Heya-
What's odd to me is after I restarted with the fixlog, my PC went into update mode. Problem is, I have my updates set to let me choose when to update, so I'm never prompted for it.
I came back after the restart, and decided to check google browsers task manager (just through Shift+Esc). I noticed 'Jumbosale' as an extension. Googled it, and it seems to be adware. This extension never shows in my chrome extensions list either.
Aside from that, I did receive pop ups this afternoon (twice) as I had when I started the thread. It seems like the pop up goes dormant for a while, then pops once I think it's fixed.
FixLog
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-04-2015 01
Ran by Chickita at 2015-04-19 21:44:03 Run:3
Running from C:\Users\Angel\Desktop
Loaded Profiles: Chickita (Available profiles: Chickita & music_000 & Administrator)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
CreateRestorePoint:
2015-03-17 17:11 - 2015-03-24 17:11 - 00000000 ____D () C:\WINDOWS\System32\Tasks\NCH Software
2015-03-17 17:11 - 2015-03-17 17:11 - 00000000 ____D () C:\Users\Angel\AppData\Roaming\NCH Software
2015-03-17 17:11 - 2015-03-17 17:11 - 00000000 ____D () C:\ProgramData\NCH Software
2015-03-17 17:10 - 2015-03-17 17:10 - 00000000 ____D () C:\Program Files (x86)\NCH Software
C:\Users\Angel\Dropbox\.dropbox.cache\2014-11-25\DAEMON Tools Ultra 2.2.0.0226 Incl Activator (deleted 991b08ea5ac123d57612d7761d5f581d).rar
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state on
Hosts:
EmptyTemp:
*****************
Restore point was successfully created.
C:\WINDOWS\System32\Tasks\NCH Software => Moved successfully.
"C:\Users\Angel\AppData\Roaming\NCH Software" => File/Directory not found.
C:\ProgramData\NCH Software => Moved successfully.
C:\Program Files (x86)\NCH Software => Moved successfully.
C:\Users\Angel\Dropbox\.dropbox.cache\2014-11-25\DAEMON Tools Ultra 2.2.0.0226 Incl Activator (deleted 991b08ea5ac123d57612d7761d5f581d).rar => Moved successfully.
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
0 out of 0 jobs canceled.
========= End of CMD: =========
========= netsh advfirewall reset =========
Ok.
========= End of CMD: =========
========= netsh advfirewall set allprofiles state on =========
Ok.
========= End of CMD: =========
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 839.3 MB temporary data.
The system needed a reboot.
==== End of Fixlog 21:45:25 ====
FRSTLog
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-04-2015 01
Ran by Chickita (administrator) on TOUCH on 19-04-2015 22:00:24
Running from C:\Users\Angel\Desktop
Loaded Profiles: Chickita (Available profiles: Chickita & music_000 & Administrator)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IvoSoft) C:\Program Files\Classic Shell\ClassicShellService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Synergy\synergyd.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
() C:\Program Files\Synergy\synergyc.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Dropbox, Inc.) C:\Users\Angel\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188552 2013-05-27] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3053808 2013-04-24] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-05-22] (CyberLink Corp.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-05-03] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058880 2013-03-28] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [503392 2013-06-25] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863840 2013-06-25] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-24] (Hewlett-Packard Company)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3257919228-2720765789-3481981865-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-08-27] (TomTom)
HKU\S-1-5-21-3257919228-2720765789-3481981865-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-3257919228-2720765789-3481981865-1001\...\RunOnce: [Adobe Speed Launcher] => 1429494791
Startup: C:\Users\Angel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-02-25]
ShortcutTarget: Dropbox.lnk -> C:\Users\Angel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Angel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk [2014-07-03]
ShortcutTarget: PalTalk.lnk -> C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
Startup: C:\Users\Angel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-02-25]
ShortcutTarget: Dropbox.lnk -> C:\Users\Angel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Angel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk [2014-07-03]
ShortcutTarget: PalTalk.lnk -> C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Angel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Angel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Angel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Angel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-06-29] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Angel\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Angel\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Angel\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Angel\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-06-29] (IvoSoft)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-3257919228-2720765789-3481981865-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://g.msn.com/HPNOT13/1
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-06-29] (IvoSoft)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO: ClassicIE9BHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll [2013-06-29] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-06-29] (IvoSoft)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-30] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-30] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: ClassicIE9BHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll [2013-06-29] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-06-29] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-06-29] (IvoSoft)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
FireFox:
========
FF ProfilePath: C:\Users\Angel\AppData\Roaming\Mozilla\Firefox\Profiles\1hr1rfhe.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: provocraft.com/Cricut -> C:\Program Files (x86)\CricutDesignSpace\NPAPI\npCricut64.dll [2015-02-12] (Provo Craft)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-08] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-04-30] (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @nielsen/FirefoxTracker -> C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\npfirefoxtracker.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-12-12] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: provocraft.com/Cricut -> C:\Program Files (x86)\CricutDesignSpace\NPAPI\npCricut32.dll [2015-02-12] (Provo Craft)
FF Plugin HKU\S-1-5-21-3257919228-2720765789-3481981865-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Angel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-20] (Unity Technologies ApS)
FF Extension: WOT - C:\Users\Angel\AppData\Roaming\Mozilla\Firefox\Profiles\1hr1rfhe.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-04-30]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-12-09]
Chrome:
=======
CHR Profile: C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (WOT) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-04-16]
CHR Extension: (Adblock Plus) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-04-16]
CHR Extension: (iJobs) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Default\Extensions\eheojjealhkockchdkldbpcdalaeelhk [2014-12-29]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-18]
CHR Extension: (Gamers Unite! Snag Bar) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncmdmcjifbkefpaijakdbgfjbpaonjhg [2015-04-18]
CHR Extension: (Google Wallet) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-29]
CHR Profile: C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-29]
CHR Extension: (Google Docs) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-29]
CHR Extension: (Google Drive) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-29]
CHR Extension: (WOT) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-12-29]
CHR Extension: (YouTube) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-29]
CHR Extension: (Google Search) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-29]
CHR Extension: (Google Sheets) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-29]
CHR Extension: (Bookmark Manager) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-18]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-28]
CHR Extension: (Skype Click to Call) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-12-29]
CHR Extension: (Google Wallet) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-29]
CHR Extension: (Gmail) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-29]
CHR Profile: C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Slides) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-29]
CHR Extension: (Google Docs) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-29]
CHR Extension: (Google Drive) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-29]
CHR Extension: (WOT) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-12-29]
CHR Extension: (YouTube) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-29]
CHR Extension: (Google Search) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-29]
CHR Extension: (Google Sheets) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-29]
CHR Extension: (Skype Click to Call) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-12-29]
CHR Extension: (Google Wallet) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-29]
CHR Extension: (Gmail) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-29]
CHR Profile: C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 3
CHR Extension: (Google Slides) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-29]
CHR Extension: (Awesome Screenshot: Capture, Annotate & Share) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\alelhddbbhepgpmgidjdcjakblofbmce [2015-02-18]
CHR Extension: (Google Docs) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-29]
CHR Extension: (Google Drive) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-29]
CHR Extension: (Points2Shop Browser Extension.) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bbbbliedlnjachkkebhmeiohgmjdholb [2014-12-29]
CHR Extension: (Language Immersion for Chrome) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bedbecnakfcpmkpddjfnfihogkaggkhl [2014-12-29]
CHR Extension: (WOT) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-12-29]
CHR Extension: (YouTube) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-29]
CHR Extension: (Adblock Plus) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-20]
CHR Extension: (Google Search) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-29]
CHR Extension: (High Contrast) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\djcfdncoelnlbldjfhinnjlhdjlikmph [2014-12-29]
CHR Extension: (Type Scout - Faster Typing!
) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\fedokkaolmkkoeedicihicdeppjjeamj [2014-12-29]
CHR Extension: (Google Sheets) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-29]
CHR Extension: (Clean Page) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\fleeljamdfijonnbpoginfaldhmcfjpb [2014-12-29]
CHR Extension: (Classic Games) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gbofnbeakdognkanffmpldbjgkblljkh [2014-12-29]
CHR Extension: (Bookmark Manager) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-17]
CHR Extension: (Google Keep - notes and lists) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2014-12-29]
CHR Extension: (90`s Games) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\illbbfoihflomkbpcaaakhijinbnejom [2014-12-29]
CHR Extension: (Panel View for Keep) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\jccocffecajimkdjgfpjhlpiimcnadhb [2014-12-29]
CHR Extension: (Business Group Chat, IM, Video) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\kaihkcjnihngieifeajeemhpdfeaoojd [2014-12-29]
CHR Extension: (Eat24 Food Delivery) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\kdcebgioldnnilbfdpchgkkhjjhikogh [2014-12-29]
CHR Extension: (Personal Trainer) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\kmgohkgndpahjklgpdihieeedjeneoke [2014-12-29]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-19]
CHR Extension: (ClearCheckbook Money Management) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ncgheejpeplfmifkibfifpdhceopaifp [2014-12-29]
CHR Extension: (SendHub - Business Phone System) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nlijkadphehijfiiigjeklnlnknmmped [2014-12-29]
CHR Extension: (Google Wallet) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-29]
CHR Extension: (BarStack) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\padbgeneiphpcpfhebhcglaocmncmjfc [2014-12-29]
CHR Extension: (Gmail) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-29]
CHR Profile: C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 4
CHR Extension: (Google Slides) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-13]
CHR Extension: (Google Docs) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-13]
CHR Extension: (Google Drive) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-13]
CHR Extension: (YouTube) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-13]
CHR Extension: (Google Search) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-13]
CHR Extension: (Google Sheets) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-13]
CHR Extension: (No Name) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-05]
CHR Extension: (Skype Click to Call) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-01-13]
CHR Extension: (Google Wallet) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-13]
CHR Extension: (Gmail) - C:\Users\Angel\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-13]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-3257919228-2720765789-3481981865-1001) OperaMail - "C:\Users\Angel\AppData\Local\Opera Mail\OperaMail.exe"
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [68608 2013-06-29] (IvoSoft) [File not signed]
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-06-25] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [294664 2013-06-25] (CyberLink)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-06-07] (Hewlett-Packard Company) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-05-03] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-08] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-05-08] (Intel Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [245832 2013-05-17] (Realtek Semiconductor)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 Synergy; C:\Program Files\Synergy\synergyd.exe [313856 2014-12-02] () [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448464 2015-03-30] (TeamViewer GmbH)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-03-27] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
S3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [408136 2013-05-08] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2944216 2013-08-21] (Realtek Semiconductor Corporation )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29424 2013-04-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-04-24] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-19 22:00 - 2015-04-19 22:01 - 00033780 _____ () C:\Users\Angel\Desktop\FRST.txt
2015-04-19 21:49 - 2015-04-19 21:49 - 00001136 _____ () C:\WINDOWS\PFRO.log
2015-04-19 21:46 - 2015-04-19 21:46 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-04-19 07:07 - 2015-04-19 08:04 - 00000198 _____ () C:\Users\Angel\Desktop\sewing and work fingerprints.txt
2015-04-19 06:29 - 2015-04-19 06:29 - 00072116 _____ () C:\Users\Angel\Desktop\Jmk192
2015-04-19 04:56 - 2015-04-19 04:56 - 00000461 _____ () C:\Users\Angel\Desktop\lol.txt
2015-04-19 03:02 - 2015-04-19 03:02 - 00000593 _____ () C:\Users\Angel\Desktop\eset.txt
2015-04-19 00:35 - 2015-04-19 00:35 - 02347384 _____ (ESET) C:\Users\Angel\Desktop\esetsmartinstaller_enu.exe
2015-04-19 00:28 - 2015-04-19 03:03 - 00001219 _____ () C:\Users\Angel\Desktop\1.txt
2015-04-19 00:28 - 2015-04-19 00:28 - 00001042 _____ () C:\Users\Angel\Desktop\2.txt
2015-04-18 23:44 - 2015-04-18 23:44 - 00000237 _____ () C:\Users\Angel\Desktop\Brindille_&_Twig_mailing_list.vcf
2015-04-18 17:33 - 2015-04-18 20:19 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-04-18 17:33 - 2015-04-18 17:33 - 00001125 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-18 17:33 - 2015-04-18 17:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-18 17:33 - 2015-04-18 17:33 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-18 17:33 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-04-18 17:33 - 2015-03-17 06:15 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-04-18 17:33 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-04-18 17:32 - 2015-04-18 17:32 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Angel\Desktop\mbam-setup-2.1.4.1018.exe
2015-04-18 05:35 - 2015-04-18 05:35 - 00000024 _____ () C:\Users\Angel\Desktop\dr.txt
2015-04-16 22:02 - 2015-04-16 22:07 - 00000000 ____D () C:\Users\Angel\Desktop\New folder (2)
2015-04-16 21:45 - 2015-04-16 21:45 - 00000732 _____ () C:\Users\Angel\Desktop\JRT.txt
2015-04-16 21:43 - 2015-04-16 21:43 - 00000207 _____ () C:\WINDOWS\tweaking.com-regbackup-TOUCH-Windows-8.1-(64-bit).dat
2015-04-16 21:43 - 2015-04-16 21:43 - 00000000 ____D () C:\RegBackup
2015-04-16 21:42 - 2015-04-16 21:42 - 02217984 _____ () C:\Users\Angel\Desktop\adwcleaner_4.201.exe
2015-04-16 21:41 - 2015-04-18 05:36 - 00000141 _____ () C:\Users\Angel\Desktop\grocery list.txt
2015-04-16 21:41 - 2015-04-16 21:41 - 02686137 _____ (Thisisu) C:\Users\Angel\Desktop\JRT.exe
2015-04-16 11:33 - 2015-04-19 17:12 - 00000000 ____D () C:\Users\Angel\Desktop\Expressions Recordings
2015-04-16 11:31 - 2015-04-16 11:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2015-04-16 11:31 - 2015-04-16 11:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Expression
2015-04-16 11:02 - 2015-04-16 11:02 - 00000000 ____D () C:\Users\Angel\Documents\Expression
2015-04-16 03:41 - 2015-04-19 21:49 - 00000308 _____ () C:\WINDOWS\setupact.log
2015-04-16 03:41 - 2015-04-16 03:41 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-04-16 03:20 - 2015-04-16 03:20 - 00000000 ____D () C:\Users\Angel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-04-15 20:19 - 2015-04-19 21:46 - 01590861 _____ () C:\WINDOWS\WindowsUpdate.log
2015-04-15 18:21 - 2015-04-19 21:43 - 00000000 ____D () C:\Users\Angel\Desktop\FRST-OlderVersion
2015-04-15 03:54 - 2015-04-15 03:54 - 00037789 _____ () C:\Users\Angel\Downloads\view_order.htm
2015-04-14 19:43 - 2015-03-14 04:20 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-04-14 19:43 - 2015-03-14 04:13 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-04-14 19:42 - 2015-03-22 18:45 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-04-14 19:42 - 2015-03-22 18:09 - 01111552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-04-14 19:42 - 2015-03-22 18:09 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-04-14 19:42 - 2015-03-22 18:09 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-04-14 19:42 - 2015-03-22 18:09 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-04-14 19:42 - 2015-03-22 18:09 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-04-14 19:42 - 2015-03-22 18:09 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-04-14 19:42 - 2014-12-02 19:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-04-14 19:41 - 2015-03-23 17:59 - 07476032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-04-14 19:41 - 2015-03-23 17:59 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-04-14 19:41 - 2015-03-23 17:59 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2015-04-14 19:41 - 2015-03-23 17:58 - 01498872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-04-14 19:41 - 2015-03-23 17:45 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2015-04-14 19:41 - 2015-03-20 00:12 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2015-04-14 19:41 - 2015-03-20 00:10 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-04-14 19:41 - 2015-03-20 00:10 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-04-14 19:41 - 2015-03-19 23:17 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe
2015-04-14 19:41 - 2015-03-19 22:41 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe
2015-04-14 19:41 - 2015-03-19 22:40 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-04-14 19:41 - 2015-03-19 22:16 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-04-14 19:41 - 2015-03-14 04:54 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-04-14 19:41 - 2015-03-13 21:56 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-04-14 19:41 - 2015-03-13 21:56 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-04-14 19:41 - 2015-03-13 21:51 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-04-14 19:41 - 2015-03-13 21:37 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-04-14 19:41 - 2015-03-13 21:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-04-14 19:41 - 2015-03-13 20:22 - 03678720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-04-14 19:41 - 2015-03-13 20:12 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-04-14 19:41 - 2015-03-13 20:12 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-04-14 19:41 - 2015-03-13 20:09 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-04-14 19:41 - 2015-03-13 20:08 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-04-14 19:41 - 2015-03-13 20:08 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-04-14 19:41 - 2015-03-13 20:06 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-04-14 19:41 - 2015-03-13 20:06 - 00891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-04-14 19:41 - 2015-03-13 20:02 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-04-14 19:41 - 2015-03-13 20:02 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-04-14 19:41 - 2015-03-13 19:59 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-04-14 19:41 - 2015-03-13 19:59 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-04-14 19:41 - 2015-03-13 00:32 - 24980480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-04-14 19:41 - 2015-03-13 00:08 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-04-14 19:41 - 2015-03-13 00:07 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-04-14 19:41 - 2015-03-12 23:53 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-04-14 19:41 - 2015-03-12 23:50 - 06025216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-04-14 19:41 - 2015-03-12 23:42 - 19695616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-04-14 19:41 - 2015-03-12 23:28 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-04-14 19:41 - 2015-03-12 23:26 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-04-14 19:41 - 2015-03-12 23:22 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-04-14 19:41 - 2015-03-12 23:17 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-04-14 19:41 - 2015-03-12 23:16 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-04-14 19:41 - 2015-03-12 23:08 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-04-14 19:41 - 2015-03-12 23:07 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-04-14 19:41 - 2015-03-12 23:00 - 14397440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-04-14 19:41 - 2015-03-12 22:58 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-04-14 19:41 - 2015-03-12 22:50 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-04-14 19:41 - 2015-03-12 22:49 - 04305408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-04-14 19:41 - 2015-03-12 22:45 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-04-14 19:41 - 2015-03-12 22:44 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-04-14 19:41 - 2015-03-12 22:37 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-04-14 19:41 - 2015-03-12 22:34 - 12825600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-04-14 19:41 - 2015-03-12 22:33 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-04-14 19:41 - 2015-03-12 22:22 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-04-14 19:41 - 2015-03-12 22:20 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-04-14 19:41 - 2015-03-12 22:16 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-04-14 19:41 - 2015-03-12 22:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-04-14 19:41 - 2015-03-04 06:25 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2015-04-14 19:41 - 2015-03-03 23:04 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2015-04-14 19:41 - 2015-03-03 22:19 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2015-04-14 19:41 - 2015-02-24 04:32 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2015-04-14 19:41 - 2015-02-20 19:49 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-04-13 17:00 - 2015-04-19 21:43 - 02098176 _____ (Farbar) C:\Users\Angel\Desktop\FRST64.exe
2015-04-10 22:11 - 2015-04-10 22:45 - 00000000 ____D () C:\Users\Angel\Desktop\New folder
2015-04-04 16:38 - 2015-04-04 16:40 - 00000000 ___SD () C:\WINDOWS\system32\GWX
2015-04-04 16:38 - 2015-04-04 16:38 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX
2015-04-04 13:49 - 2015-04-04 13:49 - 00307635 _____ () C:\Users\Angel\Downloads\AC26.tmp
2015-04-03 02:28 - 2015-04-15 18:36 - 00000000 ____D () C:\Users\Angel\Desktop\Patterns
2015-04-03 02:22 - 2015-04-03 02:22 - 17237168 _____ (Adobe Systems Incorporated) C:\Users\Angel\Downloads\flashplayer17_install_win_ppapi.exe
2015-04-03 02:21 - 2015-04-03 02:21 - 00002071 _____ () C:\Users\Angel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileHippo App Manager.lnk
2015-04-03 02:21 - 2015-04-03 02:21 - 00000000 ____D () C:\ProgramData\IsolatedStorage
2015-04-03 02:21 - 2015-04-03 02:21 - 00000000 ____D () C:\Program Files (x86)\FileHippo.com
2015-04-02 16:20 - 2015-04-03 14:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-03-30 00:26 - 2015-03-30 00:30 - 00000240 _____ () C:\Users\Angel\Desktop\Andrew Issues.txt
2015-03-27 14:37 - 2015-04-19 22:00 - 00000000 ____D () C:\FRST
2015-03-26 14:03 - 2015-03-26 16:31 - 00000052 _____ () C:\Users\Angel\Desktop\training admins.txt
2015-03-26 13:53 - 2015-04-15 18:44 - 00000000 ____D () C:\Users\Angel\Desktop\DT 3-26
2015-03-20 13:56 - 2015-03-20 13:56 - 00002443 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synergy.lnk
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-19 22:00 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-04-19 21:56 - 2014-02-13 14:25 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3257919228-2720765789-3481981865-1001
2015-04-19 21:52 - 2014-02-25 17:06 - 00000000 ___RD () C:\Users\Angel\Dropbox
2015-04-19 21:52 - 2014-02-25 17:04 - 00000000 ____D () C:\Users\Angel\AppData\Roaming\Dropbox
2015-04-19 21:52 - 2014-02-11 03:33 - 00000914 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-19 21:49 - 2013-08-22 10:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-19 21:48 - 2013-08-22 09:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-04-19 21:46 - 2015-03-16 09:27 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-04-19 21:38 - 2014-12-29 00:38 - 00000931 _____ () C:\WINDOWS\Tasks\EPSON WF-3640 Series Update {2DC22777-583D-4A73-A030-4F01BB34E280}.job
2015-04-19 21:38 - 2014-12-29 00:38 - 00000745 _____ () C:\WINDOWS\Tasks\EPSON WF-3640 Series Invitation {2DC22777-583D-4A73-A030-4F01BB34E280}.job
2015-04-19 21:30 - 2014-04-02 14:15 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-04-19 21:14 - 2014-02-11 03:33 - 00000918 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-19 14:34 - 2015-03-16 08:53 - 00000020 _____ () C:\Users\Angel\AppData\Roaming\appdataFr3.bin
2015-04-19 08:16 - 2015-02-19 05:22 - 00000000 ____D () C:\Users\Angel\Desktop\Mom
2015-04-18 18:01 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-04-17 21:11 - 2015-02-13 18:03 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-04-16 23:42 - 2014-03-20 19:54 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-04-16 23:35 - 2014-03-20 19:54 - 128913832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-04-16 23:34 - 2012-07-26 03:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-04-16 23:33 - 2014-03-14 02:22 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-16 23:33 - 2014-03-14 02:22 - 00000000 ____D () C:\ProgramData\Skype
2015-04-16 21:52 - 2014-07-24 18:41 - 00000000 ____D () C:\AdwCleaner
2015-04-16 03:38 - 2015-02-18 06:27 - 00003124 _____ () C:\WINDOWS\System32\Tasks\{CB469D6F-0D55-40B6-9398-EBDD32F74754}
2015-04-15 18:26 - 2014-02-11 03:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-15 18:19 - 2014-02-23 03:57 - 00000000 ____D () C:\Users\Angel\AppData\Roaming\uTorrent
2015-04-15 16:58 - 2014-02-25 17:05 - 00000000 ____D () C:\Users\Angel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-14 19:10 - 2014-11-12 06:09 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2015-04-14 12:30 - 2014-04-02 14:15 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-04-13 19:24 - 2013-08-22 11:38 - 00792056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-04-13 19:24 - 2013-08-22 11:38 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-04 16:31 - 2014-12-29 02:33 - 00000000 ____D () C:\Users\Angel\Desktop\DT
2015-04-02 12:44 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-04-02 11:17 - 2015-02-13 18:03 - 00000909 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-03-31 20:57 - 2014-02-20 18:44 - 00000000 ____D () C:\Program Files\CCleaner
2015-03-30 04:03 - 2012-07-26 04:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2015-03-29 02:49 - 2015-03-18 11:34 - 00000000 ____D () C:\Users\Angel\AppData\Roaming\TeamViewer
2015-03-28 19:10 - 2013-11-14 03:28 - 00958356 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-27 17:26 - 2015-02-06 20:21 - 00000000 ____D () C:\Program Files (x86)\CricutDesignSpace
2015-03-20 13:56 - 2014-03-13 04:58 - 00000000 ____D () C:\Program Files\Synergy
2015-03-20 13:36 - 2014-02-11 03:33 - 00000000 ____D () C:\Program Files (x86)\Google
==================== Files in the root of some directories =======
2015-03-16 08:53 - 2015-04-19 14:34 - 0000020 _____ () C:\Users\Angel\AppData\Roaming\appdataFr3.bin
2014-06-01 01:28 - 2014-06-01 01:28 - 0000017 _____ () C:\Users\Angel\AppData\Local\resmon.resmoncfg
Some content of TEMP:
====================
C:\Users\Angel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpujxgdb.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-17 06:30
==================== End Of Log ============================
AdditionLog
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-04-2015 01
Ran by Chickita at 2015-04-19 22:01:39
Running from C:\Users\Angel\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Airport Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Anki (HKLM-x32\...\Anki) (Version: - )
Any Video Converter 5.5.8 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.97 - WildTangent) Hidden
Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
Classic Shell (HKLM\...\{FEA1590B-540A-41FC-A95C-664493C82A21}) (Version: 3.6.8 - IvoSoft)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Cricut Design Space (HKLM-x32\...\Cricut Design Space 1.000) (Version: 2.0.0.2 - Provo Craft & Novelty, Inc.)
Curse at Twilight (x32 Version: 3.0.2.32 - WildTangent) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4.6515 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.4.2928 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.2.4128 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.4.3026 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.4.3021 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.1.3024 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.1.2922 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dropbox (HKU\S-1-5-21-3257919228-2720765789-3481981865-1001\...\Dropbox) (Version: 3.4.4 - Dropbox, Inc.)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
EPSON Connect version 1.0 (HKLM-x32\...\EPSON Connect_is1) (Version: 1.0 - Epson America Inc.)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.7.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{116DBCAF-9544-4592-9156-AC99F6C2D426}) (Version: 3.10.0016 - Seiko Epson Corporation)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.42.00 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON WF-3640 Series Printer Uninstall (HKLM\...\EPSON WF-3640 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version: - FileHippo.com)
Five Nights at Freddy's (HKLM-x32\...\Steam App 319510) (Version: - Scott Cawthon)
Gamers Unite! Snag Bar (HKU\S-1-5-21-3257919228-2720765789-3481981865-1001\...\Gamers Unite! Snag Bar) (Version: - )
GimpShop 2.8 (HKLM-x32\...\{3F1C9552-58E0-4AAC-A616-AE3A28720EC6}) (Version: 2.8 - GimpShop)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
House of 1000 Doors: Family Secrets (x32 Version: 2.2.0.98 - WildTangent) Hidden
HP 3D DriveGuard (HKLM-x32\...\{07F6DC37-0857-4B68-A675-4E35989E85E3}) (Version: 6.0.15.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{59F8C5AA-91BD-423D-BF05-09A80F39898F}) (Version: 2.10.62 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{61245005-66F1-4001-AEE8-2E2D36F65C28}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6838.4521 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{C88F84E5-AE23-44BD-922C-2ABEACACAF7A}) (Version: 7.2.23.56 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{E35601C0-BA8E-4F32-919A-C7EF4CA81F67}) (Version: 11.51.0048 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{1C5BBAD8-4079-4014-8803-751333FBC112}) (Version: 1.0.8 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{A48BD764-CFDF-40A5-A07A-710908044F5D}) (Version: 2.2.2 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
iFree Skype Recorder 6.0.15 (HKLM-x32\...\iFree Skype Recorder) (Version: 6.0.15 - iFree Skype Recorder)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
join.me (HKU\S-1-5-21-3257919228-2720765789-3481981865-1001\...\JoinMe) (Version: 1.20.0.116 - LogMeIn, Inc.)
Jolicloud USB Creator 1.2.1 (HKLM-x32\...\Jolicloud USB Creator_is1) (Version: 1.2.1 - Jolicloud)
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Mahjongg Dimensions Deluxe: Tiles in Time (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft Expression Encoder 3 (HKLM-x32\...\Encoder_3.0.1332.0) (Version: 3.0.1332.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3257919228-2720765789-3481981865-1001\...\OneDriveSetup.exe) (Version: 17.0.4029.0217 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
mIRC (HKLM-x32\...\mIRC) (Version: 7.32 - mIRC Co. Ltd.)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 36.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 en-US)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.1 - Mozilla)
Mozilla Thunderbird 31.6.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 31.6.0 (x86 en-US)) (Version: 31.6.0 - Mozilla)
Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
Opera Mail 1.0 (HKU\S-1-5-21-3257919228-2720765789-3481981865-1001\...\Opera 1.0.1040) (Version: 1.0.1040 - Opera Software ASA)
Paltalk Messenger 11.4 (HKLM-x32\...\Paltalk Messenger) (Version: 11.4.564.16149 - AVM Software Inc.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Pinger (HKLM-x32\...\Pinger 1.1.1.2) (Version: 1.1.1.2 - Pinger Inc.)
Pinger (x32 Version: 1.1.1.2 - Pinger Inc.) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 1.1.9200.15 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6923 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.00.12.0906 - REALTEK Semiconductor Corp.)
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Royal Envoy 2 Collector's Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Software Updater (HKLM-x32\...\{A737E18A-5171-40D0-8034-7DD243420081}) (Version: 4.1.1 - SEIKO EPSON CORPORATION)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.5.3.3 - Synaptics Incorporated)
Synergy (64-bit) (HKLM\...\{1DFFF26F-08C5-44CB-BD84-6AD6DD32448E}) (Version: 1.6.2 - The Synergy Project)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.40798 - TeamViewer)
TomTom HOME (HKLM-x32\...\{99072AB4-D795-44D5-9D65-E3C9F8322C97}) (Version: 2.9.7 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
TouchCopy 12 (HKLM-x32\...\{DB85D65B-F94B-4C90-892F-213202E8D8F9}) (Version: 12.52 - Wide Angle Software)
Unity Web Player (HKU\S-1-5-21-3257919228-2720765789-3481981865-1001\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HP Games) (x32 Version: 4.0.10.5 - WildTangent) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3257919228-2720765789-3481981865-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Angel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3257919228-2720765789-3481981865-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Angel\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3257919228-2720765789-3481981865-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Angel\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3257919228-2720765789-3481981865-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Angel\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3257919228-2720765789-3481981865-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Angel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3257919228-2720765789-3481981865-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Angel\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3257919228-2720765789-3481981865-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Angel\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3257919228-2720765789-3481981865-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Angel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3257919228-2720765789-3481981865-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Angel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3257919228-2720765789-3481981865-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Angel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3257919228-2720765789-3481981865-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Angel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3257919228-2720765789-3481981865-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Angel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3257919228-2720765789-3481981865-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Angel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3257919228-2720765789-3481981865-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Angel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3257919228-2720765789-3481981865-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Angel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
04-04-2015 16:37:06 Windows Update
15-04-2015 18:22:06 Restore Point Created by FRST
16-04-2015 11:24:33 Removed Microsoft Expression Encoder 4 Screen Capture Codec
19-04-2015 21:44:05 Restore Point Created by FRST
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 09:25 - 2015-04-19 21:44 - 00000035 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1044DEEA-EB94-421E-BBF9-C878F2075F15} - System32\Tasks\EPSON WF-3640 Series Invitation {2DC22777-583D-4A73-A030-4F01BB34E280} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKDE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {160893E1-4BEC-435B-A5B2-8AC9A1C73A12} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {161BDDD5-36DD-4087-8FF4-BD3E78DBBBBE} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.)
Task: {1911AA7B-6B7C-45CC-8868-6C9BCE6ABCE0} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-12] (CyberLink)
Task: {37EBD892-2109-4F86-A086-0550581E68D1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-04-16] (Microsoft Corporation)
Task: {61E586AC-B07F-449A-862B-ACF4DBFDFA55} - System32\Tasks\{CB469D6F-0D55-40B6-9398-EBDD32F74754} => pcalua.exe -a C:\Users\Angel\Downloads\sp63317.exe -d C:\Users\Angel\Downloads
Task: {62DEC54C-377C-4FFC-8131-D80022EDA51F} - System32\Tasks\EPSON WF-3640 Series Update {2DC22777-583D-4A73-A030-4F01BB34E280} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKDE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {6481EA52-BFEC-432B-99DB-65EC4E8821AB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-11-29] (Hewlett-Packard Company)
Task: {7D30033B-F3C0-45BB-B939-5CCDF3063663} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-23] (Microsoft Corporation)
Task: {876A949F-BC7F-4055-B6DB-9E7687BB8B91} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-11] (Google Inc.)
Task: {8F8437B6-EC4B-4AA8-A2FC-8C556595C713} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-04-24] (Synaptics Incorporated)
Task: {9E36BE83-D04C-42E8-9A28-A2012CE7BBBB} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-23] (Microsoft Corporation)
Task: {B06DC4FE-3B7A-4358-A887-C9ED4A80D93B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-06-07] (Hewlett-Packard Company)
Task: {B4AB4231-B964-49F5-8BC3-C30798000E3E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {DBE0FCB3-C453-4A9F-BAC8-8CA26BCBB984} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-11] (Google Inc.)
Task: {F1F904E2-DA01-4E7C-BB9B-C5073D5F6570} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-23] (Microsoft Corporation)
Task: {F838BC2F-03BA-4C43-9999-75EFEB92B689} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-06-07] (Hewlett-Packard Development Company, L.P.)
Task: {F8390D49-07D8-4DDE-9710-35BEC7F1F373} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-23] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\EPSON WF-3640 Series Invitation {2DC22777-583D-4A73-A030-4F01BB34E280}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKDE.EXE
Task: C:\WINDOWS\Tasks\EPSON WF-3640 Series Update {2DC22777-583D-4A73-A030-4F01BB34E280}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKDE.EXE:/EXE:{2DC22777-583D-4A73-A030-4F01BB34E280} /F:UpdateWORKGROUP\TOUCH$
Searches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Loaded Modules (whitelisted) ==============
2014-03-20 18:54 - 2009-10-16 18:12 - 00177664 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\lxdxdrpp.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-12-02 15:17 - 2014-12-02 15:17 - 00313856 _____ () C:\Program Files\Synergy\synergyd.exe
2014-12-02 15:17 - 2014-12-02 15:17 - 00878592 _____ () C:\Program Files\Synergy\synergyc.exe
2013-10-16 00:52 - 2013-03-12 10:51 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-03-13 01:53 - 2013-03-13 01:53 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-04-19 21:52 - 2015-04-19 21:52 - 00043008 _____ () c:\users\angel\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpujxgdb.dll
2015-03-04 17:45 - 2015-03-04 17:45 - 00750080 _____ () C:\Users\Angel\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 17:45 - 2015-03-04 17:45 - 00047616 _____ () C:\Users\Angel\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 17:45 - 2015-03-04 17:45 - 00865280 _____ () C:\Users\Angel\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 17:45 - 2015-03-04 17:45 - 00200704 _____ () C:\Users\Angel\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2014-02-11 03:45 - 2012-05-25 05:25 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
2014-02-11 03:45 - 2012-05-25 05:25 - 00078336 _____ () C:\Program Files (x86)\Yahoo!\Messenger\pcre.dll
2015-04-16 22:16 - 2015-04-13 17:55 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\libglesv2.dll
2015-04-16 22:16 - 2015-04-13 17:55 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\libegl.dll
2013-10-16 00:24 - 2013-05-08 17:23 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3257919228-2720765789-3481981865-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 209.18.47.61 - 209.18.47.62
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run32: => "YouCam Service"
HKLM\...\StartupApproved\Run32: => "HPMessageService"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "NielsenOnline"
HKU\S-1-5-21-3257919228-2720765789-3481981865-1001\...\StartupApproved\StartupFolder: => "PalTalk.lnk"
HKU\S-1-5-21-3257919228-2720765789-3481981865-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-3257919228-2720765789-3481981865-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_A8BD534F1581C58324AC96653710CD29"
HKU\S-1-5-21-3257919228-2720765789-3481981865-1001\...\StartupApproved\Run: => "TomTomHOME.exe"
==================== Accounts: =============================
Administrator (S-1-5-21-3257919228-2720765789-3481981865-500 - Administrator - Disabled) => C:\Users\Administrator
Chickita (S-1-5-21-3257919228-2720765789-3481981865-1001 - Administrator - Enabled) => C:\Users\Angel
Guest (S-1-5-21-3257919228-2720765789-3481981865-501 - Limited - Disabled)
music_000 (S-1-5-21-3257919228-2720765789-3481981865-1002 - Administrator - Enabled) => C:\Users\music_000
==================== Faulty Device Manager Devices =============
Name: HP Truevision HD
Description: USB Video Device
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/19/2015 09:53:09 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.
Error: (04/19/2015 09:53:09 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.
Error: (04/19/2015 09:51:59 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Error: (04/19/2015 09:44:04 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {7cae0a95-7a15-4bff-9f86-3b4f9530ad61}
Error: (04/19/2015 08:21:12 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Error: (04/19/2015 04:51:41 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Error: (04/19/2015 04:51:32 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error: (04/19/2015 04:51:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.3.9600.17667, time stamp: 0x54c6f7c2
Faulting module name: SHELL32.dll, version: 6.3.9600.17680, time stamp: 0x54dc3611
Exception code: 0xc0000005
Fault offset: 0x00000000001f1709
Faulting process id: 0x814
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
Faulting package full name: Explorer.EXE4
Faulting package-relative application ID: Explorer.EXE5
Error: (04/19/2015 00:35:55 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error: (04/19/2015 00:35:55 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
System errors:
=============
Error: (04/19/2015 09:51:03 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The TeamViewer 10 service hung on starting.
Error: (04/19/2015 08:22:02 AM) (Source: DCOM) (EventID: 10010) (User: Touch)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (04/19/2015 08:21:32 AM) (Source: DCOM) (EventID: 10010) (User: Touch)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (04/18/2015 06:01:35 PM) (Source: DCOM) (EventID: 10010) (User: Touch)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (04/17/2015 06:31:22 AM) (Source: DCOM) (EventID: 10010) (User: Touch)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (04/17/2015 06:30:52 AM) (Source: DCOM) (EventID: 10010) (User: Touch)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (04/16/2015 10:55:19 PM) (Source: DCOM) (EventID: 10010) (User: Touch)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (04/16/2015 09:55:25 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The TeamViewer 10 service hung on starting.
Error: (04/16/2015 09:52:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Intel® Capability Licensing Service Interface service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
Error: (04/16/2015 09:52:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Dynamic Application Loader Host Interface Service service terminated unexpectedly. It has done this 1 time(s).
Microsoft Office Sessions:
=========================
Error: (04/19/2015 09:53:09 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (04/19/2015 09:53:09 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (04/19/2015 09:51:59 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNAVI.EXE
Error: (04/19/2015 09:44:04 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Access is denied.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {7cae0a95-7a15-4bff-9f86-3b4f9530ad61}
Error: (04/19/2015 08:21:12 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNAVI.EXE
Error: (04/19/2015 04:51:41 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNAVI.EXE
Error: (04/19/2015 04:51:32 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\Angel\Desktop\esetsmartinstaller_enu.exe
Error: (04/19/2015 04:51:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.3.9600.1766754c6f7c2SHELL32.dll6.3.9600.1768054dc3611c000000500000000001f170981401d078b166ea4933C:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\SHELL32.dll41221f2f-e671-11e4-bec3-a0481c261ae3
Error: (04/19/2015 00:35:55 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\Angel\Desktop\esetsmartinstaller_enu.exe
Error: (04/19/2015 00:35:55 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\Angel\Desktop\esetsmartinstaller_enu.exe
==================== Memory info ===========================
Processor: Intel® Core i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 35%
Total physical RAM: 5914.15 MB
Available physical RAM: 3824.8 MB
Total Pagefile: 7066.15 MB
Available Pagefile: 4704.6 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:672.18 GB) (Free:543.36 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:25.25 GB) (Free:2.51 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: D031B727)
Partition: GPT Partition Type.
==================== End Of Log ============================