Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-09-2017 01 Ran by SYSTEM on MININT-E1DMR35 (14-09-2017 19:30:00) Running from D:\ Platform: Windows 10 Enterprise Version 1703 (X64) Language: English (United States) Internet Explorer Version 11 Boot Mode: Recovery Default: ControlSet001 [b]ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.[/b] Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11905128 2011-06-28] (Realtek Semiconductor) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [423424 2017-04-07] (LogMeIn, Inc.) HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67896 2017-05-08] (Apple Inc.) HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-04-30] (Apple Inc.) HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2001920 2014-04-04] (AimerSoft) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3487032 2017-09-06] (Dropbox, Inc.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [CanonQuickToolbox] => C:\Program Files (x86)\Canon\Quick Toolbox\cnqtbapp.exe [1854544 2014-05-13] (CANON INC.) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (CANON INC.) HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5524336 2013-06-19] (Western Digital Technologies, Inc.) HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1890664 2016-01-14] (Western Digital Technologies, Inc.) HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [141760 2017-02-22] (Panda Security, S.L.) HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Anvsoft\Syncios\SynciosDeviceService.exe [1910424 2017-06-05] () IFEO\SppExtComObj.exe: [Debugger] SppExtComObjPatcher.exe Startup: C:\Users\Jules Evely\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Deluge.lnk [2015-05-19] ShortcutTarget: Deluge.lnk -> C:\Program Files (x86)\Deluge\deluged.exe () Startup: C:\Users\Jules Evely\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SABnzbd.lnk [2015-03-24] ShortcutTarget: SABnzbd.lnk -> C:\Program Files (x86)\SABnzbd\SABnzbd.exe () GroupPolicy: Restriction <==== ATTENTION GroupPolicyScripts: Restriction <==== ATTENTION ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.) S2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [915584 2010-12-01] () S2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] () S2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.) S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [914200 2013-06-04] (BitRaider, LLC) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.) S2 DbxSvc; C:\Windows\system32\DbxSvc.exe [49992 2017-09-06] (Dropbox, Inc.) S2 Hadouken; C:\Program Files (x86)\Hadouken\hadouken.exe [4484096 2016-10-05] () S2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [84616 2013-06-28] () S2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [419304 2017-08-03] (LogMeIn, Inc.) S2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [525288 2017-08-03] (LogMeIn, Inc.) S2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2012-11-29] (LogMeIn, Inc.) S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes) S2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [110384 2017-02-14] (Panda Security, S.L.) S2 NzbDrone; C:\ProgramData\NzbDrone\bin\nzbdrone.console.exe [25600 2017-08-12] (sonarr.tv) S2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [86104 2016-07-19] (Panda Security, S.L.) S2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [2093544 2017-09-07] (Plex, Inc.) S2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [47096 2017-04-25] (Panda Security, S.L.) S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-18] (Microsoft Corporation) S2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-28] (TeamViewer GmbH) S2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2013-06-19] (Western Digital Technologies, Inc.) S2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [308088 2016-01-14] (Western Digital Technologies, Inc.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-19] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-23] () S1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-02] () S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.) S1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-08-24] () S3 HSF_DP; C:\Windows\system32\DRIVERS\CAX_DP.sys [1485824 2009-02-13] (Conexant Systems, Inc.) S2 LMIInfo; C:\WINDOWS\system32\drivers\LMIInfo.sys [30432 2017-01-10] (LogMeIn, Inc.) S4 LMIRfsClientNP; no ImagePath S2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [192960 2017-08-30] (Malwarebytes) S3 MBAMFarflt; C:\Windows\system32\DRIVERS\farflt.sys [101824 2017-09-09] (Malwarebytes) S3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [0 2017-09-10] () <==== ATTENTION (zero byte File/Folder) S0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [0 2017-09-10] () <==== ATTENTION (zero byte File/Folder) S3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [0 2017-09-10] () <==== ATTENTION (zero byte File/Folder) S3 mmpDrv; C:\Windows\system32\Drivers\mmpDrv.sys [21008 2012-10-18] () S3 mmpguidrv; C:\Windows\system32\Drivers\MmpGuiDrv.sys [12304 2012-10-18] () S3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] () S1 NNSALPC; C:\Windows\system32\DRIVERS\NNSALPC.sys [107488 2017-02-08] (Panda Security, S.L.) S1 NNSHTTP; C:\Windows\system32\DRIVERS\NNSHTTP.sys [211376 2016-07-05] (Panda Security, S.L.) S1 NNSHTTPS; C:\Windows\system32\DRIVERS\NNSHTTPS.sys [121312 2017-02-08] (Panda Security, S.L.) S1 NNSIDS; C:\Windows\system32\DRIVERS\NNSIDS.sys [125872 2016-07-05] (Panda Security, S.L.) S1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [80152 2016-07-06] (Panda Security, S.L.) S1 NNSPICC; C:\Windows\system32\DRIVERS\NNSPICC.sys [116656 2016-07-05] (Panda Security, S.L.) S1 NNSPIHSW; C:\Windows\system32\DRIVERS\NNSPIHSW.sys [91104 2017-02-08] (Panda Security, S.L.) S1 NNSPOP3; C:\Windows\system32\DRIVERS\NNSPOP3.sys [135088 2016-07-05] (Panda Security, S.L.) S1 NNSPROT; C:\Windows\system32\DRIVERS\NNSPROT.sys [335792 2016-07-05] (Panda Security, S.L.) S1 NNSPRV; C:\Windows\system32\DRIVERS\NNSPRV.sys [197600 2017-02-08] (Panda Security, S.L.) S1 NNSSMTP; C:\Windows\system32\DRIVERS\NNSSMTP.sys [123312 2016-07-05] (Panda Security, S.L.) S1 NNSSTRM; C:\Windows\system32\DRIVERS\NNSSTRM.sys [278960 2016-07-05] (Panda Security, S.L.) S1 NNSTLSC; C:\Windows\system32\DRIVERS\NNSTLSC.sys [125360 2016-07-05] (Panda Security, S.L.) S2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.) S2 PSINAflt; C:\Windows\system32\DRIVERS\PSINAflt.sys [177424 2017-02-12] (Panda Security, S.L.) S2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [129296 2017-02-12] (Panda Security, S.L.) S1 PSINKNC; C:\Windows\system32\DRIVERS\PSINKNC.sys [205584 2017-02-20] (Panda Security, S.L.) S2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [131344 2017-02-12] (Panda Security, S.L.) S2 PSINProt; C:\Windows\system32\DRIVERS\PSINProt.sys [144656 2017-02-12] (Panda Security, S.L.) S2 PSINReg; C:\Windows\system32\DRIVERS\PSINReg.sys [114960 2017-02-12] (Panda Security, S.L.) S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [72112 2016-08-09] (Panda Security, S.L.) S3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2014-06-23] (Research in Motion Limited) S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [889584 2015-08-31] (Realtek ) S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [31128 2017-03-18] () S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.) S3 tapSF0901; C:\Windows\System32\drivers\tapSF0901.sys [39104 2013-05-28] (Spotflux, Inc.) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation) S2 WLNdis50; C:\Windows\system32\DRIVERS\wlndis50.sys [35840 2008-01-28] () S2 WLNdis50; C:\Windows\SysWOW64\DRIVERS\wlndis50.sys [35840 2008-01-28] () S4 aspnet_state; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-09-14 19:26 - 2017-09-14 19:26 - 000000000 ____D C:\FRST 2017-09-13 20:53 - 2017-09-13 20:54 - 000000000 ____D C:\Windows\System32\config\mybackup 2017-09-13 08:47 - 2017-09-13 08:47 - 001527630 _____ C:\Users\Jules Evely\Documents\Melanie-archive-16.pdf 2017-09-13 08:47 - 2017-09-13 08:47 - 001447519 _____ C:\Users\Jules Evely\Documents\Jules-archive-16.pdf 2017-09-13 08:08 - 2017-09-13 08:08 - 000310280 _____ (Oracle) C:\Users\Jules Evely\Downloads\llLauncher_17256nASDAOzUHWAW0wHWK4RpQCQBD.exe 2017-09-13 07:02 - 2017-09-13 07:02 - 000000025 _____ C:\Users\Jules Evely\Documents\mom bug control.txt 2017-09-13 05:35 - 2017-09-13 05:35 - 000001967 _____ C:\Users\Jules Evely\Downloads\Hulk.010.(2017).(Digital).(BlackManta-Empire).torrent 2017-09-13 04:50 - 2017-09-13 04:50 - 000017026 _____ C:\Users\Jules Evely\Downloads\Wonder.Woman.2017.3D.1080p.BRRip.6CH.MkvCage.mkv.torrent 2017-09-12 13:33 - 2017-09-12 13:33 - 000000000 ____D C:\Program Files (x86)\Plex 2017-09-12 13:27 - 2017-09-12 13:27 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk 2017-09-12 13:27 - 2017-09-12 13:27 - 000000000 ____D C:\Program Files\VideoLAN 2017-09-12 13:26 - 2017-09-12 13:26 - 032100680 _____ C:\Users\Jules Evely\Downloads\vlc-2.2.6-win64.exe 2017-09-12 09:19 - 2017-09-12 09:19 - 000014700 _____ C:\Users\Jules Evely\Downloads\Transformers.The.Last.Knight.2017.1080p.WEB-DL.6CH.MkvCage.mkv.torrent 2017-09-12 07:34 - 2017-09-12 07:34 - 000017935 _____ C:\Users\Jules Evely\Downloads\Preacher.S02E13.720p.WEB-DL.MkvCage.mkv.torrent 2017-09-12 07:31 - 2017-09-12 07:34 - 012606853 _____ C:\Users\Jules Evely\Documents\IMG_20170912_0003.pdf 2017-09-12 06:41 - 2017-09-12 06:41 - 002899032 _____ C:\Users\Jules Evely\Documents\IMG_20170911_0005-ilovepdf-compressed.pdf 2017-09-12 06:39 - 2017-09-12 06:39 - 000073737 _____ C:\Users\Jules Evely\Downloads\IMG_20161210_0001-ilovepdf-compressed.pdf 2017-09-12 06:02 - 2017-09-12 06:03 - 002721981 _____ C:\Users\Jules Evely\Documents\IMG_20170912_0002.pdf 2017-09-12 06:01 - 2017-09-12 06:01 - 003458586 _____ C:\Users\Jules Evely\Documents\IMG_20170912_0001.pdf 2017-09-12 04:10 - 2017-09-12 04:10 - 000018964 _____ C:\Users\Jules Evely\Downloads\Baby.Driver.2017.7220p.WEB-DL.900MB.MkvCage.mkv.torrent 2017-09-12 04:09 - 2017-09-12 04:09 - 000014941 _____ C:\Users\Jules Evely\Downloads\The.House.2017.720p.WEB-DL.700MB.MkvCage.mkv.torrent 2017-09-12 01:53 - 2017-09-12 01:56 - 000000000 ____D C:\Users\Jules Evely\Downloads\American.Ninja.Warrior.S09E15.WEB.x264-TBS[rarbg] 2017-09-11 22:15 - 2017-09-11 22:16 - 000000000 ____D C:\Users\Jules Evely\Downloads\The.Mindy.Project.S06E01.WEB.h264-TBS[rarbg] 2017-09-11 19:10 - 2017-09-11 19:12 - 000000000 ____D C:\Users\Jules Evely\Downloads\Preacher.S02E13.HDTV.x264-FLEET[rarbg] 2017-09-11 15:20 - 2017-09-11 15:22 - 010613193 _____ C:\Users\Jules Evely\Documents\IMG_20170911_0008.pdf 2017-09-11 15:13 - 2017-09-11 15:18 - 021324054 _____ C:\Users\Jules Evely\Documents\IMG_20170911_0007.pdf 2017-09-11 14:54 - 2017-09-11 14:56 - 013264732 _____ C:\Users\Jules Evely\Documents\IMG_20170911_0006.pdf 2017-09-11 11:18 - 2017-09-11 11:26 - 032574837 _____ C:\Users\Jules Evely\Documents\IMG_20170911_0005.pdf 2017-09-11 11:11 - 2017-09-12 07:43 - 000000000 ____D C:\Users\Jules Evely\Desktop\Melanie TD 2017-09-11 11:04 - 2017-09-11 11:09 - 018630677 _____ C:\Users\Jules Evely\Documents\IMG_20170911_0004.pdf 2017-09-11 11:03 - 2017-09-11 11:03 - 004852203 _____ C:\Users\Jules Evely\Documents\IMG_20170911_0003.pdf 2017-09-11 11:01 - 2017-09-11 11:02 - 005766740 _____ C:\Users\Jules Evely\Documents\IMG_20170911_0002.pdf 2017-09-11 11:00 - 2017-09-11 11:00 - 002701990 _____ C:\Users\Jules Evely\Documents\IMG_20170911_0001.pdf 2017-09-10 20:56 - 2017-09-10 20:57 - 000000000 ____D C:\Users\Jules Evely\Downloads\Rick.and.Morty.S03E07.HDTV.x264-BATV[rarbg] 2017-09-10 20:17 - 2017-09-10 20:17 - 000000000 _____ C:\Windows\System32\Drivers\523B79A7.sys 2017-09-10 20:09 - 2017-09-10 20:23 - 000000000 ____D C:\Users\Jules Evely\Downloads\Fear.The.Walking.Dead.S03E10.CONVERT.WEB.h264-TBS[rarbg] 2017-09-10 19:54 - 2017-09-10 19:57 - 000000000 ____D C:\Users\Jules Evely\Downloads\Fear.the.Walking.Dead.S03E09.HDTV.x264-SVA[rarbg] 2017-09-10 19:23 - 2017-09-10 19:28 - 000000000 ____D C:\Users\Jules Evely\Downloads\Ballers.S03E08.720p.WEB.H264-STRiFE[rarbg] 2017-09-09 17:29 - 2017-09-09 17:29 - 000010606 _____ C:\Users\Jules Evely\Downloads\Man.Of.Steel.2013.1080p.10bit.BluRay.5.1.x265.HEVC-MZABI.mkv.torrent 2017-09-08 20:00 - 2017-09-08 20:00 - 000000000 ____D C:\Users\Jules Evely\AppData\Local\bunkus.org 2017-09-08 19:54 - 2017-09-08 19:55 - 000000000 ____D C:\Program Files\MKVToolNix 2017-09-08 19:54 - 2017-09-08 19:54 - 017724224 _____ (Moritz Bunkus) C:\Users\Jules Evely\Downloads\mkvtoolnix-64-bit-15.0.0-setup.exe 2017-09-08 10:22 - 2017-09-08 10:23 - 000000000 ____D C:\Users\Jules Evely\Desktop\MKV editor 2017-09-08 10:20 - 2017-09-08 10:20 - 000801365 _____ C:\Users\Jules Evely\Downloads\MKVExtractGUI-1.6.4.1Wizard-1.2.zip 2017-09-07 11:13 - 2017-09-07 11:13 - 000001675 _____ C:\Users\Jules Evely\Downloads\THE.KING.OF.FIGHTERS.XIV.STEAM.EDITION.Update.v1.17-CODEX.torrent 2017-09-06 11:35 - 2017-09-06 11:35 - 000005377 _____ C:\Users\Jules Evely\Downloads\Hellblade.Senuas.Sacrifice.Update.v1.02-BAT.torrent 2017-09-06 09:09 - 2017-09-06 09:09 - 000011979 _____ C:\Users\Jules Evely\Downloads\Pirates.of.the.Caribbean.Dead.Men.Tell.No.Tales.2017.1080p.WEB-DL.6CH.MkvCage.mkv.torrent 2017-09-06 02:29 - 2017-09-06 02:29 - 000049992 _____ (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe 2017-09-06 02:29 - 2017-09-06 02:29 - 000045672 _____ (Dropbox, Inc.) C:\Windows\System32\Drivers\dbx-dev.sys 2017-09-06 02:29 - 2017-09-06 02:29 - 000045640 _____ (Dropbox, Inc.) C:\Windows\System32\Drivers\dbx-stable.sys 2017-09-06 02:29 - 2017-09-06 02:29 - 000045640 _____ (Dropbox, Inc.) C:\Windows\System32\Drivers\dbx-canary.sys 2017-09-05 16:28 - 2017-09-05 16:28 - 000010254 _____ C:\Users\Jules Evely\Downloads\The.Expendables.3.2014.1080p.10bit.HDR.BluRay.5.1.x265.HEVC-MZABI..torrent 2017-09-05 16:28 - 2017-09-05 16:28 - 000007650 _____ C:\Users\Jules Evely\Downloads\The.Expendables.2.2012.1080p.10bit.BluRay.5.1.x265.HEVC-MZABI.mkv.torrent 2017-09-05 11:38 - 2017-09-05 11:39 - 000000000 ____D C:\Users\Jules Evely\Downloads\Impractical.Jokers.S06E21.Silence.of.the.Lame.720p.WEB-DL.AAC2.0.H264-ViSUM[rarbg] 2017-09-05 00:46 - 2017-09-05 00:46 - 000011433 _____ C:\Users\Jules Evely\Downloads\The.Hitmans.Bodyguard.2017.1080p.WEB-DL.6CH.MkvCage.mkv.torrent 2017-09-04 16:56 - 2017-09-04 16:37 - 189109874 _____ C:\Users\Jules Evely\Desktop\Impractical Jokers - S06E21.mp4 2017-09-04 15:35 - 2017-09-04 15:35 - 000009780 _____ C:\Users\Jules Evely\Downloads\Pacific.Rim.2013.1080p.10bit.Bluray.x265.HEVC-MZABI.mkv.torrent 2017-09-04 09:38 - 2017-09-04 09:38 - 078398980 _____ C:\Users\Jules Evely\Downloads\WhatsPad.v2.17.42.T1.6r-80 PTZ.ipa 2017-09-04 09:37 - 2017-09-04 09:37 - 019060760 _____ C:\Users\Jules Evely\Downloads\Impactor_0.9.42.zip 2017-09-04 09:35 - 2017-09-04 09:35 - 070739167 _____ C:\Users\Jules Evely\Downloads\WhatsApp.v2.17.41_v1.6r-83.Duplicate.with.Display.Name PTZ.ipa 2017-09-04 08:54 - 2017-09-04 09:39 - 000000000 ____D C:\Users\Jules Evely\AppData\Roaming\Syncios 2017-09-04 08:54 - 2017-09-04 08:54 - 000000000 ____D C:\Users\Jules Evely\Documents\Syncios 2017-09-04 08:53 - 2017-09-04 08:54 - 000000000 ____D C:\Users\Jules Evely\AppData\Roaming\SyncDroid 2017-09-04 08:53 - 2017-09-04 08:53 - 000001190 _____ C:\Users\Jules Evely\Desktop\Syncios.lnk 2017-09-04 08:53 - 2017-09-04 08:53 - 000000000 ____D C:\Users\Jules Evely\AppData\Roaming\Syncios Data Transfer 2017-09-04 08:52 - 2017-09-04 08:52 - 000000000 ____D C:\Program Files (x86)\Anvsoft 2017-09-04 08:51 - 2017-09-04 08:51 - 089705920 _____ C:\Users\Jules Evely\Downloads\setup_syncios.exe 2017-09-03 17:28 - 2017-09-03 17:28 - 000001646 _____ C:\Users\Jules Evely\Downloads\New Super Mario Bros NDS [A2DE77].torrent 2017-09-01 19:50 - 2017-09-01 19:50 - 000004232 _____ C:\Users\Jules Evely\Downloads\Nex.Machina.Update.v1.04.0032-CODEX.torrent 2017-09-01 19:49 - 2017-09-01 19:49 - 000004461 _____ C:\Users\Jules Evely\Downloads\Nex.Machina.Update.v1.04.0027-CODEX.torrent 2017-09-01 18:37 - 2017-09-01 18:37 - 000005458 _____ C:\Users\Jules Evely\Downloads\Nex.Machina.Update.v1.05.0054-CODEX.torrent 2017-09-01 18:36 - 2017-09-01 18:36 - 000040814 _____ C:\Users\Jules Evely\Downloads\Nex.Machina-CODEX.torrent 2017-08-31 21:30 - 2017-08-31 21:30 - 000037612 _____ C:\Users\Jules Evely\Downloads\Game.Of.Thrones.S07E06.Beyond.The.Wall.720p.AMZN.WEB-DL.DDP5.1.H.264-GoT.torrent 2017-08-30 16:07 - 2017-09-10 20:17 - 000000000 _____ C:\Windows\System32\Drivers\mwac.sys 2017-08-30 16:07 - 2017-09-10 20:17 - 000000000 _____ C:\Windows\System32\Drivers\MBAMSwissArmy.sys 2017-08-30 16:07 - 2017-09-10 20:17 - 000000000 _____ C:\Windows\System32\Drivers\mbam.sys 2017-08-30 16:07 - 2017-09-09 17:07 - 000101824 _____ (Malwarebytes) C:\Windows\System32\Drivers\farflt.sys 2017-08-30 16:07 - 2017-08-30 16:07 - 000192960 _____ (Malwarebytes) C:\Windows\System32\Drivers\MBAMChameleon.sys 2017-08-30 16:06 - 2017-08-30 16:06 - 000000000 ____D C:\Program Files\Malwarebytes 2017-08-30 16:06 - 2017-08-24 07:27 - 000077440 _____ C:\Windows\System32\Drivers\mbae64.sys 2017-08-30 14:11 - 2017-09-09 17:07 - 000008192 _____ C:\Windows\SysWOW64\WDPABKP.dat 2017-08-28 18:59 - 2017-08-28 19:02 - 000000000 ____D C:\Users\Jules Evely\Downloads\Preacher.S02E11.CONVERT.WEB.h264-TBS[rarbg] 2017-08-27 20:53 - 2017-08-27 20:54 - 000000000 ____D C:\Users\Jules Evely\Downloads\Rick.and.Morty.S03E06.HDTV.x264-BATV[rarbg] 2017-08-27 19:35 - 2017-08-27 19:42 - 000000000 ____D C:\Users\Jules Evely\Downloads\Ballers.S03E06.720p.WEB.H264-STRiFE[rarbg] 2017-08-21 18:56 - 2017-08-21 18:57 - 000000000 ____D C:\Users\Jules Evely\Downloads\Preacher.S02E10.HDTV.x264-SVA[rarbg] 2017-08-20 20:54 - 2017-08-20 20:55 - 000000000 ____D C:\Users\Jules Evely\Downloads\Rick.and.Morty.S03E05.HDTV.x264-BATV[rarbg] 2017-08-20 19:20 - 2017-08-20 19:26 - 000000000 ____D C:\Users\Jules Evely\Downloads\Ballers.S03E05.720p.WEB.h264-TBS[rarbg] 2017-08-19 22:36 - 2017-08-19 22:39 - 000000000 ____D C:\Users\Jules Evely\Downloads\Power.S04E09.WEBRip.x264-RARBG 2017-08-18 20:13 - 2017-08-18 20:13 - 000014403 _____ C:\Users\Jules Evely\Downloads\Big.Brother.US.S19E25.HDTV.x264-W4F.torrent 2017-08-18 19:25 - 2017-08-18 19:25 - 000017519 _____ C:\Users\Jules Evely\Downloads\Marvels.The.Defenders.S01.720p.NF.WEB-DL.MkvCage.torrent 2017-08-18 12:56 - 2017-08-18 12:56 - 000009460 _____ C:\Users\Jules Evely\Downloads\Impractical.Jokers-After.Party.S01E03.HDTV.x264-W4F.torrent 2017-08-17 06:30 - 2017-08-17 06:30 - 000005940 _____ C:\Users\Jules Evely\Downloads\Hellblade.Senuas.Sacrifice.Update.v1.01-BAT.torrent 2017-08-16 17:36 - 2017-08-16 17:36 - 000023434 _____ C:\Users\Jules Evely\Downloads\Big.Brother.US.S19E23.720p.HDTV.x264-BAJSKORV.torrent 2017-08-16 09:39 - 2017-08-16 09:39 - 000016958 _____ C:\Users\Jules Evely\Downloads\Goon.Last.of.the.Enforcers.2017.720p.WEB-DL.800MB.MkvCage.mkv.torrent 2017-08-16 09:11 - 2017-08-16 09:11 - 000011508 _____ C:\Users\Jules Evely\Downloads\Marvel's.Thor.-.Ragnarok.Prelude.(001-004)(2017)(digital)(Zone-Empire).torrent 2017-08-16 07:45 - 2017-08-16 09:16 - 558436063 _____ C:\Users\Jules Evely\Downloads\GOTE6.rar 2017-08-15 10:49 - 2017-08-15 10:54 - 001336553 _____ C:\Users\Jules Evely\Documents\IMG_20170815_0003.pdf 2017-08-15 10:49 - 2017-08-15 10:49 - 000399215 _____ C:\Users\Jules Evely\Downloads\Melanie Evely_Resume and Cover Letter, Manager, Global Brand and Advertising.pdf 2017-08-15 10:49 - 2017-08-15 10:49 - 000399215 _____ C:\Users\Jules Evely\Desktop\Melanie Evely_Resume and Cover Letter, Manager, Global Brand and Advertising.pdf 2017-08-15 10:13 - 2017-08-15 10:48 - 002897881 _____ C:\Users\Jules Evely\Documents\IMG_20170815_0002.pdf 2017-08-15 10:08 - 2017-08-15 10:09 - 001149923 _____ C:\Users\Jules Evely\Documents\IMG_20170815_0001.pdf 2017-08-15 06:14 - 2017-08-15 06:14 - 000019160 _____ C:\Users\Jules Evely\Downloads\Baywatch.2017.1080p.WEB-DL.6CH.MkvCage.mkv.torrent ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-09-13 20:27 - 2017-06-30 07:32 - 000000000 ____D C:\users\UpdatusUser 2017-09-13 20:27 - 2017-06-30 07:32 - 000000000 ____D C:\users\Mcx1-UNICRON 2017-09-13 20:26 - 2017-06-30 07:32 - 000000000 ____D C:\users\Jules Evely 2017-09-13 20:26 - 2017-03-18 18:49 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2017-09-13 20:26 - 2017-03-18 13:03 - 000000000 ___SD C:\Windows\SysWOW64\F12 2017-09-13 20:26 - 2017-03-18 13:03 - 000000000 ___SD C:\Windows\System32\F12 2017-09-13 20:26 - 2017-03-18 13:03 - 000000000 ____D C:\Windows\SysWOW64\setup 2017-09-13 20:26 - 2017-03-18 13:03 - 000000000 ____D C:\Windows\System32\WinBioPlugIns 2017-09-13 20:26 - 2017-03-18 13:03 - 000000000 ____D C:\Windows\System32\setup 2017-09-13 20:26 - 2017-03-18 13:03 - 000000000 ____D C:\Windows\System32\migwiz 2017-09-13 20:26 - 2017-03-18 13:03 - 000000000 ____D C:\Windows\ShellExperiences 2017-09-13 20:26 - 2017-03-18 13:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2017-09-13 20:26 - 2017-03-18 13:03 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2017-09-13 20:26 - 2017-03-18 13:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2017-09-13 20:26 - 2017-03-18 13:01 - 000000000 ____D C:\Windows\INF 2017-09-13 20:26 - 2017-03-18 03:40 - 000000000 ____D C:\Windows\System32\Sysprep 2017-09-13 20:26 - 2016-07-07 05:26 - 000000000 ____D C:\ProgramData\Hadouken 2017-09-13 20:26 - 2015-12-04 16:59 - 000000000 ____D C:\Users\Jules Evely\AppData\Roaming\uTorrent 2017-09-13 20:21 - 2017-03-18 13:03 - 000000000 ___HD C:\Program Files\WindowsApps 2017-09-13 20:14 - 2017-03-18 13:03 - 000000000 ____D C:\Windows\registration 2017-09-13 20:13 - 2017-03-18 13:03 - 000000000 ____D C:\Windows\SystemResources 2017-09-13 20:13 - 2017-03-18 13:03 - 000000000 ____D C:\Windows\IME 2017-09-13 20:13 - 2015-03-25 11:43 - 000000000 ____D C:\ProgramData\NzbDrone 2017-09-13 13:10 - 2013-01-08 11:35 - 000000000 ____D C:\Users\Jules Evely\AppData\Local\Apple 2017-09-13 12:17 - 2017-06-30 07:25 - 000000000 ____D C:\Windows\System32\SleepStudy 2017-09-13 09:34 - 2017-06-30 08:24 - 000004164 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{42E18B57-9E07-4F42-922C-DA28389F3D4F} 2017-09-13 08:54 - 2017-07-24 14:02 - 000003668 _____ C:\Windows\System32\Tasks\AVG EUpdate Task 2017-09-13 05:37 - 2016-01-01 13:29 - 000000000 ____D C:\Users\Jules Evely\AppData\Roaming\CDisplayEx 2017-09-13 05:35 - 2013-02-14 13:32 - 000000000 ____D C:\Users\Jules Evely\Downloads\uTorrent DL 2017-09-12 23:45 - 2017-03-18 13:03 - 000000000 ____D C:\Windows\AppReadiness 2017-09-12 20:54 - 2013-01-07 15:35 - 000000000 ____D C:\ProgramData\LogMeIn 2017-09-12 19:59 - 2015-09-14 17:19 - 000000000 ____D C:\Windows\System32\MRT 2017-09-12 19:54 - 2012-06-02 06:42 - 138202976 ____C (Microsoft Corporation) C:\Windows\System32\MRT.exe 2017-09-12 19:49 - 2017-03-18 12:51 - 000000000 ____D C:\Windows\CbsTemp 2017-09-12 13:34 - 2013-12-21 14:02 - 000000000 ____D C:\ProgramData\Package Cache 2017-09-12 13:28 - 2013-11-05 12:52 - 000000000 ____D C:\Users\Jules Evely\AppData\Roaming\vlc 2017-09-12 07:21 - 2017-05-22 16:08 - 000000000 ____D C:\Users\Jules Evely\AppData\Roaming\USB_HELPER 2017-09-11 11:00 - 2015-09-27 17:18 - 000000000 ____D C:\ProgramData\CanonIJPLM 2017-09-10 18:05 - 2017-05-22 16:02 - 000000715 _____ C:\Users\Jules Evely\Desktop\WiiU_USB_Helper.lnk 2017-09-10 10:41 - 2014-04-13 17:26 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2017-09-09 17:06 - 2017-06-30 08:24 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2017-09-09 03:07 - 2017-07-26 15:00 - 000003374 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3937851932-3397508876-3090429362-1000 2017-09-09 03:07 - 2016-07-25 04:11 - 000000000 ___RD C:\Users\Jules Evely\OneDrive 2017-09-09 02:27 - 2017-06-30 07:25 - 000269488 _____ C:\Windows\System32\FNTCACHE.DAT 2017-09-08 20:13 - 2017-03-18 13:03 - 000000000 ____D C:\Windows\LiveKernelReports 2017-09-08 17:07 - 2015-05-31 16:36 - 000000000 ____D C:\Program Files (x86)\Dropbox 2017-09-04 08:54 - 2016-03-22 04:38 - 000000000 ____D C:\Users\Jules Evely\.android 2017-09-02 07:15 - 2017-03-18 13:06 - 000835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-09-02 07:15 - 2017-03-18 13:06 - 000177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-08-30 14:09 - 2017-03-18 03:40 - 004456448 _____ C:\Windows\System32\config\BBI Some files in TEMP: ==================== 2017-09-13 08:08 - 2017-09-13 08:08 - 001385488 _____ (Oracle) C:\Users\Jules Evely\AppData\Local\Temp\lCoBrowseNet.exe 2017-09-04 09:02 - 2017-09-04 09:39 - 000000000 ____D () C:\Users\Jules Evely\AppData\Local\Temp\Syncios.exe 2017-09-04 09:02 - 2017-09-11 04:01 - 000000000 ____D () C:\Users\Jules Evely\AppData\Local\Temp\SynciosDeviceService.exe 2017-09-13 08:08 - 2017-09-13 08:08 - 000225792 ____N () C:\Users\Jules Evely\AppData\Local\Temp\wperfenhancer.dll ==================== Known DLLs (Whitelisted) ========================= ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe [2017-07-11 23:48] - [2017-07-06 22:12] - 000706560 _____ (Microsoft Corporation) 31E3287EF6D97C5864A301CEA75BBBA1 C:\Windows\System32\wininit.exe [2017-08-08 11:43] - [2017-07-27 21:14] - 000318232 _____ (Microsoft Corporation) 0242626678C83AE788C655C1990A3CC3 C:\Windows\explorer.exe [2017-07-11 23:48] - [2017-06-19 22:04] - 004847424 _____ (Microsoft Corporation) CA3BF0F15BA4F24D511BFEE725CC89BD C:\Windows\SysWOW64\explorer.exe [2017-07-11 23:49] - [2017-06-19 21:08] - 004469840 _____ (Microsoft Corporation) FC1145751AC6E4FF1656381BB09A5AA3 C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe [2017-08-08 11:43] - [2017-07-27 21:09] - 000527976 _____ (Microsoft Corporation) C81F9707DEA008EED4071B5A39B7C76E C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll [2017-06-30 11:19] - [2017-06-30 11:19] - 001085440 _____ (Microsoft Corporation) 0E79A4C76CAAA0CFE9CA42C13E5AA086 C:\Windows\System32\dnsapi.dll => MD5 is legit C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys [2017-03-18 12:57] - [2017-03-18 12:57] - 000397216 _____ (Microsoft Corporation) E3429DBBEA3965BB96E24B16EF4A2551 BCD (recoveryenabled=No -> recoveryenabled=Yes) <==== restored successfully ==================== Association (Whitelisted) ============= ==================== Restore Points ========================= Restore point date: 2017-09-13 21:55 ==================== Memory info =========================== Percentage of memory in use: 21% Total physical RAM: 4079.09 MB Available physical RAM: 3192.97 MB Total Virtual: 4079.09 MB Available Virtual: 3236.38 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:930.97 GB) (Free:25.6 GB) NTFS Drive d: (Corsair) (Removable) (Total:30.08 GB) (Free:2.55 GB) NTFS Drive f: () (Fixed) (Total:0.44 GB) (Free:0.07 GB) NTFS Drive m: (J_CENA_X64FREV_EN-US_DV5) (CDROM) (Total:3.59 GB) (Free:0 GB) UDF Drive x: (Boot) (Fixed) (Total:0.5 GB) (Free:0.49 GB) NTFS Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.05 GB) NTFS ==>[system with boot components (obtained from drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 8BE22F67) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) ======================================================== Disk: 1 (Size: 30.1 GB) (Disk ID: 6E697373) No partition Table on disk 1. LastRegBack: 2017-09-05 10:14 ==================== End of FRST.txt ============================