-3938-4246-B182-994A7E415EDE}) (Version: 1.1.0.0537 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{1927E640-A2C6-4BA7-8F43-FFD2AE3DFCF3}) (Version: 14.0.2000 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java SE Development Kit 8 Update 66 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180660}) (Version: 8.0.660.18 - Oracle Corporation)
K-Lite Codec Pack 11.7.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.7.5 - )
LockIndicator (HKLM-x32\...\{CBDF64A5-44E0-4ECF-B5B3-FE8EF961CF13}) (Version: 1.0.1106.2401 - Micro-Star International Co., Ltd.)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3314788180-3748886331-2302103882-1000\...\OneDriveSetup.exe) (Version: 17.3.6201.1019 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
msi LED Manager (HKLM-x32\...\{34B61214-F4D3-4449-A918-F52A36FB2F71}) (Version: 1.0.1011.2501 - msi)
MSI VGA Overclock Tool (HKLM-x32\...\{26C18D1A-CA42-4682-8CBA-98929848278A}) (Version: 12.06.0601 - MSI)
NTI Backup Now EZ 4 (HKLM-x32\...\InstallShield_{249E38A7-26F9-4C82-A95B-CDA5184A54CF}) (Version: 4.0.2.56 - NTI Corporation)
NTI Backup Now EZ 4 (x32 Version: 4.0.2.56 - NTI Corporation) Hidden
NVIDIA Graphics Driver 268.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.12 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.2.22.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.22.1 - NVIDIA Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.23.623.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6309 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10008 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
Skype™ 7.16 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.16.101 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3314788180-3748886331-2302103882-1000\...\Spotify) (Version: 1.0.19.106.gb8a7150f - Spotify AB)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Control Manager (HKLM-x32\...\{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}) (Version: 2.211.0217.007.04 - Micro-Star International Co., Ltd.)
THX TruStudio Pro (HKLM-x32\...\{4FA6CB9A-2972-4AAF-A36E-3C40FCC22395}) (Version: 1.0 - Creative Technology Limited)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinZip 20.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EF}) (Version: 20.0.11659 - WinZip Computing, S.L. )
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3314788180-3748886331-2302103882-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Ty\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-3314788180-3748886331-2302103882-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Ty\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)
 
==================== Restore Points =========================
 
04-12-2015 19:02:25 Installed System Control Manager
04-12-2015 19:31:20 Installed Realtek USB 2.0 Reader Driver
04-12-2015 19:33:02 Windows Update
04-12-2015 19:34:42 Installed Realtek Ethernet Controller Driver For Windows Vista aŸhg{
04-12-2015 19:35:59 Windows Update
04-12-2015 19:36:51 Installed MSI VGA Overclock Tool
04-12-2015 19:37:44 Installed Finger Sensing Pad Driver
04-12-2015 20:01:39 Installed THX TruStudio Pro
04-12-2015 20:04:41 Installed Intel® PROSet/Wireless Software for Bluetooth® Technology
04-12-2015 20:08:33 Installed Renesas Electronics USB 3.0 Host Controller Driver
04-12-2015 20:12:17 Installed Finger Sensing Pad Driver
04-12-2015 20:30:35 Installed Intel® PROSet/Wireless Software for Bluetooth® Technology
04-12-2015 20:37:20 Installed DirectX
04-12-2015 20:39:07 Installed Corel WinDVD.
04-12-2015 20:49:02 Windows Modules Installer
04-12-2015 23:01:45 Installed Realtek Ethernet Controller Driver For Windows Vista aë„aG
04-12-2015 23:38:23 Installed Intel® PROSet/Wireless WiFi Software.
05-12-2015 01:21:34 Installed Windows 7 Upgrade Advisor
05-12-2015 01:53:39 Installed NTI Backup Now EZ 4
05-12-2015 02:16:38 Installed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
05-12-2015 02:17:14 Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
05-12-2015 02:17:49 Installed OpenOffice 4.1.2
05-12-2015 02:40:55 Configured NTI Backup Now EZ 4
05-12-2015 13:40:55 Removed Cinema ProII Setup
05-12-2015 13:42:37 Removed Windows 7 Upgrade Advisor
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 18:34 - 2009-06-10 13:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {09F12073-1846-4283-910C-A6284D06B824} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-12-04] (AVAST Software)
Task: {5278D75E-65DC-405D-8765-EB62430D22BB} - System32\Tasks\{20230828-2103-4CD8-8543-FE5D1703C1A9} => pcalua.exe -a C:\Users\Ty\AppData\Local\Temp\Temp1_thx_w7_nb.zip\Audio\THXAudCP\setup.exe
Task: {8AE2085D-FE24-46F0-8359-EFFB96BAFB24} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-05] (Dropbox, Inc.)
Task: {9DAAFC33-A259-4648-B856-CD4A3D1DAC8C} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-05] (Dropbox, Inc.)
Task: {9E0CBE7F-1565-44BD-AFCF-1593F1395F5A} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-11-30] ()
Task: {B87C7EE2-3461-4425-903D-3839747CE3D8} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-12-04] (AVAST Software)
Task: {C4BD7B68-EA1E-4AB2-8D9F-0681C4F14DB1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-04] (Google Inc.)
Task: {EE3EFF4E-C9BF-48FD-9A45-22A57BAACB90} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-04] (Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2011-01-05 12:53 - 2011-01-05 12:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2015-07-17 14:40 - 2015-07-17 14:40 - 00095944 _____ () C:\Program Files (x86)\NTI\NTI Backup Now EZ 4\ScheduleService.exe
2012-09-07 11:39 - 2015-12-04 20:11 - 00067072 _____ () C:\Program Files\FSP\FspLib.dll
2012-09-07 11:43 - 2015-12-04 20:11 - 00040448 _____ () C:\Program Files\FSP\KbdHook.dll
2011-01-05 12:53 - 2011-01-05 12:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2012-06-06 15:18 - 2012-06-06 15:18 - 00089088 _____ () C:\Program Files (x86)\MSI\MSI VGA Overclock Tool\VGAOCAP.exe
2015-12-04 20:18 - 2015-12-04 20:18 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-12-04 20:18 - 2015-12-04 20:18 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-12-05 12:17 - 2015-12-05 12:17 - 02803200 _____ () C:\Program Files\AVAST Software\Avast\defs\15120504\algo.dll
2015-12-04 20:18 - 2015-12-04 20:18 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-07-17 14:43 - 2015-07-17 14:43 - 00065736 _____ () C:\Program Files (x86)\NTI\NTI Backup Now EZ 4\XMLParser.dll
2015-07-17 14:42 - 2015-07-17 14:42 - 00054472 _____ () C:\Program Files (x86)\NTI\NTI Backup Now EZ 4\SendMsgCallbackDll.dll
2015-07-17 14:42 - 2015-07-17 14:42 - 00073416 _____ () C:\Program Files (x86)\NTI\NTI Backup Now EZ 4\Pehook.DLL
2015-12-04 20:02 - 2010-05-04 10:59 - 00182272 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2015-12-04 20:18 - 2015-12-04 20:18 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-12-05 02:14 - 2015-10-30 16:57 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2015-12-05 02:14 - 2015-10-30 16:57 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2015-12-05 02:14 - 2015-11-30 11:14 - 00022848 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Random.OSRNG.winrandom.pyd
2015-12-05 02:14 - 2015-11-30 11:14 - 00023352 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Util._counter.pyd
2015-12-05 02:14 - 2015-11-30 11:14 - 00042296 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Cipher._AES.pyd
2015-12-05 02:14 - 2015-10-30 16:57 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2015-12-05 02:14 - 2015-10-30 16:57 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2015-12-05 02:14 - 2015-10-30 16:57 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2015-12-05 02:14 - 2015-11-30 11:15 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2015-12-05 02:14 - 2015-10-30 16:57 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2015-12-05 02:14 - 2015-10-30 16:57 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2015-12-05 02:14 - 2015-11-30 11:15 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2015-12-05 02:14 - 2015-10-30 16:57 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2015-12-05 02:14 - 2015-11-30 11:14 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2015-12-05 02:14 - 2015-10-30 16:57 - 00109520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2015-12-05 02:14 - 2015-11-30 11:15 - 01737032 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2015-12-05 02:14 - 2015-11-30 11:15 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2015-12-05 02:14 - 2015-11-30 11:15 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-05 02:14 - 2015-11-30 11:15 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2015-12-05 02:14 - 2015-11-30 11:15 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2015-12-05 02:14 - 2015-10-30 16:57 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2015-12-05 02:14 - 2015-10-30 16:57 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2015-12-05 02:14 - 2015-10-30 16:57 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2015-12-05 02:14 - 2015-11-30 11:15 - 00021320 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd
2015-12-05 02:14 - 2015-10-30 16:57 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2015-12-05 02:14 - 2015-10-30 16:57 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2015-12-05 02:14 - 2015-10-30 16:57 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2015-12-05 02:14 - 2015-10-30 16:57 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2015-12-05 02:14 - 2015-10-30 16:57 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2015-12-05 02:14 - 2015-10-30 16:57 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2015-12-05 02:14 - 2015-10-30 16:57 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2015-12-05 02:14 - 2015-11-30 11:15 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2015-12-05 02:14 - 2015-10-30 16:57 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2015-12-05 02:14 - 2015-10-30 16:57 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2015-12-05 02:14 - 2015-11-30 11:14 - 00117056 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2015-12-05 02:14 - 2015-11-30 11:15 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-05 02:14 - 2015-10-30 16:57 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2015-12-05 02:14 - 2015-10-30 16:57 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2015-12-05 02:14 - 2015-10-30 16:57 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
2015-12-05 02:14 - 2015-11-30 11:14 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2015-12-05 02:14 - 2015-11-30 11:15 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2015-12-05 02:14 - 2015-11-30 11:14 - 00021304 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Util.strxor.pyd
2015-12-05 02:14 - 2015-10-30 16:57 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2015-12-05 02:14 - 2015-11-30 11:15 - 00084792 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2015-12-05 02:14 - 2015-11-30 11:15 - 01826608 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2015-12-05 02:14 - 2015-10-30 16:57 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2015-12-05 02:14 - 2015-11-30 11:15 - 03891504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2015-12-05 02:14 - 2015-11-30 11:15 - 01950000 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2015-12-05 02:14 - 2015-11-30 11:15 - 00519984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2015-12-05 02:14 - 2015-11-30 11:15 - 00133936 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2015-12-05 02:14 - 2015-11-30 11:15 - 00225080 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2015-12-05 02:14 - 2015-11-30 11:15 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2015-12-05 02:14 - 2015-11-30 11:15 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-07-17 14:42 - 2015-07-17 14:42 - 00045768 _____ () C:\Program Files (x86)\NTI\NTI Backup Now EZ 4\NtiPipe.dll
2015-07-17 14:42 - 2015-07-17 14:42 - 00466032 _____ () C:\Program Files (x86)\NTI\NTI Backup Now EZ 4\sqlite3.dll
2015-12-04 19:33 - 2015-12-04 19:33 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\b6584c7e1f3d6d28c1a2b189a5d8831f\IsdiInterop.ni.dll
2015-12-04 19:33 - 2012-02-01 16:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3314788180-3748886331-2302103882-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ty\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{2DF299F6-577F-4BD4-A0D8-C20E838217FC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{16932455-4E9A-4BF8-BBF7-85ECAC14A454}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{DF022B0A-87D9-42C4-A3BC-91D27B9811DE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1171EA3D-2699-4925-9C74-C1B9AC708706}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [TCP Query User{554770A5-499F-43B6-82CE-86BBB3B0EEEA}C:\users\ty\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ty\appdata\roaming\spotify\spotify.exe
FirewallRules: [uDP Query User{AFDFF8E4-51C0-4D44-A704-F9586C48307A}C:\users\ty\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ty\appdata\roaming\spotify\spotify.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/05/2015 04:35:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/05/2015 03:10:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/05/2015 03:04:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/05/2015 02:50:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/05/2015 12:15:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/05/2015 02:51:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 47.0.2526.73, time stamp: 0x5653f7b4
Faulting module name: chrome.dll, version: 47.0.2526.73, time stamp: 0x5653f302
Exception code: 0xc0000005
Fault offset: 0x00030028
Faulting process id: 0x106c
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
 
Error: (12/05/2015 02:50:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/05/2015 02:18:10 AM) (Source: MsiInstaller) (EventID: 11601) (User: Ty-PC)
Description: Product: OpenOffice 4.1.2 -- Disk full: Out of disk space -- Volume: 'C:'; required space: 349,369 KB; available space: 174,468 KB.  Free some disk space and retry.
 
Error: (12/05/2015 01:59:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NegativeScreen.exe, version: 1.14.5447.23933, time stamp: 0x547b0aeb
Faulting module name: KERNELBASE.dll, version: 6.1.7601.17514, time stamp: 0x4ce7c78c
Exception code: 0xe0434352
Fault offset: 0x000000000000a49d
Faulting process id: 0x1068
Faulting application start time: 0xNegativeScreen.exe0
Faulting application path: NegativeScreen.exe1
Faulting module path: NegativeScreen.exe2
Report Id: NegativeScreen.exe3
 
Error: (12/05/2015 01:59:56 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: NegativeScreen.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Exception
Stack:
   at NegativeScreen.OverlayManager.RefreshOverlay(NegativeScreen.NegativeOverlay)
   at NegativeScreen.OverlayManager.RefreshLoop(System.Collections.Generic.List`1<NegativeScreen.NegativeOverlay>)
   at NegativeScreen.OverlayManager.Initialization()
   at NegativeScreen.Program.Main(System.String[])
 
 
System errors:
=============
Error: (12/05/2015 03:06:39 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (12/05/2015 03:06:39 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (12/05/2015 03:06:33 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (12/05/2015 02:52:00 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (12/05/2015 02:49:43 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 1:42:51 PM on ‎12/‎5/‎2015 was unexpected.
 
Error: (12/05/2015 01:27:06 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR5.
 
Error: (12/05/2015 01:26:33 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR5.
 
Error: (12/05/2015 12:14:59 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 4:12:44 AM on ‎12/‎5/‎2015 was unexpected.
 
Error: (12/05/2015 02:42:58 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The NTI Backup Now EZ 4 Scheduler service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (12/05/2015 02:40:39 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NTI Backup Now EZ 4 Scheduler service terminated unexpectedly.  It has done this 1 time(s).
 
 
CodeIntegrity:
===================================
  Date: 2015-12-05 03:02:16.790
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-05 03:02:16.429
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-05 03:02:08.638
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-05 03:02:08.442
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core i7-2670QM CPU @ 2.20GHz
Percentage of memory in use: 35%
Total physical RAM: 12265.3 MB
Available physical RAM: 7925.06 MB
Total Virtual: 24528.81 MB
Available Virtual: 19523.71 MB
 
==================== Drives ================================
 
Drive c: (OS_INSTALL) (Fixed) (Total:931.42 GB) (Free:605.64 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 42D26F51)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

 

Link to post
Share on other sites

Hello and welcome to Malwarebytes,

Please be aware the following P2P/Piracy Warning is a standard opening reply made here at Malwarebytes, we make no accusations but do make you aware of Forum Protocol....

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Can you tell me what you believe to be wrong with your system?
 

Next,

 

Please open Malwarebytes Anti-Malware.

  • On the Settings tab > Detection and Protection sub tab, Detection Options, tick the box "Scan for rootkits".
  • Under Non-Malware Protection sub tab Change PUP and PUM entries to Treat detections as Malware
  • Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, click Apply Actions.
  • Wait for the prompt to restart the computer to appear (if applicable), then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.


To get the log from Malwarebytes do the following:

  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have three options:

      Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
      Text file (*.txt)        - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
      XML file (*.xml)      - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
  • Please use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…


 

Next,

 

Download AdwCleaner by Xplode onto your Desktop.

  • Double click on Adwcleaner.exe to run the tool.
  • Click on the Scan in the Actions box
  • Please wait fot the scan to finish..
  • When "Waiting for action.Please uncheck elements you want to keep" shows in top line..
  • Click on the Cleaning box.
  • Next click OK on the "Closing Programs" pop up box.
  • Click OK on the Information box & again OK to allow the necessary reboot
  • After restart the AdwCleaner(C*)-Notepad log will appear, please copy/paste it in your next reply. Where * is the number relative to list of scans completed...

 
Next,
 
thisisujrt.gif Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts. (re-enable when done)
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.


 

Next,

 

dr_web_cureit_zpse80d87bf.jpg
Download Dr Web Cureit from here http://www.freedrweb.com/cureit save to your desktop. (Scroll to bottom of page)

  • The file will be randomly named
  • Reboot to safe mode <<<<<------------ http://support.eset.com/kb2268/
  • Run Dr Web
  • Tick the I agree box and select continue
  • Click select objects for scanning


    drwebselect.JPG

  • Tick all boxes as shown
  • Click the wrench and select automatically apply actions to threats


    drwebfolders.JPG

  • Press start scan
  • The scan will now commence


    drwebscan.JPG

  • Once the scan has finished click open report <<<--- Do not miss this step


    drwebscancomplete.JPG

  • A notepad will open
  • Select File > Save as..
  • Save it to your desktop



This log will be excessive,  Please attach it to your next reply…
 

Next,

 

Run FRST one more time, ensure all boxes are checkmarked under "Whitelist" but only Addition.txt under "Optional scan" Select scan, when done post the new logs....

 

Let me see those logs....

 

Kevin
 

Link to post
Share on other sites

And Also to tell you what i believe is wrong with the computer... I don't really know to be honest. It's just been real "quirky" lately and it's been acting up. It could just be me but it seems as though it is infected with something and it has been for a long time. I know its really vague and doesnt tell you anything but I figured i'd at least attempt to answer the questions. Thank you. -Tyler

Link to post
Share on other sites

Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 12/6/2015

Scan Time: 1:37 PM

Logfile: 

Administrator: Yes

 

Version: 2.2.0.1024

Malware Database: v2015.12.06.05

Rootkit Database: v2015.11.26.01

License: Free

Malware Protection: Disabled

Malicious Website Protection: Disabled

Self-protection: Disabled

 

OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: Ty

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 321025

Time Elapsed: 11 min, 57 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Enabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 0

(No malicious items detected)

 

Registry Values: 0

(No malicious items detected)

 

Registry Data: 0

(No malicious items detected)

 

Folders: 0

(No malicious items detected)

 

Files: 0

(No malicious items detected)

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)

 

 

 

This is my scan log from MBAM

Link to post
Share on other sites

C1

 

***** [ Files ] *****

 

 

***** [ DLLs ] *****

 

 

***** [ Shortcuts ] *****

 

 

***** [ Scheduled tasks ] *****

 

 

***** [ Registry ] *****

 

 

***** [ Web browsers ] *****

 

[-] [C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Web Data] [search Provider] Deleted : sony-virtual-remote-control.en.softonic.com

[-] [C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Web Data] [search Provider] Deleted : realtek-hd-audio-drivers-x64.en.softonic.com

[-] [C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Web Data] [search Provider] Deleted : ask.com

[-] [C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Web Data] [search Provider] Deleted : aol.com

[-] [C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Web Data] [search Provider] Deleted : tor-browser.en.softonic.com

[-] [C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Web Data] [search Provider] Deleted : google-music-manager.en.softonic.com

[-] [C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Web Data] [search Provider] Deleted : conduit.search

[-] [C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [startup_URLs] Deleted : hxxp://search.conduit.com/?ctid=CT3324764&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP0F748587-F5ED-4D11-BF57-A3072C2861DD&SSPV=

[-] [C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : dkpejdfnpdkhifgbancbammdijojoffk

[-] [C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : iaamfpbohecgihgnbhmppgekdjkbolah

[-] [C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : jgblgjobdodnmdcoakmfpfloppeafdin

 

*************************

 

:: "Tracing" keys removed

:: Winsock settings cleared

 

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2607 bytes] ##########
Link to post
Share on other sites

Junkware Removal Tool (JRT) by Malwarebytes

Version: 8.0.1 (11.24.2015)

Operating System: Windows 7 Home Premium x64 

Ran by Ty (Administrator) on Sun 12/06/2015 at 16:41:46.76

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

File System: 2 

 

Successfully deleted: C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod (Folder) 

Successfully deleted: C:\Users\Ty\AppData\Local\nico mak computing (Folder) 

 

 

 

Registry: 1 

 

Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_7545F5730BA02FFBC23122E3B127CB09 (Registry Value) 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Sun 12/06/2015 at 16:43:51.98

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Link to post
Share on other sites

It would seem that the beginning of AdwCleaner log is missing?

# AdwCleaner v5.023 - Logfile created 06/12/2015 at 16:10:10
# Updated 30/11/2015 by Xplode
# Database : 2015-12-06.2 [server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Ty - TY-PC
# Running from : C:\Users\Ty\Downloads\AdwCleaner (1).exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
[-] Folder Deleted : C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk
[-] Folder Deleted : C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\iaamfpbohecgihgnbhmppgekdjkbolah
[-] Folder Deleted : C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgblgjobdodnmdcoakmfpfloppeafdin
 
***** [ Files ] *****
 
 
***** [ DLLs ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
[-] [C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Web Data] [search Provider] Deleted : sony-virtual-remote-control.en.softonic.com
[-] [C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Web Data] [search Provider] Deleted : realtek-hd-audio-drivers-x64.en.softonic.com
[-] [C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Web Data] [search Provider] Deleted : ask.com
[-] [C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Web Data] [search Provider] Deleted : aol.com
[-] [C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Web Data] [search Provider] Deleted : tor-browser.en.softonic.com
[-] [C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Web Data] [search Provider] Deleted : google-music-manager.en.softonic.com
[-] [C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Web Data] [search Provider] Deleted : conduit.search
[-] [C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [startup_URLs] Deleted : hxxp://search.conduit.com/?ctid=CT3324764&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP0F748587-F5ED-4D11-BF57-A3072C2861DD&SSPV=
[-] [C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : dkpejdfnpdkhifgbancbammdijojoffk
[-] [C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : iaamfpbohecgihgnbhmppgekdjkbolah
[-] [C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : jgblgjobdodnmdcoakmfpfloppeafdin
 
*************************
 
:: "Tracing" keys removed
:: Winsock settings cleared
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2607 bytes] ##########
Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-12-2015

Ran by Ty (administrator) on TY-PC (06-12-2015 20:21:32)
Running from C:\Users\Ty\Desktop
Loaded Profiles: Ty (Available Profiles: Ty)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\System Control Manager\MSIService.exe
() C:\Program Files (x86)\NTI\NTI Backup Now EZ 4\ScheduleService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Sentelic Corporation) C:\Program Files\FSP\FspUip.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
() C:\Program Files\Everything\Everything.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Spotify Ltd) C:\Users\Ty\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Nico Mak Computing) C:\Program Files\WinZip\FAHWindow64.exe
(Nico Mak Computing) C:\Program Files\WinZip\WZUpdateNotifier.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\LockIndicator\LockIndicator.exe
(msi) C:\Program Files (x86)\MSI\msi LED Manager\SLM.exe
() C:\Program Files (x86)\MSI\MSI VGA Overclock Tool\VGAOCAP.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(NTI Corporation) C:\Program Files (x86)\NTI\NTI Backup Now EZ 4\Bunez4Tray.exe
() C:\Program Files\Everything\Everything.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NTI Corporation) C:\Program Files (x86)\NTI\NTI Backup Now EZ 4\Bunez4Lite.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11777128 2011-02-14] (Realtek Semiconductor)
HKLM\...\Run: [THXCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
HKLM\...\Run: [fspuip] => C:\Program Files\FSP\fspuip.exe [5803520 2015-12-04] (Sentelic Corporation)
HKLM\...\Run: [bTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [intelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2011-01-05] (Intel® Corporation)
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [1441792 2014-08-05] ()
HKLM-x32\...\Run: [MGSysCtrl] => C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe [2482176 2011-02-17] (Micro-Star International Co., Ltd.)
HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [LockIndicator] => C:\Program Files (x86)\MSI\LockIndicator\LockIndicator.exe [1699016 2011-06-24] (Micro-Star International Co., Ltd.)
HKLM-x32\...\Run: [msi LED Manager] => C:\Program Files (x86)\msi\msi LED Manager\SLM.exe [2795008 2010-07-29] (msi)
HKLM-x32\...\Run: [VGAOCAP] => C:\Program Files (x86)\MSI\MSI VGA Overclock Tool\VGAOCAP.exe [89088 2012-06-06] ()
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe [1349632 2010-06-11] (Creative Technology Ltd)
HKLM-x32\...\Run: [updReg] => C:\Windows\UpdReg.EXE
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-04] (AVAST Software)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24952456 2015-11-30] (Dropbox, Inc.)
HKLM-x32\...\Run: [backupNowEZ4Tray] => C:\Program Files (x86)\NTI\NTI Backup Now EZ 4\Bunez4Tray.exe [1093832 2015-07-17] (NTI Corporation)
HKU\S-1-5-21-3314788180-3748886331-2302103882-1000\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50748544 2015-12-01] (Skype Technologies S.A.)
HKU\S-1-5-21-3314788180-3748886331-2302103882-1000\...\Run: [spotify Web Helper] => C:\Users\Ty\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2345584 2015-12-05] (Spotify Ltd)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-12-04] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-30] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2015-12-04]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk [2015-12-04]
ShortcutTarget: Update Notifier.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2015-12-04]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7F058229-ABC2-42E3-ADCC-3AB361DB306C}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A7254B8E-48AB-43D4-83CC-94562F946C3D}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-12-05] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-12-04] (AVAST Software)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-05] (Oracle Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-05] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-04] (AVAST Software)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-05] (Oracle Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)
 
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-05] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1222172.dll [2015-11-18] (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-05] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-04]
 
Chrome: 
=======
CHR Profile: C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-04]
CHR Extension: (Google Docs) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-04]
CHR Extension: (Google Drive) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-04]
CHR Extension: (Webpage Screenshot) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk [2015-12-04]
CHR Extension: (YouTube) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-04]
CHR Extension: (Google Cast) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-12-05]
CHR Extension: (Culinote) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbmbmdpabeoinbnckfnnhpljocfljfp [2015-12-04]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2015-12-04]
CHR Extension: (Google Search) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-04]
CHR Extension: (Netflix) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh [2015-12-04]
CHR Extension: (Facebook Unseen) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmdhkalcecemojegheiohcghkamlipof [2015-12-04]
CHR Extension: (Dropbox for Gmail) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2015-12-04]
CHR Extension: (Facebook Quick Links) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\elnjjchffmejafnnpaidbjjfhnhbmlie [2015-12-04]
CHR Extension: (Google Play Music) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2015-12-04]
CHR Extension: (Google Sheets) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-04]
CHR Extension: (Plex) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpniocchabmgenibceglhnfeimmdhdfm [2015-12-04]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2015-12-04]
CHR Extension: (VideoCast (VLC/Chromecast)) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\gclhodkofgoighinmongpkpncdpalejb [2015-12-04]
CHR Extension: (Google Docs Offline) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-04]
CHR Extension: (Facebook One) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\gigempibmkmpklaojfkmgaeflckfdohp [2015-12-04]
CHR Extension: (AdBlock) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-12-04]
CHR Extension: (Avast Online Security) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-12-04]
CHR Extension: (VLC Capture) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\goppbgmjnldonmjemebdmcjfefbgoloh [2015-12-04]
CHR Extension: (Google Play Music) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2015-12-04]
CHR Extension: (Auto Refresh) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifooldnmmcmlbdennkpdnlnbgbmfalko [2015-12-04]
CHR Extension: (Start - A Better New Tab) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgifkabikplflflabkllnpidlbjjpgbp [2015-12-04]
CHR Extension: (Google Play) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-12-04]
CHR Extension: (Pocket) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2015-12-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-04]
CHR Extension: (Instagram for Chrome) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb [2015-12-04]
CHR Extension: (Gmail) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-04]
CHR Profile: C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-05]
CHR Extension: (Google Docs) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-05]
CHR Extension: (Google Drive) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-05]
CHR Extension: (YouTube) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-05]
CHR Extension: (Google Cast) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-12-05]
CHR Extension: (Google Search) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-05]
CHR Extension: (Google Sheets) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-05]
CHR Extension: (Google Docs Offline) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-05]
CHR Extension: (Avast Online Security) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-12-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-05]
CHR Extension: (Gmail) - C:\Users\Ty\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-05]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-12-04]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-04] (AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-05] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-05] (Dropbox, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 Micro Star SCM; C:\Program Files (x86)\System Control Manager\MSIService.exe [160768 2009-07-09] (Micro-Star International Co., Ltd.) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-01-05] ()
R2 NTI Backup Now EZ 4 Scheduler; C:\Program Files (x86)\NTI\NTI Backup Now EZ 4\ScheduleService.exe [95944 2015-07-17] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-12-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-12-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-12-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-12-04] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1055560 2015-12-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [450504 2015-12-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [155304 2015-12-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-12-04] (AVAST Software)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 fspad_win764; C:\Windows\System32\DRIVERS\fspad_win764.sys [67584 2015-12-04] (Sentelic Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-12-06 20:13 - 2015-12-06 20:13 - 00000000 ____D C:\Users\Ty\AppData\Local\Nico Mak Computing
2015-12-06 18:07 - 2015-12-06 18:07 - 00000000 ____D C:\Users\Ty\Doctor Web
2015-12-06 18:05 - 2015-12-06 18:05 - 00000000 ____D C:\Windows\pss
2015-12-06 17:41 - 2015-12-06 17:59 - 178283800 _____ C:\Users\Ty\Desktop\cureit.exe
2015-12-06 16:43 - 2015-12-06 16:43 - 00000921 _____ C:\Users\Ty\Desktop\JRT.txt
2015-12-06 16:39 - 2015-12-06 16:39 - 01599336 _____ (Malwarebytes) C:\Users\Ty\Desktop\JRT.exe
2015-12-06 16:15 - 2015-12-06 16:15 - 01599336 _____ (Malwarebytes) C:\Users\Ty\Downloads\JRT.exe
2015-12-06 16:07 - 2015-12-06 16:10 - 00000000 ____D C:\AdwCleaner
2015-12-06 16:07 - 2015-12-06 16:07 - 01736704 _____ C:\Users\Ty\Downloads\AdwCleaner (1).exe
2015-12-06 15:56 - 2015-12-06 15:56 - 01736704 _____ C:\Users\Ty\Downloads\AdwCleaner.exe
2015-12-06 13:39 - 2015-12-06 13:39 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2015-12-06 13:36 - 2012-07-25 19:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2015-12-06 13:36 - 2012-07-25 19:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2015-12-06 13:36 - 2012-07-25 19:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2015-12-06 13:36 - 2012-07-25 19:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2015-12-06 13:36 - 2012-07-25 19:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2015-12-06 13:36 - 2012-07-25 18:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2015-12-06 13:36 - 2012-07-25 18:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2015-12-06 13:36 - 2012-06-02 06:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2015-12-06 13:36 - 2012-02-29 22:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2015-12-06 13:36 - 2012-02-29 22:38 - 00220672 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-12-06 13:36 - 2012-02-29 22:33 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-12-06 13:36 - 2012-02-29 22:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2015-12-06 13:36 - 2012-02-29 21:37 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-12-06 13:36 - 2012-02-29 21:33 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2015-12-06 13:36 - 2012-02-29 21:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2015-12-06 13:34 - 2014-06-30 14:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-12-06 13:34 - 2014-06-30 14:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2015-12-06 13:34 - 2014-06-05 22:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-12-06 13:34 - 2014-06-05 22:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-12-06 13:34 - 2014-03-09 13:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-12-06 13:34 - 2014-03-09 13:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-12-06 13:34 - 2014-03-09 13:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2015-12-06 13:34 - 2014-03-09 13:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2015-12-05 16:51 - 2015-12-05 16:52 - 00029870 _____ C:\Users\Ty\Desktop\Addition.txt
2015-12-05 16:50 - 2015-12-06 20:21 - 00024902 _____ C:\Users\Ty\Desktop\FRST.txt
2015-12-05 16:50 - 2015-12-06 20:21 - 00000000 ____D C:\FRST
2015-12-05 14:54 - 2012-02-16 22:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2015-12-05 14:54 - 2012-02-16 21:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2015-12-05 14:54 - 2012-02-16 20:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-12-05 14:54 - 2012-02-16 20:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2015-12-05 13:37 - 2015-12-05 13:37 - 02369024 _____ (Farbar) C:\Users\Ty\Desktop\FRST64.exe
2015-12-05 04:12 - 2015-12-05 04:12 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_btmaux_01009.Wdf
2015-12-05 04:06 - 2015-12-05 04:06 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
2015-12-05 03:14 - 2015-12-05 13:09 - 00000000 ____D C:\Users\Ty\Desktop\usbdeview-x64
2015-12-05 03:13 - 2015-12-05 03:14 - 00109623 _____ C:\Users\Ty\Desktop\usbdeview-x64.zip
2015-12-05 03:01 - 2015-12-05 03:01 - 00000000 ____D C:\Users\Ty\Tracing
2015-12-05 02:50 - 2015-12-06 20:15 - 00000000 ____D C:\Users\Ty\AppData\Roaming\Skype
2015-12-05 02:43 - 2015-12-05 02:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTI Backup Now EZ 4
2015-12-05 02:32 - 2015-12-05 02:32 - 00110176 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-12-05 02:31 - 2015-12-05 02:38 - 84416776 _____ (NTI Corporation) C:\Users\Ty\Desktop\NTI_Backup_Now_EZ_4.0.2.56_Toshiba_Update.exe
2015-12-05 02:31 - 2015-12-05 02:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-12-05 02:31 - 2015-12-05 02:31 - 00000000 ____D C:\Program Files\Java
2015-12-05 02:14 - 2015-12-05 02:14 - 00001150 _____ C:\Users\Ty\Desktop\Dropbox.lnk
2015-12-05 02:14 - 2015-12-05 02:14 - 00000000 ____D C:\Users\Ty\AppData\Roaming\Dropbox
2015-12-05 02:14 - 2015-12-05 02:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-12-05 02:13 - 2015-12-06 20:18 - 00000900 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-12-05 02:13 - 2015-12-06 20:13 - 00000896 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-12-05 02:13 - 2015-12-05 03:01 - 00000000 ____D C:\Users\Ty\AppData\Roaming\Spotify
2015-12-05 02:13 - 2015-12-05 02:52 - 00000000 ____D C:\Users\Ty\AppData\Local\Spotify
2015-12-05 02:13 - 2015-12-05 02:14 - 00000000 ____D C:\Users\Ty\AppData\Local\Dropbox
2015-12-05 02:13 - 2015-12-05 02:14 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-12-05 02:13 - 2015-12-05 02:13 - 00003896 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2015-12-05 02:13 - 2015-12-05 02:13 - 00003776 _____ C:\Windows\System32\Tasks\klcp_update
2015-12-05 02:13 - 2015-12-05 02:13 - 00003644 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2015-12-05 02:13 - 2015-12-05 02:13 - 00001785 _____ C:\Users\Ty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-12-05 02:13 - 2015-12-05 02:13 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-05 02:13 - 2015-12-05 02:13 - 00000000 ____D C:\Users\Ty\AppData\Local\CEF
2015-12-05 02:13 - 2015-12-05 02:13 - 00000000 ____D C:\ProgramData\Skype
2015-12-05 02:13 - 2015-12-05 02:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-05 02:13 - 2015-12-05 02:13 - 00000000 ____D C:\ProgramData\Dropbox
2015-12-05 02:12 - 2015-12-05 02:12 - 00001090 _____ C:\Users\Public\Desktop\Google Drive.lnk
2015-12-05 02:12 - 2015-12-05 02:12 - 00000881 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-12-05 02:12 - 2015-12-05 02:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-12-05 02:12 - 2015-12-05 02:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-12-05 02:12 - 2015-12-05 02:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-12-05 02:12 - 2015-12-05 02:12 - 00000000 ____D C:\Program Files\VideoLAN
2015-12-05 02:12 - 2015-12-05 02:12 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2015-12-05 02:11 - 2015-12-05 02:11 - 00001138 _____ C:\Users\Public\Desktop\Picasa 3.lnk
2015-12-05 02:11 - 2015-12-05 02:11 - 00001075 _____ C:\Users\Public\Desktop\MediaMonkey.lnk
2015-12-05 02:11 - 2015-12-05 02:11 - 00000000 ____D C:\Users\Ty\AppData\Roaming\MediaMonkey
2015-12-05 02:11 - 2015-12-05 02:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2015-12-05 02:11 - 2015-12-05 02:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey
2015-12-05 02:11 - 2015-12-05 02:11 - 00000000 ____D C:\ProgramData\MediaMonkey
2015-12-05 02:11 - 2015-12-05 02:11 - 00000000 ____D C:\Program Files (x86)\MediaMonkey
2015-12-05 02:11 - 2015-12-05 02:10 - 00002160 _____ C:\Users\Ty\Desktop\Microsoft OneDrive.lnk
2015-12-05 02:10 - 2015-12-06 13:58 - 00000000 ____D C:\Users\Ty\AppData\Roaming\Everything
2015-12-05 02:10 - 2015-12-05 02:10 - 00002160 _____ C:\Users\Ty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-12-05 02:10 - 2015-12-05 02:10 - 00002114 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-12-05 02:10 - 2015-12-05 02:10 - 00002114 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-12-05 02:10 - 2015-12-05 02:10 - 00001891 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
2015-12-05 02:10 - 2015-12-05 02:10 - 00001879 _____ C:\Users\Public\Desktop\ImgBurn.lnk
2015-12-05 02:10 - 2015-12-05 02:10 - 00000000 ___RD C:\Users\Ty\OneDrive
2015-12-05 02:10 - 2015-12-05 02:10 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2015-12-05 02:10 - 2015-12-05 02:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2015-12-05 02:10 - 2015-12-05 02:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Everything
2015-12-05 02:10 - 2015-12-05 02:10 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2015-12-05 02:10 - 2015-12-05 02:10 - 00000000 ____D C:\Program Files\Everything
2015-12-05 02:10 - 2015-12-05 02:10 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2015-12-05 02:10 - 2015-12-05 02:10 - 00000000 ____D C:\Program Files (x86)\ImgBurn
2015-12-05 02:09 - 2015-12-05 02:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-12-05 02:09 - 2015-12-05 02:10 - 00000000 ____D C:\Users\Ty\.oracle_jre_usage
2015-12-05 02:09 - 2015-12-05 02:09 - 00000000 ____D C:\Users\Ty\AppData\Roaming\Sun
2015-12-05 02:09 - 2015-12-05 02:09 - 00000000 ____D C:\Users\Ty\AppData\LocalLow\Sun
2015-12-05 02:09 - 2015-12-05 02:08 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-12-05 02:08 - 2015-12-05 02:08 - 00000000 ____D C:\Users\Ty\AppData\LocalLow\Oracle
2015-12-05 02:08 - 2015-12-05 02:08 - 00000000 ____D C:\ProgramData\Oracle
2015-12-05 02:08 - 2015-12-05 02:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-05 02:08 - 2015-12-05 02:08 - 00000000 ____D C:\Program Files (x86)\Java
2015-12-05 02:07 - 2015-12-05 02:07 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-05 02:07 - 2015-12-05 02:07 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-05 02:03 - 2015-12-05 02:26 - 00778462 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-12-05 01:58 - 2015-12-05 01:58 - 01497400 _____ (Microsoft Corporation) C:\Users\Ty\Downloads\NDP46-KB3045560-Web.exe
2015-12-05 01:54 - 2015-12-05 02:43 - 00002082 _____ C:\Users\Public\Desktop\NTI Backup Now EZ 4.lnk
2015-12-05 01:54 - 2015-12-05 02:43 - 00000000 ____D C:\ProgramData\BUNEZv4
2015-12-05 01:54 - 2015-12-05 01:54 - 00000000 ____D C:\ProgramData\NTIReg
2015-12-05 01:54 - 2015-12-05 01:54 - 00000000 ____D C:\Program Files (x86)\NTI
2015-12-05 01:52 - 2015-12-05 02:39 - 00000000 ____D C:\Users\Ty\AppData\Local\Downloaded Installations
2015-12-05 01:33 - 2015-12-05 01:33 - 00307200 _____ (Secure By Design Inc.) C:\Users\Ty\Downloads\EAE2.tmp
2015-12-05 01:28 - 2015-12-05 01:28 - 00000000 ____D C:\Users\Ty\AppData\Local\Microsoft Corporation
2015-12-05 01:27 - 2015-12-05 01:27 - 00000000 ____D C:\204beddba6edcd78a9
2015-12-05 01:27 - 2015-10-27 18:43 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-05 01:17 - 2015-12-05 01:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-05 01:17 - 2015-12-05 01:17 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-05 01:17 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-05 01:17 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-05 01:06 - 2015-12-05 01:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-12-05 01:06 - 2015-12-05 01:06 - 00000000 ____D C:\Program Files\7-Zip
2015-12-05 00:55 - 2015-12-05 01:53 - 00000000 ____D C:\Users\Ty\Downloads\Binary-legacy
2015-12-05 00:54 - 2015-12-05 00:54 - 00075540 _____ C:\Users\Ty\Downloads\Binary-legacy.zip
2015-12-05 00:45 - 2015-12-05 00:45 - 00002407 _____ C:\Users\Ty\Desktop\Tyler 2 - Chrome.lnk
2015-12-05 00:45 - 2015-12-05 00:45 - 00002363 _____ C:\Users\Ty\Desktop\Tyler - Chrome.lnk
2015-12-04 23:39 - 2015-12-04 23:39 - 00000000 ____D C:\Users\Ty\AppData\Roaming\Intel
2015-12-04 23:38 - 2015-12-04 23:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2015-12-04 23:38 - 2015-12-04 23:38 - 00000000 ____D C:\ProgramData\Intel
2015-12-04 23:38 - 2015-12-04 23:38 - 00000000 ____D C:\Program Files\Common Files\Intel
2015-12-04 23:38 - 2015-12-04 23:38 - 00000000 ____D C:\Program Files (x86)\Cisco
2015-12-04 23:03 - 2010-11-30 14:40 - 09888360 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtsUVStoricon.dll
2015-12-04 22:42 - 2015-12-06 17:23 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-04 22:42 - 2015-12-04 22:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-04 22:42 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-12-04 22:39 - 2015-12-04 22:39 - 00002297 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2015-12-04 22:39 - 2015-12-04 22:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2015-12-04 22:38 - 2015-12-04 22:40 - 00000000 ____D C:\Users\Ty\AppData\Local\WinZip
2015-12-04 22:38 - 2015-12-04 22:39 - 00000000 ____D C:\ProgramData\WinZip
2015-12-04 22:38 - 2015-12-04 22:38 - 00000000 ____D C:\ProgramData\UniqueId
2015-12-04 22:38 - 2015-12-04 22:38 - 00000000 ____D C:\Program Files\WinZip
2015-12-04 21:25 - 2015-12-05 02:14 - 00000000 ____D C:\Users\Ty\AppData\Local\ElevatedDiagnostics
2015-12-04 21:16 - 2015-12-04 21:16 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2015-12-04 20:45 - 2015-12-04 20:45 - 00000000 ____D C:\Users\Ty\AppData\Local\WindowsUpdate
2015-12-04 20:41 - 2015-12-04 20:41 - 00000040 ____H C:\Windows\system32\ivireg.ivr
2015-12-04 20:41 - 2015-12-04 20:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel
2015-12-04 20:41 - 2007-04-17 11:51 - 00014112 _____ (InterVideo) C:\Windows\system32\Drivers\regi.sys
2015-12-04 20:40 - 2015-12-04 20:40 - 00000000 ____D C:\ProgramData\Corel
2015-12-04 20:40 - 2015-12-04 20:40 - 00000000 ____D C:\Program Files (x86)\Corel
2015-12-04 20:37 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-12-04 20:35 - 2015-12-04 20:35 - 00000000 ____D C:\Users\Ty\Downloads\windvd_nb_w7_3264_1005830 (1)
2015-12-04 20:35 - 2015-12-04 20:35 - 00000000 ____D C:\Users\Ty\Downloads\thx_w7_nb
2015-12-04 20:31 - 2015-12-04 23:38 - 00000000 ____D C:\Program Files\Intel
2015-12-04 20:22 - 2015-12-05 01:09 - 00000000 ____D C:\Users\Ty\AppData\Local\FSP
2015-12-04 20:19 - 2015-12-04 20:18 - 00386096 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-12-04 20:18 - 2015-12-05 12:16 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-12-04 20:18 - 2015-12-04 20:18 - 01055560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-12-04 20:18 - 2015-12-04 20:18 - 00450504 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-12-04 20:18 - 2015-12-04 20:18 - 00273784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-12-04 20:18 - 2015-12-04 20:18 - 00155304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-12-04 20:18 - 2015-12-04 20:18 - 00097648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-12-04 20:18 - 2015-12-04 20:18 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-12-04 20:18 - 2015-12-04 20:18 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-12-04 20:18 - 2015-12-04 20:18 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-12-04 20:18 - 2015-12-04 20:18 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-12-04 20:18 - 2015-12-04 20:18 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2015-12-04 20:18 - 2015-12-04 20:18 - 00000000 ____D C:\Users\Ty\AppData\Roaming\AVAST Software
2015-12-04 20:18 - 2015-12-04 20:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-12-04 20:18 - 2015-12-04 20:18 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-04 20:17 - 2015-12-04 20:17 - 00000000 ____D C:\ProgramData\AVAST Software
2015-12-04 20:17 - 2015-12-04 20:17 - 00000000 ____D C:\Program Files\AVAST Software
2015-12-04 20:15 - 2015-12-04 20:15 - 00003132 _____ C:\Windows\System32\Tasks\{20230828-2103-4CD8-8543-FE5D1703C1A9}
2015-12-04 20:14 - 2015-12-04 20:15 - 145410632 _____ C:\Users\Ty\Downloads\windvd_nb_w7_3264_1005830 (1).zip
2015-12-04 20:13 - 2015-12-04 20:15 - 145410632 _____ C:\Users\Ty\Downloads\windvd_nb_w7_3264_1005830.zip
2015-12-04 20:13 - 2015-12-04 20:14 - 12018495 _____ C:\Users\Ty\Downloads\thx_w7_nb.zip
2015-12-04 20:12 - 2015-12-04 20:12 - 00000000 ____D C:\Users\Ty\Downloads\bt_intel centrino_highspeedadapter_1.0.78.20535_al00
2015-12-04 20:12 - 2015-12-04 20:12 - 00000000 ____D C:\Program Files\FSP
2015-12-04 20:11 - 2015-12-04 20:11 - 00000000 ____D C:\Users\Ty\Downloads\touchpad_stl_8.8.8.6_w700
2015-12-04 20:11 - 2015-12-04 20:11 - 00000000 ____D C:\Program Files\DIFX
2015-12-04 20:10 - 2015-12-04 20:12 - 156311218 _____ C:\Users\Ty\Downloads\bt_intel centrino_highspeedadapter_1.0.78.20535_al00.zip
2015-12-04 20:10 - 2015-12-04 20:10 - 41069552 _____ C:\Users\Ty\Downloads\touchpad_stl_8.8.8.6_w700.zip
2015-12-04 20:10 - 2015-12-04 20:10 - 01661264 _____ C:\Users\Ty\Downloads\wl_3870_3.0.11.0_w700.zip
2015-12-04 20:10 - 2015-12-04 20:10 - 00000000 ____D C:\Users\Ty\Downloads\wl_3870_3.0.11.0_w700
2015-12-04 20:09 - 2015-12-04 20:10 - 00000000 ____D C:\Users\Ty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2015-12-04 20:08 - 2015-12-04 20:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
2015-12-04 20:08 - 2015-12-04 20:08 - 00000000 ____D C:\ProgramData\Downloaded Installations
2015-12-04 20:08 - 2015-12-04 20:08 - 00000000 ____D C:\Program Files (x86)\Renesas Electronics
2015-12-04 20:07 - 2015-12-06 20:13 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-04 20:07 - 2015-12-06 17:12 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-04 20:07 - 2015-12-05 04:06 - 00000000 ____D C:\Users\Ty\AppData\Local\Google
2015-12-04 20:07 - 2015-12-05 02:12 - 00000000 ____D C:\Program Files (x86)\Google
2015-12-04 20:07 - 2015-12-04 20:07 - 00003886 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-04 20:07 - 2015-12-04 20:07 - 00003634 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-04 20:07 - 2015-12-04 20:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-04 20:06 - 2015-12-04 20:07 - 00000000 ____D C:\Users\Ty\AppData\Local\Deployment
2015-12-04 20:06 - 2015-12-04 20:06 - 00000000 ____D C:\Users\Ty\AppData\Local\Apps\2.0
2015-12-04 20:02 - 2015-12-04 20:02 - 00000159 ___RH C:\Windows\ctfile.rfc
2015-12-04 20:02 - 2015-12-04 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2015-12-04 20:02 - 2010-05-04 11:00 - 00237056 _____ C:\Windows\system32\APOMgr64.DLL
2015-12-04 20:02 - 2010-05-04 10:59 - 00182272 _____ C:\Windows\SysWOW64\APOMngr.DLL
2015-12-04 20:02 - 2010-05-04 10:45 - 00006619 ____N C:\Windows\system32\THXCfg64.ini
2015-12-04 20:02 - 2010-05-04 10:45 - 00001200 ____N C:\Windows\THXCfg_SP_APOIM.ini
2015-12-04 20:02 - 2010-03-23 16:46 - 00001099 ____N C:\Windows\THXCfg_HP_APOIM.ini
2015-12-04 20:02 - 2010-03-23 16:46 - 00001099 ____N C:\Windows\THXCfg_APOIM.ini
2015-12-04 20:02 - 2009-12-29 16:52 - 00089088 _____ C:\Windows\system32\CmdRtr64.DLL
2015-12-04 20:02 - 2009-12-29 16:50 - 00073728 _____ C:\Windows\SysWOW64\CmdRtr.DLL
2015-12-04 20:02 - 2009-10-15 13:38 - 00017920 ____N (Creative Technology Ltd.) C:\Windows\system32\THXCfg64.dll
2015-12-04 20:02 - 2009-10-01 16:42 - 00141312 ____N (Creative Technology Ltd.) C:\Windows\system32\THXCfg64.exe
2015-12-04 20:02 - 2000-05-11 01:00 - 00090112 ____N (Creative Technology Ltd.) C:\Windows\Updreg.EXE
2015-12-04 20:01 - 2015-12-04 20:01 - 00000000 ____D C:\Program Files (x86)\Creative
2015-12-04 19:44 - 2015-12-04 20:46 - 00060704 _____ C:\Users\Ty\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-04 19:44 - 2015-12-04 19:44 - 00000000 ____D C:\Users\Ty\AppData\Roaming\Intel Corporation
2015-12-04 19:44 - 2015-12-04 19:44 - 00000000 ____D C:\Users\Ty\AppData\Local\msi
2015-12-04 19:37 - 2015-12-04 19:37 - 00002627 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI VGA Overclock.lnk
2015-12-04 19:36 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-04 19:36 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-04 19:36 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-04 19:36 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-04 19:36 - 2014-05-14 08:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-04 19:36 - 2014-05-14 08:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-04 19:36 - 2014-05-14 08:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-04 19:36 - 2014-05-14 08:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-04 19:36 - 2014-05-14 08:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-04 19:36 - 2014-05-14 08:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-04 19:36 - 2014-05-14 08:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-04 19:36 - 2014-05-14 08:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-04 19:36 - 2014-05-14 08:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-04 19:36 - 2014-05-14 08:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-04 19:36 - 2011-02-01 13:06 - 00008192 _____ C:\Windows\system32\Drivers\IntelMEFWVer.dll
2015-12-04 19:34 - 2015-12-05 14:49 - 00000000 ____D C:\Program Files (x86)\MSI
2015-12-04 19:34 - 2015-12-04 19:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2015-12-04 19:34 - 2010-06-23 17:10 - 00344680 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2015-12-04 19:34 - 2010-01-06 00:39 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2015-12-04 19:34 - 2009-12-03 17:27 - 00074272 _____ C:\Windows\system32\RtNicProp64.dll
2015-12-04 19:33 - 2015-12-04 19:33 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-12-04 19:33 - 2012-02-01 16:16 - 00568600 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys
2015-12-04 19:32 - 2015-12-04 20:30 - 00000000 ___HD C:\Program Files (x86)\Temp
2015-12-04 19:32 - 2015-12-04 19:32 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2015-12-04 19:32 - 2015-12-04 19:32 - 00000000 ____D C:\Program Files\Realtek
2015-12-04 19:32 - 2011-02-15 17:56 - 02741736 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-12-04 19:32 - 2011-02-15 17:07 - 00397912 _____ (Creative Technology Ltd.) C:\Windows\system32\MBTHX64.dll
2015-12-04 19:32 - 2011-02-15 17:07 - 00309848 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBTHX32.dll
2015-12-04 19:32 - 2011-02-15 11:24 - 00000176 _____ C:\Windows\system32\Drivers\RTHDAEQ0.dat
2015-12-04 19:32 - 2011-02-14 17:37 - 00084072 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInst64.dll
2015-12-04 19:32 - 2011-02-11 14:39 - 01247848 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-12-04 19:32 - 2011-02-09 15:56 - 01284712 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2015-12-04 19:32 - 2011-01-28 23:03 - 02841704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2015-12-04 19:32 - 2011-01-25 13:58 - 02358888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-12-04 19:32 - 2011-01-24 14:20 - 00638056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-12-04 19:32 - 2011-01-20 14:47 - 01943616 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-12-04 19:32 - 2010-11-29 18:47 - 02578576 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2015-12-04 19:32 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2015-12-04 19:32 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2015-12-04 19:32 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2015-12-04 19:32 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2015-12-04 19:32 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2015-12-04 19:32 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2015-12-04 19:32 - 2010-11-03 18:31 - 01146984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-12-04 19:32 - 2010-11-03 18:31 - 00332392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2015-12-04 19:32 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-12-04 19:32 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2015-12-04 19:32 - 2010-07-22 16:37 - 00200800 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-12-04 19:32 - 2010-07-02 19:40 - 00080984 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll
2015-12-04 19:32 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2015-12-04 19:32 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2015-12-04 19:32 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2015-12-04 19:32 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2015-12-04 19:32 - 2009-11-18 18:42 - 02197264 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2015-12-04 19:32 - 2009-11-18 07:12 - 00032344 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\MBfilt64.sys
2015-12-04 19:32 - 2009-11-17 18:12 - 00108960 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2015-12-04 19:31 - 2015-12-04 23:03 - 00000000 ____D C:\Windows\SysWOW64\sda
2015-12-04 19:31 - 2015-12-04 23:03 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-12-04 19:31 - 2010-11-30 14:40 - 00307304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\rtsuvstor.sys
2015-12-04 19:31 - 2010-11-11 14:14 - 00017512 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\diskperf64.sys
2015-12-04 19:16 - 2015-12-04 19:16 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-04 19:14 - 2015-12-04 19:14 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-12-04 19:14 - 2011-04-08 08:01 - 20491880 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-12-04 19:14 - 2011-04-08 08:01 - 18580072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-12-04 19:14 - 2011-04-08 08:01 - 15063656 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-12-04 19:14 - 2011-04-08 08:01 - 13048168 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-12-04 19:14 - 2011-04-08 08:01 - 13011560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-12-04 19:14 - 2011-04-08 08:01 - 12871272 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-12-04 19:14 - 2011-04-08 08:01 - 10085480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-12-04 19:14 - 2011-04-08 08:01 - 08131176 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-12-04 19:14 - 2011-04-08 08:01 - 06607976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-12-04 19:14 - 2011-04-08 08:01 - 06048872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-12-04 19:14 - 2011-04-08 08:01 - 04943976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-12-04 19:14 - 2011-04-08 08:01 - 03113576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-12-04 19:14 - 2011-04-08 08:01 - 02897512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-12-04 19:14 - 2011-04-08 08:01 - 02482792 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2015-12-04 19:14 - 2011-04-08 08:01 - 02253416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2015-12-04 19:14 - 2011-04-08 08:01 - 02221672 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-12-04 19:14 - 2011-04-08 08:01 - 01986152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-12-04 19:14 - 2011-04-08 08:01 - 01615976 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6420100.dll
2015-12-04 19:14 - 2011-04-08 08:01 - 01359976 _____ (NVIDIA Corporation) C:\Windows\system32\nvgenco642040.dll
2015-12-04 19:14 - 2011-04-08 08:01 - 00067176 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-12-04 19:14 - 2011-04-08 08:01 - 00057960 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-12-04 19:14 - 2011-04-08 08:01 - 00011240 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvBridge.kmd
2015-12-04 19:14 - 2011-04-08 08:01 - 00007621 _____ C:\Windows\system32\nvinfo.pb
2015-12-04 19:14 - 2011-03-03 21:29 - 01359976 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco642040.dll
2015-12-04 19:14 - 2011-03-03 21:29 - 00174184 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-12-04 19:14 - 2011-03-03 21:29 - 00029288 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-12-04 19:13 - 2015-12-04 19:14 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-12-04 19:12 - 2015-12-04 19:12 - 00000000 ____D C:\NVIDIA
2015-12-04 19:02 - 2015-12-05 01:54 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-12-04 19:02 - 2015-12-04 19:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Control Manager
2015-12-04 19:02 - 2015-12-04 19:02 - 00000000 ____D C:\Program Files (x86)\System Control Manager
2015-12-04 19:02 - 2009-12-18 11:54 - 00003584 _____ (Windows ® Win 7 DDK provider) C:\Windows\SysWOW64\msiapcfg.dll
2015-12-04 19:02 - 2008-05-23 17:02 - 00012288 _____ C:\Windows\MSIECO
2015-12-04 18:59 - 2015-12-04 20:04 - 00000000 ____D C:\Program Files (x86)\Intel
2015-12-04 18:59 - 2015-12-04 18:59 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2015-12-04 18:59 - 2015-12-04 18:59 - 00000000 ____D C:\Intel
2015-12-04 18:59 - 2011-04-15 16:00 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2015-12-04 18:58 - 2015-12-06 20:16 - 00003902 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{4F098DB5-0DC0-460F-BBBC-FC716A10698E}
2015-12-04 18:58 - 2015-12-04 18:58 - 00001447 _____ C:\Users\Ty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-12-04 18:58 - 2015-12-04 18:58 - 00001413 _____ C:\Users\Ty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-12-04 18:58 - 2015-12-04 18:58 - 00000000 ____D C:\Users\Ty\AppData\Local\VirtualStore
2015-12-04 18:57 - 2015-12-06 18:07 - 00000000 ____D C:\Users\Ty
2015-12-04 18:57 - 2015-12-04 18:57 - 00000020 ___SH C:\Users\Ty\ntuser.ini
2015-12-04 18:57 - 2015-12-04 18:57 - 00000000 _SHDL C:\Users\Ty\My Documents
2015-12-04 18:57 - 2015-12-04 18:57 - 00000000 _SHDL C:\Users\Ty\Documents\My Videos
2015-12-04 18:57 - 2015-12-04 18:57 - 00000000 _SHDL C:\Users\Ty\Documents\My Pictures
2015-12-04 18:57 - 2015-12-04 18:57 - 00000000 _SHDL C:\Users\Ty\Documents\My Music
2015-12-04 18:57 - 2011-04-12 00:28 - 00000000 ____D C:\Users\Ty\AppData\Roaming\Media Center Programs
2015-12-04 18:53 - 2015-12-04 18:53 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-12-04 18:53 - 2015-12-04 18:53 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-12-04 18:50 - 2015-12-04 18:57 - 00000000 ____D C:\Windows\Panther
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-12-06 20:20 - 2009-07-13 20:45 - 00021840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-06 20:20 - 2009-07-13 20:45 - 00021840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-06 20:19 - 2009-07-13 21:13 - 00785756 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-06 20:19 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\inf
2015-12-06 20:13 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-06 18:05 - 2009-07-13 19:20 - 00000000 ____D C:\Windows
2015-12-05 02:16 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-12-05 00:12 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\system32\NDF
2015-12-04 23:07 - 2009-07-13 20:45 - 00275352 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-04 20:49 - 2009-07-13 21:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-12-04 20:12 - 2012-09-07 11:48 - 01623040 _____ (Sentelic Corporation.) C:\Windows\SysWOW64\StlFspAPI32.dll
2015-12-04 20:11 - 2012-09-07 11:48 - 02219008 _____ (Sentelic Corporation.) C:\Windows\system32\StlFspAPI64.dll
2015-12-04 20:11 - 2012-09-07 11:11 - 00067584 _____ (Sentelic Corporation) C:\Windows\system32\Drivers\fspad_win764.sys
2015-12-04 20:11 - 2012-09-07 10:47 - 00064512 _____ (Sentelic Corporation) C:\Windows\system32\fspadco.dll
2015-12-04 20:03 - 2009-07-13 21:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-12-04 19:36 - 2009-07-13 19:20 - 00000000 __RHD C:\Users\Public\Libraries
2015-12-04 19:14 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Help
2015-12-04 18:57 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2015-12-04 18:52 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\system32\sysprep
2015-12-04 18:50 - 2009-07-13 21:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
 
Some files in TEMP:
====================
C:\Users\Ty\AppData\Local\Temp\sqlite3.dll
C:\Users\Ty\AppData\Local\Temp\YSPCUNLR.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-12-04 18:51
 
==================== End of FRST.txt ============================
 
 
Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-12-2015

Ran by Ty (2015-12-06 20:22:47)

Running from C:\Users\Ty\Desktop

Windows 7 Home Premium Service Pack 1 (X64) (2015-12-05 02:57:52)

Boot Mode: Normal

==========================================================

 

 

==================== Accounts: =============================

 

Administrator (S-1-5-21-3314788180-3748886331-2302103882-500 - Administrator - Disabled)

Guest (S-1-5-21-3314788180-3748886331-2302103882-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-3314788180-3748886331-2302103882-1002 - Limited - Enabled)

Ty (S-1-5-21-3314788180-3748886331-2302103882-1000 - Administrator - Enabled) => C:\Users\Ty

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

 

==================== Installed Programs ======================

 

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

7-Zip 15.12 (x64) (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov)

Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.2.172 - Adobe Systems, Inc.)

Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software)

Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.830 - Corel Inc.)

Dropbox (HKLM-x32\...\Dropbox) (Version: 3.12.4 - Dropbox, Inc.)

Dropbox Update Helper (x32 Version: 1.3.27.77 - Dropbox, Inc.) Hidden

Everything 1.3.4.686 (x64) (HKLM\...\Everything) (Version:  - )

Finger Sensing Pad Driver (HKLM\...\{E86906FF-C63D-4EAF-ACE7-5F8D55FBEA9A}) (Version: 8.8.8.6 - Sentelic)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.73 - Google Inc.)

Google Drive (HKLM-x32\...\{1C3D2F92-D25E-4D98-B810-3F3B0857BF26}) (Version: 1.26.0707.2863 - Google, Inc.)

Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden

i-Charger (HKLM-x32\...\i-Charger_is1) (Version:  - msi, Inc.)

ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)

Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)

Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{006B5C65-3938-4246-B182-994A7E415EDE}) (Version: 1.1.0.0537 - Intel Corporation)

Intel® PROSet/Wireless WiFi Software (HKLM\...\{1927E640-A2C6-4BA7-8F43-FFD2AE3DFCF3}) (Version: 14.0.2000 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)

Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.18 - Oracle Corporation)

Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)

Java SE Development Kit 8 Update 66 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180660}) (Version: 8.0.660.18 - Oracle Corporation)

K-Lite Codec Pack 11.7.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.7.5 - )

LockIndicator (HKLM-x32\...\{CBDF64A5-44E0-4ECF-B5B3-FE8EF961CF13}) (Version: 1.0.1106.2401 - Micro-Star International Co., Ltd.)

Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)

MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)

Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-3314788180-3748886331-2302103882-1000\...\OneDriveSetup.exe) (Version: 17.3.6201.1019 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

msi LED Manager (HKLM-x32\...\{34B61214-F4D3-4449-A918-F52A36FB2F71}) (Version: 1.0.1011.2501 - msi)

MSI VGA Overclock Tool (HKLM-x32\...\{26C18D1A-CA42-4682-8CBA-98929848278A}) (Version: 12.06.0601 - MSI)

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

NTI Backup Now EZ 4 (HKLM-x32\...\InstallShield_{249E38A7-26F9-4C82-A95B-CDA5184A54CF}) (Version: 4.0.2.56 - NTI Corporation)

NTI Backup Now EZ 4 (x32 Version: 4.0.2.56 - NTI Corporation) Hidden

NVIDIA Graphics Driver 268.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.12 - NVIDIA Corporation)

NVIDIA HD Audio Driver 1.2.22.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.22.1 - NVIDIA Corporation)

Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)

Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.23.623.2010 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6309 - Realtek Semiconductor Corp.)

Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10008 - Realtek Semiconductor Corp.)

Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)

Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden

Skype™ 7.16 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.16.101 - Skype Technologies S.A.)

Spotify (HKU\S-1-5-21-3314788180-3748886331-2302103882-1000\...\Spotify) (Version: 1.0.19.106.gb8a7150f - Spotify AB)

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

System Control Manager (HKLM-x32\...\{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}) (Version: 2.211.0217.007.04 - Micro-Star International Co., Ltd.)

THX TruStudio Pro (HKLM-x32\...\{4FA6CB9A-2972-4AAF-A36E-3C40FCC22395}) (Version: 1.0 - Creative Technology Limited)

VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)

WinZip 20.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EF}) (Version: 20.0.11659 - WinZip Computing, S.L. )

 

==================== Custom CLSID (Whitelisted): ==========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

CustomCLSID: HKU\S-1-5-21-3314788180-3748886331-2302103882-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Ty\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64\FileCoAuthLib64.dll ()

CustomCLSID: HKU\S-1-5-21-3314788180-3748886331-2302103882-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Ty\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)

 

==================== Restore Points =========================

 

04-12-2015 20:01:39 Installed THX TruStudio Pro

04-12-2015 20:04:41 Installed Intel® PROSet/Wireless Software for Bluetooth® Technology

04-12-2015 20:08:33 Installed Renesas Electronics USB 3.0 Host Controller Driver

04-12-2015 20:12:17 Installed Finger Sensing Pad Driver

04-12-2015 20:30:35 Installed Intel® PROSet/Wireless Software for Bluetooth® Technology

04-12-2015 20:37:20 Installed DirectX

04-12-2015 20:39:07 Installed Corel WinDVD.

04-12-2015 20:49:02 Windows Modules Installer

04-12-2015 23:01:45 Installed Realtek Ethernet Controller Driver For Windows Vista aë„aG

04-12-2015 23:38:23 Installed Intel® PROSet/Wireless WiFi Software.

05-12-2015 01:21:34 Installed Windows 7 Upgrade Advisor

05-12-2015 01:53:39 Installed NTI Backup Now EZ 4

05-12-2015 02:16:38 Installed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

05-12-2015 02:17:14 Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

05-12-2015 02:17:49 Installed OpenOffice 4.1.2

05-12-2015 02:40:55 Configured NTI Backup Now EZ 4

05-12-2015 13:40:55 Removed Cinema ProII Setup

05-12-2015 13:42:37 Removed Windows 7 Upgrade Advisor

06-12-2015 13:32:47 Windows Update

06-12-2015 16:41:50 JRT Pre-Junkware Removal

 

==================== Hosts content: ===============================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2009-07-13 18:34 - 2009-06-10 13:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

 

 

==================== Scheduled Tasks (Whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {09F12073-1846-4283-910C-A6284D06B824} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-12-04] (AVAST Software)

Task: {5278D75E-65DC-405D-8765-EB62430D22BB} - System32\Tasks\{20230828-2103-4CD8-8543-FE5D1703C1A9} => pcalua.exe -a C:\Users\Ty\AppData\Local\Temp\Temp1_thx_w7_nb.zip\Audio\THXAudCP\setup.exe

Task: {8AE2085D-FE24-46F0-8359-EFFB96BAFB24} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-05] (Dropbox, Inc.)

Task: {9DAAFC33-A259-4648-B856-CD4A3D1DAC8C} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-05] (Dropbox, Inc.)

Task: {9E0CBE7F-1565-44BD-AFCF-1593F1395F5A} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-11-30] ()

Task: {B87C7EE2-3461-4425-903D-3839747CE3D8} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-12-04] (AVAST Software)

Task: {C4BD7B68-EA1E-4AB2-8D9F-0681C4F14DB1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-04] (Google Inc.)

Task: {EE3EFF4E-C9BF-48FD-9A45-22A57BAACB90} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-04] (Google Inc.)

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

 

==================== Shortcuts =============================

 

(The entries could be listed to be restored or removed.)

 

==================== Loaded Modules (Whitelisted) ==============

 

2011-01-05 12:53 - 2011-01-05 12:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll

2015-07-17 14:40 - 2015-07-17 14:40 - 00095944 _____ () C:\Program Files (x86)\NTI\NTI Backup Now EZ 4\ScheduleService.exe

2012-09-07 11:39 - 2015-12-04 20:11 - 00067072 _____ () C:\Program Files\FSP\FspLib.dll

2012-09-07 11:43 - 2015-12-04 20:11 - 00040448 _____ () C:\Program Files\FSP\KbdHook.dll

2011-01-05 12:53 - 2011-01-05 12:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll

2015-12-05 02:10 - 2014-08-05 17:04 - 01441792 _____ () C:\Program Files\Everything\Everything.exe

2012-06-06 15:18 - 2012-06-06 15:18 - 00089088 _____ () C:\Program Files (x86)\MSI\MSI VGA Overclock Tool\VGAOCAP.exe

2015-12-04 20:18 - 2015-12-04 20:18 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll

2015-12-04 20:18 - 2015-12-04 20:18 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll

2015-12-06 13:29 - 2015-12-06 13:29 - 02803200 _____ () C:\Program Files\AVAST Software\Avast\defs\15120600\algo.dll

2015-12-04 20:18 - 2015-12-04 20:18 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll

2015-07-17 14:43 - 2015-07-17 14:43 - 00065736 _____ () C:\Program Files (x86)\NTI\NTI Backup Now EZ 4\XMLParser.dll

2015-07-17 14:42 - 2015-07-17 14:42 - 00054472 _____ () C:\Program Files (x86)\NTI\NTI Backup Now EZ 4\SendMsgCallbackDll.dll

2015-07-17 14:42 - 2015-07-17 14:42 - 00073416 _____ () C:\Program Files (x86)\NTI\NTI Backup Now EZ 4\Pehook.DLL

2015-12-04 20:02 - 2010-05-04 10:59 - 00182272 _____ () C:\Windows\SysWOW64\APOMngr.DLL

2015-12-04 20:18 - 2015-12-04 20:18 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

2015-12-05 02:14 - 2015-10-30 16:57 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd

2015-12-05 02:14 - 2015-10-30 16:57 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd

2015-12-05 02:14 - 2015-11-30 11:14 - 00022848 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Random.OSRNG.winrandom.pyd

2015-12-05 02:14 - 2015-11-30 11:14 - 00023352 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Util._counter.pyd

2015-12-05 02:14 - 2015-11-30 11:14 - 00042296 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Cipher._AES.pyd

2015-12-05 02:14 - 2015-10-30 16:57 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll

2015-12-05 02:14 - 2015-10-30 16:57 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd

2015-12-05 02:14 - 2015-10-30 16:57 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd

2015-12-05 02:14 - 2015-11-30 11:15 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd

2015-12-05 02:14 - 2015-10-30 16:57 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd

2015-12-05 02:14 - 2015-10-30 16:57 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll

2015-12-05 02:14 - 2015-11-30 11:15 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd

2015-12-05 02:14 - 2015-10-30 16:57 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd

2015-12-05 02:14 - 2015-11-30 11:14 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd

2015-12-05 02:14 - 2015-10-30 16:57 - 00109520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd

2015-12-05 02:14 - 2015-11-30 11:15 - 01737032 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd

2015-12-05 02:14 - 2015-11-30 11:15 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd

2015-12-05 02:14 - 2015-11-30 11:15 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_python_x66cf7a7cx17a72769.pyd

2015-12-05 02:14 - 2015-11-30 11:15 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd

2015-12-05 02:14 - 2015-11-30 11:15 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd

2015-12-05 02:14 - 2015-10-30 16:57 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd

2015-12-05 02:14 - 2015-10-30 16:57 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd

2015-12-05 02:14 - 2015-10-30 16:57 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd

2015-12-05 02:14 - 2015-11-30 11:15 - 00021320 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd

2015-12-05 02:14 - 2015-10-30 16:57 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd

2015-12-05 02:14 - 2015-10-30 16:57 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd

2015-12-05 02:14 - 2015-10-30 16:57 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd

2015-12-05 02:14 - 2015-10-30 16:57 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd

2015-12-05 02:14 - 2015-10-30 16:57 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd

2015-12-05 02:14 - 2015-10-30 16:57 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd

2015-12-05 02:14 - 2015-10-30 16:57 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd

2015-12-05 02:14 - 2015-11-30 11:15 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd

2015-12-05 02:14 - 2015-10-30 16:57 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll

2015-12-05 02:14 - 2015-10-30 16:57 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd

2015-12-05 02:14 - 2015-11-30 11:14 - 00117056 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd

2015-12-05 02:14 - 2015-11-30 11:15 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd

2015-12-05 02:14 - 2015-10-30 16:57 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd

2015-12-05 02:14 - 2015-10-30 16:57 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd

2015-12-05 02:14 - 2015-10-30 16:57 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd

2015-12-05 02:14 - 2015-11-30 11:14 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd

2015-12-05 02:14 - 2015-11-30 11:15 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd

2015-12-05 02:14 - 2015-11-30 11:14 - 00021304 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Util.strxor.pyd

2015-12-05 02:14 - 2015-10-30 16:57 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd

2015-12-05 02:14 - 2015-11-30 11:15 - 00084792 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL

2015-12-05 02:14 - 2015-11-30 11:15 - 01826608 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd

2015-12-05 02:14 - 2015-10-30 16:57 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd

2015-12-05 02:14 - 2015-11-30 11:15 - 03891504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd

2015-12-05 02:14 - 2015-11-30 11:15 - 01950000 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd

2015-12-05 02:14 - 2015-11-30 11:15 - 00519984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd

2015-12-05 02:14 - 2015-11-30 11:15 - 00133936 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd

2015-12-05 02:14 - 2015-11-30 11:15 - 00225080 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd

2015-12-05 02:14 - 2015-11-30 11:15 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd

2015-12-05 02:14 - 2015-11-30 11:15 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd

2015-07-17 14:42 - 2015-07-17 14:42 - 00045768 _____ () C:\Program Files (x86)\NTI\NTI Backup Now EZ 4\NtiPipe.dll

2015-07-17 14:42 - 2015-07-17 14:42 - 00466032 _____ () C:\Program Files (x86)\NTI\NTI Backup Now EZ 4\sqlite3.dll

2015-12-04 20:07 - 2015-11-24 00:00 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.73\libglesv2.dll

2015-12-04 20:07 - 2015-11-24 00:00 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.73\libegl.dll

2015-12-04 19:33 - 2015-12-04 19:33 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\b6584c7e1f3d6d28c1a2b189a5d8831f\IsdiInterop.ni.dll

2015-12-04 19:33 - 2012-02-01 16:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

 

==================== Alternate Data Streams (Whitelisted) =========

 

(If an entry is included in the fixlist, only the ADS will be removed.)

 

 

==================== Safe Mode (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

 

==================== EXE Association (Whitelisted) ===============

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

 

 

==================== Internet Explorer trusted/restricted ===============

 

(If an entry is included in the fixlist, it will be removed from the registry.)

 

 

==================== Other Areas ============================

 

(Currently there is no automatic fix for this section.)

 

HKU\S-1-5-21-3314788180-3748886331-2302103882-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ty\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: 192.168.1.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall is enabled.

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

(Currently there is no automatic fix for this section.)

 

 

==================== FirewallRules (Whitelisted) ===============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [{2DF299F6-577F-4BD4-A0D8-C20E838217FC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

FirewallRules: [{16932455-4E9A-4BF8-BBF7-85ECAC14A454}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

FirewallRules: [{DF022B0A-87D9-42C4-A3BC-91D27B9811DE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{1171EA3D-2699-4925-9C74-C1B9AC708706}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

FirewallRules: [TCP Query User{554770A5-499F-43B6-82CE-86BBB3B0EEEA}C:\users\ty\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ty\appdata\roaming\spotify\spotify.exe

FirewallRules: [uDP Query User{AFDFF8E4-51C0-4D44-A704-F9586C48307A}C:\users\ty\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ty\appdata\roaming\spotify\spotify.exe

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (12/06/2015 08:13:11 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (12/06/2015 06:07:46 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (12/06/2015 04:37:38 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (12/06/2015 04:12:08 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (12/06/2015 04:01:47 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (12/06/2015 03:33:50 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (12/06/2015 01:54:08 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (12/06/2015 01:36:04 PM) (Source: MsiInstaller) (EventID: 11935) (User: NT AUTHORITY)

Description: Product: Microsoft Visual C++ 2005 Redistributable -- Error 1935.An error occurred during the installation of assembly 'Microsoft.VC80.OpenMP,type="win32",version="8.0.50727.6195",publicKeyToken="1fc8b3b9a1e18e3b",processorArchitecture="x86"'. Please refer to Help and Support for more information. HRESULT: 0x800736B3. assembly interface: IAssemblyCacheItem, function: Commit, component: {1E507087-0819-45E0-A01F-C8B3B9A1E18E}

 

Error: (12/06/2015 01:28:19 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (12/05/2015 04:35:19 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

 

System errors:

=============

Error: (12/06/2015 08:11:46 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 

%%1068

 

Error: (12/06/2015 08:11:46 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 

%%1068

 

Error: (12/06/2015 08:11:46 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 

%%1068

 

Error: (12/06/2015 08:11:46 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 

%%1068

 

Error: (12/06/2015 08:11:46 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 

%%1068

 

Error: (12/06/2015 08:11:46 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 

%%1068

 

Error: (12/06/2015 08:11:46 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 

%%1068

 

Error: (12/06/2015 08:11:46 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 

%%1068

 

Error: (12/06/2015 08:11:46 PM) (Source: DCOM) (EventID: 10005) (User: )

Description: 1068netprofm{A47979D2-C419-11D9-A5B4-001185AD2B89}

 

Error: (12/06/2015 08:11:46 PM) (Source: DCOM) (EventID: 10005) (User: )

Description: 1068netman{BA126AD1-2166-11D1-B1D0-00805FC1270E}

 

 

CodeIntegrity:

===================================

  Date: 2015-12-06 20:15:03.972

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2015-12-06 20:15:03.261

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2015-12-06 16:39:46.660

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2015-12-06 16:39:46.512

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2015-12-06 16:04:15.717

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2015-12-06 16:04:15.239

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2015-12-06 15:42:23.169

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2015-12-06 15:42:22.783

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2015-12-05 03:02:16.790

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2015-12-05 03:02:16.429

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

 

 

==================== Memory info =========================== 

 

Processor: Intel® Core i7-2670QM CPU @ 2.20GHz

Percentage of memory in use: 35%

Total physical RAM: 12265.3 MB

Available physical RAM: 7940.71 MB

Total Virtual: 24528.81 MB

Available Virtual: 19397.2 MB

 

==================== Drives ================================

 

Drive c: (OS_INSTALL) (Fixed) (Total:931.42 GB) (Free:599.61 GB) NTFS

Drive e: (TOSHIBA EXT) (Fixed) (Total:1862.92 GB) (Free:1297.19 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 42D26F51)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

 

========================================================

Disk: 1 (Size: 1863 GB) (Disk ID: 1E8A3E67)

Partition 1: (Active) - (Size=1862.9 GB) - (Type=07 NTFS)

 

==================== End of Addition.txt ============================

Link to post
Share on other sites

Latest FRST logs are clean, do you have any remaining issues or concerns? If none run the following to clean up:

 

Download "Delfix by Xplode" and save it to your desktop.

Or use the following if first link is down:

"Delfix link mirror"

Double Click to start the program. If you are using Vista or higher, please right-click and choose run as administrator

Make Sure the following items are checked:



  •    
  • Remove disinfection tools
       
  • Purge System Restore <--- this will remove all previous and possibly exploited restore points, a new point relative to system status at present will be created.
       
  • Reset system settings



Now click on "Run" and wait patiently until the tool has completed.

The tool will create a log when it has completed. We don't need you to post this.

Any remnant files/logs from tools we have used can be deleted…
 

Next,

 

Read the following links to fully understand PC Security and Best Practices, you may find them useful....

Answers to Common Security Questions and best Practices

Do I need a Registry Cleaner?

Take care and surf safe

Kevin...  busy.gif
 

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.