CloseProcesses:
CreateRestorePoint:
C:\Users\User1\AppData\Local\DM\TinyDM.exe
HKU\S-1-5-21-2572138134-34439291-2312372487-1000\...\Run: [Tiny download manager] => C:\Users\User1\AppData\Local\DM\TinyDM.exe [1007384 2015-12-17] (hxxp://www.tinydm.com/)
HKU\S-1-5-21-2572138134-34439291-2312372487-1000\...\MountPoints2: G - G:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2572138134-34439291-2312372487-1000\...\MountPoints2: {3c8896c8-dd30-11e3-88f5-806e6f6e6963} - Q:\LenovoQDrive.exe
HKU\S-1-5-21-2572138134-34439291-2312372487-1000\...\MountPoints2: {495a980d-6b8a-11e5-a9ee-f4b7e2e86230} - E:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2572138134-34439291-2312372487-1000\...\MountPoints2: {495a9827-6b8a-11e5-a9ee-f4b7e2e86230} - E:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2572138134-34439291-2312372487-1000\...\MountPoints2: {495a9998-6b8a-11e5-a9ee-f4b7e2e86230} - G:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2572138134-34439291-2312372487-1000\...\MountPoints2: {5adc93e3-8f9d-11e4-bd55-f4b7e2e86230} - D:\KODAK_Camera_Setup_App.exe
HKU\S-1-5-21-2572138134-34439291-2312372487-1000\...\MountPoints2: {a5031a2d-947b-11e5-9d8a-f4b7e2e86230} - D:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2572138134-34439291-2312372487-1000\...\MountPoints2: {cbbb3579-933d-11e5-a15a-6c881415336c} - F:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2572138134-34439291-2312372487-1000\...\MountPoints2: {d85adddf-4d94-11e5-946b-f4b7e2e86230} - "D:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-2572138134-34439291-2312372487-1000\...\MountPoints2: {ebaca168-8207-11e5-bc08-3c970e8c25d9} - D:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2572138134-34439291-2312372487-1000\...\MountPoints2: {fcdaaf94-6d83-11e5-811c-3c970e8c25d9} - F:\setup_vmb_lite.exe /checkApplicationPresence
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User1\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User1\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User1\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User1\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User1\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User1\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User1\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User1\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll No File
C:\Users\User1\AppData\Local\Temp\jre-8u60-windows-au.exe
C:\Users\User1\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\User1\AppData\Local\Temp\jre-8u71-windows-au.exe
C:\Users\User1\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\User1\AppData\Local\Temp\jre-8u77-windows-au.exe
C:\Users\User1\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\User1\AppData\Local\Temp\MSIZAP.EXE
Shortcut: C:\Users\User1\Desktop\Backup HD Studd\Meredith's Computer - delete 2-9\2015-01-06\Users\Meredith\Desktop (copied)\Constant Guard Protection Suite.lnk -> hxxp://security.comcast.net/?cid=xfactiv_security (No File)
Shortcut: C:\Users\User1\Desktop\Backup HD Studd\Meredith's Computer - delete 2-9\2015-01-06\Users\Meredith\Desktop (copied)\Live PC Help.lnk -> hxxp://www.thephonesupport.com/?src=dtop (No File)
Shortcut: C:\Users\User1\Desktop\Backup HD Studd\Meredith's Computer - delete 2-9\2015-01-06\Users\Meredith\Desktop (copied)\XFINITY Connect.lnk -> hxxp://www.comcast.net/qry/goto?app=mail&cid=xfactiv_email (No File)
Shortcut: C:\Users\User1\Desktop\Backup HD Studd\Meredith's Computer - delete 2-9\2015-01-06\Users\Meredith\Desktop (copied)\XFINITY TV.lnk -> hxxp://xfinitytv.comcast.net/?cid=xfactiv_tv (No File)
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset catalog
CMD: ipconfig /flushdns
RemoveProxy:
hosts:
Emptytemp: