Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Windows 8.1 Laptop acting very slow.


  • Please log in to reply

#1
Pepsi_Man

Pepsi_Man

    Member

  • Member
  • PipPip
  • 32 posts

 Hello! For the past few weeks my laptop has been acting slow including memory maxing out at times and flash player constantly crashing. I just want to rule out that it is indeed malware. Here are the first two logs and thanks for your help!

 

System Type: 64 bit OS, x64-based processor

 

FRST Text:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:24-01-2016
Ran by Raymond (administrator) on FAMILY_LAPTOP (24-01-2016 10:12:42)
Running from C:\Users\Raymond\Downloads
Loaded Profiles: Pete & lpsde_000 & Raymond (Available Profiles: Pete & lpsde_000 & Raymond)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Joyent, Inc) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Qualcomm Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Joyent, Inc) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Joyent, Inc) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Joyent, Inc) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Joyent, Inc) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssist\pcdrcui.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Microsoft Corporation) C:\Windows\System32\mspaint.exe
(Adobe Systems, Incorporated) C:\Program Files\Adobe\Adobe Photoshop CC 2015\Photoshop.exe
(Joyent, Inc) C:\Program Files\Adobe\Adobe Photoshop CC 2015\node.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Raymond\Downloads\FRST64 (1).exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7191768 2013-06-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321176 2013-06-28] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321176 2013-06-28] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5762408 2013-03-05] (Dell Inc.)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtPreLoad.exe [64640 2012-12-28] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3010952 2012-12-20] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-10-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [285240 2012-11-19] (Intel Corporation)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [847576 2015-02-03] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6133520 2015-11-06] (AVAST Software)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2304688 2015-12-15] (Adobe Systems Incorporated)
HKLM\...\RunOnce: [PC-Doctor for Windows REBOOT] => [X]
HKLM-x32\...\RunOnce: [20150107] => C:\Program Files\AVAST Software\Avast\setup\emupdate\c440181e-bbfe-43df-ba4f-d21980ccdac5.exe [168336 2016-01-22] (AVAST Software)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [129664 2012-12-28] (Qualcomm Atheros Commnucations)
HKU\S-1-5-21-3586387666-3239246767-1759376953-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3098424 2015-08-19] (Nota Inc.)
HKU\S-1-5-21-3586387666-3239246767-1759376953-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50385536 2015-12-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3586387666-3239246767-1759376953-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3011152 2015-11-09] (Valve Corporation)
HKU\S-1-5-21-3586387666-3239246767-1759376953-1002\...\MountPoints2: {384bf85c-89f7-11e5-bea2-342387409d5e} - "D:\TLBootstrap_WPP.exe" 
HKU\S-1-5-21-3586387666-3239246767-1759376953-1002\...\MountPoints2: {59a78824-26b0-11e5-be89-74867a55dad5} - "D:\iStudio.exe" 
HKU\S-1-5-21-3586387666-3239246767-1759376953-1003\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3098424 2015-08-19] (Nota Inc.)
HKU\S-1-5-21-3586387666-3239246767-1759376953-1003\...\Run: [Google Update] => C:\Users\Raymond\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-11-23] (Google Inc.)
HKU\S-1-5-21-3586387666-3239246767-1759376953-1003\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_267_Plugin.exe -update plugin
HKU\S-1-5-21-3586387666-3239246767-1759376953-1003\...\MountPoints2: {384bf85c-89f7-11e5-bea2-342387409d5e} - "D:\TLBootstrap_WPP.exe" 
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-10-15] (AVAST Software)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
Startup: C:\Users\Raymond\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PRTG Enterprise Console.lnk [2015-12-22]
ShortcutTarget: PRTG Enterprise Console.lnk -> C:\Program Files (x86)\PRTG Network Monitor\PRTG Enterprise Console.exe (No File)
GroupPolicyUsers\S-1-5-21-3586387666-3239246767-1759376953-1003\User: Restriction <======= ATTENTION
GroupPolicyUsers\S-1-5-21-3586387666-3239246767-1759376953-1002\User: Restriction <======= ATTENTION
GroupPolicyUsers\S-1-5-21-3586387666-3239246767-1759376953-1001\User: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 10.10.10.254 8.8.8.8
Tcpip\..\Interfaces\{A3D3790E-FF23-48A8-A395-12948FD962FF}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B39B3DF8-8BC4-4D6B-BE24-38D6D6C4CCDA}: [DhcpNameServer] 10.10.10.254 8.8.8.8
 
Internet Explorer:
==================
HKU\S-1-5-21-3586387666-3239246767-1759376953-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-3586387666-3239246767-1759376953-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-3586387666-3239246767-1759376953-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-3586387666-3239246767-1759376953-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-3586387666-3239246767-1759376953-1002\Software\Microsoft\Internet Explorer\Main,DisableRequiresActiveXPrompt = www.microsoft.com
HKU\S-1-5-21-3586387666-3239246767-1759376953-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-3586387666-3239246767-1759376953-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKU\S-1-5-21-3586387666-3239246767-1759376953-1003 -> DefaultScope {B964B27E-EE0D-4FB7-9234-E7D28746507B} URL = 
SearchScopes: HKU\S-1-5-21-3586387666-3239246767-1759376953-1003 -> {B964B27E-EE0D-4FB7-9234-E7D28746507B} URL = 
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll [2012-12-28] (Qualcomm Atheros Commnucations)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-16] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: The Amazon 1Button App for IE -> {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} -> C:\AmazonAppIE.dll [2013-06-07] (Amazon Inc.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-16] (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\Raymond\AppData\Roaming\Mozilla\Firefox\Profiles\xyzjurts.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-20] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-12-15] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-12-15] (Adobe Systems)
FF Plugin-x32: BYOND -> C:\Program Files (x86)\BYOND\bin\npbyond.dll [2008-07-08] (BYOND)
FF Plugin HKU\S-1-5-21-3586387666-3239246767-1759376953-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\lpsde_000\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-02-18] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3586387666-3239246767-1759376953-1003: @talk.google.com/GoogleTalkPlugin -> C:\Users\Raymond\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3586387666-3239246767-1759376953-1003: @talk.google.com/O1DPlugin -> C:\Users\Raymond\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3586387666-3239246767-1759376953-1003: @tools.google.com/Google Update;version=3 -> C:\Users\Raymond\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.)
FF Plugin HKU\S-1-5-21-3586387666-3239246767-1759376953-1003: @tools.google.com/Google Update;version=9 -> C:\Users\Raymond\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Raymond\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Raymond\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-10]
FF HKU\S-1-5-21-3586387666-3239246767-1759376953-1002\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => not found
 
Chrome: 
=======
CHR Profile: C:\Users\Raymond\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Raymond\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-15]
CHR Extension: (Google Docs) - C:\Users\Raymond\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-15]
CHR Extension: (Google Drive) - C:\Users\Raymond\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-15]
CHR Extension: (YouTube) - C:\Users\Raymond\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-15]
CHR Extension: (Google Search) - C:\Users\Raymond\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-15]
CHR Extension: (Avast SafePrice) - C:\Users\Raymond\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-11-15]
CHR Extension: (Google Sheets) - C:\Users\Raymond\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-15]
CHR Extension: (Google Docs Offline) - C:\Users\Raymond\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-15]
CHR Extension: (Avast Online Security) - C:\Users\Raymond\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Raymond\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-15]
CHR Extension: (Gmail) - C:\Users\Raymond\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-15]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-07-08]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-08]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [683696 2015-11-16] (Adobe Systems Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016448 2015-11-25] (Adobe Systems, Incorporated)
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [226944 2012-12-28] (Qualcomm Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-10-15] (AVAST Software)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2015-02-03] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2015-02-03] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [794328 2015-02-03] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2574168 2015-09-11] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201560 2015-09-11] (Dell Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-18] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915480 2013-05-23] (SoftThinks SAS)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [21160 2015-09-30] (Dell Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2012-12-26] (Atheros) [File not signed]
S3 rpcapd; "%ProgramFiles(x86)%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles(x86)%\WinPcap\rpcapd.ini" [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AlterCam; C:\Windows\system32\DRIVERS\AlterCam.sys [106120 2014-11-23] (e2eSoft)
S3 AlterCam_AudDriver; C:\Windows\system32\drivers\AlterCamAudioDriver.sys [29432 2014-12-13] (Bolide Software)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-10-15] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-10-15] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-10-15] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-10-15] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-10-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-10-15] (AVAST Software)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2015-02-03] (BlueStack Systems)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-28] (Qualcomm Atheros)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-02-26] (Dell Computer Corporation)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [24240 2015-09-11] (Dell Computer Corporation)
S3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-15] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2014-08-18] (Riverbed Technology, Inc.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [28040 2012-12-20] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [32136 2012-12-20] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-24 10:12 - 2016-01-24 10:14 - 00031371 _____ C:\Users\Raymond\Downloads\FRST.txt
2016-01-24 10:12 - 2016-01-24 10:12 - 00000000 ____D C:\FRST
2016-01-24 10:10 - 2016-01-24 10:10 - 02370560 _____ (Farbar) C:\Users\Raymond\Downloads\FRST64 (1).exe
2016-01-24 10:08 - 2016-01-24 10:09 - 02370560 _____ (Farbar) C:\Users\Raymond\Downloads\FRST64.exe
2016-01-21 11:32 - 2016-01-21 11:32 - 00825176 _____ C:\Users\Raymond\Downloads\200126.dcr
2016-01-19 18:20 - 2016-01-19 18:20 - 00004038 _____ C:\WINDOWS\System32\Tasks\PCDoctorBackgroundMonitorTask
2016-01-19 18:20 - 2016-01-19 18:20 - 00003484 _____ C:\WINDOWS\System32\Tasks\PCDEventLauncherTask
2016-01-19 18:20 - 2016-01-19 18:20 - 00003226 _____ C:\WINDOWS\System32\Tasks\SystemToolsDailyTest
2016-01-19 18:20 - 2016-01-19 18:20 - 00000000 ____D C:\ProgramData\PC-Doctor for Windows
2016-01-19 18:20 - 2016-01-19 18:20 - 00000000 ____D C:\Program Files\Dell Support Center
2016-01-18 21:28 - 2016-01-18 21:28 - 00000000 ___RD C:\Users\Raymond\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2016-01-18 19:21 - 2016-01-18 19:21 - 00000000 ____D C:\Users\Pete\Desktop\36_HalloweenFlyer
2016-01-18 19:21 - 2016-01-18 19:21 - 00000000 ____D C:\Users\Pete\Desktop\35_PhotographyFlyer
2016-01-18 19:20 - 2016-01-18 19:20 - 00000063 _____ C:\Users\Pete\Desktop\More Good Stuff.URL
2016-01-18 19:19 - 2016-01-18 19:19 - 00000000 ____D C:\Users\Pete\Desktop\Painting and Classic Frames
2016-01-18 19:16 - 2016-01-18 19:16 - 00000000 ____D C:\Users\Pete\Desktop\Flypaper Textures Taster Pack
2016-01-18 19:15 - 2016-01-18 19:15 - 00000000 ____D C:\Users\Pete\Documents\Avery Templates for Adobe
2016-01-18 19:12 - 2016-01-18 19:12 - 00000000 ____D C:\Users\Pete\Desktop\Electro Photoshop Text Styles
2016-01-18 19:11 - 2016-01-18 19:31 - 00000000 ___RD C:\Users\Pete\Creative Cloud Files
2016-01-18 19:11 - 2016-01-18 19:11 - 10478505 _____ C:\Users\Pete\Downloads\horrorglitchytrailertitles.zip
2016-01-18 19:11 - 2016-01-18 19:11 - 00000784 _____ C:\Users\Pete\Downloads\audioplayer.zip
2016-01-15 18:56 - 2016-01-15 18:59 - 00000000 ____D C:\Users\lpsde_000\AppData\Local\Adobe
2016-01-13 14:56 - 2016-01-13 14:56 - 00003516 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-Family_Laptop-Raymond
2016-01-13 01:41 - 2015-12-10 20:38 - 25837568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-01-13 01:41 - 2015-12-10 20:00 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-13 01:41 - 2015-12-10 19:55 - 06051328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-01-13 01:41 - 2015-12-10 19:50 - 20367360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-01-13 01:41 - 2015-12-10 19:45 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-01-13 01:41 - 2015-12-10 19:21 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-13 01:41 - 2015-12-10 19:18 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-01-13 01:41 - 2015-12-10 19:09 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-01-13 01:41 - 2015-12-10 19:09 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-01-13 01:41 - 2015-12-10 19:03 - 14456832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-01-13 01:41 - 2015-12-10 18:59 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-01-13 01:41 - 2015-12-10 18:43 - 04610560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-01-13 01:41 - 2015-12-10 18:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-01-13 01:41 - 2015-12-10 18:38 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-01-13 01:41 - 2015-12-10 18:37 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-01-13 01:41 - 2015-12-10 18:35 - 12856320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-01-13 01:41 - 2015-12-10 18:26 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-01-13 01:41 - 2015-12-10 18:14 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-01-13 01:41 - 2015-12-10 18:12 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-01-13 01:41 - 2015-12-10 18:08 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-01-13 01:41 - 2015-12-10 18:07 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-01-13 01:39 - 2015-12-02 07:04 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-13 01:39 - 2015-12-02 07:01 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-13 01:38 - 2015-12-30 11:32 - 07453016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-13 01:38 - 2015-12-30 11:32 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-01-13 01:38 - 2015-12-30 11:32 - 01499912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-01-13 01:38 - 2015-12-09 16:40 - 00033456 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-01-13 01:38 - 2015-12-07 02:56 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-13 01:38 - 2015-12-04 21:58 - 02745184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2016-01-13 01:38 - 2015-12-04 21:58 - 02528784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2016-01-13 01:38 - 2015-12-04 21:58 - 02450240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVENCOD.DLL
2016-01-13 01:38 - 2015-12-04 21:58 - 02447136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVENCOD.DLL
2016-01-13 01:38 - 2015-12-04 21:58 - 02334104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-13 01:38 - 2015-12-04 21:58 - 02324744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-13 01:38 - 2015-12-04 21:58 - 01877504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2016-01-13 01:38 - 2015-12-04 21:58 - 01798480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-13 01:38 - 2015-12-04 21:58 - 01484888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2016-01-13 01:38 - 2015-12-04 21:58 - 01288128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-13 01:38 - 2015-12-04 21:58 - 01210200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-13 01:38 - 2015-12-04 21:58 - 01150232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2016-01-13 01:38 - 2015-12-04 21:58 - 01115640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-13 01:38 - 2015-12-04 21:58 - 01037680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-13 01:38 - 2015-12-04 21:58 - 00914672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2016-01-13 01:38 - 2015-12-04 21:58 - 00850680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-13 01:38 - 2015-12-04 21:58 - 00735496 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-13 01:38 - 2015-12-04 21:58 - 00700360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-13 01:38 - 2015-12-04 21:58 - 00629600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2016-01-13 01:38 - 2015-12-04 21:58 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-13 01:38 - 2015-12-04 21:58 - 00557856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSDECD.DLL
2016-01-13 01:38 - 2015-12-04 21:58 - 00498472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-13 01:38 - 2015-12-04 21:58 - 00492736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSDECD.DLL
2016-01-13 01:38 - 2015-12-04 21:58 - 00463776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2016-01-13 01:38 - 2015-12-04 21:58 - 00399776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-13 01:38 - 2015-12-04 21:58 - 00299080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VIDRESZR.DLL
2016-01-13 01:38 - 2015-12-04 21:58 - 00275312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MPG4DECD.DLL
2016-01-13 01:38 - 2015-12-04 21:58 - 00274280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP43DECD.DLL
2016-01-13 01:38 - 2015-12-04 21:58 - 00250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPG4DECD.DLL
2016-01-13 01:38 - 2015-12-04 21:58 - 00248432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP43DECD.DLL
2016-01-13 01:38 - 2015-12-04 21:58 - 00246856 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2016-01-13 01:38 - 2015-12-04 21:58 - 00244296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-13 01:38 - 2015-12-04 21:58 - 00229272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2016-01-13 01:38 - 2015-12-04 21:58 - 00203016 _____ (Microsoft Corporation) C:\WINDOWS\system32\COLORCNV.DLL
2016-01-13 01:38 - 2015-12-04 21:58 - 00184912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COLORCNV.DLL
2016-01-13 01:38 - 2015-12-04 21:58 - 00183856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VIDRESZR.DLL
2016-01-13 01:38 - 2015-12-04 21:58 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-13 01:38 - 2015-12-04 21:58 - 00110544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-13 01:38 - 2015-12-04 21:58 - 00099136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-13 01:38 - 2015-12-04 21:58 - 00090904 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-01-13 01:38 - 2015-12-04 21:58 - 00090392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfvdsp.dll
2016-01-13 01:38 - 2015-12-04 21:58 - 00081032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2016-01-13 01:38 - 2015-12-04 21:58 - 00076936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfvdsp.dll
2016-01-13 01:38 - 2015-12-04 07:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-13 01:38 - 2015-12-03 11:42 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-01-13 01:38 - 2015-12-03 11:42 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-01-13 01:38 - 2015-12-03 11:42 - 00137968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll
2016-01-13 01:38 - 2015-12-03 11:42 - 00106960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-01-13 01:38 - 2015-12-03 11:41 - 00177488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-01-13 01:38 - 2015-12-03 10:52 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-01-13 01:38 - 2015-12-03 10:52 - 00120376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll
2016-01-13 01:38 - 2015-12-03 10:52 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-01-13 01:38 - 2015-12-03 10:28 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-01-13 01:38 - 2015-12-03 10:28 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-01-13 01:38 - 2015-12-03 10:07 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-13 01:38 - 2015-12-03 10:07 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-13 01:38 - 2015-12-03 10:05 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
2016-01-13 01:38 - 2015-12-03 10:02 - 01664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-13 01:38 - 2015-12-03 10:00 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2016-01-13 01:38 - 2015-12-03 09:58 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysFxUI.dll
2016-01-13 01:38 - 2015-12-03 09:51 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-01-13 01:38 - 2015-12-03 09:36 - 01697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-13 01:38 - 2015-12-03 09:30 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFWMAAEC.DLL
2016-01-13 01:38 - 2015-12-03 09:28 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-13 01:38 - 2015-12-03 09:28 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-13 01:38 - 2015-12-03 09:27 - 00736256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
2016-01-13 01:38 - 2015-12-03 09:24 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-13 01:38 - 2015-12-03 09:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2016-01-13 01:38 - 2015-12-03 09:16 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-01-13 01:38 - 2015-12-03 09:13 - 01441280 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-01-13 01:38 - 2015-12-03 09:07 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-13 01:38 - 2015-12-03 09:06 - 01501184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-13 01:38 - 2015-12-03 09:01 - 00743936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFWMAAEC.DLL
2016-01-13 01:38 - 2015-12-03 08:45 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-13 01:38 - 2015-12-03 08:40 - 01010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-13 01:38 - 2015-12-03 08:29 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-13 01:38 - 2015-11-17 13:07 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-01-13 01:38 - 2015-11-17 13:07 - 01164800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-13 01:38 - 2015-11-17 13:07 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-01-13 01:38 - 2015-11-17 13:07 - 00705024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-13 01:38 - 2015-11-17 13:07 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-13 01:38 - 2015-11-17 13:07 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-13 01:38 - 2015-11-17 13:07 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-01-13 01:37 - 2015-12-08 11:08 - 00685432 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-13 01:37 - 2015-12-08 11:07 - 00507176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-13 01:22 - 2016-01-13 01:22 - 00000000 ____D C:\Users\Raymond\AppData\LocalLow\Adobe
2016-01-13 01:12 - 2016-01-13 01:12 - 00000000 ____D C:\Users\Raymond\Desktop\36_HalloweenFlyer
2016-01-13 01:12 - 2016-01-13 01:12 - 00000000 ____D C:\Users\Raymond\Desktop\35_PhotographyFlyer
2016-01-13 01:11 - 2016-01-13 01:11 - 00035348 _____ C:\Users\Raymond\Desktop\Tips and Info.pdf
2016-01-13 01:11 - 2016-01-13 01:11 - 00000063 _____ C:\Users\Raymond\Desktop\More Good Stuff.URL
2016-01-13 01:11 - 2016-01-13 01:11 - 00000000 ____D C:\Users\Raymond\Desktop\Painting and Classic Frames
2016-01-13 01:10 - 2016-01-13 01:10 - 00000000 ____D C:\Users\Raymond\Documents\Avery Templates for Adobe
2016-01-13 01:10 - 2016-01-13 01:10 - 00000000 ____D C:\Users\Raymond\Desktop\Flypaper Textures Taster Pack
2016-01-13 01:09 - 2016-01-13 01:09 - 00000000 ____D C:\Users\Raymond\Desktop\Electro Photoshop Text Styles
2016-01-13 01:01 - 2016-01-13 01:14 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-01-13 01:00 - 2016-01-13 01:00 - 00001058 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.lnk
2016-01-13 01:00 - 2016-01-13 01:00 - 00000000 ____D C:\Users\Raymond\Documents\Adobe
2016-01-13 00:55 - 2016-01-13 01:06 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-01-13 00:55 - 2016-01-13 01:03 - 00000000 ____D C:\Program Files\Adobe
2016-01-13 00:14 - 2016-01-13 00:14 - 00228814 _____ C:\Users\Raymond\Downloads\mager.zip
2016-01-13 00:14 - 2016-01-13 00:14 - 00000784 _____ C:\Users\Raymond\Downloads\audioplayer.zip
2016-01-13 00:11 - 2016-01-15 20:25 - 00000000 ___RD C:\Users\Raymond\Creative Cloud Files
2016-01-13 00:11 - 2016-01-15 20:25 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-01-12 23:17 - 2016-01-12 23:17 - 00001247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2016-01-12 23:17 - 2016-01-12 23:17 - 00001235 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2016-01-12 23:14 - 2016-01-13 00:24 - 00000000 ____D C:\ProgramData\Adobe
2016-01-12 23:13 - 2016-01-15 10:43 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-01-12 23:10 - 2016-01-24 07:59 - 00000000 ____D C:\Users\Raymond\AppData\Local\Adobe
2016-01-12 23:10 - 2016-01-12 23:10 - 00689344 _____ (Adobe Systems Incorporated) C:\Users\Raymond\Downloads\CreativeCloudSet-Up.exe
2016-01-07 23:26 - 2016-01-20 16:57 - 00000000 ____D C:\Users\Raymond\Desktop\OBS War
2016-01-07 00:41 - 2016-01-13 00:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-26 13:34 - 2015-12-26 13:34 - 00000000 ____D C:\Users\Raymond\AppData\Roaming\Blender Foundation
2015-12-26 13:25 - 2015-12-26 13:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-12-26 13:25 - 2015-12-26 13:25 - 00000000 ____D C:\Program Files\7-Zip
2015-12-26 13:24 - 2015-12-26 13:25 - 01365154 _____ (Igor Pavlov) C:\Users\Raymond\Downloads\7z1512-x64.exe
2015-12-26 13:13 - 2015-12-26 13:13 - 00000000 ____D C:\Users\Raymond\AppData\Roaming\WinRAR
2015-12-26 13:12 - 2015-12-26 13:12 - 00000000 ____D C:\Users\Pete\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-26 13:12 - 2015-12-26 13:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-26 13:12 - 2015-12-26 13:12 - 00000000 ____D C:\Program Files\WinRAR
2015-12-26 12:53 - 2015-12-26 12:54 - 01964912 _____ C:\Users\Raymond\Downloads\winrar-x64-530.exe
2015-12-26 12:38 - 2016-01-11 15:15 - 00000000 ____D C:\Users\Raymond\Desktop\3D space models
2015-12-26 12:18 - 2015-12-26 12:18 - 00000000 ____D C:\Users\Raymond\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender
2015-12-26 12:16 - 2015-12-26 12:16 - 00000000 ____D C:\Program Files\Blender Foundation
2015-12-26 12:07 - 2015-12-26 12:08 - 83674076 _____ C:\Users\Raymond\Downloads\blender-2.76b-windows64.msi
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-24 10:12 - 2013-08-22 05:36 - 00000000 ____D C:\Windows
2016-01-24 10:00 - 2015-08-02 22:07 - 00000000 ____D C:\Users\Raymond\AppData\Roaming\Skype
2016-01-24 09:52 - 2014-01-17 14:41 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-01-24 09:44 - 2015-12-18 21:44 - 00000947 _____ C:\WINDOWS\Tasks\EPSON WF-2630 Series Update {C56C30BA-5CE2-4D0F-AAFE-1E264F312732}.job
2016-01-24 09:41 - 2015-11-15 14:30 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-24 09:22 - 2015-11-23 15:09 - 00000944 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3586387666-3239246767-1759376953-1003UA.job
2016-01-24 07:59 - 2015-11-15 14:23 - 00003942 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3C6388CB-E419-4EE1-9E7C-F734920C0298}
2016-01-24 07:59 - 2015-04-25 12:27 - 00003954 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5FCB1B4C-5790-466E-8A98-71AAC5240C25}
2016-01-24 07:59 - 2015-01-31 12:44 - 00003962 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D19B98D2-12ED-4DFE-AF2D-EADFD35D8E5E}
2016-01-24 01:41 - 2015-11-15 14:30 - 00000930 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-24 00:28 - 2014-01-17 14:41 - 00000000 ____D C:\Users\Pete\AppData\Local\Adobe
2016-01-22 10:00 - 2015-11-15 17:44 - 00000000 ____D C:\Users\Pete\AppData\Roaming\Skype
2016-01-21 12:20 - 2013-08-22 05:36 - 00000000 ____D C:\WINDOWS\Inf
2016-01-21 03:07 - 2013-11-14 07:22 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2016-01-20 10:53 - 2014-01-17 14:41 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-01-19 19:30 - 2015-11-21 19:29 - 00003414 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachineDaily
2016-01-19 19:30 - 2015-05-25 22:29 - 00003288 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachine
2016-01-19 19:30 - 2015-05-25 22:29 - 00000000 ____D C:\Program Files (x86)\Gyazo
2016-01-19 18:34 - 2013-12-18 16:49 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3586387666-3239246767-1759376953-1001
2016-01-19 18:33 - 2013-12-21 00:56 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3586387666-3239246767-1759376953-1003
2016-01-19 18:33 - 2013-12-18 17:31 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3586387666-3239246767-1759376953-1002
2016-01-19 18:20 - 2013-11-14 07:22 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2016-01-19 18:19 - 2013-11-14 07:22 - 00000000 ____D C:\ProgramData\PCDr
2016-01-18 21:53 - 2013-08-22 07:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-18 21:53 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-18 21:28 - 2015-08-05 14:59 - 00000000 ____D C:\Program Files (x86)\Steam
2016-01-18 19:22 - 2015-07-08 08:34 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-01-18 19:14 - 2013-12-18 16:34 - 00000000 ____D C:\Users\Pete\AppData\Roaming\Adobe
2016-01-18 19:11 - 2014-10-26 11:27 - 00000000 ____D C:\Users\Pete
2016-01-18 19:05 - 2014-10-26 12:40 - 00000000 ___RD C:\Users\Pete\OneDrive
2016-01-15 22:26 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\rescache
2016-01-15 20:25 - 2014-09-23 23:15 - 00865408 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-15 20:23 - 2015-04-21 20:43 - 00000612 __RSH C:\Users\Raymond\ntuser.pol
2016-01-15 20:23 - 2014-10-26 11:27 - 00000000 ____D C:\Users\Raymond
2016-01-15 18:59 - 2015-01-31 12:23 - 00000000 ____D C:\Users\lpsde_000\OneDrive
2016-01-15 18:59 - 2013-12-18 17:24 - 00000000 ____D C:\Users\lpsde_000\AppData\Roaming\Adobe
2016-01-15 18:53 - 2013-08-22 06:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-15 18:52 - 2013-08-22 05:25 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-01-15 18:47 - 2015-02-03 15:13 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-15 18:47 - 2014-09-24 01:50 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2016-01-15 18:47 - 2014-04-05 02:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-15 18:38 - 2013-12-21 00:48 - 00000000 ____D C:\Users\Raymond\AppData\Roaming\Adobe
2016-01-14 15:49 - 2015-11-15 14:32 - 00002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-13 13:07 - 2015-08-02 22:07 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-01-13 06:14 - 2012-07-25 23:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-13 06:13 - 2013-12-20 13:36 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-13 06:00 - 2013-12-20 13:36 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-13 02:34 - 2014-04-05 02:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-13 02:32 - 2014-04-05 02:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-13 00:04 - 2013-12-23 01:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-12 23:41 - 2014-10-26 11:27 - 00000000 ____D C:\Users\lpsde_000
2016-01-12 23:16 - 2013-12-20 20:16 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-10 19:42 - 2015-11-21 09:55 - 00001187 _____ C:\Users\Raymond\Desktop\Jazmines Address.txt
2016-01-05 12:04 - 2015-04-30 22:27 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-01-05 12:04 - 2015-04-30 22:27 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-01 17:46 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-12-31 00:48 - 2015-12-22 13:10 - 00000000 ____D C:\ProgramData\TEMP
2015-12-31 00:48 - 2015-12-22 13:07 - 00000000 ____D C:\Program Files (x86)\PRTG Network Monitor
2015-12-31 00:44 - 2015-08-02 22:06 - 00000000 ____D C:\ProgramData\Skype
2015-12-26 12:42 - 2015-08-06 17:27 - 00000000 ____D C:\Users\Raymond\.thumbnails
2015-12-25 08:08 - 2015-12-22 12:57 - 00000000 ____D C:\Users\Raymond\Desktop\Networking stuff
 
==================== Files in the root of some directories =======
 
2015-08-06 21:11 - 2015-08-06 21:22 - 0005632 _____ () C:\Users\Raymond\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-10-07 15:53 - 2015-10-21 09:45 - 0000600 _____ () C:\Users\Raymond\AppData\Local\PUTTY.RND
2015-08-14 19:29 - 2015-08-14 19:29 - 0002731 _____ () C:\Users\Raymond\AppData\Local\recently-used.xbel
 
Some files in TEMP:
====================
C:\Users\Raymond\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Raymond\AppData\Local\Temp\{24501C6A-23F5-4ACB-852F-9BC885167FD7}-47.0.2526.73_46.0.2490.86_chrome_updater.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-01-17 06:55
 
==================== End of FRST.txt ============================
 
 
Addtional Text:
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:24-01-2016
Ran by Raymond (2016-01-24 10:17:11)
Running from C:\Users\Raymond\Downloads
Windows 8.1 (X64) (2014-10-26 20:37:20)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3586387666-3239246767-1759376953-500 - Administrator - Disabled)
Guest (S-1-5-21-3586387666-3239246767-1759376953-501 - Limited - Disabled)
lpsde_000 (S-1-5-21-3586387666-3239246767-1759376953-1002 - Limited - Enabled) => C:\Users\lpsde_000
Pete (S-1-5-21-3586387666-3239246767-1759376953-1001 - Administrator - Enabled) => C:\Users\Pete
Raymond (S-1-5-21-3586387666-3239246767-1759376953-1003 - Administrator - Enabled) => C:\Users\Raymond
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Out of date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Out of date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 15.12 (x64) (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.4.3.189 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.1.1 - Adobe Systems Incorporated)
Amazon 1Button App for Windows Taskbar (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.2 - Amazon)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.4.2233 - AVAST Software)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Blender (HKLM\...\{D593042C-8739-488D-93B8-E6B202013E57}) (Version: 2.76.1 - Blender Foundation)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.11.4119 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{E78B4959-B348-4913-874B-FF982378E035}) (Version: 0.9.11.4119 - BlueStack Systems, Inc.)
BYOND (HKLM-x32\...\BYOND) (Version: 501.1217 - BYOND)
Cisco Packet Tracer 5.3.3 (HKLM-x32\...\Cisco Packet Tracer 5.3.3_is1) (Version:  - Cisco Systems, Inc.)
Cisco Packet Tracer 6.1 Student (HKLM-x32\...\Cisco Packet Tracer 6.1 Student_is1) (Version:  - Cisco Systems, Inc.)
Crusader Kings II (HKLM-x32\...\Steam App 203770) (Version:  - Paradox Development Studio)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.5.0.0 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.5.0.0 - Dell Inc.)
Dell Data Vault (Version: 4.3.5.1 - Dell Inc.) Hidden
Dell Digital Delivery (HKLM-x32\...\{B96348BD-6B0D-42E3-80B1-FA6718067BFE}) (Version: 2.8.1000.0 - Dell Products, LP)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.93 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.1.1.14 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 16.3.7.0 - Synaptics Incorporated)
Dell Update (HKLM-x32\...\{D9E0A33F-19D6-45A7-83BB-535C7B5F699B}) (Version: 1.5.3000.0 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
EPSON WF-2630 Series Printer Uninstall (HKLM\...\EPSON WF-2630 Series) (Version:  - SEIKO EPSON Corporation)
Ezvid (HKLM-x32\...\{F96D619D-99D6-4C9C-A393-0CD22DE1CA66}_is1) (Version: 1.002 - Ezvid, inc.)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
GNS3 1.3.4 (HKLM-x32\...\GNS3) (Version: 1.3.4 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Gyazo 3.2.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.7.0.1013 - Intel Corporation)
join.me (HKU\S-1-5-21-3586387666-3239246767-1759376953-1002\...\JoinMe) (Version: 1.14.0.128 - LogMeIn, Inc.)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 43.0.4 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 en-US)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.12.0 - Prolific Technology INC)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.218 - Qualcomm Atheros Communications)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.15.018 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6959 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Screencast-O-Matic (HKU\S-1-5-21-3586387666-3239246767-1759376953-1001\...\Screencast-O-Matic) (Version:  - Screencast-O-Matic)
Screencast-O-Matic (HKU\S-1-5-21-3586387666-3239246767-1759376953-1002\...\Screencast-O-Matic) (Version:  - Screencast-O-Matic)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stencyl (HKLM-x32\...\Stencyl) (Version: /root/.jenkins/jobs/Stencyl-Windows/workspace/build - Stencyl, LLC)
TeamSpeak 2 RC2 (HKLM-x32\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TeamSpeak 3 Client (HKU\S-1-5-21-3586387666-3239246767-1759376953-1003\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
Unity Web Player (HKU\S-1-5-21-3586387666-3239246767-1759376953-1002\...\UnityWebPlayer) (Version: 4.6.3f1 - Unity Technologies ApS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3586387666-3239246767-1759376953-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3586387666-3239246767-1759376953-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-3586387666-3239246767-1759376953-1003_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Raymond\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3586387666-3239246767-1759376953-1003_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Raymond\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3586387666-3239246767-1759376953-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Raymond\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {033F506C-F661-4BB9-9A95-091F68BA210C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-15] (Google Inc.)
Task: {0840B580-F408-4B39-B680-B85FBED5573C} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-04] (Microsoft Corporation)
Task: {1113F30A-E6AD-4DEE-A0D2-16AEB7981F7D} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: {147FE011-084E-4824-8070-A4D72D2C3D75} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2016-01-19] ()
Task: {2768498B-ABE1-427E-8263-02EF5D798059} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-10-29] (PC-Doctor, Inc.)
Task: {27EFA27F-305B-4851-8686-905F36C6CDC6} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-10-15] (AVAST Software)
Task: {3B43EF1D-05A9-49EA-8B6B-46D1C5B05014} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-15] (Google Inc.)
Task: {3E582643-A390-4AC2-B7F6-6A49C52A01A4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-13] (Microsoft Corporation)
Task: {534B7774-1F58-49F6-8D31-42602343A666} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2016-01-19] ()
Task: {5729FEBE-007C-44BC-9BB0-80D63F6914EB} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-04] (Microsoft Corporation)
Task: {59908AF1-89EC-4DE7-A260-C8D77D14B290} - System32\Tasks\EPSON WF-2630 Series Update {C56C30BA-5CE2-4D0F-AAFE-1E264F312732} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMDE.EXE [2015-12-18] (SEIKO EPSON CORPORATION)
Task: {698BE465-8BC1-4F12-8FCF-C21542EF7FF2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3586387666-3239246767-1759376953-1003Core => C:\Users\Raymond\AppData\Local\Google\Update\GoogleUpdate.exe [2015-11-23] (Google Inc.)
Task: {A0B7CE4D-F692-47CD-ACBA-8BDED0D8A86F} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-10-29] (PC-Doctor, Inc.)
Task: {AF227E64-E2FE-4D7B-A72C-B762F56BACB8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3586387666-3239246767-1759376953-1003UA => C:\Users\Raymond\AppData\Local\Google\Update\GoogleUpdate.exe [2015-11-23] (Google Inc.)
Task: {B9882694-4806-469E-91DC-F7C942F4477A} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {BCF14692-0234-4DF0-BF8F-B335FEE50574} - System32\Tasks\AdobeAAMUpdater-1.0-Family_Laptop-Raymond => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-10-30] (Adobe Systems Incorporated)
Task: {C863FB4B-4A23-49DE-A9D8-8EAA782EB548} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-20] (Adobe Systems Incorporated)
Task: {F79F6195-FD9A-47E3-997B-EBFE7AE8F991} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-01-19] (AVAST Software)
Task: {FE7749BA-7729-4B3A-88A9-FEF0AEAD721D} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-09-30] (Dell Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\EPSON WF-2630 Series Update {C56C30BA-5CE2-4D0F-AAFE-1E264F312732}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMDE.EXE:/EXE:{C56C30BA-5CE2-4D0F-AAFE-1E264F312732} /F:UpdateWORKGROUP\FAMILY_LAPTOP$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3586387666-3239246767-1759376953-1003Core.job => C:\Users\Raymond\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3586387666-3239246767-1759376953-1003UA.job => C:\Users\Raymond\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-11-14 04:23 - 2015-11-14 04:23 - 00553120 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2013-11-14 07:23 - 2013-04-19 15:51 - 00020256 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.dll
2013-11-14 07:23 - 2013-04-19 15:52 - 00049440 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\STCommonShellIntegration.dll
2013-11-14 07:23 - 2013-04-19 15:51 - 00019232 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.dll
2012-12-28 13:39 - 2012-12-28 13:39 - 00011264 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2012-12-28 13:36 - 2012-12-28 13:36 - 00084480 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Map\MAP.dll
2012-12-28 13:41 - 2012-12-28 13:41 - 00012928 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
2015-11-14 04:22 - 2015-11-14 04:22 - 31401120 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2012-12-28 13:42 - 2012-12-28 13:42 - 00384128 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ContactsApi.dll
2013-11-14 07:23 - 2013-04-19 15:51 - 00034080 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRShellExtension.dll
2013-11-14 07:23 - 2013-04-19 15:51 - 00023328 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
2016-01-19 18:19 - 2015-10-27 21:40 - 00553720 _____ () C:\Program Files\Dell\SupportAssist\libAsapiCSharp.dll
2016-01-19 18:19 - 2015-10-27 21:40 - 00107256 _____ () C:\Program Files\Dell\SupportAssist\libCSharpCommonCS.dll
2016-01-19 18:19 - 2015-10-27 21:40 - 00086776 _____ () C:\Program Files\Dell\SupportAssist\libDataStoreCSharp.dll
2016-01-19 18:19 - 2015-10-27 21:40 - 00103160 _____ () C:\Program Files\Dell\SupportAssist\libTonopahClientCSharp.dll
2013-12-20 10:21 - 2011-03-24 09:41 - 00719440 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\a61f44a8-21a3-4c4a-a04b-993dfb73bf96.dll
2013-12-20 10:21 - 2011-04-06 16:09 - 00026192 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\7bd83798-7a02-4f50-83a2-b91cabcbd1f9.dll
2013-12-20 10:21 - 2011-04-06 16:24 - 00026192 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\ddb9fe5d-525c-4d5d-ac37-0bd10f2864f8.dll
2013-12-20 10:21 - 2011-04-08 08:59 - 00026192 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\739db3eb-d3cd-4c86-a6ea-01a49984fa3b.dll
2013-12-20 10:21 - 2011-04-08 09:28 - 00026704 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\173c4dd2-e93c-4725-b006-db1d8f465192.dll
2013-12-20 10:21 - 2011-04-08 09:57 - 00026192 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\934f6059-2d35-4bd9-a130-a17cb5563507.dll
2013-12-20 10:21 - 2011-04-08 10:12 - 00026704 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\62d1f0b0-bc9a-4f6c-bad7-93b19a91276a.dll
2013-12-20 10:21 - 2011-04-08 10:27 - 00026192 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\378deb7f-049e-4a5e-83b2-5381dcd9e928.dll
2013-12-20 10:21 - 2011-04-08 11:56 - 00026192 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\4804ced5-915b-48a3-a465-b8a5e02714bf.dll
2013-12-20 10:21 - 2011-04-08 12:04 - 00026704 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\d34c0cf7-889f-43dd-9283-b2b6f442aae3.dll
2013-12-20 10:21 - 2011-04-08 12:12 - 00026192 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\3410f47b-5e8c-47c6-bf2c-234af4121d4c.dll
2013-12-20 10:21 - 2011-04-08 12:20 - 00026704 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\bc6fc708-5b6b-4a72-b336-09b3089baa7a.dll
2013-12-20 10:21 - 2011-04-08 12:42 - 00026192 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\b2152f30-7380-4987-8fcf-e4c06952615d.dll
2013-12-20 10:21 - 2011-04-11 07:52 - 00026192 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\100c3865-0c76-461b-b2fd-042d6d5fa7f6.dll
2013-12-20 10:21 - 2011-04-11 08:01 - 00026192 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\b4cc2a4a-87f5-49cd-935c-18f1a80e65b7.dll
2013-12-20 10:21 - 2011-04-11 08:07 - 00026192 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\0d461521-7dbf-4cec-a29e-936c88cdf8c9.dll
2013-12-20 10:21 - 2011-04-11 08:12 - 00026704 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\c4211805-b43b-471d-81af-4e0589f8607b.dll
2013-12-20 10:21 - 2011-04-11 08:16 - 00026704 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\3b1c7acd-5e3e-4459-ab98-5109117e2341.dll
2013-12-20 10:21 - 2011-04-11 08:41 - 00026704 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\ef78c3e8-1d94-4219-8070-7617e119bba4.dll
2013-12-20 10:21 - 2011-04-11 08:48 - 00026192 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\67c3d4fe-b638-467a-9fe2-c5813ade3330.dll
2013-12-20 10:21 - 2011-04-12 12:44 - 00026704 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\e45cd45a-4d7c-4802-881f-74582b847e5c.dll
2013-12-20 10:21 - 2011-04-14 09:43 - 00026704 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\872965c7-08b7-47fc-a74c-ff167590b71a.dll
2013-12-20 10:21 - 2011-04-14 10:13 - 00026704 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\6b5978fa-48d7-4309-a523-7e157768c0d8.dll
2013-12-20 10:21 - 2011-04-14 11:50 - 00026704 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\4818e109-9489-4cd8-9044-44defd8ec187.dll
2013-12-20 10:21 - 2011-04-19 14:27 - 00026704 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\263d6ac9-4f87-466c-947c-bd9af71d7035.dll
2013-12-20 10:21 - 2011-04-19 14:35 - 00026704 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\6f4fb483-ce30-493a-8cb4-3e530ab1be5b.dll
2013-12-20 10:21 - 2011-04-19 15:28 - 00026704 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\a9de0c84-9a7c-4638-9653-13aa8cf56e80.dll
2013-12-20 10:21 - 2011-04-26 11:41 - 00026704 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\cdda52ec-6ccd-425a-8c72-b7bbdc8b3acd.dll
2013-12-20 10:21 - 2011-04-26 11:48 - 00026704 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\1e0aaf9a-9947-4a7b-b1ae-8a89919438ed.dll
2013-12-20 10:21 - 2011-05-06 07:01 - 00039504 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\4546f2bc-b9d9-4667-abe7-b0bacc90279e.dll
2013-12-20 10:21 - 2011-05-06 11:56 - 00039504 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\6820b110-e483-4f1e-9b48-438f7916f078.dll
2013-12-20 10:22 - 2011-05-03 07:47 - 00026192 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\813755dc-2229-47a2-b85b-19d0aaa641c9.dll
2013-12-20 10:22 - 2011-05-03 07:53 - 00026192 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\f06c5597-1a85-4d1f-ac16-a6fdd2a6bedc.dll
2013-12-20 10:22 - 2011-05-17 12:45 - 00026704 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\bf647bd7-dfb5-4746-a6b4-b7c2fdbbf3b1.dll
2013-12-20 10:22 - 2011-05-19 07:43 - 00026192 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\7dbfef1a-6148-4748-a1b3-71627763a45a.dll
2013-12-20 10:22 - 2011-06-08 07:58 - 00023632 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\3972fea3-214c-4935-a7d1-96bf66115683.dll
2013-12-20 10:22 - 2011-07-19 14:58 - 00031312 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\ae67b364-b69e-471e-b177-2459120b84d4.dll
2013-12-20 10:22 - 2011-09-30 12:04 - 00047696 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\f9dc840b-c6f7-42a5-acec-50cc7a2827fd.dll
2013-12-20 10:22 - 2012-01-19 13:27 - 00035408 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\d1f4dc82-bc4c-4916-b37c-3ab9c30ae468.dll
2013-12-20 10:22 - 2012-01-19 13:45 - 00026192 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\8d357f17-07ad-4392-ba06-fb67564c98cd.dll
2013-12-20 10:22 - 2013-01-31 13:57 - 00044080 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\dfc97e68-74cd-4807-807f-ac146d81ec5d.dll
2013-12-20 10:22 - 2013-02-20 15:36 - 00052272 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\e5a71f43-c979-4b3d-a544-9ed1dc6dc4c8.dll
2013-12-20 10:22 - 2013-04-23 16:39 - 00039984 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\2eccd5d6-e118-4f76-97b6-ba56fb6c597a.dll
2013-12-20 10:22 - 2013-04-30 12:37 - 00044080 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\bea3f575-677a-4c92-89ca-7be8480c11a9.dll
2013-12-20 10:22 - 2013-05-06 10:18 - 00044080 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\1b0b3c38-2b97-4f8d-954b-06296209b73d.dll
2013-12-20 10:22 - 2013-06-12 09:02 - 00039984 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\ba005e12-3139-4327-9f7a-9f2ea6a6c841.dll
2013-12-20 10:22 - 2013-08-26 15:33 - 00045816 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\50441041-9037-4c34-842c-4a8523e700da.dll
2013-12-20 10:22 - 2013-10-11 16:32 - 00049912 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\f12de547-df4d-4236-9129-baac054f90ab.dll
2013-12-20 10:22 - 2013-10-28 08:05 - 00049912 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\2a6b5d0b-a2fc-4bdd-b3fe-6bbefb85b7e4.dll
2013-12-20 10:22 - 2013-11-05 10:49 - 00058104 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\073fb38f-0e69-479d-bca1-4f81ec9dcbf6.dll
2014-04-04 14:07 - 2014-03-05 17:01 - 00045816 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\51fdf16e-ecb9-4fa4-8469-76fc9a22293b.dll
2014-04-04 14:12 - 2014-03-07 10:32 - 00045816 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\57d7325c-8462-4866-a9ca-3f9228775fed.dll
2014-10-26 09:19 - 2014-04-25 12:26 - 00082680 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\c6bf01ba-05a7-4930-b8dd-7c5fd03e97ac.dll
2014-10-26 09:19 - 2014-08-14 08:04 - 00058104 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\fbd50850-4122-4fe3-a72e-fcbe58a0f196.dll
2014-10-26 09:19 - 2014-08-22 10:04 - 00041720 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\7c5b1d75-4145-4f69-b184-a8fb559fd417.dll
2014-10-26 09:19 - 2014-10-13 10:40 - 00066296 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\caac49ab-d9d8-4f29-a409-2a9a30ae62af.dll
2015-05-15 22:41 - 2014-11-21 12:52 - 00066296 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\0124e21d-018c-4ce0-92a3-b9e205a76bc0.dll
2015-05-15 22:41 - 2014-11-21 12:54 - 00066296 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\ee4747a4-1d1b-42c1-8a8c-1de04bbb2379.dll
2015-05-17 21:40 - 2014-12-09 13:58 - 00037624 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\95863b84-2a1c-4539-bd21-ffbef3ea7fd9.dll
2015-05-17 21:40 - 2014-12-19 09:53 - 00041720 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\9afbb1e4-1951-4d6e-bd32-2e0e5254786f.dll
2015-05-17 21:40 - 2014-12-19 09:53 - 00054008 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\649574c7-1acb-458c-a846-1bc04bfcdb93.dll
2015-05-15 22:41 - 2015-01-26 16:31 - 00049912 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\ef32b2f9-e518-400c-8172-d1a06ae9d208.dll
2015-05-17 21:40 - 2015-02-06 15:07 - 00041720 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\edb10714-8498-4679-a667-4c4c359de017.dll
2015-05-15 22:41 - 2015-02-03 14:12 - 00066296 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\c6528f35-d623-4e84-a9b2-58ecb22dabd4.dll
2015-05-15 22:41 - 2015-02-12 10:26 - 00049912 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\812fed95-c1fb-4695-be1a-fd6265302cf9.dll
2015-05-15 22:41 - 2015-02-12 09:32 - 00045816 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\6f9e83ca-5216-40db-863d-61ffff2a1563.dll
2015-05-17 21:41 - 2015-02-25 16:43 - 00049912 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\6b56d7e1-5ac6-46da-8615-10fbe2919ac8.dll
2015-05-15 22:41 - 2015-03-04 11:03 - 00062200 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\c746a3b1-ed0c-4bff-941c-d5e6f0583ce7.dll
2015-05-17 21:41 - 2015-03-09 12:46 - 00037624 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\b4e7e391-8ff3-4363-bb72-f41a243749b1.dll
2015-05-17 21:41 - 2015-03-18 12:39 - 00054008 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\9b6e4d67-f75b-40b4-bfb0-bc8d902f62eb.dll
2015-05-15 22:41 - 2015-03-18 10:48 - 00049912 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\3324fb70-b482-4ff5-9d0e-102981046ff0.dll
2015-05-15 22:41 - 2015-04-03 14:32 - 00070392 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\459715e4-d2b9-4b1d-9abd-b72ddc2c69b1.dll
2015-05-15 22:41 - 2015-04-20 16:00 - 00066296 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\4cb05034-365d-4b59-a070-5750405458b0.dll
2015-05-15 22:41 - 2015-05-04 08:54 - 00058104 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\ff34f184-7b2d-4b07-9131-b1349888b6e5.dll
2015-05-17 21:41 - 2015-05-05 09:23 - 00041720 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\873c94c8-114d-4d39-a36a-14d636c6e7f3.dll
2015-11-22 16:04 - 2015-05-19 16:07 - 00062200 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\2ed4ce9e-0dff-4595-a0aa-f3e3b671fddc.dll
2015-11-22 16:04 - 2015-05-22 11:08 - 00043256 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\a3597d54-6702-4158-82a7-161727372d0f.dll
2015-11-22 16:04 - 2015-06-10 11:49 - 00062200 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\909c2f24-5974-42a7-a041-bbc7c1411046.dll
2015-11-22 16:04 - 2015-07-16 12:30 - 00070392 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\5d59ed02-c0da-4e0e-8811-16a3d0b6a87d.dll
2015-11-22 16:05 - 2015-10-13 10:36 - 00058104 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\22c459c8-c377-484d-be71-cb488e22acc5.dll
2016-01-19 18:15 - 2015-11-30 15:02 - 00066296 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\bcd55a0b-5c73-4efb-87eb-fa42f0002bb9.dll
2016-01-19 18:15 - 2015-12-08 13:06 - 00058104 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\0bc194f9-b102-4833-85bd-603e216a9274.dll
2016-01-19 18:42 - 2015-06-26 13:27 - 00049912 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\9b664440-a1fb-457f-a208-c519fea54f87.dll
2016-01-19 18:42 - 2015-07-02 09:56 - 00021752 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\bb97e28d-bdfb-4fa4-902d-264275c5cb1b.dll
2016-01-19 18:42 - 2015-07-27 13:46 - 00099064 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\9ad177b0-ddcd-4cf6-ac35-969dc98b22db.dll
2016-01-19 18:42 - 2015-08-19 15:34 - 00078584 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\48b34bb5-ff90-4d9e-b894-efe9b9fb83df.dll
2016-01-19 18:42 - 2015-08-17 15:12 - 00062200 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\41a30eb5-952e-4dbb-ae28-5f8aa6520aba.dll
2016-01-19 18:42 - 2015-10-15 16:43 - 00070392 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\1f82ef5d-9e89-4c2f-839d-1dfc47d3af1b.dll
2016-01-19 18:43 - 2015-08-27 12:34 - 00062200 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\c502e200-e694-4725-9348-253ed2eac74c.dll
2016-01-19 18:43 - 2015-08-27 13:43 - 00062200 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\7eb9d453-6936-472b-8a21-a9513eebbf65.dll
2016-01-19 18:43 - 2015-08-31 09:00 - 00062200 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\c27a8f9a-0718-4077-8610-9b1806d75bee.dll
2016-01-19 18:43 - 2015-08-28 09:45 - 00062200 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\1eec01b0-8ca5-44d8-a311-9e7f96e586dd.dll
2016-01-19 18:43 - 2015-08-28 12:37 - 00062200 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\06fda46e-43c1-481a-9eb2-9799f42e7f99.dll
2016-01-19 18:43 - 2015-08-28 12:49 - 00062200 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\9bd80958-c5f2-4f2f-aa6b-c45a01a4e97c.dll
2016-01-19 18:43 - 2015-09-22 12:37 - 00058104 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\c238c886-2790-4da6-895b-00c9110314ec.dll
2016-01-19 18:43 - 2015-09-22 12:41 - 00058104 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\5bbfdaf0-4ed3-451e-8ae5-d6568a621a17.dll
2016-01-19 18:43 - 2015-09-23 14:53 - 00058104 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\1770287d-f115-443b-9fb7-268be5a136fc.dll
2016-01-19 18:43 - 2015-09-23 15:26 - 00058104 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\8c64e2ef-3080-4951-8358-e991c1695e4a.dll
2016-01-19 18:43 - 2015-09-23 15:40 - 00058104 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\3087e0df-b321-44c3-b144-fb94c30c8383.dll
2016-01-19 18:43 - 2015-09-23 14:13 - 00058104 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\72db11e1-d2b2-4f9f-828a-5a68b9e7709f.dll
2016-01-19 18:43 - 2015-09-23 15:47 - 00058104 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\9cc8e4b9-2989-4941-94e1-8c5358218ffb.dll
2016-01-19 18:43 - 2015-10-01 15:45 - 00062200 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\b451e5c8-cdbf-46b4-8e59-e9a05ebf3533.dll
2016-01-19 18:43 - 2015-10-05 09:08 - 00062200 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\545e0921-6e62-4c80-bee9-427f48425c93.dll
2016-01-19 18:43 - 2015-10-05 09:15 - 00062200 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\14d73fac-0439-4f06-9763-0341fab0d44f.dll
2016-01-19 18:43 - 2015-10-13 09:59 - 00058104 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\35b44250-4f9f-4c83-a518-a7c76d04314b.dll
2016-01-19 18:43 - 2015-10-13 10:10 - 00058104 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\dd1bac2a-784b-4124-895b-8444b4b4697b.dll
2016-01-19 18:43 - 2015-10-14 11:43 - 00062200 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\32de12dc-d8c3-42aa-adc7-6c4c6b126d9e.dll
2016-01-19 18:43 - 2015-10-14 11:49 - 00062200 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\7ee97e57-ddc8-4c67-a05d-8776b2353080.dll
2016-01-19 18:43 - 2015-11-02 11:07 - 00062200 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\1d25df4e-fb49-4047-b057-5a757ec1e10a.dll
2016-01-19 18:43 - 2015-11-03 17:04 - 00062200 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\d7306aee-c81a-43de-a6a8-e1baed06cbe9.dll
2016-01-19 18:43 - 2015-11-05 17:14 - 00062200 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\471d2ede-d247-4b88-8413-b4f925daed35.dll
2016-01-19 18:43 - 2015-11-12 09:32 - 00414456 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\06054fba-5619-4a86-a861-ffb0464bef5d.dll
2016-01-19 18:43 - 2015-11-12 17:46 - 00062200 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\7aab56cb-b4f9-4339-82d7-9bebc9820fd4.dll
2016-01-19 18:43 - 2015-11-12 17:49 - 00062200 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\5a2fca81-2a3a-4213-a397-872704c3f168.dll
2016-01-19 18:43 - 2015-11-25 10:57 - 00045816 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\84044d39-7df5-40d8-9c83-1be344e0305e.dll
2016-01-19 18:43 - 2015-11-25 11:00 - 00045816 _____ () C:\ProgramData\PCDr\6664\AddOnDownloaded\a360a789-e8b0-4637-9792-e0ff95e234e4.dll
2015-12-09 08:03 - 2015-12-09 08:03 - 53316304 _____ () C:\Program Files\Adobe\Adobe Photoshop CC 2015\Required\Plug-Ins\Spaces2\libcef.dll
2015-05-29 02:29 - 2015-12-09 08:00 - 04100304 _____ () C:\Program Files\Adobe\Adobe Photoshop CC 2015\aif.dll
2015-10-15 10:35 - 2015-10-15 10:35 - 00103376 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-10-15 10:35 - 2015-10-15 10:35 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-01-15 15:44 - 2016-01-15 15:44 - 02817536 _____ () C:\Program Files\AVAST Software\Avast\defs\16011502\algo.dll
2016-01-23 11:55 - 2016-01-23 11:55 - 02818048 _____ () C:\Program Files\AVAST Software\Avast\defs\16012301\algo.dll
2015-10-15 10:35 - 2015-10-15 10:35 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-11-16 17:43 - 2015-11-16 17:43 - 40523440 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2015-11-16 17:43 - 2015-11-16 17:43 - 01365680 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libglesv2.dll
2015-11-16 17:43 - 2015-11-16 17:43 - 00219312 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libegl.dll
2013-11-12 10:04 - 2013-11-12 10:04 - 00110088 _____ () c:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2015-11-01 00:35 - 2015-11-01 00:35 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\8a4ebd0132a76f2a7ce438310a41e9d1\PSIClient.ni.dll
2015-12-03 04:37 - 2015-12-03 04:37 - 00124416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2015-12-03 04:37 - 2015-12-03 04:37 - 00188416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2015-12-03 04:37 - 2015-12-03 04:37 - 00121344 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2015-12-03 04:37 - 2015-12-03 04:37 - 00129536 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2015-12-07 01:04 - 2015-12-07 01:04 - 00158384 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\native\ProxyResolverWin.dll
2015-12-03 04:37 - 2015-12-03 04:37 - 00081408 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2013-11-14 07:15 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2015-12-03 03:18 - 2015-12-03 03:18 - 00124416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node
2015-12-03 03:19 - 2015-12-03 03:19 - 00121344 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node
2015-12-03 03:19 - 2015-12-03 03:19 - 00129536 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node
2015-12-03 03:18 - 2015-12-03 03:18 - 00188416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2015-12-07 00:56 - 2015-12-07 00:56 - 00158384 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\native\ProxyResolverWin.dll
2015-12-03 03:18 - 2015-12-03 03:18 - 00085504 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ws\build\Release\bufferutil.node
2015-12-03 03:18 - 2015-12-03 03:18 - 00086016 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ws\build\Release\validation.node
2015-12-03 03:18 - 2015-12-03 03:18 - 00081408 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node
2013-11-14 07:23 - 2013-05-02 16:01 - 01813792 _____ () C:\Program Files (x86)\Dell Backup and Recovery\OLCoreWrapper.dll
2015-12-05 10:21 - 2015-12-05 10:21 - 00933056 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2016-01-14 15:49 - 2016-01-12 08:35 - 01590088 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libglesv2.dll
2016-01-14 15:49 - 2016-01-12 08:35 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libegl.dll
2016-01-19 18:11 - 2016-01-19 14:06 - 16792256 _____ () C:\Users\Raymond\AppData\Local\Google\Chrome\User Data\PepperFlash\20.0.0.286\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:9A870F8B
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 05:25 - 2013-08-22 05:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3586387666-3239246767-1759376953-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Dell\Win LTBLUE 1920x1200.jpg
HKU\S-1-5-21-3586387666-3239246767-1759376953-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\lpsde_000\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
HKU\S-1-5-21-3586387666-3239246767-1759376953-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Raymond\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
DNS Servers: 10.10.10.254 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{3D17E879-F410-4F33-8CC3-35A90471649F}C:\program files (x86)\byond\bin\byond.exe] => (Block) C:\program files (x86)\byond\bin\byond.exe
FirewallRules: [TCP Query User{19439CA7-7D3A-4506-8783-0400899B9725}C:\program files (x86)\byond\bin\byond.exe] => (Block) C:\program files (x86)\byond\bin\byond.exe
FirewallRules: [{E27C5836-C2E5-4296-B917-FD63DDF7B254}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudDesktopApp.exe
FirewallRules: [{CD3FAD10-01C0-4C39-AB1D-119DC6D3B136}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{75CE5C22-AEA6-4BBC-97C6-8FE1EB4C53FB}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{D13F1808-0399-4129-9C3E-5CF2DC9D5C09}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{B01267A8-0D7B-4A6C-98E4-B4AFEC94F8A1}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{39AA0C5E-6066-4378-B392-59D244E20E2E}] => (Allow) LPort=1900
FirewallRules: [{68F54B8C-5C12-4280-80E9-67DC5A12D48B}] => (Allow) LPort=2869
FirewallRules: [{28A9561C-090B-4040-9E04-6FD5BCE1DA53}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{FBE9E035-9D97-4550-88C7-4566FA6E8F2B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A7D7194A-876B-4BE3-B0DD-C7EEE0F1FEE3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{79FD9182-2391-4C54-8C03-FF3B7E7E9D3C}C:\program files (x86)\byond\bin\byond.exe] => (Allow) C:\program files (x86)\byond\bin\byond.exe
FirewallRules: [UDP Query User{B0B2B2A5-EFC7-4234-AE2A-C75BD50ABDB9}C:\program files (x86)\byond\bin\byond.exe] => (Allow) C:\program files (x86)\byond\bin\byond.exe
FirewallRules: [TCP Query User{3A3F962A-899D-4BD1-B2DD-DDE7E60813E4}C:\program files (x86)\cisco packet tracer 6.1sv\bin\packettracer6.exe] => (Allow) C:\program files (x86)\cisco packet tracer 6.1sv\bin\packettracer6.exe
FirewallRules: [UDP Query User{D70FC6C8-DF6C-44EB-B99B-065576FFB1B0}C:\program files (x86)\cisco packet tracer 6.1sv\bin\packettracer6.exe] => (Allow) C:\program files (x86)\cisco packet tracer 6.1sv\bin\packettracer6.exe
FirewallRules: [TCP Query User{57E82506-E3DD-4F30-B0C2-EA029BC63F68}C:\program files (x86)\cisco packet tracer 5.3.3\bin\packettracer5.exe] => (Block) C:\program files (x86)\cisco packet tracer 5.3.3\bin\packettracer5.exe
FirewallRules: [UDP Query User{1D03EBB2-0AE8-4DB7-BD88-F6E03FB2E744}C:\program files (x86)\cisco packet tracer 5.3.3\bin\packettracer5.exe] => (Block) C:\program files (x86)\cisco packet tracer 5.3.3\bin\packettracer5.exe
FirewallRules: [TCP Query User{DC054ABE-2F73-4B59-98E9-19704F95144A}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{555E7D59-6B51-4202-B9FB-D8DE0B55F205}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{ECF719AC-3CAC-4015-BAE1-FB19234EC103}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{45496147-EA5D-4D2B-B747-2B7E7F1EFC14}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{670767B6-80D1-4E9F-A57D-C29885C871C6}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1CD56690-8498-4F9B-BDAD-EDDD609578A6}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{6A90E537-F0A6-4B65-93B4-DFFC39881FDD}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{A1C8582E-3911-42D6-876F-E8E1D696AE34}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{13F852CB-1FA9-446E-8166-82F525AB7D4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{E3B28C09-109E-494E-868B-F27C8F90022C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings II\CK2game.exe
FirewallRules: [TCP Query User{8E381AE5-AD18-4D34-A38E-937C2CF795E2}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{E031CCA5-40A2-44BB-BAF5-9F4B8375413F}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{1D0B184F-AA64-494B-96C6-E2766D10F748}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{882B31C3-985F-42ED-8A35-571F41F5B5A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [TCP Query User{E90E9170-CFDF-4422-840F-861F6C93AFF4}C:\program files (x86)\cisco packet tracer 6.1sv\bin\packettracer6.exe] => (Block) C:\program files (x86)\cisco packet tracer 6.1sv\bin\packettracer6.exe
FirewallRules: [UDP Query User{3794158D-75CD-4337-A299-7C9B3EF194EE}C:\program files (x86)\cisco packet tracer 6.1sv\bin\packettracer6.exe] => (Block) C:\program files (x86)\cisco packet tracer 6.1sv\bin\packettracer6.exe
FirewallRules: [TCP Query User{7E7233D4-B289-4741-9C61-7D1EB4BD0820}C:\program files (x86)\cisco packet tracer 5.3.3\bin\packettracer5.exe] => (Block) C:\program files (x86)\cisco packet tracer 5.3.3\bin\packettracer5.exe
FirewallRules: [UDP Query User{19E4B297-CF41-4BD6-B2FD-2A4A3DD0EC7F}C:\program files (x86)\cisco packet tracer 5.3.3\bin\packettracer5.exe] => (Block) C:\program files (x86)\cisco packet tracer 5.3.3\bin\packettracer5.exe
FirewallRules: [{6BD1A3C1-192B-46B8-B562-D23107F62114}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{66E21987-3E6C-4816-8B80-712FDBD0F7E1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{5142C996-B55C-4DCD-9E6F-49D6FC8E8D55}C:\program files\adobe\adobe photoshop cc 2015\node.exe] => (Allow) C:\program files\adobe\adobe photoshop cc 2015\node.exe
FirewallRules: [UDP Query User{C4953E17-C10A-4AE4-BBE2-65FD7E50A766}C:\program files\adobe\adobe photoshop cc 2015\node.exe] => (Allow) C:\program files\adobe\adobe photoshop cc 2015\node.exe
FirewallRules: [{3208BF50-A0FE-44D4-AD65-4BDBC7C2E440}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
31-12-2015 01:01:39 Windows Update
07-01-2016 08:54:31 Scheduled Checkpoint
12-01-2016 23:14:51 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
 
==================== Faulty Device Manager Devices =============
 
Name: Virtual Bluetooth Support (Include Audio)
Description: Virtual Bluetooth Support (Include Audio)
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: AthBTPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: Bluetooth LWFLT Device
Description: Bluetooth LWFLT Device
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_LWFLT
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: Bluetooth Audio Device
Description: Bluetooth Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_A2DP
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/24/2016 07:57:11 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Family_Laptop)
Description: Activation of app Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (01/24/2016 07:57:09 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Family_Laptop)
Description: Activation of app Microsoft.BingSports_8wekyb3d8bbwe!AppexSports failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (01/23/2016 11:47:43 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Family_Laptop)
Description: Activation of app Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (01/23/2016 10:08:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Family_Laptop)
Description: Activation of app Microsoft.BingSports_8wekyb3d8bbwe!AppexSports failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (01/23/2016 10:08:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Family_Laptop)
Description: Activation of app Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (01/23/2016 07:45:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Family_Laptop)
Description: Activation of app Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (01/23/2016 06:10:41 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2005) (User: NT AUTHORITY)
Description: There was an error communicating to the Orion DCS server
 
Error: (01/23/2016 06:03:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Family_Laptop)
Description: Activation of app Microsoft.BingSports_8wekyb3d8bbwe!AppexSports failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (01/23/2016 05:40:23 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Family_Laptop)
Description: Activation of app Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (01/23/2016 04:13:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Family_Laptop)
Description: Activation of app Microsoft.BingSports_8wekyb3d8bbwe!AppexSports failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
 
System errors:
=============
Error: (01/24/2016 09:25:56 AM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer PETE-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{B39B3DF8-8BC4-4D6B-BE24-38D6D6C4CCDA}.
The master browser is stopping or an election is being forced.
 
Error: (01/24/2016 08:06:24 AM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer PETE-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{B39B3DF8-8BC4-4D6B-BE24-38D6D6C4CCDA}.
The master browser is stopping or an election is being forced.
 
Error: (01/24/2016 12:10:19 AM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer PETE-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{B39B3DF8-8BC4-4D6B-BE24-38D6D6C4CCDA}.
The master browser is stopping or an election is being forced.
 
Error: (01/23/2016 11:48:42 PM) (Source: DCOM) (EventID: 10010) (User: Family_Laptop)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (01/23/2016 11:48:12 PM) (Source: DCOM) (EventID: 10010) (User: Family_Laptop)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (01/23/2016 10:49:38 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
 
Error: (01/23/2016 10:49:38 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
 
Error: (01/23/2016 10:49:38 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
 
Error: (01/23/2016 10:09:55 PM) (Source: DCOM) (EventID: 10010) (User: Family_Laptop)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (01/23/2016 10:09:25 PM) (Source: DCOM) (EventID: 10010) (User: Family_Laptop)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
 
CodeIntegrity:
===================================
  Date: 2015-06-16 19:27:27.949
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-16 19:27:27.621
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-16 19:27:27.263
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-16 19:27:26.936
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-16 19:27:26.586
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-16 19:27:26.261
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-16 19:27:25.884
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-16 19:27:25.438
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-16 19:27:25.090
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-16 19:27:24.710
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Celeron® CPU 1017U @ 1.60GHz
Percentage of memory in use: 75%
Total physical RAM: 3977.27 MB
Available physical RAM: 975.63 MB
Total Virtual: 13397.08 MB
Available Virtual: 4536.35 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:284.93 GB) (Free:173.2 GB) NTFS
Drive y: (WINRETOOLS) (Fixed) (Total:0.48 GB) (Free:0.2 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 25F95A48)
 
Partition: GPT.
 
==================== End of Addition.txt ============================
 
 

 


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,024 posts
  • MVP
You have two apps that are not working:
 
Microsoft.BingWeather
Microsoft.BingSports
 
These may be on your main window if so right click on each and uninstall.  If not there look under All Apps.
 
 
 
Get Process Explorer
 
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).  
 
View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures
 
 
Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  
 
Wait a full minute then:
 
File, Save As, Save.  Open the file Procexp.txt on your desktop and copy and paste the text to a reply.
 
 
Get the free version of Speccy:
 
http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  Download, Save and Install it.  
 
Close all browsers and open progrms before running Speccy.  Run Speccy.  When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  (It will be near the top about 10 lines down.)  Save the file and close notepad  Attach the file to your next post as it is usually too large for the forum (Click on More Reply Options then Choose file, select the file, Open, Attach this File) Uninstall Speccy.
 
Your Avast is out of date.  You need to get the latest version then:
 
 
Let Avast run a boot-time scan while you sleep:
 
Click on the Avast ball in systray or the Avast shortcut on your desktop or All Programs, Avast Software, Avast Free Anti-virus.
 
Click on Scan then Scan for Viruses.  In the box under the monitor icon, click on the down arrow and select Boot-time Scan.
 
Click on Scan Settings
 
Change System Drive to All hard drives
 
 
Under Heuristics click on the gray box to the left of Normal. It should turn Orange and now say High
 
Make sure the two boxes are checked.  Where it says 
 
When a threat is found... change it to Move to Chest.  OK.  Start.
 
The next time you reboot the scan will start.  I usually let it run while I sleep because it can take 6 hours.  (Good idea to mute the speakers so windows won't wake you when it finally boots up)
 
It normally stores its log in C:\ProgramData\AVAST Software\Avast\report\aswBoot.txt but it might change but last time I ran it it told you where to look for the log when it first started up.
 
Once it finishes copy and paste the log into a replay.  (if it says it found anything)
 
 
 

  • 0

#3
Pepsi_Man

Pepsi_Man

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts

Hello! Thanks for the fast reply. I attached all the logs you requested.

Attached Files


  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,024 posts
  • MVP

Very strange process explorer log.  Never saw one like that before.  You have multiple copies of many processes running where normally there is just one.  No wonder it's slow.  Let's check the Windows files.

 

Open an Elevated Command Prompt ( From the main window - the one with big squares, click on the arrow in the bottom left to open the list of Apps.  Find Command Prompt (under Windows System you may have to scroll to see it).  Right click and Run As Administrator.  Yes.  This should open a black window.  Type with an Enter after each line:

sfc  /scannow

(This will take a few minutes to run.  Wait for the prompt to return. Reboot when done then reopen the elevated command prompt and continue)

DISM /Online /Cleanup-Image /RestoreHealth

(This one requires an Internet connection and will take even longer.  Does it report any errors?  If SFC /SCANNOW reported that it could not fix everything then run it again.  IF it still reports that it can't fix everything then: )

 

Copy the next two lines:
 
findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \windows\logs\cbs\junk.txt 
notepad \windows\logs\cbs\junk.txt 

Return to the elevated command prompt and right click.  Select Paste (on some systems you need to select Edit first then Paste) .  The copied lines should appear.  If notepad does not open, hit Enter.

 

Copy and paste the text from Notepad into a reply.

 

 

Regardless of how sfc did:

 

 
1. Please download the Event Viewer Tool by Vino Rosso
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
 
* System
4. Under 'Select type to list', select:
* Error
* Warning
 
 
Then use the 'Number of events' as follows:
 
 
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
 
 
Please post the Output log in your next reply then repeat but select Application.
 
 (Second time you run vew it will overwrite the first log so copy it to a reply or rename it first.)
 
 
Run Process Explorer again and create a log as before and attach it to a replay.

  • 0

#5
Pepsi_Man

Pepsi_Man

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts

Hello! When I ran sfc /scannow the first time it reported it couldn't fix everything. I didn't note what it reported before I rebooted the system.

 

DISM ran successfully but came across an error; the error stop code was: 0x800f0906 with the following message:

 

"The source files could not be downloaded."

 

I put in the command exactly as you typed it. I double and tripled checked that I typed it right. It gave the following file path when it was done:

 

C:\WINDOWS\system32>DISM /Online /Cleanup-Image /RestoreHealthjh

 

Error: 87

 

"The restorehealthjh option is not recognized in this context,"

 

 

The second sfc/scannow didn't seem to run into an error so I didn't take the additional step you provided if an error accorded. It did say however "Windows Resource Protection did not find any integrity violations." which I assume wasn't an error.

 

All the logs you requested are attached. 

 

 

Attached Files


  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,024 posts
  • MVP

Look at it again:

This is what it should be:

DISM  /Online  /Cleanup-Image  /RestoreHealth
 
This is what you typed:
 
DISM /Online /Cleanup-Image /RestoreHealthjh
 
the jh on the back is the problem.
 

Try it again.


  • 0

#7
Pepsi_Man

Pepsi_Man

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts

I did what you asked and I still got an error. Although it's different this time. I got screen shots:

 

c2481cd2b4d1c17dd187fb2b77a6d8c2.png

 

670d50fb7ffb3177a7f26b26697ce2e0.png


  • 0

#8
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,024 posts
  • MVP

This time you left out the space between the options.

DISM     /Online     /Cleanup-Image     /RestoreHealth  

(Just one space needed each time.  I added extra spaces to make it plain where a single space goes.)


  • 0

#9
Pepsi_Man

Pepsi_Man

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts

I tried it again with the space in between them. I still got the same error.


  • 0

#10
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,024 posts
  • MVP

Is it not connected to the internet?

 

Is there a firewall that is blocking it?

 

Please download MiniToolbox
 
http://www.bleepingc...ad/minitoolbox/save it to your desktop and run it.
 
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer Errors
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
     
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

    • 0

    Advertisements


    #11
    Pepsi_Man

    Pepsi_Man

      Member

    • Topic Starter
    • Member
    • PipPip
    • 32 posts

    Could be the firewall, I was able to ping the router. Here is the log you requested.

     

    MiniToolBox by Farbar  Version: 02-11-2015
    Ran by Raymond (administrator) on 26-01-2016 at 10:07:17
    Running from "C:\Users\Raymond\Desktop"
    Microsoft Windows 8.1  (X64)
    Model: Inspiron 3521 Manufacturer: Dell Inc.
    Boot Mode: Normal
    ***************************************************************************
     
    ========================= Flush DNS: ===================================
     
    Windows IP Configuration
     
    Successfully flushed the DNS Resolver Cache.
     
    ========================= IE Proxy Settings: ============================== 
     
    Proxy is not enabled.
    No Proxy Server is set.
     
    "Reset IE Proxy Settings": IE Proxy Settings were reset.
     
    ========================= FF Proxy Settings: ============================== 
     
     
    "Reset FF Proxy Settings": Firefox Proxy settings were reset.
     
    ========================= Hosts content: =================================
    ========================= IP Configuration: ================================
     
    Dell Wireless 1705 802.11b/g/n (2.4GHZ) = Wi-Fi (Connected)
    Realtek PCIe FE Family Controller = Ethernet (Media disconnected)
    Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
     
     
    # ----------------------------------
    # IPv4 Configuration
    # ----------------------------------
    pushd interface ipv4
     
    reset
    set global icmpredirects=enabled
    set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="Local Area Connection* 12" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="ethernet_3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="Local Area Connection* 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
     
     
    popd
    # End of IPv4 configuration
     
     
     
    Windows IP Configuration
     
       Host Name . . . . . . . . . . . . : Family_Laptop
       Primary Dns Suffix  . . . . . . . : 
       Node Type . . . . . . . . . . . . : Hybrid
       IP Routing Enabled. . . . . . . . : No
       WINS Proxy Enabled. . . . . . . . : No
     
    Ethernet adapter Bluetooth Network Connection:
     
       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
       Physical Address. . . . . . . . . : 34-23-87-40-9D-5E
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
     
    Wireless LAN adapter Local Area Connection* 12:
     
       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
       Physical Address. . . . . . . . . : 16-23-87-40-9D-5D
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
     
    Ethernet adapter Ethernet:
     
       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
       Physical Address. . . . . . . . . : 74-86-7A-55-DA-D5
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
     
    Wireless LAN adapter Wi-Fi:
     
       Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : Dell Wireless 1705 802.11b/g/n (2.4GHZ)
       Physical Address. . . . . . . . . : 34-23-87-40-9D-5D
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
       Link-local IPv6 Address . . . . . : fe80::4ce5:9c92:8038:b037%3(Preferred) 
       IPv4 Address. . . . . . . . . . . : 10.10.10.105(Preferred) 
       Subnet Mask . . . . . . . . . . . : 255.255.255.0
       Lease Obtained. . . . . . . . . . : Monday, January 25, 2016 12:37:21 PM
       Lease Expires . . . . . . . . . . : Tuesday, January 26, 2016 12:37:21 PM
       Default Gateway . . . . . . . . . : 10.10.10.254
       DHCP Server . . . . . . . . . . . : 255.255.255.255
       DHCPv6 IAID . . . . . . . . . . . : 322184071
       DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-16-99-5F-74-86-7A-55-DA-D5
       DNS Servers . . . . . . . . . . . : 10.10.10.254
                                           8.8.8.8
       NetBIOS over Tcpip. . . . . . . . : Enabled
     
    Tunnel adapter Local Area Connection* 14:
     
       Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
       IPv6 Address. . . . . . . . . . . : 2001:0:9d38:90d7:96:200:f5f5:f596(Preferred) 
       Link-local IPv6 Address . . . . . : fe80::96:200:f5f5:f596%6(Preferred) 
       Default Gateway . . . . . . . . . : ::
       DHCPv6 IAID . . . . . . . . . . . : 167772160
       DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-16-99-5F-74-86-7A-55-DA-D5
       NetBIOS over Tcpip. . . . . . . . : Disabled
     
    Tunnel adapter isatap.{B39B3DF8-8BC4-4D6B-BE24-38D6D6C4CCDA}:
     
       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
    Server:  almond.securifi-setup.com
    Address:  10.10.10.254
     
    Name:    google.com
    Addresses:  2607:f8b0:4007:809::200e
     216.58.216.14
     
     
    Pinging google.com [216.58.216.14] with 32 bytes of data:
    Reply from 216.58.216.14: bytes=32 time=20ms TTL=56
    Reply from 216.58.216.14: bytes=32 time=20ms TTL=56
     
    Ping statistics for 216.58.216.14:
        Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
        Minimum = 20ms, Maximum = 20ms, Average = 20ms
    Server:  almond.securifi-setup.com
    Address:  10.10.10.254
     
    Name:    yahoo.com
    Addresses:  2001:4998:c:a06::2:4008
     2001:4998:58:c02::a9
     2001:4998:44:204::a7
     206.190.36.45
     98.138.253.109
     98.139.183.24
     
     
    Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
    Reply from 98.139.183.24: bytes=32 time=95ms TTL=53
    Reply from 98.139.183.24: bytes=32 time=94ms TTL=53
     
    Ping statistics for 98.139.183.24:
        Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
        Minimum = 94ms, Maximum = 95ms, Average = 94ms
     
    Pinging 127.0.0.1 with 32 bytes of data:
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
     
    Ping statistics for 127.0.0.1:
        Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
        Minimum = 0ms, Maximum = 0ms, Average = 0ms
    ===========================================================================
    Interface List
      9...34 23 87 40 9d 5e ......Bluetooth Device (Personal Area Network)
      7...16 23 87 40 9d 5d ......Microsoft Wi-Fi Direct Virtual Adapter
      4...74 86 7a 55 da d5 ......Realtek PCIe FE Family Controller
      3...34 23 87 40 9d 5d ......Dell Wireless 1705 802.11b/g/n (2.4GHZ)
      1...........................Software Loopback Interface 1
      6...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
      5...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
    ===========================================================================
     
    IPv4 Route Table
    ===========================================================================
    Active Routes:
    Network Destination        Netmask          Gateway       Interface  Metric
              0.0.0.0          0.0.0.0     10.10.10.254     10.10.10.105     25
           10.10.10.0    255.255.255.0         On-link      10.10.10.105    281
         10.10.10.105  255.255.255.255         On-link      10.10.10.105    281
         10.10.10.255  255.255.255.255         On-link      10.10.10.105    281
            127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
            127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
      127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
            224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
            224.0.0.0        240.0.0.0         On-link      10.10.10.105    281
      255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      255.255.255.255  255.255.255.255         On-link      10.10.10.105    281
    ===========================================================================
    Persistent Routes:
      None
     
    IPv6 Route Table
    ===========================================================================
    Active Routes:
     If Metric Network Destination      Gateway
      6    306 ::/0                     On-link
      1    306 ::1/128                  On-link
      6    306 2001::/32                On-link
      6    306 2001:0:9d38:90d7:96:200:f5f5:f596/128
                                        On-link
      3    281 fe80::/64                On-link
      6    306 fe80::/64                On-link
      6    306 fe80::96:200:f5f5:f596/128
                                        On-link
      3    281 fe80::4ce5:9c92:8038:b037/128
                                        On-link
      1    306 ff00::/8                 On-link
      3    281 ff00::/8                 On-link
      6    306 ff00::/8                 On-link
    ===========================================================================
    Persistent Routes:
      None
    ========================= Winsock entries =====================================
     
    Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [55296] (Microsoft Corporation)
    Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
    Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
    Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [65536] (Microsoft Corporation)
    Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
    Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [23040] (Microsoft Corporation)
    Catalog5 07 C:\WINDOWS\SysWOW64\wshbth.dll [50688] (Microsoft Corporation)
    Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
    Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
    Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
    Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
    Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
    Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
    Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
    Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
    Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
    Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
    Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
    x64-Catalog5 01 C:\Windows\System32\napinsp.dll [69120] (Microsoft Corporation)
    x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
    x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
    x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [86016] (Microsoft Corporation)
    x64-Catalog5 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
    x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30720] (Microsoft Corporation)
    x64-Catalog5 07 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
    x64-Catalog9 01 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
    x64-Catalog9 02 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
    x64-Catalog9 03 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
    x64-Catalog9 04 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
    x64-Catalog9 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
    x64-Catalog9 06 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
    x64-Catalog9 07 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
    x64-Catalog9 08 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
    x64-Catalog9 09 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
    x64-Catalog9 10 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
    x64-Catalog9 11 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
     
    ========================= Event log errors: ===============================
     
    Application errors:
    ==================
    Error: (01/26/2016 10:05:46 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: Family_Laptop)
    Description: Activation of app Microsoft.BingSports_8wekyb3d8bbwe!AppexSports failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
     
    Error: (01/26/2016 09:53:23 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: Family_Laptop)
    Description: Activation of app Microsoft.BingSports_8wekyb3d8bbwe!AppexSports failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
     
    Error: (01/26/2016 09:53:23 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: Family_Laptop)
    Description: Activation of app Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
     
    Error: (01/26/2016 02:07:15 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: Family_Laptop)
    Description: Activation of app Microsoft.BingSports_8wekyb3d8bbwe!AppexSports failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
     
    Error: (01/26/2016 12:49:01 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: Family_Laptop)
    Description: Activation of app Microsoft.BingSports_8wekyb3d8bbwe!AppexSports failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
     
    Error: (01/26/2016 12:49:01 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: Family_Laptop)
    Description: Activation of app Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
     
    Error: (01/25/2016 11:17:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Family_Laptop)
    Description: Activation of app Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
     
    Error: (01/25/2016 11:17:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Family_Laptop)
    Description: Activation of app Microsoft.BingSports_8wekyb3d8bbwe!AppexSports failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
     
    Error: (01/25/2016 08:52:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Family_Laptop)
    Description: Activation of app Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
     
    Error: (01/25/2016 08:07:16 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Family_Laptop)
    Description: Activation of app Microsoft.BingSports_8wekyb3d8bbwe!AppexSports failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
     
     
    System errors:
    =============
    Error: (01/26/2016 01:37:41 AM) (Source: Schannel) (User: NT AUTHORITY)
    Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
     
    Error: (01/25/2016 12:46:25 PM) (Source: bowser) (User: )
    Description: The master browser has received a server announcement from the computer PETE-PC
    that believes that it is the master browser for the domain on transport NetBT_Tcpip_{B39B3DF8-8BC4-4D6B-BE24-38D6D6C4CCDA}.
    The master browser is stopping or an election is being forced.
     
    Error: (01/25/2016 12:38:41 PM) (Source: Service Control Manager) (User: )
    Description: The BlueStacks Android Service service terminated with the following error: 
    %%1064
     
    Error: (01/25/2016 12:35:29 PM) (Source: DCOM) (User: Family_Laptop)
    Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
     
    Error: (01/25/2016 12:35:29 PM) (Source: DCOM) (User: Family_Laptop)
    Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
     
    Error: (01/25/2016 10:32:47 AM) (Source: bowser) (User: )
    Description: The master browser has received a server announcement from the computer PETE-PC
    that believes that it is the master browser for the domain on transport NetBT_Tcpip_{B39B3DF8-8BC4-4D6B-BE24-38D6D6C4CCDA}.
    The master browser is stopping or an election is being forced.
     
    Error: (01/25/2016 05:24:17 AM) (Source: DCOM) (User: Family_Laptop)
    Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
     
    Error: (01/25/2016 05:23:46 AM) (Source: DCOM) (User: Family_Laptop)
    Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
     
    Error: (01/25/2016 01:32:21 AM) (Source: Schannel) (User: NT AUTHORITY)
    Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
     
    Error: (01/24/2016 10:26:57 PM) (Source: Service Control Manager) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
     
     
    Microsoft Office Sessions:
    =========================
    Error: (01/26/2016 10:05:46 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: Family_Laptop)
    Description: Microsoft.BingSports_8wekyb3d8bbwe!AppexSports-2144927148
     
    Error: (01/26/2016 09:53:23 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: Family_Laptop)
    Description: Microsoft.BingSports_8wekyb3d8bbwe!AppexSports-2144927148
     
    Error: (01/26/2016 09:53:23 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: Family_Laptop)
    Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2144927148
     
    Error: (01/26/2016 02:07:15 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: Family_Laptop)
    Description: Microsoft.BingSports_8wekyb3d8bbwe!AppexSports-2144927148
     
    Error: (01/26/2016 12:49:01 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: Family_Laptop)
    Description: Microsoft.BingSports_8wekyb3d8bbwe!AppexSports-2144927148
     
    Error: (01/26/2016 12:49:01 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: Family_Laptop)
    Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2144927148
     
    Error: (01/25/2016 11:17:04 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: Family_Laptop)
    Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2144927148
     
    Error: (01/25/2016 11:17:04 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: Family_Laptop)
    Description: Microsoft.BingSports_8wekyb3d8bbwe!AppexSports-2144927148
     
    Error: (01/25/2016 08:52:27 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: Family_Laptop)
    Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2144927148
     
    Error: (01/25/2016 08:07:16 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: Family_Laptop)
    Description: Microsoft.BingSports_8wekyb3d8bbwe!AppexSports-2144927148
     
     
    CodeIntegrity Errors:
    ===================================
      Date: 2015-06-16 19:27:27.949
      Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
     
      Date: 2015-06-16 19:27:27.621
      Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
     
      Date: 2015-06-16 19:27:27.263
      Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
     
      Date: 2015-06-16 19:27:26.936
      Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
     
      Date: 2015-06-16 19:27:26.586
      Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
     
      Date: 2015-06-16 19:27:26.261
      Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
     
      Date: 2015-06-16 19:27:25.884
      Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
     
      Date: 2015-06-16 19:27:25.438
      Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
     
      Date: 2015-06-16 19:27:25.090
      Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
     
      Date: 2015-06-16 19:27:24.710
      Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
     
     
    =========================== Installed Programs ============================
     
    7-Zip 15.12 (x64) (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov)
    Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.4.3.189 - Adobe Systems Incorporated)
    Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
    Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.1.1 - Adobe Systems Incorporated)
    Amazon 1Button App for Windows Taskbar (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.2 - Amazon)
    Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software)
    Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
    Blender (HKLM\...\{D593042C-8739-488D-93B8-E6B202013E57}) (Version: 2.76.1 - Blender Foundation)
    BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.11.4119 - BlueStack Systems, Inc.)
    BlueStacks Notification Center (HKLM-x32\...\{E78B4959-B348-4913-874B-FF982378E035}) (Version: 0.9.11.4119 - BlueStack Systems, Inc.)
    BYOND (HKLM-x32\...\BYOND) (Version: 501.1217 - BYOND)
    Cisco Packet Tracer 5.3.3 (HKLM-x32\...\Cisco Packet Tracer 5.3.3_is1) (Version:  - Cisco Systems, Inc.)
    Cisco Packet Tracer 6.1 Student (HKLM-x32\...\Cisco Packet Tracer 6.1 Student_is1) (Version:  - Cisco Systems, Inc.)
    Crusader Kings II (HKLM-x32\...\Steam App 203770) (Version:  - Paradox Development Studio)
    D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
    Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.5.0.0 - Dell Inc.)
    Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.5.0.0 - Dell Inc.)
    Dell Data Vault (HKLM\...\{2E55EEFD-2162-4A7D-9158-EDB0305603A6}) (Version: 4.3.5.1 - Dell Inc.) Hidden
    Dell Digital Delivery (HKLM-x32\...\{B96348BD-6B0D-42E3-80B1-FA6718067BFE}) (Version: 2.8.1000.0 - Dell Products, LP)
    Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.93 - Dell)
    Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.1.1.14 - Dell)
    Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 16.3.7.0 - Synaptics Incorporated)
    Dell Update (HKLM-x32\...\{D9E0A33F-19D6-45A7-83BB-535C7B5F699B}) (Version: 1.5.3000.0 - Dell Inc.)
    Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
    EPSON WF-2630 Series Printer Uninstall (HKLM\...\EPSON WF-2630 Series) (Version:  - SEIKO EPSON Corporation)
    Ezvid (HKLM-x32\...\{F96D619D-99D6-4C9C-A393-0CD22DE1CA66}_is1) (Version: 1.002 - Ezvid, inc.)
    Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
    GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
    GNS3 1.3.4 (HKLM-x32\...\GNS3) (Version: 1.3.4 - )
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.)
    Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.29.1 - Google Inc.) Hidden
    Gyazo 3.2.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
    Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
    Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
    Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.7.0.1013 - Intel Corporation)
    Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
    Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
    Movie Maker (HKLM-x32\...\{5BABDA39-61CF-41EE-992D-4054B6649A9B}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Mozilla Firefox 43.0.4 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 en-US)) (Version: 43.0.4 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
    PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.12.0 - Prolific Technology INC)
    Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.218 - Qualcomm Atheros Communications)
    Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.15.018 - Dell Inc.)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6959 - Realtek Semiconductor Corp.)
    Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
    Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
    Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
    Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.109 - Skype Technologies S.A.)
    Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    Stencyl (HKLM-x32\...\Stencyl) (Version: /root/.jenkins/jobs/Stencyl-Windows/workspace/build - Stencyl, LLC)
    TeamSpeak 2 RC2 (HKLM-x32\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
    TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
    WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
    WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
     
    ========================= Devices: ================================
     
    Name: Virtual Bluetooth Support (Include Audio)
    Description: Virtual Bluetooth Support (Include Audio)
    Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
    Manufacturer: Qualcomm Atheros Communications
    Service: AthBTPort
    Device ID: BTHENUM\{CBECAB40-A2C8-4AB3-ADC1-DE0FE95D8600}_LOCALMFG&0000\8&B5E5AF2&1&000000000000_00000000
    Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
    Resolution: Update the driver
     
    Name: Bluetooth LWFLT Device
    Description: Bluetooth LWFLT Device
    Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
    Manufacturer: Qualcomm Atheros Communications
    Service: BTATH_LWFLT
    Device ID: BTHENUM\{DD533152-01F4-435C-ABFE-984BC21A2A65}_LOCALMFG&0000\8&B5E5AF2&1&000000000000_00000000
    Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
    Resolution: Update the driver
     
    Name: Bluetooth Audio Device
    Description: Bluetooth Audio Device
    Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
    Manufacturer: Qualcomm Atheros Communications
    Service: BTATH_A2DP
    Device ID: BTHENUM\{61118058-486C-4BB0-B4B8-ACE4DCADEC44}_LOCALMFG&0000\8&B5E5AF2&1&000000000000_00000000
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
     
     
    ========================= Memory info: ===================================
     
    Percentage of memory in use: 56%
    Total physical RAM: 3977.27 MB
    Available physical RAM: 1739.16 MB
    Total Virtual: 11145.27 MB
    Available Virtual: 7672.32 MB
     
    ========================= Partitions: =====================================
     
    1 Drive c: (OS) (Fixed) (Total:284.93 GB) (Free:178.57 GB) NTFS
    2 Drive y: (WINRETOOLS) (Fixed) (Total:0.48 GB) (Free:0.2 GB) NTFS
     
    ========================= Users: ========================================
     
    User accounts for \\FAMILY_LAPTOP
     
    Administrator            Guest                    lpsde_000                
    Pete                     Raymond                  
     
    ========================= Minidump Files ==================================
     
    C:\WINDOWS\Minidump\020615-29078-01.dmp
    C:\WINDOWS\Minidump\070915-45453-01.dmp
    C:\WINDOWS\Minidump\091215-37500-01.dmp
     
    **** End of log ****

    • 0

    #12
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,024 posts
    • MVP

    Internet looks good and the Free Avast doesn't have a firewall so I'm not sure why it didn't work.  Let's try it a different way.

     

    Copy the next line:

    DISM /Online /Cleanup-Image /RestoreHealth  

    search for: cmd.exe

    when it finds it, right click on it and Run As Administrator.  (Alternatively if you have a Windows key you can press the Windows key + x and then select Command Prompt (Admin) -careful here are two.)

     

    (Yes)

     

    Prompt should say:

     

     
    C:\windows\system32>

     

     

    If it doesn't have the above prompt then you didn't get the elevated command prompt so try again.
    Right click in the cmd window and Paste and the copied line should appear.  (Some systems you have to hit Edit first then Paste).  Hit Enter.
     
    That should start it without any typing to go wrong.
     
    It should start off something like this (This is from a Win 8.1 and not a 10 so the numbers may be different) and take a while for the prompt to return:
     

    Deployment Image Servicing and Management tool
    Version: 6.3.9600.17031
     
    Image Version: 6.3.9600.17031

     

     

     

    • 0

    #13
    Pepsi_Man

    Pepsi_Man

      Member

    • Topic Starter
    • Member
    • PipPip
    • 32 posts

    Good day, hope everything is going well for you. I got some bad news; even pasting it in didn't work. It gave the "The source files could not be downloaded" message.


    Edited by Pepsi_Man, 26 January 2016 - 01:40 PM.

    • 0

    #14
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,024 posts
    • MVP

    OK.  I expect it is having a problem with a secure connection.  Check that your time and and date are correct.  If they are off then it can't do secure.


    • 0

    #15
    Pepsi_Man

    Pepsi_Man

      Member

    • Topic Starter
    • Member
    • PipPip
    • 32 posts

    I checked the time and it is the right on. I got a screen shot:

     

    0103210f6e66f223d1c8b484d2b7d108.png


    • 0






    Similar Topics

    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users

    As Featured On:

    Microsoft Yahoo BBC MSN PC Magazine Washington Post HP