Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Unwanted websites starting up [Solved]


  • This topic is locked This topic is locked

#1
eingram25

eingram25

    New Member

  • Member
  • Pip
  • 6 posts

I hav unwanted websites starting up by themselves.

The last time this happened, I used the staff at malwarebytes.com.

They helped me fix it with several tools including FRST64.exe.

I have switched to bitdefender, but am now having the problem again.

I am attaching two files after having run FRST64Attached File  Addition.txt   35.59KB   217 downloadsAttached File  FRST.txt   81.91KB   223 downloads


  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Apologies for the delay .. If you still require assistance please post fresh FRST logs


  • 0

#3
eingram25

eingram25

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-10-2015
Ran by Ed (administrator) on DESKTOP-DO6GGUR (19-10-2015 10:16:58)
Running from C:\Users\Ed\Desktop
Loaded Profiles: Ed (Available Profiles: Ed)
Platform: Windows 10 Home (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Cisco Consumer Products LLC) C:\Program Files (x86)\Cisco Systems\Cisco Valet Connector\CiscoAdapterSvc.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe
() C:\Windows\SysWOW64\UTSCSI.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe
(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwtxapps.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6306.42251.0_x64__8wekyb3d8bbwe\HxMail.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6306.42251.0_x64__8wekyb3d8bbwe\HxTsr.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe [1683408 2015-10-05] (Bitdefender)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36710768 2015-10-01] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [BambooCore] => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1109757102-2323827611-3227408454-1002\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1403192 2015-09-11] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1109757102-2323827611-3227408454-1002\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [488640 2015-04-06] (AppEx Networks Corporation)
HKU\S-1-5-21-1109757102-2323827611-3227408454-1002\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe [1413000 2015-10-05] (Bitdefender)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1403192 2015-09-11] (Garmin Ltd. or its subsidiaries)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2015-08-04]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 68.105.28.12 68.105.29.12 68.105.28.11
Tcpip\..\Interfaces\{4e22061d-c3cc-4e4a-bbd1-2aff59fa0654}: [DhcpNameServer] 68.105.28.12 68.105.29.12 68.105.28.11
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-1109757102-2323827611-3227408454-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1109757102-2323827611-3227408454-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Bitdefender Wallet  -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2015-10-05] (Bitdefender)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-08-04] (LastPass)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-11] (Microsoft Corporation)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2015-10-05] (Bitdefender)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-18] (Oracle Corporation)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-08-04] (LastPass)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-18] (Oracle Corporation)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-08-04] (LastPass)
Toolbar: HKLM - Bitdefender Wallet  - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2015-10-05] (Bitdefender)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-08-04] (LastPass)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2015-10-05] (Bitdefender)
Toolbar: HKU\S-1-5-21-1109757102-2323827611-3227408454-1002 -> Bitdefender Wallet  - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2015-10-05] (Bitdefender)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-08-04] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\Ed\AppData\Roaming\Mozilla\Firefox\Profiles\9oydo27w.default
FF Homepage: hxxps://www.biblegateway.com/resources/audio/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-17] ()
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-08-04] (LastPass)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-18] (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-08-04] (LastPass)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-08-04] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Extension: LastPass - C:\Users\Ed\AppData\Roaming\Mozilla\Firefox\Profiles\9oydo27w.default\Extensions\[email protected] [2015-09-25]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender 2016\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2016\bdwteff [2015-09-28] [not signed]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext [2015-09-28] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff [2015-09-28] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext
 
Chrome: 
=======
CHR StartupUrls: Default -> "hxxps://lastpass.com/?ac=1","hxxp://www.google.com/"
CHR DefaultSearchKeyword: Default -> google.com_
CHR Profile: C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bejeweled) - C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm [2015-08-05]
CHR Extension: (Google Docs) - C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-04]
CHR Extension: (Google Drive) - C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-04]
CHR Extension: (YouTube) - C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-04]
CHR Extension: (Google Cast) - C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-08-05]
CHR Extension: (Google Search) - C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-04]
CHR Extension: (Gmail Offline) - C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2015-08-05]
CHR Extension: (Google Calendar) - C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2015-08-05]
CHR Extension: (Google Docs Offline) - C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (Translator by Dictionary.com) - C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\glacllipodbjfijgkcdifnlhmoddlkon [2015-08-05]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-08-04]
CHR Extension: (Kindle Cloud Reader) - C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2015-08-05]
CHR Extension: (Dropbox) - C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2015-08-05]
CHR Extension: (Numerics Calculator & Converter) - C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\liglcienpnkhdajdfmnpbgmpjglonipe [2015-08-05]
CHR Extension: (Google Maps) - C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-08-05]
CHR Extension: (SearchLock) - C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\madakpajlmcpaodhfbekojajlhbdklol [2015-10-17]
CHR Extension: (WeatherBug) - C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkkjobcechefaoknodniidfjapgfoco [2015-08-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-04]
CHR Extension: (Bitdefender QuickScan) - C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2015-08-05]
CHR Extension: (Gmail) - C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-04]
CHR HKLM-x32\...\Chrome\Extension: [dhhejlifdlcgcmogbggeomfodgklfaem] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2774104 2015-09-11] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-04] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-04] (Dropbox, Inc.)
S3 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [762272 2015-09-11] (Garmin Ltd. or its subsidiaries)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [823840 2015-09-22] (Bitdefender)
R2 RaAutoInstSrv_AM10; C:\Program Files (x86)\Cisco Systems\Cisco Valet Connector\CiscoAdapterSvc.exe [529024 2010-05-29] (Cisco Consumer Products LLC)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe [124488 2015-10-05] (Bitdefender)
R2 UTSCSI; C:\WINDOWS\SysWOW64\UTSCSI.EXE [45056 2015-08-04] () [File not signed]
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe [1572168 2015-10-05] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [656664 2014-08-19] (Wacom Technology, Corp.)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AM10; C:\Windows\System32\drivers\am10w7.sys [1101600 2010-03-23] (Ralink Technology Corp.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1369288 2015-05-28] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [271272 2015-05-29] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [747120 2015-05-28] (BitDefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2015-10-05] (BitDefender LLC)
S4 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [79192 2015-10-05] (BitDefender)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160032 2015-04-29] (BitDefender LLC)
R3 i8042HDR; C:\Windows\system32\DRIVERS\i8042HDR.sys [15920 2009-08-14] (Windows ® Codename Longhorn DDK provider)
R1 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [109272 2015-06-18] (Malwarebytes Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-10-18] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [477272 2015-06-02] (BitDefender S.R.L.)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S0 b06bdrv; System32\drivers\bxvbda.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-10-19 10:16 - 2015-10-19 10:17 - 00024270 _____ C:\Users\Ed\Desktop\FRST.txt
2015-10-19 10:16 - 2015-10-19 10:16 - 00000000 ____D C:\Users\Ed\Desktop\FRST-OlderVersion
2015-10-19 09:12 - 2015-10-19 09:12 - 00016148 _____ C:\WINDOWS\system32\DESKTOP-DO6GGUR_Ed_HistoryPrediction.bin
2015-10-19 04:14 - 2015-10-19 04:14 - 00000000 ___HD C:\OneDriveTemp
2015-10-18 08:28 - 2015-10-18 08:28 - 00000673 _____ C:\Users\Ed\Documents\Something has occurred to me.txt
2015-10-18 08:00 - 2015-10-18 08:00 - 00000000 ____D C:\Program Files (x86)\ESET
2015-10-18 07:59 - 2015-10-18 08:00 - 02870984 _____ (ESET) C:\Users\Ed\Desktop\esetsmartinstaller_enu.exe
2015-10-17 11:58 - 2015-10-17 11:58 - 00001047 _____ C:\Users\Ed\Desktop\10-17-15-11-34.txt
2015-10-17 11:28 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\is-AR9H4.tmp
2015-10-17 09:12 - 2015-10-17 09:12 - 00001331 _____ C:\Users\Ed\Desktop\JRT.txt
2015-10-17 09:10 - 2015-10-17 09:10 - 00024465 _____ C:\ProgramData\1445091039.bdinstall.bin
2015-10-17 09:02 - 2015-10-17 09:02 - 00001068 _____ C:\Users\Ed\Desktop\AdwCleaner[C1].txt
2015-10-17 08:46 - 2015-10-17 09:03 - 01801288 _____ (Malwarebytes) C:\Users\Ed\Desktop\JRT.exe
2015-10-17 08:45 - 2015-10-17 08:49 - 01682432 _____ C:\Users\Ed\Desktop\AdwCleaner.exe
2015-10-17 08:35 - 2015-10-17 08:36 - 00034798 _____ C:\WINDOWS\SysWOW64\MTB.txt
2015-10-17 07:56 - 2015-10-17 08:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-16 19:35 - 2015-10-16 19:35 - 00000588 _____ C:\Users\Ed\Documents\minitoolbox.txt
2015-10-16 19:32 - 2015-10-16 19:33 - 00891392 _____ (Farbar) C:\Users\Ed\Desktop\MiniToolBox.exe
2015-10-16 19:14 - 2015-10-16 19:23 - 00000000 ____D C:\Users\Ed\Documents\Humana
2015-10-14 06:36 - 2015-10-10 01:40 - 21875712 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-14 06:36 - 2015-10-10 01:07 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-14 06:36 - 2015-10-05 22:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-14 06:36 - 2015-10-05 21:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-14 06:36 - 2015-09-30 23:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-14 06:36 - 2015-09-24 22:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-14 06:36 - 2015-09-24 22:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-14 06:36 - 2015-09-24 22:17 - 24595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-14 06:36 - 2015-09-24 22:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-14 06:36 - 2015-09-24 22:04 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-14 06:36 - 2015-09-24 22:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-14 06:36 - 2015-09-24 22:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-14 06:36 - 2015-09-24 22:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-14 06:36 - 2015-09-24 22:02 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-14 06:36 - 2015-09-24 22:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-14 06:36 - 2015-09-24 22:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-14 06:36 - 2015-09-24 22:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-14 06:36 - 2015-09-24 22:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-14 06:36 - 2015-09-24 21:59 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-14 06:36 - 2015-09-24 21:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-14 06:36 - 2015-09-24 21:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-14 06:36 - 2015-09-24 21:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-14 06:36 - 2015-09-24 21:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-14 06:36 - 2015-09-24 21:48 - 19325952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-14 06:36 - 2015-09-24 21:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-14 06:36 - 2015-09-24 21:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-14 06:36 - 2015-09-24 21:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-14 06:36 - 2015-09-24 21:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-14 06:36 - 2015-09-24 21:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-14 06:36 - 2015-09-24 21:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-14 06:36 - 2015-09-24 21:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-14 06:35 - 2015-10-10 02:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-14 06:35 - 2015-09-30 23:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-14 06:35 - 2015-09-30 23:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-14 06:35 - 2015-09-30 23:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-14 06:35 - 2015-09-30 23:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-14 06:35 - 2015-09-30 22:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-14 06:35 - 2015-09-24 23:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-14 06:35 - 2015-09-24 23:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-14 06:35 - 2015-09-24 22:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-14 06:35 - 2015-09-24 22:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-14 06:35 - 2015-09-24 22:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-14 06:35 - 2015-09-24 22:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-14 06:35 - 2015-09-24 22:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-14 06:35 - 2015-09-24 22:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-14 06:35 - 2015-09-24 22:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-14 06:35 - 2015-09-24 22:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-14 06:35 - 2015-09-24 22:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-14 06:35 - 2015-09-24 22:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-14 06:35 - 2015-09-24 22:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-14 06:35 - 2015-09-24 21:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-14 06:35 - 2015-09-24 21:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-14 06:35 - 2015-09-24 21:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-14 06:35 - 2015-09-24 21:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-14 06:35 - 2015-09-24 21:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-14 06:35 - 2015-09-24 21:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-14 06:35 - 2015-09-24 21:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-14 06:35 - 2015-09-24 21:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-14 06:35 - 2015-09-24 21:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-14 06:35 - 2015-09-24 21:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-14 06:35 - 2015-09-24 21:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-14 06:35 - 2015-09-24 21:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-14 06:35 - 2015-09-24 21:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-14 06:35 - 2015-09-24 21:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-14 06:35 - 2015-09-24 21:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-10 07:03 - 2015-10-10 07:03 - 00000000 ____D C:\Users\Ed\Downloads\10-10-2015
2015-10-10 06:55 - 2015-10-19 10:16 - 02196992 _____ (Farbar) C:\Users\Ed\Desktop\FRST64.exe
2015-10-08 07:57 - 2015-10-08 07:57 - 00000000 ____D C:\Program Files\Microsoft Office
2015-10-08 07:57 - 2015-10-08 07:57 - 00000000 ____D C:\Program Files (x86)\MSECache
2015-10-08 07:51 - 2015-10-08 07:51 - 00000000 ____D C:\Users\Ed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2015-10-08 07:50 - 2015-10-08 07:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2015-10-08 07:49 - 2015-10-08 07:51 - 00000000 ____D C:\Program Files (x86)\AVS4YOU
2015-10-08 07:49 - 2015-10-08 07:50 - 00000000 ____D C:\ProgramData\AVS4YOU
2015-10-08 07:49 - 2015-04-06 16:05 - 01006416 _____ (The OpenSSL Project, http://www.openssl.org/)C:\WINDOWS\SysWOW64\libeay32.dll
2015-10-08 07:49 - 2011-06-21 18:53 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70.dll
2015-10-08 07:49 - 2011-06-21 18:53 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp70.dll
2015-10-08 07:49 - 2011-06-21 18:53 - 00344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr70.dll
2015-10-08 07:49 - 2011-06-21 18:53 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3a.dll
2015-10-07 21:23 - 2015-10-07 21:23 - 00000000 ____D C:\ProgramData\ATI
2015-10-07 06:18 - 2015-10-07 06:18 - 00061917 _____ C:\WINDOWS\SysWOW64\CCCInstall_201510070618238360.log
2015-10-07 06:18 - 2015-10-07 06:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-10-07 06:18 - 2015-10-07 06:18 - 00000000 ____D C:\Program Files\ATI Technologies
2015-10-07 06:16 - 2015-10-07 06:16 - 00055309 _____ C:\WINDOWS\SysWOW64\CCCInstall_201510070616368483.log
2015-10-07 06:12 - 2015-10-07 06:12 - 47794160 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 39721456 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 30776304 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 27544560 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 25320432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 22327280 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 15725552 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 14310896 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 08009360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 07482560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 06686192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 05216240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2015-10-07 06:12 - 2015-10-07 06:12 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2015-10-07 06:12 - 2015-10-07 06:12 - 01196032 _____ C:\WINDOWS\system32\amdocl_as64.exe
2015-10-07 06:12 - 2015-10-07 06:12 - 01070592 _____ C:\WINDOWS\system32\amdocl_ld64.exe
2015-10-07 06:12 - 2015-10-07 06:12 - 01004032 _____ C:\WINDOWS\SysWOW64\amdocl_as32.exe
2015-10-07 06:12 - 2015-10-07 06:12 - 00935408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 00935408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 00833800 _____ C:\WINDOWS\system32\amdicdxx.dat
2015-10-07 06:12 - 2015-10-07 06:12 - 00807424 _____ C:\WINDOWS\SysWOW64\amdocl_ld32.exe
2015-10-07 06:12 - 2015-10-07 06:12 - 00662392 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2015-10-07 06:12 - 2015-10-07 06:12 - 00662392 _____ C:\WINDOWS\system32\atiapfxx.blb
2015-10-07 06:12 - 2015-10-07 06:12 - 00631280 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 00524272 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 00471320 _____ C:\WINDOWS\system32\amdmiracast.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 00375792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2015-10-07 06:12 - 2015-10-07 06:12 - 00341488 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2015-10-07 06:12 - 2015-10-07 06:12 - 00243696 _____ C:\WINDOWS\system32\clinfo.exe
2015-10-07 06:12 - 2015-10-07 06:12 - 00213488 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 00199664 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 00198640 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 00177344 _____ C:\WINDOWS\system32\ativce03.dat
2015-10-07 06:12 - 2015-10-07 06:12 - 00175648 _____ C:\WINDOWS\system32\amde31a.dat
2015-10-07 06:12 - 2015-10-07 06:12 - 00168944 _____ C:\WINDOWS\system32\atieah64.exe
2015-10-07 06:12 - 2015-10-07 06:12 - 00165360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 00152560 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2015-10-07 06:12 - 2015-10-07 06:12 - 00150512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 00143344 _____ C:\WINDOWS\system32\amdhdl64.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 00136176 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 00132080 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 00122352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 00112368 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 00111600 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 00111088 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 00103408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 00100816 _____ C:\WINDOWS\system32\ativce02.dat
2015-10-07 06:12 - 2015-10-07 06:12 - 00096752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 00088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 00088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 00083952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 00081168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 00081168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 00073712 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 00071152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 00068080 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 00064496 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 00060912 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 00059888 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2015-10-07 06:12 - 2015-10-07 06:12 - 00059376 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 00057840 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 00052208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 00048112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 00038384 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 00012784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2015-10-07 06:12 - 2015-10-07 06:12 - 00012784 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2015-10-05 17:56 - 2015-10-05 17:56 - 00270248 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\ignis.sys
2015-10-05 17:26 - 2015-10-05 17:26 - 00000000 ____D C:\Users\Ed\AppData\LocalLow\Temp
2015-10-03 08:32 - 2015-10-03 08:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-01 19:30 - 2015-10-19 09:49 - 00001104 _____ C:\Users\Ed\Desktop\DirSyncPro.exe - Shortcut (2).lnk
2015-10-01 19:26 - 2015-10-01 19:26 - 00000000 ____D C:\Users\Ed\Downloads\DirSyncPro-1.51-Windows
2015-10-01 19:25 - 2015-10-01 19:25 - 02930933 _____ C:\Users\Ed\Downloads\DirSyncPro-1.51-Windows.zip
2015-10-01 19:15 - 2015-10-02 12:36 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-01 19:15 - 2015-10-02 12:36 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-01 07:04 - 2015-10-01 07:05 - 00000000 ____D C:\Users\Ed\Documents\Medicare
2015-10-01 01:32 - 2015-09-17 01:50 - 02464216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-10-01 01:32 - 2015-09-17 01:50 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-10-01 01:32 - 2015-09-17 01:49 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-10-01 01:32 - 2015-09-17 01:49 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-10-01 01:32 - 2015-09-17 01:49 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2015-10-01 01:32 - 2015-09-17 01:48 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2015-10-01 01:32 - 2015-09-17 01:48 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 01:32 - 2015-09-17 01:48 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-10-01 01:32 - 2015-09-17 01:48 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2015-10-01 01:32 - 2015-09-17 01:48 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-10-01 01:32 - 2015-09-17 01:48 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-10-01 01:32 - 2015-09-17 01:48 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-10-01 01:32 - 2015-09-17 01:48 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-10-01 01:32 - 2015-09-17 01:48 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-10-01 01:32 - 2015-09-17 01:48 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-10-01 01:32 - 2015-09-17 01:47 - 01397088 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-01 01:32 - 2015-09-17 01:44 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-10-01 01:32 - 2015-09-17 01:43 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-10-01 01:32 - 2015-09-17 01:37 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2015-10-01 01:32 - 2015-09-17 01:28 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-10-01 01:32 - 2015-09-17 01:28 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-10-01 01:32 - 2015-09-17 01:28 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-10-01 01:32 - 2015-09-17 01:27 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-10-01 01:32 - 2015-09-17 01:27 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-10-01 01:32 - 2015-09-17 01:26 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2015-10-01 01:32 - 2015-09-17 01:26 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-10-01 01:32 - 2015-09-17 01:25 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-01 01:32 - 2015-09-17 01:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-10-01 01:32 - 2015-09-17 01:20 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-10-01 01:32 - 2015-09-17 01:06 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-10-01 01:32 - 2015-09-17 01:05 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-10-01 01:32 - 2015-09-17 01:04 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-10-01 01:32 - 2015-09-17 01:04 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-10-01 01:32 - 2015-09-17 01:00 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-01 01:32 - 2015-09-17 01:00 - 02417664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-01 01:32 - 2015-09-17 00:57 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-10-01 01:32 - 2015-09-17 00:57 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-10-01 01:32 - 2015-09-17 00:56 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-10-01 01:32 - 2015-09-17 00:55 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-10-01 01:32 - 2015-09-17 00:55 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-10-01 01:32 - 2015-09-17 00:54 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-10-01 01:32 - 2015-09-17 00:53 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-10-01 01:32 - 2015-09-17 00:52 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-10-01 01:32 - 2015-09-17 00:52 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-10-01 01:32 - 2015-09-17 00:51 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-10-01 01:32 - 2015-09-17 00:51 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-10-01 01:32 - 2015-09-17 00:49 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-10-01 01:32 - 2015-09-17 00:49 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-10-01 01:32 - 2015-09-17 00:49 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-10-01 01:32 - 2015-09-17 00:48 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-10-01 01:32 - 2015-09-17 00:48 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-10-01 01:32 - 2015-09-17 00:48 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-10-01 01:32 - 2015-09-17 00:47 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2015-10-01 01:32 - 2015-09-17 00:45 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-10-01 01:32 - 2015-09-17 00:45 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-10-01 01:32 - 2015-09-17 00:44 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-10-01 01:32 - 2015-09-17 00:43 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-10-01 01:32 - 2015-09-17 00:43 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-10-01 01:32 - 2015-09-17 00:42 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-01 01:32 - 2015-09-17 00:40 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-10-01 01:32 - 2015-09-17 00:40 - 01918464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-01 01:32 - 2015-09-17 00:40 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-10-01 01:32 - 2015-09-17 00:39 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-10-01 01:32 - 2015-09-17 00:38 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2015-10-01 01:32 - 2015-09-17 00:35 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-10-01 01:32 - 2015-09-17 00:35 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-10-01 01:32 - 2015-09-17 00:35 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-10-01 01:32 - 2015-09-17 00:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-10-01 01:32 - 2015-09-17 00:29 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-10-01 01:32 - 2015-09-17 00:29 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-10-01 01:32 - 2015-09-17 00:26 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-10-01 01:32 - 2015-09-17 00:16 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-10-01 01:32 - 2015-09-12 21:05 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-01 01:31 - 2015-09-19 00:14 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2015-10-01 01:31 - 2015-09-17 01:50 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-10-01 01:31 - 2015-09-17 01:50 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-10-01 01:31 - 2015-09-17 01:49 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2015-10-01 01:31 - 2015-09-17 01:48 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-10-01 01:31 - 2015-09-17 01:48 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-10-01 01:31 - 2015-09-17 01:48 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-10-01 01:31 - 2015-09-17 01:48 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-10-01 01:31 - 2015-09-17 01:48 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2015-10-01 01:31 - 2015-09-17 01:48 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-10-01 01:31 - 2015-09-17 01:37 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-10-01 01:31 - 2015-09-17 01:28 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2015-10-01 01:31 - 2015-09-17 01:28 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-10-01 01:31 - 2015-09-17 01:26 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2015-10-01 01:31 - 2015-09-17 01:26 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-10-01 01:31 - 2015-09-17 01:26 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-10-01 01:31 - 2015-09-17 01:26 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-10-01 01:31 - 2015-09-17 01:09 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-10-01 01:31 - 2015-09-17 01:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-10-01 01:31 - 2015-09-17 01:08 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-10-01 01:31 - 2015-09-17 01:08 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-10-01 01:31 - 2015-09-17 01:06 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-10-01 01:31 - 2015-09-17 01:06 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-10-01 01:31 - 2015-09-17 01:05 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-10-01 01:31 - 2015-09-17 01:03 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2015-10-01 01:31 - 2015-09-17 01:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2015-10-01 01:31 - 2015-09-17 01:00 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-10-01 01:31 - 2015-09-17 01:00 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-10-01 01:31 - 2015-09-17 00:58 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-10-01 01:31 - 2015-09-17 00:57 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-10-01 01:31 - 2015-09-17 00:57 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-10-01 01:31 - 2015-09-17 00:56 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-10-01 01:31 - 2015-09-17 00:55 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2015-10-01 01:31 - 2015-09-17 00:55 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-10-01 01:31 - 2015-09-17 00:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2015-10-01 01:31 - 2015-09-17 00:55 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-10-01 01:31 - 2015-09-17 00:54 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-10-01 01:31 - 2015-09-17 00:52 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-10-01 01:31 - 2015-09-17 00:52 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-10-01 01:31 - 2015-09-17 00:52 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-10-01 01:31 - 2015-09-17 00:52 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-10-01 01:31 - 2015-09-17 00:52 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-10-01 01:31 - 2015-09-17 00:51 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-10-01 01:31 - 2015-09-17 00:51 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-01 01:31 - 2015-09-17 00:51 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-10-01 01:31 - 2015-09-17 00:50 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-10-01 01:31 - 2015-09-17 00:50 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-10-01 01:31 - 2015-09-17 00:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2015-10-01 01:31 - 2015-09-17 00:49 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-10-01 01:31 - 2015-09-17 00:49 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-10-01 01:31 - 2015-09-17 00:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2015-10-01 01:31 - 2015-09-17 00:48 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-10-01 01:31 - 2015-09-17 00:48 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2015-10-01 01:31 - 2015-09-17 00:48 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-10-01 01:31 - 2015-09-17 00:47 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-10-01 01:31 - 2015-09-17 00:47 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-10-01 01:31 - 2015-09-17 00:46 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-10-01 01:31 - 2015-09-17 00:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-10-01 01:31 - 2015-09-17 00:46 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-10-01 01:31 - 2015-09-17 00:46 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-10-01 01:31 - 2015-09-17 00:46 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2015-10-01 01:31 - 2015-09-17 00:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2015-10-01 01:31 - 2015-09-17 00:45 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-10-01 01:31 - 2015-09-17 00:45 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-01 01:31 - 2015-09-17 00:44 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-10-01 01:31 - 2015-09-17 00:44 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-10-01 01:31 - 2015-09-17 00:43 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-10-01 01:31 - 2015-09-17 00:41 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-10-01 01:31 - 2015-09-17 00:37 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-10-01 01:31 - 2015-09-17 00:34 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-10-01 01:31 - 2015-09-17 00:32 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-10-01 01:31 - 2015-09-17 00:32 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-10-01 01:31 - 2015-09-17 00:32 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-10-01 01:31 - 2015-09-17 00:31 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2015-10-01 01:31 - 2015-09-17 00:30 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-10-01 01:31 - 2015-09-17 00:29 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-10-01 01:31 - 2015-09-17 00:29 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-01 01:31 - 2015-09-12 20:41 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-01 01:30 - 2015-09-17 01:49 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-10-01 01:30 - 2015-09-17 01:48 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-10-01 01:30 - 2015-09-17 01:48 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-10-01 01:30 - 2015-09-17 01:28 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-10-01 01:30 - 2015-09-17 01:11 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-10-01 01:30 - 2015-09-17 01:10 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2015-10-01 01:30 - 2015-09-17 01:09 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-10-01 01:30 - 2015-09-17 01:04 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2015-10-01 01:30 - 2015-09-17 01:03 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-10-01 01:30 - 2015-09-17 01:03 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-10-01 01:30 - 2015-09-17 01:03 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-10-01 01:30 - 2015-09-17 01:02 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-10-01 01:30 - 2015-09-17 01:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-10-01 01:30 - 2015-09-17 00:56 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-10-01 01:30 - 2015-09-17 00:55 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2015-10-01 01:30 - 2015-09-17 00:55 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2015-10-01 01:30 - 2015-09-17 00:55 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-10-01 01:30 - 2015-09-17 00:54 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 01:30 - 2015-09-17 00:52 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2015-10-01 01:30 - 2015-09-17 00:52 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2015-10-01 01:30 - 2015-09-17 00:52 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-10-01 01:30 - 2015-09-17 00:51 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2015-10-01 01:30 - 2015-09-17 00:50 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-10-01 01:30 - 2015-09-17 00:50 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll
2015-10-01 01:30 - 2015-09-17 00:50 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll
2015-10-01 01:30 - 2015-09-17 00:49 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll
2015-10-01 01:30 - 2015-09-17 00:49 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-10-01 01:30 - 2015-09-17 00:49 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll
2015-10-01 01:30 - 2015-09-17 00:49 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll
2015-10-01 01:30 - 2015-09-17 00:46 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-10-01 01:30 - 2015-09-17 00:46 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll
2015-10-01 01:30 - 2015-09-17 00:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2015-10-01 01:30 - 2015-09-17 00:44 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-10-01 01:30 - 2015-09-17 00:43 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-10-01 01:30 - 2015-09-17 00:39 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 01:30 - 2015-09-17 00:36 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2015-10-01 01:30 - 2015-09-17 00:28 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-09-29 10:07 - 2015-10-06 06:41 - 00000000 _____ C:\WINDOWS\system32\STOOLSubmit.ret
2015-09-28 19:11 - 2015-09-28 19:11 - 00000000 ____D C:\Users\Ed\Downloads\Bitdefender Safepay
2015-09-28 19:11 - 2015-09-28 19:11 - 00000000 ____D C:\ProgramData\Dumps
2015-09-28 11:16 - 2015-10-05 17:56 - 00079192 _____ (BitDefender) C:\WINDOWS\system32\Drivers\bdvedisk.sys
2015-09-28 11:16 - 2015-09-28 11:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2016
2015-09-28 11:16 - 2015-09-28 11:16 - 00002274 _____ C:\Users\Public\Desktop\Bitdefender 2016.lnk
2015-09-28 11:16 - 2015-05-29 09:50 - 00271272 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avchv.sys
2015-09-28 11:16 - 2015-05-28 14:21 - 00747120 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys
2015-09-28 11:16 - 2015-05-28 13:37 - 01369288 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2015-09-28 11:12 - 2015-09-28 11:27 - 00000000 ____D C:\Users\Ed\AppData\Roaming\Bitdefender
2015-09-28 11:11 - 2015-10-05 17:57 - 00000000 ____D C:\ProgramData\Bitdefender
2015-09-28 11:11 - 2015-06-02 15:21 - 00477272 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2015-09-28 11:11 - 2015-04-29 14:32 - 00160032 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2015-09-28 10:35 - 2015-09-28 10:35 - 00000000 ____D C:\ProgramData\bdch
2015-09-28 10:18 - 2015-10-19 10:14 - 00000000 ____D C:\Program Files\Bitdefender Agent
2015-09-28 10:18 - 2015-09-28 10:18 - 00000000 ____D C:\ProgramData\Bitdefender Agent
2015-09-28 09:29 - 2015-09-28 09:29 - 00000385 _____ C:\WINDOWS\system32\user_gensett.xml
2015-09-28 09:29 - 2015-09-28 09:29 - 00000385 _____ C:\Users\Ed\AppData\Roaminguser_gensett.xml
2015-09-28 09:28 - 2015-10-06 06:26 - 00000000 ____D C:\ProgramData\BDLogging
2015-09-28 09:28 - 2015-09-28 09:28 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2015-09-28 09:27 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\capicom.dll
2015-09-28 09:24 - 2015-09-28 11:11 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2015-09-28 09:24 - 2015-09-28 11:11 - 00000000 ____D C:\Program Files\Bitdefender
2015-09-28 09:09 - 2015-09-28 09:23 - 314199040 _____ C:\Users\Ed\Downloads\bitdefender_av_19_64b.exe
2015-09-28 09:06 - 2015-09-28 09:06 - 02842784 _____ C:\Users\Ed\Downloads\The_New_Bitdefender_UninstallTool.exe
2015-09-27 17:54 - 2015-09-27 17:54 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\631B1779.sys
2015-09-26 10:45 - 2015-09-26 10:45 - 00000000 ____D C:\Users\Ed\Downloads\9-26-2015
2015-09-26 10:44 - 2015-09-26 11:39 - 00000000 ____D C:\Users\Ed\Documents\TwistedBrush
2015-09-26 10:37 - 2015-09-26 10:37 - 00000000 ____D C:\Users\Ed\AppData\Roaming\Pixarra
2015-09-26 10:34 - 2015-09-26 10:34 - 00002132 _____ C:\Users\Ed\Desktop\TwistedBrush Pro Studio.lnk
2015-09-26 10:34 - 2015-09-26 10:34 - 00001274 _____ C:\Users\Ed\Desktop\TwistedBrush FAQ.lnk
2015-09-26 10:34 - 2015-09-26 10:34 - 00000000 ____D C:\Users\Ed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TwistedBrush
2015-09-26 10:34 - 2015-09-26 10:34 - 00000000 ____D C:\Program Files (x86)\Pixarra
2015-09-25 10:22 - 2015-09-25 10:22 - 00000000 ____D C:\Users\Ed\AppData\Roaming\wacomid-desktop-launcher
2015-09-25 10:18 - 2015-09-25 10:18 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom
2015-09-25 10:18 - 2015-09-25 10:18 - 00000000 ____D C:\Users\Ed\AppData\Roaming\WTablet
2015-09-25 10:18 - 2015-09-25 10:18 - 00000000 ____D C:\Users\Ed\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
2015-09-25 10:18 - 2015-09-25 10:18 - 00000000 ____D C:\Program Files\TabletPlugins
2015-09-25 10:18 - 2015-09-25 10:18 - 00000000 ____D C:\Program Files\Tablet
2015-09-25 10:18 - 2015-09-25 10:18 - 00000000 ____D C:\Program Files (x86)\TabletPlugins
2015-09-25 10:18 - 2014-08-19 12:12 - 02006808 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\WacomMT.dll
2015-09-25 10:18 - 2014-08-19 12:12 - 01991448 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\Pen_Tablet.dll
2015-09-25 10:18 - 2014-08-19 12:12 - 01984792 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\Pen_Touch_Tablet.dll
2015-09-25 10:18 - 2014-08-19 12:12 - 01858328 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\Wintab32.dll
2015-09-25 10:18 - 2014-08-19 12:12 - 01614104 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\Pen_Tablet.dll
2015-09-25 10:18 - 2014-08-19 12:12 - 01610008 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\WacomMT.dll
2015-09-25 10:18 - 2014-08-19 12:12 - 01607448 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\Pen_Touch_Tablet.dll
2015-09-25 10:18 - 2014-08-19 12:12 - 01493784 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\Wintab32.dll
2015-09-25 10:18 - 2014-08-06 11:15 - 00102200 _____ (Wacom Technology) C:\WINDOWS\system32\Drivers\wachidrouter.sys
2015-09-25 10:18 - 2014-08-06 11:15 - 00015160 _____ (Wacom Technology) C:\WINDOWS\system32\Drivers\wacomrouterfilter.sys
2015-09-25 10:04 - 2015-09-25 10:04 - 00000000 ____D C:\Users\Ed\AppData\Roaming\Wacom
2015-09-25 10:03 - 2015-09-25 10:18 - 00000000 ____D C:\ProgramData\Wacom
2015-09-25 10:03 - 2015-09-25 10:03 - 00001220 _____ C:\Users\Public\Desktop\Bamboo Dock.lnk
2015-09-25 10:03 - 2015-09-25 10:03 - 00000002 _____ C:\Users\Ed\.bdockinstall.log
2015-09-25 10:03 - 2015-09-25 10:03 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-09-25 10:03 - 2015-09-25 10:03 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-09-25 10:03 - 2015-09-25 10:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bamboo Dock
2015-09-25 10:03 - 2015-09-25 10:03 - 00000000 ____D C:\Program Files (x86)\Bamboo Dock
2015-09-23 12:48 - 2015-09-23 12:48 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\67C37525.sys
2015-09-21 10:43 - 2015-09-21 10:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-09-21 06:36 - 2015-09-21 17:43 - 00000000 ____D C:\Users\Ed\Downloads\books
2015-09-20 05:18 - 2015-09-20 05:18 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\779B3210.sys
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-10-19 10:17 - 2015-07-05 14:20 - 00000000 ____D C:\FRST
2015-10-19 10:02 - 2015-08-04 19:55 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-10-19 09:50 - 2015-08-04 11:54 - 00875126 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-19 09:43 - 2015-08-04 11:51 - 00000000 ____D C:\Users\Ed\AppData\Local\Packages
2015-10-19 09:42 - 2015-08-04 10:07 - 00000000 ____D C:\Users\Ed\AppData\LocalLow\LastPass
2015-10-19 09:31 - 2015-08-04 11:26 - 00000932 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2015-10-19 09:25 - 2015-08-04 20:10 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-19 09:19 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-19 06:25 - 2015-08-04 20:10 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-19 04:17 - 2015-08-04 10:09 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{302F0C41-E534-4B68-AFED-AF140A5F3D88}
2015-10-19 04:14 - 2015-08-04 11:54 - 00000000 ____D C:\Users\Ed\OneDrive
2015-10-19 04:14 - 2015-08-04 11:26 - 00000928 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2015-10-18 14:02 - 2015-07-10 07:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-18 14:00 - 2015-07-10 07:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-18 12:30 - 2015-07-10 04:05 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2015-10-18 11:01 - 2015-08-24 11:40 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-10-18 07:59 - 2015-08-04 19:36 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-10-17 11:29 - 2015-08-04 11:42 - 00095308 _____ C:\WINDOWS\PFRO.log
2015-10-17 11:28 - 2015-08-24 11:40 - 00001175 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-10-17 11:28 - 2015-08-24 11:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-17 11:28 - 2015-08-24 11:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-17 11:10 - 2015-08-04 11:28 - 00000000 ___RD C:\Users\Ed\Dropbox
2015-10-17 08:59 - 2015-08-04 19:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-17 08:58 - 2015-07-07 04:55 - 00000000 ____D C:\AdwCleaner
2015-10-17 08:12 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-16 12:20 - 2015-08-04 11:51 - 00000000 ____D C:\Users\Ed
2015-10-16 12:16 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-16 12:14 - 2015-07-10 04:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-10-16 12:13 - 2015-07-10 07:20 - 00236648 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-10-16 07:26 - 2015-08-04 20:11 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-15 09:36 - 2015-07-10 05:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-14 22:57 - 2015-08-05 02:25 - 00000000 ____D C:\Users\Ed\Documents\My Kindle Content
2015-10-14 21:46 - 2015-08-04 19:36 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-10-08 07:57 - 2015-07-10 06:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-10-07 22:13 - 2015-08-29 21:18 - 00000000 ____D C:\Users\Ed\Documents\Ally
2015-10-07 06:18 - 2015-08-18 23:27 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2015-10-07 06:18 - 2015-08-04 11:45 - 00000000 ____D C:\ProgramData\AMD
2015-10-07 06:14 - 2015-03-25 23:27 - 00000000 ____D C:\AMD
2015-10-07 06:12 - 2015-08-21 22:07 - 10211016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2015-10-07 06:12 - 2015-08-21 22:07 - 01223552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2015-10-07 06:12 - 2015-08-21 22:07 - 00683504 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2015-10-07 06:12 - 2015-08-21 22:07 - 00255472 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2015-10-07 06:12 - 2015-08-21 22:07 - 00143048 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2015-10-07 06:12 - 2015-08-18 23:23 - 21648880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2015-10-07 06:12 - 2015-08-18 23:23 - 12088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2015-10-07 06:12 - 2015-08-18 23:23 - 08982432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2015-10-07 06:12 - 2015-08-18 23:23 - 08864928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2015-10-07 06:12 - 2015-08-18 23:23 - 01479808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2015-10-07 06:12 - 2015-08-18 23:23 - 00874480 _____ (AMD) C:\WINDOWS\system32\coinst_15.20.dll
2015-10-07 06:12 - 2015-08-18 23:23 - 00674288 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2015-10-07 06:12 - 2015-08-18 23:23 - 00162240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2015-10-07 06:12 - 2015-08-18 23:23 - 00130072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2015-10-07 06:12 - 2015-07-16 01:17 - 00451056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2015-10-07 06:12 - 2015-07-16 01:13 - 01256432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2015-10-05 09:50 - 2015-08-24 11:40 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-10-05 09:50 - 2015-08-24 11:40 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-10-04 20:10 - 2015-07-10 07:20 - 00019515 _____ C:\WINDOWS\setupact.log
2015-10-03 17:51 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\rescache
2015-10-03 08:32 - 2015-08-04 11:26 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-10-01 19:12 - 2015-07-10 06:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-01 19:12 - 2015-07-10 06:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-01 19:12 - 2015-07-10 06:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-01 19:12 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-01 19:12 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-01 19:11 - 2015-07-10 06:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-01 19:11 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-01 19:11 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-09-29 05:29 - 2015-08-27 22:10 - 00000000 ____D C:\Users\Ed\Documents\ChaseStatments
2015-09-28 10:55 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\ELAMBKUP
2015-09-28 09:38 - 2015-08-28 05:30 - 00000000 ____D C:\WINDOWS\Minidump
2015-09-28 09:38 - 2015-07-10 06:04 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2015-09-26 19:24 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-09-26 10:36 - 2015-07-10 05:59 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2015-09-26 10:36 - 2015-07-10 05:59 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2015-09-26 10:36 - 2015-07-10 05:59 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2015-09-26 10:36 - 2015-07-10 05:59 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2015-09-26 10:36 - 2015-07-10 05:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2015-09-26 10:36 - 2015-07-10 05:59 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2015-09-26 10:36 - 2015-07-10 05:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2015-09-26 10:36 - 2015-07-10 05:59 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2015-09-26 10:36 - 2015-07-10 05:59 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2015-09-26 10:36 - 2015-07-10 05:59 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2015-09-26 10:36 - 2015-07-10 05:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2015-09-26 10:36 - 2015-07-10 05:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2015-09-26 10:36 - 2015-07-10 05:59 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2015-09-26 10:36 - 2015-07-10 05:59 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2015-09-26 10:36 - 2015-07-10 05:59 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2015-09-26 10:36 - 2015-07-10 05:59 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2015-09-26 10:36 - 2015-07-10 05:59 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2015-09-26 10:36 - 2015-07-10 05:59 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2015-09-26 10:33 - 2015-08-04 19:23 - 00000000 ____D C:\Users\Ed\Documents\SerNos
2015-09-25 10:03 - 2015-08-04 19:35 - 00000000 ____D C:\ProgramData\Adobe
2015-09-25 10:03 - 2015-08-04 19:35 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-09-25 10:03 - 2015-08-04 19:34 - 00000000 ____D C:\Users\Ed\AppData\Local\Adobe
2015-09-25 10:03 - 2015-08-04 11:51 - 00000000 ____D C:\Users\Ed\AppData\Roaming\Adobe
2015-09-25 08:23 - 2015-08-14 00:43 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-23 13:13 - 2015-08-07 01:59 - 00000000 ____D C:\Users\Ed\Documents\Quicken
2015-09-23 13:05 - 2015-08-04 10:23 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-09-21 17:45 - 2015-09-14 08:53 - 00000000 ____D C:\Users\Ed\Documents\Calibre Library
2015-09-21 17:37 - 2015-09-14 08:53 - 00000000 ____D C:\Users\Ed\AppData\Roaming\calibre
2015-09-21 10:43 - 2015-08-04 20:10 - 00000000 ____D C:\Users\Ed\AppData\Local\Google
2015-09-21 10:43 - 2015-08-04 20:10 - 00000000 ____D C:\Program Files (x86)\Google
 
==================== Files in the root of some directories =======
 
2015-08-04 10:07 - 2015-08-04 10:07 - 16790552 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2015-08-22 05:21 - 2015-08-22 05:21 - 0179215 _____ () C:\Users\Ed\AppData\Local\ars.cache
2015-08-22 05:22 - 2015-08-22 05:22 - 0477197 _____ () C:\Users\Ed\AppData\Local\census.cache
2015-08-22 05:08 - 2015-08-22 05:08 - 0000036 _____ () C:\Users\Ed\AppData\Local\housecall.guid.cache
2015-08-22 05:19 - 2015-08-22 05:19 - 0000010 _____ () C:\Users\Ed\AppData\Local\sponge.last.runtime.cache
2015-10-17 09:10 - 2015-10-17 09:10 - 0024465 _____ () C:\ProgramData\1445091039.bdinstall.bin
2015-08-04 11:44 - 2015-08-04 11:44 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Some files in TEMP:
====================
C:\Users\Ed\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpdunvj_.dll
C:\Users\Ed\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-10-15 09:31
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:18-10-2015
Ran by Ed (2015-10-19 10:18:19)
Running from C:\Users\Ed\Desktop
Windows 10 Home (X64) (2015-08-04 16:50:29)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1109757102-2323827611-3227408454-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1109757102-2323827611-3227408454-503 - Limited - Disabled)
Ed (S-1-5-21-1109757102-2323827611-3227408454-1002 - Administrator - Enabled) => C:\Users\Ed
Guest (S-1-5-21-1109757102-2323827611-3227408454-501 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antispyware (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.009.20071 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version:  - Amazon)
Amazon Kindle (HKU\S-1-5-21-1109757102-2323827611-3227408454-1002\...\Amazon Kindle) (Version:  - Amazon)
Amazon Send to Kindle (HKLM-x32\...\SendToKindle) (Version: 1.0.1.241 - Amazon)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{66AFB595-BC05-2913-7696-6D58F9B733E1}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 4.0.0.0 - AppEx Networks)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArtRage 4 (HKLM-x32\...\ArtRage 4 4.5.6) (Version: 4.5.6 - Ambient Design)
ArtRage 4 (Version: 4.5.6 - Ambient Design) Hidden
ASUS Boot Setting (HKLM-x32\...\{7AAE9187-C24F-4073-A951-36C370E7A3A5}) (Version: 1.00.10 - ASUSTeK Computer Inc.)
Autodesk Pixlr (HKLM-x32\...\Autodesk Pixlr) (Version: 1.1.1.0 - Autodesk)
Autodesk Pixlr (x32 Version: 1.1.1.0 - Autodesk) Hidden
AVS Audio Converter 8.0 (HKLM-x32\...\AVS Audio Converter_is1) (Version: 8.0.2.541 - Online Media Technologies Ltd.)
AVS Audio Editor 8.0 (HKLM-x32\...\AVS Audio Editor_is1) (Version: 8.0.2.501 - Online Media Technologies Ltd.)
AVS Disc Creator 5.2 (HKLM-x32\...\AVS Disc Creator_is1) (Version: 5.2.4.534 - Online Media Technologies Ltd.)
AVS Document Converter 3.0.1 (HKLM-x32\...\AVS Document Converter_is1) (Version: 3.0.1.237 - Online Media Technologies Ltd.)
AVS Image Converter 4.0.1.280 (HKLM-x32\...\AVS Image Converter_is1) (Version: 4.0.1.280 - Online Media Technologies Ltd.)
AVS Media Player 4.2.5.108 (HKLM-x32\...\AVS Media Player_is1) (Version: 4.2.5.108 - Online Media Technologies Ltd.)
AVS Photo Editor 2.3.3.147 (HKLM-x32\...\AVS Photo Editor_is1) (Version: 2.3.3.147 - Online Media Technologies Ltd.)
AVS Registry Cleaner 3.0.2.271 (HKLM-x32\...\AVS Registry Cleaner_is1) (Version: 3.0.2.271 - Online Media Technologies Ltd.)
AVS Video Converter 9.1 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 9.1.4.574 - Online Media Technologies Ltd.)
AVS Video Editor 7.1 (HKLM-x32\...\AVS Video Editor_is1) (Version: 7.1.3.263 - Online Media Technologies Ltd.)
AVS Video ReMaker 5.0.1.172 (HKLM-x32\...\AVS Video ReMaker_is1) (Version: 5.0.1.172 - Online Media Technologies Ltd.)
Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 4.1 - Wacom Co., Ltd.)
Bamboo Dock (x32 Version: 4.1.0 - Wacom Europe GmbH) Hidden
Bamboo Tablets Tutorial (x32 Version: 3.0.20 - Wacom) Hidden
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.18.1035 - Bitdefender)
Bitdefender Antivirus Plus 2016 (HKLM\...\Bitdefender) (Version: 20.0.18.1037 - Bitdefender)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
calibre 64bit (HKLM\...\{7159D1E5-62F5-42C9-825E-BE613B5DFB0F}) (Version: 2.38.0 - Kovid Goyal)
Cisco Valet Connector (HKLM-x32\...\Cisco Valet Connector) (Version: 1.2.10148.2 - Cisco Consumer Products LLC)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.10.7 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.35 - Dropbox, Inc.) Hidden
Elevated Installer (x32 Version: 4.1.8.0 - Garmin Ltd or its subsidiaries) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Garmin BaseCamp (HKLM-x32\...\{11172DEF-77A3-418C-B980-EF0D097CA237}) (Version: 4.5.1 - Garmin Ltd or its subsidiaries)
Garmin City Navigator North America NT 2016.10 (HKLM-x32\...\{F9390291-4BC2-411B-A41E-A843AC632FB1}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{44d9dfc0-3a4a-4439-870f-f97550a9bc8d}) (Version: 4.1.8.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.1.8.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.1.8.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM\...\{DC7720F2-98BE-41C1-B0A8-E391362E86B8}) (Version: 2.3.1.1 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.71 - Google Inc.)
Google Drive (HKLM-x32\...\{12ADFB82-D5A3-43E4-B2F4-FCD9B690315B}) (Version: 1.24.9931.5480 - Google, Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 41.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 en-US)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
OneClickdigital Media Manager (HKLM-x32\...\{FDFDEC8B-1047-49D8-B2D2-45C0B02F92FC}) (Version: 67.0.0.0 - Recorded Books)
Online Backup (HKLM-x32\...\Online Backup) (Version: 2.33 - www.backup.com)
Quicken 2015 (HKLM-x32\...\{00C2D443-43D9-4550-ABEA-318288E23E57}) (Version: 24.1.8.1 - Intuit)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
TwistedBrush Pro Studio (HKU\S-1-5-21-1109757102-2323827611-3227408454-1002\...\TwistedBrush Pro Studio) (Version:  - )
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.5-3 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Средства проверки правописания Microsoft Office 2013 — русский (HKLM\...\{90150000-001F-0419-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Средства проверки правописания Microsoft Office 2013 — русский (HKLM-x32\...\{90150000-001F-0419-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Restore Points =========================
 
01-10-2015 01:58:01 Windows Update
04-10-2015 20:15:26 Windows Backup
07-10-2015 06:14:34 Removed AMD Catalyst Control Center
10-10-2015 06:17:18 Windows Update
10-10-2015 06:19:05 Windows Update
12-10-2015 08:34:10 Windows Backup
15-10-2015 09:31:05 Windows Update
15-10-2015 09:32:13 Windows Update
17-10-2015 09:03:53 JRT Pre-Junkware Removal
19-10-2015 06:01:21 Windows Backup
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-07-10 06:04 - 2015-10-19 10:14 - 00001062 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {09275E68-CD04-40D8-9210-7F73BD4F87C1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-09-11] (Microsoft Corporation)
Task: {11F0676E-5855-4080-80AE-21A0341631A8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {202BF44F-4942-499D-994C-30E0BE61DCE2} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2015-09-11] ()
Task: {3859A224-B599-47BC-BDBB-07831B667C6F} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-04] (Dropbox, Inc.)
Task: {73991EE6-1430-4DB8-A75F-FDA62E0B886F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-04] (Google Inc.)
Task: {81CA4896-3E17-48BF-B90C-03B0075BDC41} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-04] (Google Inc.)
Task: {8B2D62BB-1BEA-413C-A8C3-46E80C0844C7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {92EBD6EF-A5E1-4CA8-8472-D7F9708F485B} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-04] (Dropbox, Inc.)
Task: {A98C7940-FDBF-4FA1-87A5-B87B7C7B943A} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-09-11] (Microsoft Corporation)
Task: {B9F465E5-B5E6-494F-80CA-B24189E00E55} - System32\Tasks\Quicken Back up => C:\Program Files (x86)\Quicken\qw.exe [2015-05-16] (Intuit Inc.)
Task: {C5BA2F06-2B5B-48F3-B6D8-E86DF0FC1837} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-08-04 12:38 - 2015-08-04 12:38 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-09-28 11:16 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\bdmetrics.dll
2015-09-28 11:16 - 2015-10-05 17:56 - 00338216 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\bdconnect.dll
2015-09-28 11:16 - 2015-09-04 17:39 - 00875352 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpbr.mdl
2015-09-28 11:16 - 2015-09-04 17:39 - 00741952 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpdsp.mdl
2015-09-28 11:16 - 2015-09-04 17:39 - 02800952 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpph.mdl
2015-09-28 11:16 - 2015-09-04 17:39 - 01413024 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttprbl.mdl
2015-08-18 21:38 - 2015-08-11 04:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-08-21 22:09 - 2015-08-21 22:09 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2015-08-21 22:09 - 2015-08-21 22:09 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-20 11:25 - 2012-06-01 17:42 - 00920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2015-08-04 10:23 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-08-04 11:56 - 2015-08-04 11:56 - 00045056 _____ () C:\WINDOWS\SysWOW64\UTSCSI.EXE
2015-10-01 01:32 - 2015-09-17 01:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-25 10:18 - 2014-08-19 12:12 - 01356568 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2015-10-01 01:32 - 2015-09-17 00:43 - 02028544 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesService.dll
2015-10-01 01:30 - 2015-09-17 00:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-01 01:30 - 2015-09-17 00:42 - 00619008 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SignalsManager.dll
2015-10-01 01:32 - 2015-09-17 01:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-01 01:31 - 2015-09-17 00:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 05:59 - 2015-07-10 05:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-10-01 01:32 - 2015-09-17 00:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-01 01:32 - 2015-09-17 00:49 - 00884736 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2015-10-01 01:30 - 2015-09-17 00:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 01:32 - 2015-09-17 00:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-08-04 12:38 - 2015-08-04 12:38 - 00577024 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.NodeWinrtWrap.dll
2015-07-10 06:00 - 2015-07-10 08:14 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-08-04 12:38 - 2015-08-04 12:38 - 00181248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\nodert-buffer-utils\bin\NodeRT_Buffer_Utils.node
2015-08-04 12:38 - 2015-08-04 12:38 - 00559616 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.storage.streams\bin\NodeRT_Windows_Storage_Streams.node
2015-08-04 12:38 - 2015-08-04 12:38 - 00643072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.foundation.diagnostics\bin\NodeRT_Windows_Foundation_Diagnostics.node
2015-07-10 06:00 - 2015-07-10 08:14 - 00037888 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\winrt-projections\bin\Winrt_Projections.node
2015-08-04 12:38 - 2015-08-04 12:38 - 00796160 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http\bin\NodeRT_Windows_Web_Http.node
2015-08-04 12:38 - 2015-08-04 12:38 - 00961536 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.headers\bin\NodeRT_Windows_Web_Http_Headers.node
2015-08-04 12:38 - 2015-08-04 12:38 - 00204288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.filters\bin\NodeRT_Windows_Web_Http_Filters.node
2015-08-04 12:38 - 2015-08-04 12:38 - 00397824 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.foundation\bin\NodeRT_Windows_Foundation.node
2015-08-04 12:38 - 2015-08-04 12:38 - 00074240 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.networking\bin\NodeRT_Windows_Networking.node
2015-08-04 12:38 - 2015-08-04 12:38 - 00093696 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.security.cryptography\bin\NodeRT_Windows_Security_Cryptography.node
2015-08-04 12:38 - 2015-08-04 12:38 - 00124416 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.cortana.pal\bin\NodeRT_Windows_Cortana_PAL.node
2015-08-21 22:09 - 2015-08-21 22:09 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-08-18 21:38 - 2015-08-11 04:10 - 00293376 _____ () C:\WINDOWS\SYSTEM32\textinputframework.dll
2015-08-20 11:25 - 2015-10-18 14:00 - 00023040 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2015-08-20 11:25 - 2010-06-29 10:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2015-08-04 10:24 - 2015-08-04 10:28 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Ed\Desktop\AdwCleaner.exe:BDU
AlternateDataStreams: C:\Users\Ed\Desktop\JRT.exe:BDU
AlternateDataStreams: C:\Users\Ed\Desktop\MiniToolBox.exe:BDU
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1109757102-2323827611-3227408454-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Ed\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 68.105.28.12 - 68.105.29.12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "BambooCore"
HKU\S-1-5-21-1109757102-2323827611-3227408454-1002\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-1109757102-2323827611-3227408454-1002\...\StartupApproved\Run: => "Bitdefender Wallet Agent"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{BDCD0D2E-F3FE-40F8-9EA8-C458CD947839}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{E380C59C-3519-4704-8A8C-9365B58B759C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C9C0F890-03B3-4771-B22C-8EE906E69C2D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{208E2E8D-93A4-4446-862E-C937EFA187F9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9C0960B9-E001-4064-BE97-2D9B5C541E7A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7E1E97AB-B835-4B8F-B692-BEBD39CABD7A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{75FA3953-12A8-48B5-B662-3980AD024208}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{78A6E51A-A2A1-447E-ABFF-3089F7C82831}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{EF0E69B8-8FF6-4A1D-9A51-A472583EA4FF}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{ECBFA2D3-8303-42C3-9559-3C4E169FA1D9}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{44CDAA7A-A2A1-4AB5-A33F-683DD077FDFB}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{7B001077-C53C-4231-A3CB-22DC73B12390}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [TCP Query User{C7C3E1A4-9148-4389-A974-3923CF9D6070}C:\users\ed\appdata\local\temp\rarsfx2\x32\pcsftool.exe] => (Allow) C:\users\ed\appdata\local\temp\rarsfx2\x32\pcsftool.exe
FirewallRules: [UDP Query User{6606DBFF-05CD-43F1-8507-A4C26EBB46A2}C:\users\ed\appdata\local\temp\rarsfx2\x32\pcsftool.exe] => (Allow) C:\users\ed\appdata\local\temp\rarsfx2\x32\pcsftool.exe
FirewallRules: [TCP Query User{DF1C3018-21AC-4DFE-9F0A-D8C8212D586C}C:\users\ed\appdata\local\temp\rarsfx2\x64\pcsftool.exe] => (Allow) C:\users\ed\appdata\local\temp\rarsfx2\x64\pcsftool.exe
FirewallRules: [UDP Query User{F9DE654D-8F14-4433-A000-CAE865AEFA8C}C:\users\ed\appdata\local\temp\rarsfx2\x64\pcsftool.exe] => (Allow) C:\users\ed\appdata\local\temp\rarsfx2\x64\pcsftool.exe
FirewallRules: [{2F120993-4D2A-4614-AFBC-DC53543406ED}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{A02A6BD3-BBAB-4BFD-B7D0-0453412BFDB0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/19/2015 07:17:15 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (10/19/2015 06:17:18 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (10/19/2015 06:17:05 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (10/19/2015 06:16:52 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (10/19/2015 06:01:22 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (10/19/2015 06:01:02 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (10/19/2015 06:00:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SystemSettings.exe, version: 10.0.10240.16384, time stamp: 0x559f39ae
Faulting module name: MusUpdateHandlers.dll, version: 10.0.10240.16392, time stamp: 0x55a8693d
Exception code: 0xc0000005
Fault offset: 0x000000000002c221
Faulting process id: 0x1d68
Faulting application start time: 0xSystemSettings.exe0
Faulting application path: SystemSettings.exe1
Faulting module path: SystemSettings.exe2
Report Id: SystemSettings.exe3
Faulting package full name: SystemSettings.exe4
Faulting package-relative application ID: SystemSettings.exe5
 
Error: (10/19/2015 06:00:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SystemSettings.exe, version: 10.0.10240.16384, time stamp: 0x559f39ae
Faulting module name: MusUpdateHandlers.dll, version: 10.0.10240.16392, time stamp: 0x55a8693d
Exception code: 0xc0000005
Fault offset: 0x000000000002c221
Faulting process id: 0xa94
Faulting application start time: 0xSystemSettings.exe0
Faulting application path: SystemSettings.exe1
Faulting module path: SystemSettings.exe2
Report Id: SystemSettings.exe3
Faulting package full name: SystemSettings.exe4
Faulting package-relative application ID: SystemSettings.exe5
 
Error: (10/19/2015 04:25:12 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (10/19/2015 04:20:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SystemSettings.exe, version: 10.0.10240.16384, time stamp: 0x559f39ae
Faulting module name: MusUpdateHandlers.dll, version: 10.0.10240.16392, time stamp: 0x55a8693d
Exception code: 0xc0000005
Fault offset: 0x0000000000029ffc
Faulting process id: 0x1440
Faulting application start time: 0xSystemSettings.exe0
Faulting application path: SystemSettings.exe1
Faulting module path: SystemSettings.exe2
Report Id: SystemSettings.exe3
Faulting package full name: SystemSettings.exe4
Faulting package-relative application ID: SystemSettings.exe5
 
 
System errors:
=============
Error: (10/19/2015 06:18:26 AM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Filter Manager failed to attach to volume '\Device\HarddiskVolume17'.  This volume will be unavailable for filtering until a reboot.  The final status was 0xc03a001c.
 
Error: (10/19/2015 06:18:26 AM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Filter Manager failed to attach to volume '\Device\HarddiskVolume17'.  This volume will be unavailable for filtering until a reboot.  The final status was 0xc03a001c.
 
Error: (10/18/2015 03:52:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (10/18/2015 03:52:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (10/18/2015 03:52:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (10/18/2015 03:52:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (10/18/2015 02:12:49 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Xbox Live Auth Manager service terminated with the following service-specific error: 
%%0
 
Error: (10/18/2015 02:00:14 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 32212256841190080
 
Error: (10/18/2015 02:00:36 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 12:30:57 PM on ‎10/‎18/‎2015 was unexpected.
 
Error: (10/18/2015 12:37:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
 
CodeIntegrity:
===================================
  Date: 2015-10-18 10:30:57.008
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-10-18 10:30:56.983
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-10-18 10:30:56.955
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-10-18 10:30:54.795
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-10-18 10:30:54.708
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-10-18 10:30:54.397
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-10-18 10:30:54.260
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-10-18 10:30:53.858
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-10-18 10:30:53.781
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-10-18 10:30:53.271
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: AMD A4-3420 APU with Radeon™ HD Graphics
Percentage of memory in use: 36%
Total physical RAM: 5590.52 MB
Available physical RAM: 3534.89 MB
Total Virtual: 6486.52 MB
Available Virtual: 4262.35 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:930.56 GB) (Free:834.94 GB) NTFS
Drive f: (Back) (Fixed) (Total:900.27 GB) (Free:224.77 GB) NTFS
Drive g: (From old) (Fixed) (Total:962.74 GB) (Free:778.57 GB) NTFS
Drive j: () (Removable) (Total:0.12 GB) (Free:0.11 GB) FAT
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 7042AFC2)
 
Partition: GPT.
 
========================================================
Disk: 2 (Size: 124 MB) (Disk ID: 6F20736B)
No partition Table on disk 2.
Disk 2 is a removable device.
 
========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 03833706)
Partition 1: (Active) - (Size=900.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=962.7 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Which browser is causing the problems ?

What are the unwanted web sites

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

CreateRestorePoint:
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that
  • 0

#5
eingram25

eingram25

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

Fix result of Farbar Recovery Scan Tool (x64) Version:21-10-2015 01

 

Ran by Ed (2015-10-23 07:20:06) Run:2

 

Running from C:\Users\Ed\Desktop

 

Loaded Profiles: Ed (Available Profiles: Ed)

 

Boot Mode: Normal

 

==============================================

 

 

fixlist content:

 

*****************

 

CreateRestorePoint:

 

Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f

 

Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f

 

RemoveProxy:

 

CMD: netsh advfirewall reset

 

CMD: netsh advfirewall set allprofiles state ON

 

CMD: ipconfig /flushdns

 

CMD: netsh winsock reset catalog

 

CMD: netsh int ip reset c:\resetlog.txt

 

CMD: ipconfig /release

 

CMD: ipconfig /renew

 

CMD: netsh int ipv4 reset

 

CMD: netsh int ipv6 reset

 

EmptyTemp:

 

CMD: bitsadmin /reset /allusers

 

*****************

 

 

Restore point was successfully created.

 

 

========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

 

 

The operation completed successfully.

 

 

 

========= End of Reg: =========

 

 

========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

 

The operation completed successfully.

 

 

 

========= End of Reg: =========

 

 

 

========= RemoveProxy: =========

 

 

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully

 

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully

 

HKU\S-1-5-21-1109757102-2323827611-3227408454-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully

 

HKU\S-1-5-21-1109757102-2323827611-3227408454-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully

 

 

 

========= End of RemoveProxy: =========

 

 

 

=========  netsh advfirewall reset =========

 

 

Ok.

 

 

 

========= End of CMD: =========

 

 

 

=========  netsh advfirewall set allprofiles state ON =========

 

 

Ok.

 

 

 

========= End of CMD: =========

 

 

 

=========  ipconfig /flushdns =========

 

 

 

Windows IP Configuration

 

 

Successfully flushed the DNS Resolver Cache.

 

 

========= End of CMD: =========

 

 

 

=========  netsh winsock reset catalog =========

 

 

 

Sucessfully reset the Winsock Catalog.

 

You must restart the computer in order to complete the reset.

 

 

 

========= End of CMD: =========

 

 

 

=========  netsh int ip reset c:\resetlog.txt =========

 

 

Resetting Global, OK!

 

Resetting Interface, OK!

 

Resetting Neighbor, OK!

 

Resetting Path, OK!

 

Resetting , failed.

 

Access is denied.

 

 

Resetting , OK!

 

Restart the computer to complete this action.

 

 

 

========= End of CMD: =========

 

 

 

=========  ipconfig /release =========

 

 

 

Windows IP Configuration

 

 

No operation can be performed on Local Area Connection* 2 while it has its media disconnected.

 

 

Wireless LAN adapter Local Area Connection* 2:

 

 

   Media State . . . . . . . . . . . : Media disconnected

 

   Connection-specific DNS Suffix  . :

 

 

Wireless LAN adapter Wi-Fi:

 

 

   Connection-specific DNS Suffix  . :

 

   Link-local IPv6 Address . . . . . : fe80::8a6:963c:570a:760a%3

 

   Default Gateway . . . . . . . . . :

 

 

Tunnel adapter Teredo Tunneling Pseudo-Interface:

 

 

   Media State . . . . . . . . . . . : Media disconnected

 

   Connection-specific DNS Suffix  . :

 

 

Tunnel adapter isatap.ks.cox.net:

 

 

   Media State . . . . . . . . . . . : Media unoperational

 

   Connection-specific DNS Suffix  . :

 

 

========= End of CMD: =========

 

 

 

=========  ipconfig /renew =========

 

 

 

Windows IP Configuration

 

 

No operation can be performed on Local Area Connection* 2 while it has its media disconnected.

 

 

Wireless LAN adapter Local Area Connection* 2:

 

 

   Media State . . . . . . . . . . . : Media disconnected

 

   Connection-specific DNS Suffix  . :

 

 

Wireless LAN adapter Wi-Fi:

 

 

   Connection-specific DNS Suffix  . : ks.cox.net

 

   Link-local IPv6 Address . . . . . : fe80::8a6:963c:570a:760a%3

 

   IPv4 Address. . . . . . . . . . . : 192.168.1.114

 

   Subnet Mask . . . . . . . . . . . : 255.255.255.0

 

   Default Gateway . . . . . . . . . : 192.168.1.1

 

 

Tunnel adapter isatap.ks.cox.net:

 

 

   Media State . . . . . . . . . . . : Media disconnected

 

   Connection-specific DNS Suffix  . : ks.cox.net

 

 

Tunnel adapter Teredo Tunneling Pseudo-Interface:

 

 

   Connection-specific DNS Suffix  . :

 

   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:2471:3c3a:e700:360d

 

   Link-local IPv6 Address . . . . . : fe80::2471:3c3a:e700:360d%4

 

   Default Gateway . . . . . . . . . : ::

 

 

========= End of CMD: =========

 

 

 

=========  netsh int ipv4 reset =========

 

 

Resetting Interface, OK!

 

Resetting , failed.

 

Access is denied.

 

 

Restart the computer to complete this action.

 

 

 

========= End of CMD: =========

 

 

 

=========  netsh int ipv6 reset =========

 

 

Resetting Interface, OK!

 

Resetting Neighbor, OK!

 

Resetting Path, OK!

 

Resetting , failed.

 

Access is denied.

 

 

Resetting , OK!

 

Resetting , OK!

 

Restart the computer to complete this action.

 

 

 

========= End of CMD: =========

 

 

 

=========  bitsadmin /reset /allusers =========

 

 

 

BITSADMIN version 3.0 [ 7.8.10240 ]

 

BITS administration utility.

 

© Copyright 2000-2006 Microsoft Corp.

 

 

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.

 

Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

 

 

0 out of 0 jobs canceled.

 

 

========= End of CMD: =========

 

 

EmptyTemp: => 3.2 GB temporary data Removed.

 

 

 

The system needed a reboot.

 

 

==== End of Fixlog 07:27:42 ====


  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Which browsers are causing the problem and what are the sites that it goes to ?

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S0].txt as well.

  • 0

#7
eingram25

eingram25

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
It never happens when I'm running a browser. There are no browsers ruñning. It is when I'm playing a Microsoft Store game. I've already run adw cleaner. It is many different sites, everything from Walmart to Goodyear to various tools to plumbing fixtures to what have you. It hasn't happened lately, so maybe it's fixed.
  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Which game is this ?  As some are ad supported


  • 0

#9
eingram25

eingram25

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

Magic jigsaws


  • 0

#10
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Here you go .. https://ipadpuzzless...o-turn-off-ads-

Any further problems
  • 0

#11
eingram25

eingram25

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

OK problem solved.  Thank you for your help.


  • 0

#12
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Remove tools

Download and run Delfix
Select the options as shown
delfix.JPG


: Keep Java Updated :

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article

I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)

If you do need to keep Java then download JavaRa
Run the programme and select Remove Java Runtime. Uninstall all versions of Java present
Once done then run it again and select Update Java runtime > Download and install Latest version
javara.JPG


Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

CryptoPrevent install this programme to lock down and prevent crypto ransome ware

CryptoPrevent.JPG

Malwarebytes

Update and run weekly to keep your system clean

Unchecky

Click on the link above to be taken to Unchecky.com
click the very large Download button.
click Save
Click Open folder
Right click on the Unchecky_setup and choose to Run as Administrator
Once open click the Install button.
Then click on Finish
Unchecky is now installed and will help you keep unwanted check boxes unchecked, this is a fire and forget programme ;)

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe :wave:
  • 0

#13
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP