Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Computer sporadically freezing...is it malware? [Solved]


  • This topic is locked This topic is locked

#31
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,594 posts
Hows the computer running after trying these? Are the freezes still happening?
  • 0

Advertisements


#32
BrianR1976

BrianR1976

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 247 posts

I want to say there hasn't been any freezes since I did the updates.


  • 0

#33
BrianR1976

BrianR1976

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 247 posts

Still no issues with freezing but my virus scanner has been going crazy this evening. It' keeps going off while I am using Google. The alert keeps mentioning Google Play, which I am not even using. I ran my virus scanner and the only thing it turned up was saying that my router password was too easy. I went to my router page to change the password (not going directly from the virus scanner) and Malwarebytes blocked the page. Malwarebytes scan comes back clean


Edited by BrianR1976, 20 March 2017 - 11:14 PM.

  • 0

#34
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,594 posts
Hi BrianR1976

It sounds a bit suspicious but Malwarebytes indicates the system is clean. Are you still getting these alerts? Also what about the freezes - has it occurred again since your last post?
  • 0

#35
BrianR1976

BrianR1976

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 247 posts

Still no freezes. I am thinking that problem may be solved. I didnt get any more alerts from my virus scanner tonight; though I wasn't logged into Google using it like I was last night. I was looking at Youtube and other things on Google. The alerts kept mentioning Google Play. My guess is they were some sort of false positives.

 

One thing I have noticed is that with all of the changes I have been making my computer seems to be a little slower than before. I am chalking it up to more things being active at startup. I have tried turning a few of these things off (Malwarebytes, Spotify, real Player, etc) but they keep turning back on. I also lost my popup and ad blockers. Is it safe to get those again?


  • 0

#36
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,594 posts
Good news about the freezes. Run a fresh FRST and addition log and I'll have a look.
  • 0

#37
BrianR1976

BrianR1976

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 247 posts

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by BReese76 (administrator) on BREESE76-HP (22-03-2017 21:13:56)
Running from C:\Users\BReese76\Desktop
Loaded Profiles: BReese76 (Available Profiles: BReese76)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Copyright © 2017 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\RealPlayer\UpdateService\RealPlayerUpdateSvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(Spotify Ltd) C:\Users\BReese76\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Dropbox, Inc.) C:\Users\BReese76\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Dropbox, Inc.) C:\Users\BReese76\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\Real\RealPlayer\RealDownloader\downloader2.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RealDownloader\realdownloader264.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HDCore\Setup.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HDCore\Setup.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\launcher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-04-24] (IDT, Inc.)
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-03-30] (Hewlett-Packard )
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-17] (AVAST Software)
HKLM-x32\...\Run: [AMD AVT] => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [352648 2017-03-19] (RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => C:\program files (x86)\real\realplayer\RealDownloader\downloader2.exe [738032 2017-03-14] ()
HKU\S-1-5-21-239473584-822298280-3168733615-1001\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4377256 2015-09-04] (Fitbit, Inc.)
HKU\S-1-5-21-239473584-822298280-3168733615-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-239473584-822298280-3168733615-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-239473584-822298280-3168733615-1001\...\Run: [Spotify Web Helper] => C:\Users\BReese76\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-03-13] (Spotify Ltd)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-17] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-17] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BReese76\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BReese76\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BReese76\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BReese76\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BReese76\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BReese76\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BReese76\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
Startup: C:\Users\BReese76\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-03-09]
ShortcutTarget: Dropbox.lnk -> C:\Users\BReese76\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5E1B1D25-767C-4FD6-AE4C-55CFC5626C29}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{E745E9B4-9BA4-4154-BDFC-4B77998EAAFE}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-239473584-822298280-3168733615-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK/1
SearchScopes: HKLM -> {A3F3D8FE-86AE-4813-B96F-A656930924FD} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://www.ebay.com/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://www.ebay.com/sch/i.html?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-239473584-822298280-3168733615-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-239473584-822298280-3168733615-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://www.ebay.com/sch/i.html?_nkw={searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\program files (x86)\real\realplayer\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2017-03-14] (RealDownloader)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-03-05] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-02-09] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-03-17] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-03-05] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-03-05] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-09] (Oracle Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\program files (x86)\real\realplayer\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2017-03-14] (RealDownloader)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-03-05] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-03-17] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: LeapFTP Internet Explorer Hook -> {A5479DA1-7843-43A7-B5C0-BE342C77B629} -> C:\Program Files (x86)\LeapFTP 3.0\lftpie.dll [2010-10-30] (LeapWare)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-03-05] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-03-05] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-05] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-05] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-05] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-05] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-01-01] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\BReese76\AppData\Roaming\Mozilla\Firefox\Profiles\lct2jq7h.default-1489776093206 [2017-03-22]
FF Homepage: Mozilla\Firefox\Profiles\lct2jq7h.default-1489776093206 -> hxxp:/www.google.com
FF Extension: (Simple Popup Blocker) - C:\Users\BReese76\AppData\Roaming\Mozilla\Firefox\Profiles\lct2jq7h.default-1489776093206\Extensions\@simplepopupblocker.xpi [2017-03-17]
FF Extension: (Hard Refresh) - C:\Users\BReese76\AppData\Roaming\Mozilla\Firefox\Profiles\lct2jq7h.default-1489776093206\Extensions\[email protected] [2017-03-17]
FF Extension: (YouTube™ Flash® Player) - C:\Users\BReese76\AppData\Roaming\Mozilla\Firefox\Profiles\lct2jq7h.default-1489776093206\Extensions\[email protected] [2017-03-17]
FF Extension: (Save File to) - C:\Users\BReese76\AppData\Roaming\Mozilla\Firefox\Profiles\lct2jq7h.default-1489776093206\Extensions\[email protected] [2017-03-17]
FF Extension: (uBlock Origin) - C:\Users\BReese76\AppData\Roaming\Mozilla\Firefox\Profiles\lct2jq7h.default-1489776093206\Extensions\[email protected] [2017-03-17]
FF Extension: (Ebates Cash Back) - C:\Users\BReese76\AppData\Roaming\Mozilla\Firefox\Profiles\lct2jq7h.default-1489776093206\Extensions\{35d6291e-1d4b-f9b4-c52f-77e6410d1326}.xpi [2017-03-17]
FF Extension: (Download Status Bar) - C:\Users\BReese76\AppData\Roaming\Mozilla\Firefox\Profiles\lct2jq7h.default-1489776093206\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2017-03-17]
FF Extension: (Password Exporter) - C:\Users\BReese76\AppData\Roaming\Mozilla\Firefox\Profiles\lct2jq7h.default-1489776093206\Extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi [2017-03-17]
FF Extension: (Adblock Plus) - C:\Users\BReese76\AppData\Roaming\Mozilla\Firefox\Profiles\lct2jq7h.default-1489776093206\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-03-17]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF48 [2017-03-17]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF48 [2017-03-17]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] -  => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-15] ()
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-09] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-09] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-15] ()
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-03-05] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-03-05] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=18.1.7.343 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2017-03-19] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.1.7.343 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2017-03-19] (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems)
FF Plugin HKU\S-1-5-21-239473584-822298280-3168733615-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101752.dll [2012-10-24] (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\BReese76\AppData\Local\Google\Chrome\User Data\Default [2017-03-21]
CHR Extension: (Google Slides) - C:\Users\BReese76\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-03-10]
CHR Extension: (Google Docs) - C:\Users\BReese76\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-10]
CHR Extension: (Google Drive) - C:\Users\BReese76\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-10]
CHR Extension: (YouTube) - C:\Users\BReese76\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-10]
CHR Extension: (Avast Online Security (BETA)) - C:\Users\BReese76\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2017-03-10]
CHR Extension: (Avast SafePrice) - C:\Users\BReese76\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-03-17]
CHR Extension: (Google Sheets) - C:\Users\BReese76\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-03-10]
CHR Extension: (Google Docs Offline) - C:\Users\BReese76\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-10]
CHR Extension: (Yahoo Partner) - C:\Users\BReese76\AppData\Local\Google\Chrome\User Data\Default\Extensions\gihfmmedoddijgnhkgfgnkeohkpbipol [2017-03-10]
CHR Extension: (Avast Online Security) - C:\Users\BReese76\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-03-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\BReese76\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10]
CHR Extension: (Gmail) - C:\Users\BReese76\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-10]
CHR Extension: (Chrome Media Router) - C:\Users\BReese76\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-10]
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gihfmmedoddijgnhkgfgnkeohkpbipol] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor13.0; C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe [231120 2014-08-31] (Adobe Systems Incorporated)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-17] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-17] (AVAST Software)
R2 CalendarSynchService; C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [16384 2011-08-16] (Hewlett-Packard) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3736776 2017-03-05] (Microsoft Corporation)
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [5750440 2015-09-04] (Fitbit, Inc.)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1719552 2017-02-15] (PDF Complete Inc)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55000 2017-03-15] (Copyright © 2017 Plays.tv, LLC)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S4 RalinkRegistryWriter; C:\Program Files (x86)\Ralink\Common\RaRegistry.exe [372736 2012-01-13] (Ralink Technology, Corp.) [File not signed]
R2 RalinkRegistryWriter64; C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe [447488 2012-01-13] (Ralink Technology, Corp.) [File not signed]
S2 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [625728 2011-08-18] ()
R2 RealPlayer Cloud Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [987408 2017-03-19] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\program files (x86)\real\realplayer\UpdateService\RealPlayerUpdateSvc.exe [35104 2017-03-14] ()
R2 RealTimes Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [987408 2017-03-19] (RealNetworks, Inc.)
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [304408 2017-01-29] (RaMMicHaeL)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\windows\system32\drivers\aswbidsdrivera.sys [309272 2017-03-17] (AVAST Software s.r.o.)
R0 aswbidsh; C:\windows\system32\drivers\aswbidsha.sys [189768 2017-03-17] (AVAST Software s.r.o.)
R0 aswblog; C:\windows\system32\drivers\aswbloga.sys [334600 2017-03-17] (AVAST Software s.r.o.)
R0 aswbuniv; C:\windows\system32\drivers\aswbuniva.sys [48528 2017-03-17] (AVAST Software s.r.o.)
S3 aswHwid; C:\windows\system32\drivers\aswHwid.sys [38296 2017-03-17] (AVAST Software)
R1 aswKbd; C:\windows\system32\drivers\aswKbd.sys [32088 2017-03-17] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [126600 2017-03-17] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [100640 2017-03-17] (AVAST Software)
R0 aswRvrt; C:\windows\system32\drivers\aswRvrt.sys [75704 2017-03-17] (AVAST Software)
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [993608 2017-03-17] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [548928 2017-03-21] (AVAST Software)
R2 aswStm; C:\windows\system32\drivers\aswStm.sys [162528 2017-03-17] (AVAST Software)
R0 aswVmm; C:\windows\system32\drivers\aswVmm.sys [337592 2017-03-17] (AVAST Software)
S3 cmnxusbser; C:\windows\System32\DRIVERS\cmnxusbser.sys [146424 2015-11-24] (Wireless Data Device)
R1 ESProtectionDriver; C:\windows\system32\drivers\mbae64.sys [77408 2017-02-24] ()
R2 MBAMChameleon; C:\windows\system32\drivers\MBAMChameleon.sys [186304 2017-03-22] (Malwarebytes)
R3 MBAMFarflt; C:\windows\system32\drivers\farflt.sys [111544 2017-03-22] (Malwarebytes)
R3 MBAMProtection; C:\windows\system32\drivers\mbam.sys [43968 2017-03-22] (Malwarebytes)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [251840 2017-03-22] (Malwarebytes)
R3 MBAMWebProtection; C:\windows\system32\drivers\mwac.sys [82208 2017-03-22] (Malwarebytes)
R3 netr28x; C:\windows\System32\DRIVERS\netr28x.sys [2473616 2014-12-10] (MediaTek Inc.)
R2 NPF; C:\windows\system32\drivers\npf.sys [35344 2014-05-14] (CACE Technologies, Inc.)
R0 PxHlpa64; C:\windows\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
S3 sscdserd; C:\windows\System32\DRIVERS\sscdserd.sys [141384 2010-11-11] (MCCI Corporation)
S3 WirelessKeyboardFilter; C:\windows\System32\DRIVERS\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-22 21:24 - 2017-03-22 21:24 - 00000976 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Animate CC 2017.lnk
2017-03-22 21:08 - 2017-03-22 21:24 - 00000000 ____D C:\Users\BReese76\AppData\Local\Adobe
2017-03-22 21:08 - 2017-03-22 21:08 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-03-21 23:03 - 2017-03-21 23:03 - 20220217 _____ C:\Users\BReese76\Desktop\The_Book_of_Cosplay_Lights_by__Svetlana_Quindt.pdf
2017-03-20 20:04 - 2017-03-20 21:07 - 00000000 ____D C:\Users\BReese76\Desktop\ProConPages
2017-03-19 22:17 - 2017-03-19 22:17 - 00000000 ____D C:\Users\BReese76\.cache
2017-03-19 21:19 - 2017-03-19 21:19 - 00000000 ____D C:\Users\BReese76\AppData\Roaming\AMD
2017-03-19 21:19 - 2017-03-19 21:19 - 00000000 ____D C:\Users\BReese76\AppData\Local\CrashRpt
2017-03-19 21:18 - 2017-03-19 21:18 - 00005484 _____ C:\Users\BReese76\Desktop\chkdskresults.txt
2017-03-19 21:16 - 2017-03-19 21:16 - 00003380 _____ C:\windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-239473584-822298280-3168733615-1001
2017-03-19 21:16 - 2017-03-19 21:16 - 00003252 _____ C:\windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-239473584-822298280-3168733615-1001
2017-03-19 21:16 - 2017-03-19 21:16 - 00000000 ____D C:\Users\BReese76\AppData\Roaming\RealNetworks
2017-03-19 21:16 - 2017-03-19 21:16 - 00000000 ____D C:\ProgramData\RealNetworks
2017-03-19 21:15 - 2017-03-19 21:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2017-03-19 21:15 - 2017-03-19 21:15 - 00285576 _____ (Progressive Networks) C:\windows\SysWOW64\pncrt.dll
2017-03-19 21:15 - 2017-03-19 21:15 - 00207752 _____ (RealNetworks, Inc.) C:\windows\SysWOW64\rmoc3260.dll
2017-03-19 21:14 - 2017-03-19 21:14 - 00512392 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcp71.dll
2017-03-19 21:14 - 2017-03-19 21:14 - 00360840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr71.dll
2017-03-19 21:13 - 2017-03-19 21:13 - 00000000 ____D C:\Users\BReese76\AppData\Local\Real
2017-03-18 16:52 - 2017-03-18 16:52 - 00003560 ____N C:\bootsqm.dat
2017-03-18 12:43 - 2017-03-18 12:43 - 00000000 ____D C:\ProgramData\ATI
2017-03-18 12:42 - 2017-03-18 12:42 - 00000000 ____D C:\Users\BReese76\.QtWebEngineProcess
2017-03-18 12:42 - 2017-03-18 12:42 - 00000000 ____D C:\Users\BReese76\.Plays.tv
2017-03-18 12:42 - 2017-03-18 12:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raptr
2017-03-18 12:42 - 2017-03-18 12:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2017-03-18 12:41 - 2017-03-18 22:32 - 00000000 ____D C:\Users\BReese76\AppData\Roaming\PlaysTV
2017-03-18 12:40 - 2017-03-18 22:32 - 00000000 ____D C:\Users\BReese76\AppData\Roaming\Raptr
2017-03-18 12:40 - 2017-03-18 12:41 - 00000000 ____D C:\Program Files (x86)\Raptr Inc
2017-03-18 12:40 - 2017-03-18 12:41 - 00000000 ____D C:\Program Files (x86)\Raptr
2017-03-18 12:40 - 2017-03-18 12:40 - 00000000 ____D C:\Users\BReese76\AppData\Roaming\library_dir
2017-03-18 12:39 - 2017-03-18 12:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2017-03-18 12:39 - 2017-03-18 12:39 - 00000000 ____D C:\Program Files (x86)\AMD
2017-03-18 12:32 - 2017-03-18 12:35 - 00000000 ____D C:\Program Files\AMD
2017-03-18 12:30 - 2017-03-18 12:30 - 00000000 ____D C:\AMD
2017-03-18 12:25 - 2017-03-18 12:26 - 300814328 _____ (AMD Inc.) C:\Users\BReese76\Desktop\amd-catalyst-15.7.1-with-dotnet45-win7-64bit.exe
2017-03-17 11:41 - 2017-03-17 11:41 - 00000000 ____D C:\Users\BReese76\Desktop\Old Firefox Data
2017-03-17 11:39 - 2017-03-17 11:39 - 00598128 _____ C:\Users\BReese76\Desktop\bookmarks.html
2017-03-17 10:40 - 2017-03-17 10:40 - 00398408 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2017-03-16 10:59 - 2017-03-16 10:59 - 00000000 ____D C:\Users\BReese76\AppData\Local\{673B1662-A1DC-4CF2-8B82-49B59B68A283}
2017-03-15 22:02 - 2017-03-15 22:02 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-03-15 22:02 - 2017-03-15 22:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-03-14 23:31 - 2017-03-14 23:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-03-14 21:29 - 2017-03-04 10:24 - 00394448 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2017-03-14 21:29 - 2017-03-04 09:39 - 00346320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2017-03-14 21:29 - 2017-03-04 01:20 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2017-03-14 21:29 - 2017-03-04 01:20 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2017-03-14 21:29 - 2017-03-04 01:02 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2017-03-14 21:29 - 2017-03-04 01:01 - 00576512 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2017-03-14 21:29 - 2017-03-04 01:01 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2017-03-14 21:29 - 2017-03-04 01:01 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2017-03-14 21:29 - 2017-03-04 01:01 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2017-03-14 21:29 - 2017-03-04 00:59 - 02895360 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2017-03-14 21:29 - 2017-03-04 00:52 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2017-03-14 21:29 - 2017-03-04 00:51 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2017-03-14 21:29 - 2017-03-04 00:48 - 25746944 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2017-03-14 21:29 - 2017-03-04 00:46 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2017-03-14 21:29 - 2017-03-04 00:45 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2017-03-14 21:29 - 2017-03-04 00:45 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2017-03-14 21:29 - 2017-03-04 00:45 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2017-03-14 21:29 - 2017-03-04 00:44 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2017-03-14 21:29 - 2017-03-04 00:36 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2017-03-14 21:29 - 2017-03-04 00:32 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2017-03-14 21:29 - 2017-03-04 00:31 - 06045696 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2017-03-14 21:29 - 2017-03-04 00:23 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2017-03-14 21:29 - 2017-03-04 00:21 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2017-03-14 21:29 - 2017-03-04 00:16 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2017-03-14 21:29 - 2017-03-04 00:16 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2017-03-14 21:29 - 2017-03-04 00:13 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2017-03-14 21:29 - 2017-03-04 00:11 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2017-03-14 21:29 - 2017-03-03 23:57 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2017-03-14 21:29 - 2017-03-03 23:55 - 00725504 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2017-03-14 21:29 - 2017-03-03 23:54 - 00806912 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2017-03-14 21:29 - 2017-03-03 23:52 - 02131456 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2017-03-14 21:29 - 2017-03-03 23:52 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2017-03-14 21:29 - 2017-03-03 23:26 - 15259648 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2017-03-14 21:29 - 2017-03-03 23:25 - 03241984 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2017-03-14 21:29 - 2017-03-03 23:12 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2017-03-14 21:29 - 2017-03-03 23:02 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2017-03-14 21:29 - 2017-03-03 21:18 - 20281856 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2017-03-14 21:29 - 2017-03-02 11:16 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2017-03-14 21:29 - 2017-03-02 11:02 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2017-03-14 21:29 - 2017-03-02 11:01 - 00499200 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2017-03-14 21:29 - 2017-03-02 11:01 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2017-03-14 21:29 - 2017-03-02 11:01 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2017-03-14 21:29 - 2017-03-02 11:00 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2017-03-14 21:29 - 2017-03-02 10:55 - 02287104 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2017-03-14 21:29 - 2017-03-02 10:54 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2017-03-14 21:29 - 2017-03-02 10:53 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2017-03-14 21:29 - 2017-03-02 10:51 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2017-03-14 21:29 - 2017-03-02 10:50 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2017-03-14 21:29 - 2017-03-02 10:49 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2017-03-14 21:29 - 2017-03-02 10:49 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2017-03-14 21:29 - 2017-03-02 10:41 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2017-03-14 21:29 - 2017-03-02 10:36 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-03-14 21:29 - 2017-03-02 10:35 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2017-03-14 21:29 - 2017-03-02 10:32 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2017-03-14 21:29 - 2017-03-02 10:31 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2017-03-14 21:29 - 2017-03-02 10:29 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2017-03-14 21:29 - 2017-03-02 10:28 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2017-03-14 21:29 - 2017-03-02 10:22 - 04604416 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2017-03-14 21:29 - 2017-03-02 10:21 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2017-03-14 21:29 - 2017-03-02 10:19 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2017-03-14 21:29 - 2017-03-02 10:17 - 02055680 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2017-03-14 21:29 - 2017-03-02 10:17 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2017-03-14 21:29 - 2017-03-02 10:11 - 13654528 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2017-03-14 21:29 - 2017-03-02 09:53 - 02767360 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2017-03-14 21:29 - 2017-03-02 09:50 - 01312768 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2017-03-14 21:29 - 2017-03-02 09:50 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2017-03-14 21:29 - 2017-02-11 08:58 - 00462848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2017-03-14 21:29 - 2017-02-11 08:58 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2017-03-14 21:29 - 2017-02-11 08:58 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2017-03-14 21:29 - 2017-02-10 09:32 - 00803328 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2017-03-14 21:29 - 2017-02-10 09:32 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2017-03-14 21:29 - 2017-02-10 09:17 - 00628736 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2017-03-14 21:29 - 2017-02-10 09:17 - 00312832 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2017-03-14 21:29 - 2017-02-10 07:33 - 01251328 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2017-03-14 21:29 - 2017-02-09 09:36 - 00631176 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2017-03-14 21:29 - 2017-02-09 09:35 - 05548264 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2017-03-14 21:29 - 2017-02-09 09:35 - 00706792 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2017-03-14 21:29 - 2017-02-09 09:35 - 00154856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2017-03-14 21:29 - 2017-02-09 09:35 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2017-03-14 21:29 - 2017-02-09 09:33 - 01732864 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2017-03-14 21:29 - 2017-02-09 09:32 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2017-03-14 21:29 - 2017-02-09 09:32 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2017-03-14 21:29 - 2017-02-09 09:32 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2017-03-14 21:29 - 2017-02-09 09:32 - 00345600 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2017-03-14 21:29 - 2017-02-09 09:32 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2017-03-14 21:29 - 2017-02-09 09:32 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2017-03-14 21:29 - 2017-02-09 09:32 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2017-03-14 21:29 - 2017-02-09 09:32 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2017-03-14 21:29 - 2017-02-09 09:32 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2017-03-14 21:29 - 2017-02-09 09:32 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2017-03-14 21:29 - 2017-02-09 09:32 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2017-03-14 21:29 - 2017-02-09 09:32 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2017-03-14 21:29 - 2017-02-09 09:32 - 00040960 _____ (Microsoft Corporation) C:\windows\system32\WcsPlugInService.dll
2017-03-14 21:29 - 2017-02-09 09:32 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2017-03-14 21:29 - 2017-02-09 09:32 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2017-03-14 21:29 - 2017-02-09 09:32 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2017-03-14 21:29 - 2017-02-09 09:32 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00730624 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00625664 _____ (Microsoft Corporation) C:\windows\system32\mscms.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00250880 _____ (Microsoft Corporation) C:\windows\system32\icm32.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00123904 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:31 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:19 - 04000488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2017-03-14 21:29 - 2017-02-09 09:19 - 03945192 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2017-03-14 21:29 - 2017-02-09 09:16 - 01314112 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00481792 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscms.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00261120 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00215040 _____ (Microsoft Corporation) C:\windows\SysWOW64\icm32.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcrypt.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 09:03 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2017-03-14 21:29 - 2017-02-09 09:03 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2017-03-14 21:29 - 2017-02-09 09:03 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2017-03-14 21:29 - 2017-02-09 09:02 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2017-03-14 21:29 - 2017-02-09 09:00 - 03220480 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2017-03-14 21:29 - 2017-02-09 08:59 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2017-03-14 21:29 - 2017-02-09 08:58 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2017-03-14 21:29 - 2017-02-09 08:55 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2017-03-14 21:29 - 2017-02-09 08:55 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2017-03-14 21:29 - 2017-02-09 08:55 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2017-03-14 21:29 - 2017-02-09 08:54 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2017-03-14 21:29 - 2017-02-09 08:54 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2017-03-14 21:29 - 2017-02-09 08:53 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2017-03-14 21:29 - 2017-02-09 08:51 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\WcsPlugInService.dll
2017-03-14 21:29 - 2017-02-09 08:50 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2017-03-14 21:29 - 2017-02-09 08:50 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2017-03-14 21:29 - 2017-02-09 08:50 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2017-03-14 21:29 - 2017-02-09 08:50 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2017-03-14 21:29 - 2017-02-09 08:49 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2017-03-14 21:29 - 2017-02-09 08:49 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 08:49 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 08:49 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 08:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-03-14 21:29 - 2017-02-09 07:06 - 01648128 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2017-03-14 21:29 - 2017-02-09 07:06 - 01180160 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2017-03-14 21:29 - 2017-02-06 09:14 - 00733696 _____ (Microsoft Corporation) C:\windows\HelpPane.exe
2017-03-14 21:29 - 2017-01-13 11:00 - 00976896 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2017-03-14 21:29 - 2017-01-13 11:00 - 00084480 _____ (Microsoft Corporation) C:\windows\system32\INETRES.dll
2017-03-14 21:29 - 2017-01-13 10:45 - 00741888 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2017-03-14 21:29 - 2017-01-13 10:45 - 00084480 _____ (Microsoft Corporation) C:\windows\SysWOW64\INETRES.dll
2017-03-14 21:29 - 2017-01-11 11:01 - 01887744 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2017-03-14 21:29 - 2017-01-11 11:01 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2017-03-14 21:29 - 2017-01-11 10:43 - 01241088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2017-03-14 21:29 - 2017-01-11 10:43 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2017-03-14 21:29 - 2017-01-06 11:00 - 01574912 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2017-03-14 21:29 - 2017-01-06 10:44 - 01329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2017-03-14 21:27 - 2017-02-22 16:42 - 00084712 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2017-03-14 21:27 - 2017-02-22 16:37 - 01285632 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2017-03-14 21:27 - 2017-02-18 07:05 - 01609216 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2017-03-14 21:27 - 2017-02-18 07:05 - 00646656 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2017-03-14 21:27 - 2016-12-31 08:36 - 00556544 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2017-03-14 21:27 - 2016-12-31 08:36 - 00335360 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2017-03-14 21:27 - 2016-12-31 08:36 - 00293376 _____ (Microsoft Corporation) C:\windows\system32\centel.dll
2017-03-14 21:27 - 2016-12-31 08:36 - 00233984 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2017-03-14 21:27 - 2016-12-31 08:36 - 00133632 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2017-03-14 21:25 - 2017-03-14 21:25 - 00006995 _____ C:\Users\BReese76\Desktop\System Idle Process.txt
2017-03-14 21:22 - 2017-03-14 21:22 - 01920725 _____ C:\Users\BReese76\Desktop\ProcessExplorer.zip
2017-03-14 21:07 - 2017-03-14 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Complete
2017-03-14 21:07 - 2017-02-15 12:25 - 00027368 _____ (PDF Complete, Inc.) C:\windows\system32\pdfc_port.dll
2017-03-13 22:22 - 2017-03-13 22:22 - 00626056 _____ C:\Users\BReese76\Desktop\BREESE76-HP.txt
2017-03-13 22:21 - 2017-03-13 22:21 - 00000758 _____ C:\Users\Public\Desktop\Speccy.lnk
2017-03-13 22:21 - 2017-03-13 22:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2017-03-13 22:21 - 2017-03-13 22:21 - 00000000 ____D C:\Program Files\Speccy
2017-03-13 22:19 - 2017-03-13 22:19 - 06293184 _____ (Piriform Ltd) C:\Users\BReese76\Desktop\spsetup130.exe
2017-03-13 22:11 - 2017-03-13 22:11 - 00000000 ____D C:\Users\BReese76\AppData\Local\{D9432B52-964D-47A0-8E85-FB3C9BEDDC07}
2017-03-11 11:32 - 2017-03-11 11:32 - 00000990 _____ C:\Users\BReese76\Desktop\scan_170311-111901.txt
2017-03-11 11:17 - 2017-03-11 11:17 - 00000000 ____D C:\ProgramData\Emsisoft
2017-03-11 11:15 - 2017-03-11 11:33 - 00000000 ____D C:\EEK
2017-03-11 11:12 - 2017-03-11 11:14 - 281463608 _____ C:\Users\BReese76\Desktop\EmsisoftEmergencyKit.exe
2017-03-11 11:10 - 2017-03-11 11:12 - 65618060 _____ C:\Users\BReese76\Downloads\EmsisoftEmergencyKit.exe.part
2017-03-10 22:11 - 2017-03-10 22:15 - 00003525 _____ C:\Users\BReese76\Desktop\Fixlog.txt
2017-03-10 16:08 - 2017-03-22 21:13 - 00000000 ____D C:\Users\BReese76\Desktop\FRST-OlderVersion
2017-03-10 16:08 - 2017-03-10 16:08 - 00001100 _____ C:\Users\BReese76\Desktop\mbam.txt
2017-03-10 15:50 - 2017-03-22 21:16 - 00082208 _____ (Malwarebytes) C:\windows\system32\Drivers\mwac.sys
2017-03-10 15:50 - 2017-03-22 21:00 - 00186304 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMChameleon.sys
2017-03-10 15:50 - 2017-03-22 21:00 - 00111544 _____ (Malwarebytes) C:\windows\system32\Drivers\farflt.sys
2017-03-10 15:50 - 2017-03-22 21:00 - 00043968 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2017-03-10 15:49 - 2017-03-10 15:49 - 57131432 _____ (Malwarebytes ) C:\Users\BReese76\Desktop\mb3-setup-consumer-3.0.6.1469-1075.exe
2017-03-10 15:49 - 2017-03-10 15:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-10 15:49 - 2017-03-10 15:49 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-10 15:49 - 2017-02-24 06:23 - 00077408 _____ C:\windows\system32\Drivers\mbae64.sys
2017-03-10 15:15 - 2017-03-10 15:16 - 00002396 _____ C:\Users\BReese76\Desktop\JRT.txt
2017-03-10 15:11 - 2017-03-10 15:11 - 01663736 _____ (Malwarebytes) C:\Users\BReese76\Desktop\JRT.exe
2017-03-10 15:05 - 2017-03-10 15:05 - 00001626 _____ C:\Users\BReese76\Desktop\AdwCleaner[C0].txt
2017-03-10 14:32 - 2017-03-10 15:10 - 00000000 ____D C:\AdwCleaner
2017-03-10 14:30 - 2017-03-10 14:30 - 04031440 _____ C:\Users\BReese76\Desktop\adwcleaner_6.044.exe
2017-03-10 14:23 - 2017-03-17 22:38 - 03328303 _____ C:\Users\BReese76\Desktop\Finland.pptx
2017-03-09 20:42 - 2017-03-09 20:42 - 00000000 ____D C:\Users\BReese76\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-03-07 21:10 - 2017-03-07 21:10 - 00000000 ____D C:\Users\BReese76\AppData\Local\Tempzxpsigna5ef1c6ef2a63e2d
2017-03-07 21:10 - 2017-03-07 21:10 - 00000000 ____D C:\Users\BReese76\AppData\Local\Tempzxpsign2e116de4b21fd66f
2017-03-07 21:10 - 2017-03-07 21:10 - 00000000 ____D C:\Users\BReese76\AppData\Local\Tempzxpsign00df49e2e0f96212
2017-03-05 21:36 - 2017-03-10 16:14 - 00068451 _____ C:\Users\BReese76\Desktop\Addition.txt
2017-03-05 21:33 - 2017-03-22 21:24 - 00031833 _____ C:\Users\BReese76\Desktop\FRST.txt
2017-03-05 21:32 - 2017-03-22 21:13 - 00000000 ____D C:\FRST
2017-03-05 21:31 - 2017-03-22 21:13 - 02424832 _____ (Farbar) C:\Users\BReese76\Desktop\FRST64.exe
2017-03-04 14:35 - 2017-03-04 14:35 - 00000000 ____D C:\Users\BReese76\Desktop\East of West
2017-03-04 14:34 - 2017-03-04 14:34 - 00000000 ____D C:\Users\BReese76\Desktop\Sex Criminals
2017-03-04 14:34 - 2017-03-04 14:34 - 00000000 ____D C:\Users\BReese76\Desktop\Homer, E.V. Rieu , Peter Jones , D.C.H. Rieu (Translation revision) - The Odyssey (epub, mobi)
2017-03-01 21:12 - 2017-03-01 21:12 - 00000000 ____D C:\Users\BReese76\AppData\Local\Tempzxpsign6a39216e3cc3d9f8
2017-03-01 21:12 - 2017-03-01 21:12 - 00000000 ____D C:\Users\BReese76\AppData\Local\Tempzxpsign11e731236b9613b1
2017-03-01 21:11 - 2017-03-01 21:11 - 00000000 ____D C:\Users\BReese76\AppData\Local\Tempzxpsignce953d793a3ad88e
2017-03-01 21:11 - 2017-03-01 21:11 - 00000000 ____D C:\Users\BReese76\AppData\Local\Tempzxpsigna973bad09a370cea
2017-02-28 22:51 - 2017-02-28 22:51 - 00000000 ____D C:\Users\BReese76\AppData\Local\Tempzxpsign0a7aacf5dbc81ee9
2017-02-28 22:49 - 2017-02-28 22:49 - 00000000 ____D C:\Users\BReese76\AppData\Local\Tempzxpsign3c214f0511786d5d
2017-02-28 22:48 - 2017-02-28 22:48 - 00000000 ____D C:\Users\BReese76\AppData\Local\Tempzxpsign9e274fc9d43df732
2017-02-28 22:48 - 2017-02-28 22:48 - 00000000 ____D C:\Users\BReese76\AppData\Local\Tempzxpsign3cf1c861b3b8ea3d
2017-02-24 22:50 - 2017-02-24 22:50 - 00000000 ____D C:\Users\BReese76\AppData\Local\Tempzxpsign7285e58414891e3e
2017-02-24 22:50 - 2017-02-24 22:50 - 00000000 ____D C:\Users\BReese76\AppData\Local\Tempzxpsign5094aefe2f2054f0
2017-02-24 22:49 - 2017-02-24 22:49 - 00000000 ____D C:\Users\BReese76\AppData\Local\Tempzxpsign6c7fd61419fa1bf3
2017-02-24 22:49 - 2017-02-24 22:49 - 00000000 ____D C:\Users\BReese76\AppData\Local\Tempzxpsign4a460a14ef5420d6
2017-02-24 14:02 - 2017-02-24 14:02 - 00000000 ____D C:\Users\BReese76\AppData\Local\Tempzxpsignc681026e631b6f6d
2017-02-24 14:02 - 2017-02-24 14:02 - 00000000 ____D C:\Users\BReese76\AppData\Local\Tempzxpsign9604a43622648be6
2017-02-24 14:02 - 2017-02-24 14:02 - 00000000 ____D C:\Users\BReese76\AppData\Local\Tempzxpsign2a82700939732994
2017-02-24 14:02 - 2017-02-24 14:02 - 00000000 ____D C:\Users\BReese76\AppData\Local\Tempzxpsign201de7992df5a0d4
2017-02-23 22:58 - 2017-02-23 22:58 - 00000000 ____D C:\Users\BReese76\AppData\Local\Tempzxpsigna48feca0134059ec
2017-02-23 22:58 - 2017-02-23 22:58 - 00000000 ____D C:\Users\BReese76\AppData\Local\Tempzxpsign87ddd3e735f0234d
2017-02-23 22:57 - 2017-02-23 22:57 - 00000000 ____D C:\Users\BReese76\AppData\Local\Tempzxpsign462a248ef9291a56
2017-02-23 22:57 - 2017-02-23 22:57 - 00000000 ____D C:\Users\BReese76\AppData\Local\Tempzxpsign248b90a28dbb9229

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-22 21:24 - 2013-10-07 22:29 - 00000000 ____D C:\Program Files\Adobe
2017-03-22 21:24 - 2013-10-07 22:27 - 00000000 ____D C:\Program Files\Common Files\Adobe
2017-03-22 21:24 - 2012-12-13 15:42 - 00000000 ____D C:\Users\BReese76\AppData\Roaming\Adobe
2017-03-22 21:20 - 2012-12-14 21:02 - 00000000 ____D C:\ProgramData\Adobe
2017-03-22 21:11 - 2016-11-15 21:55 - 00000000 ____D C:\Users\BReese76\AppData\LocalLow\Mozilla
2017-03-22 21:10 - 2009-07-13 21:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-22 21:10 - 2009-07-13 21:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-22 21:08 - 2013-05-19 13:56 - 00000000 ___RD C:\Users\BReese76\Dropbox
2017-03-22 20:59 - 2014-08-31 23:11 - 00251840 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2017-03-22 20:59 - 2012-11-21 21:17 - 00000000 ____D C:\ProgramData\PDFC
2017-03-22 20:58 - 2009-07-13 22:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2017-03-21 22:37 - 2012-12-13 15:38 - 00003950 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{A740816E-472C-470B-BBCC-E6BEE266ED51}
2017-03-21 22:31 - 2015-06-12 13:06 - 00000930 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-239473584-822298280-3168733615-1001UA.job
2017-03-21 21:58 - 2017-01-12 13:53 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-03-21 21:55 - 2012-11-21 21:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-03-21 21:31 - 2017-01-05 10:02 - 00010520 _____ C:\Users\BReese76\Desktop\Bills.xlsx
2017-03-21 21:17 - 2012-12-13 15:48 - 00548928 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys
2017-03-20 22:09 - 2016-01-03 11:50 - 00000000 ____D C:\ProgramData\boost_interprocess
2017-03-20 21:07 - 2012-12-13 15:38 - 00000000 ____D C:\Users\BReese76\AppData\Local\PDFC
2017-03-20 19:55 - 2009-07-13 22:13 - 00783424 _____ C:\windows\system32\PerfStringBackup.INI
2017-03-20 19:55 - 2009-07-13 20:20 - 00000000 ____D C:\windows\inf
2017-03-19 23:00 - 2013-02-25 22:40 - 00000000 ____D C:\Users\BReese76\AppData\Local\Spotify
2017-03-19 22:22 - 2013-02-25 22:40 - 00000000 ____D C:\Users\BReese76\AppData\Roaming\Spotify
2017-03-19 22:17 - 2012-12-13 15:31 - 00000000 ____D C:\Users\BReese76
2017-03-19 21:19 - 2014-10-23 12:19 - 00003442 _____ C:\windows\System32\Tasks\RealDownloader Update Check
2017-03-19 21:17 - 2014-10-23 12:18 - 00000000 ____D C:\Users\BReese76\AppData\Roaming\Real
2017-03-19 21:16 - 2016-10-30 20:41 - 00000000 ____D C:\ProgramData\Package Cache
2017-03-19 21:16 - 2014-10-23 12:18 - 00000000 ____D C:\Program Files (x86)\RealNetworks
2017-03-19 21:16 - 2014-10-23 12:18 - 00000000 ____D C:\Program Files (x86)\Real
2017-03-19 21:16 - 2014-10-23 12:17 - 00000000 ____D C:\ProgramData\Real
2017-03-18 12:24 - 2016-09-08 22:52 - 00000000 ____D C:\Users\BReese76\AppData\Roaming\CoreFTP
2017-03-18 12:11 - 2009-07-13 20:20 - 00000000 ____D C:\windows\rescache
2017-03-18 10:38 - 2016-11-15 15:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-18 10:38 - 2012-12-13 20:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-17 22:08 - 2016-03-23 18:20 - 00003898 _____ C:\windows\System32\Tasks\SafeZone scheduled Autoupdate 1458782453
2017-03-17 21:52 - 2014-02-07 13:56 - 00000344 _____ C:\windows\Tasks\HPCeeScheduleForBReese76.job
2017-03-17 12:12 - 2014-02-07 13:56 - 00003204 _____ C:\windows\System32\Tasks\HPCeeScheduleForBReese76
2017-03-17 10:41 - 2017-02-08 22:30 - 00003914 _____ C:\windows\System32\Tasks\Avast Emergency Update
2017-03-17 10:41 - 2013-03-05 13:29 - 00337592 _____ (AVAST Software) C:\windows\system32\Drivers\aswvmm.sys
2017-03-17 10:40 - 2014-04-24 14:00 - 00038296 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
2017-03-17 10:40 - 2013-12-27 12:08 - 00162528 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2017-03-17 10:40 - 2013-03-05 13:29 - 00337592 _____ (AVAST Software) C:\windows\system32\Drivers\aswvmm.sys.148977247469206
2017-03-17 10:40 - 2013-03-05 13:29 - 00075704 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2017-03-17 10:40 - 2012-12-13 15:48 - 00547904 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys.148977247414604
2017-03-17 10:40 - 2012-12-13 15:48 - 00126600 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2017-03-17 10:40 - 2012-12-13 15:48 - 00100640 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2017-03-17 10:39 - 2017-02-08 22:30 - 00334600 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbloga.sys
2017-03-17 10:39 - 2017-02-08 22:30 - 00309272 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbidsdrivera.sys
2017-03-17 10:39 - 2017-02-08 22:30 - 00189768 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbidsha.sys
2017-03-17 10:39 - 2017-02-08 22:30 - 00048528 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbuniva.sys
2017-03-17 10:39 - 2016-03-23 18:20 - 00032088 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2017-03-17 10:39 - 2012-12-13 15:48 - 00993608 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2017-03-16 11:23 - 2016-08-09 22:21 - 00000000 ____D C:\Program Files (x86)\Bethesda.net Launcher
2017-03-16 11:07 - 2012-11-21 21:10 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2017-03-16 11:07 - 2012-11-21 21:06 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-03-16 11:07 - 2012-11-21 21:04 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2017-03-16 10:59 - 2012-12-23 10:22 - 00000000 ____D C:\Users\BReese76\Tracing
2017-03-16 10:56 - 2012-12-20 12:08 - 00000000 ____D C:\windows\pss
2017-03-15 22:02 - 2012-11-21 21:17 - 00000000 ____D C:\ProgramData\Skype
2017-03-15 21:39 - 2013-05-15 09:12 - 00004312 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2017-03-15 21:39 - 2012-11-21 21:15 - 00802904 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2017-03-15 21:39 - 2012-11-21 21:15 - 00144472 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-15 21:39 - 2012-11-21 21:15 - 00000000 ____D C:\windows\SysWOW64\Macromed
2017-03-15 21:39 - 2012-11-21 21:15 - 00000000 ____D C:\windows\system32\Macromed
2017-03-15 07:39 - 2009-07-13 21:45 - 05154528 _____ C:\windows\system32\FNTCACHE.DAT
2017-03-15 07:36 - 2014-12-09 22:45 - 00000000 ____D C:\windows\system32\appraiser
2017-03-15 07:36 - 2014-04-29 17:17 - 00000000 ___SD C:\windows\system32\CompatTel
2017-03-15 07:36 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files\DVD Maker
2017-03-14 23:37 - 2013-07-13 15:34 - 00000000 ____D C:\windows\system32\MRT
2017-03-14 23:33 - 2012-12-13 16:35 - 138634176 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2017-03-14 23:30 - 2012-12-21 12:54 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-03-14 23:30 - 2012-12-21 12:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-03-14 21:23 - 2017-02-02 12:39 - 01452200 _____ (Sysinternals - www.sysinternals.com) C:\Users\BReese76\Desktop\procexp64.exe
2017-03-14 21:07 - 2012-11-21 21:18 - 00000000 ____D C:\Program Files (x86)\PDF Complete
2017-03-14 12:27 - 2015-12-22 22:39 - 00001410 _____ C:\Users\BReese76\Desktop\bands to listen to.txt
2017-03-13 22:33 - 2016-12-01 21:28 - 00001340 _____ C:\Users\BReese76\Desktop\Nests.txt
2017-03-13 22:10 - 2014-11-20 23:32 - 00000000 ____D C:\Users\BReese76\AppData\Local\Windows Live
2017-03-10 15:49 - 2014-08-31 23:11 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-10 15:31 - 2015-06-12 13:06 - 00000878 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-239473584-822298280-3168733615-1001Core.job
2017-03-10 15:03 - 2009-07-13 22:08 - 00032528 _____ C:\windows\Tasks\SCHEDLGU.TXT
2017-03-09 20:43 - 2015-06-12 13:06 - 00000000 ____D C:\Users\BReese76\AppData\Local\Dropbox
2017-03-09 20:42 - 2013-05-19 13:54 - 00000000 ____D C:\Users\BReese76\AppData\Roaming\Dropbox
2017-03-01 00:05 - 2015-10-01 23:36 - 00000000 ____D C:\Users\BReese76\Downloads\Birthday
2017-02-24 23:50 - 2016-07-17 17:08 - 00000207 _____ C:\Users\BReese76\Desktop\Erin Owes Me.txt
2017-02-23 21:07 - 2017-01-13 13:14 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Files in the root of some directories =======

2016-09-16 12:46 - 2016-09-16 12:46 - 0000132 _____ () C:\Users\BReese76\AppData\Roaming\Adobe PNG Format CS6 Prefs
2016-10-30 21:07 - 2016-12-01 14:04 - 0000033 _____ () C:\Users\BReese76\AppData\Roaming\AdobeWLCMCache.dat
2013-11-10 21:16 - 2013-11-10 21:16 - 0002647 _____ () C:\Users\BReese76\AppData\Local\recently-used.xbel
2016-06-06 21:03 - 2016-06-06 21:03 - 0007597 _____ () C:\Users\BReese76\AppData\Local\Resmon.ResmonCfg
2012-12-21 23:09 - 2012-12-21 23:15 - 0000819 _____ () C:\ProgramData\hpzinstall.log

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-03-16 10:49

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by BReese76 (22-03-2017 21:29:40)
Running from C:\Users\BReese76\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-12-13 22:31:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-239473584-822298280-3168733615-500 - Administrator - Disabled)
BReese76 (S-1-5-21-239473584-822298280-3168733615-1001 - Administrator - Enabled) => C:\Users\BReese76
Guest (S-1-5-21-239473584-822298280-3168733615-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-239473584-822298280-3168733615-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 16.04 (HKLM-x32\...\{23170F69-40C1-2701-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov)
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version:  - )
ActivePerl 5.16.1 Build 1601 (HKLM-x32\...\{9441AF70-8CCC-41EE-B2C1-398F5FE7E387}) (Version: 5.16.1601 - ActiveState)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 25.0.0.134 - Adobe Systems Incorporated)
Adobe Animate CC 2017 (HKLM-x32\...\FLPR_16_1) (Version: 16.1 - Adobe Systems Incorporated)
Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Bridge CC 2017 (HKLM-x32\...\KBRG_7_0) (Version: 7.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.1.335 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.9 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2015 (HKLM-x32\...\{EE2A0AA8-0386-11E5-8603-BC82F5DB1A71}) (Version: 16.0.0 - Adobe Systems Incorporated)
Adobe Flash Player 25 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_0_0) (Version: 21.0.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0_1) (Version: 18.0.1 - Adobe Systems Incorporated)
Adobe Photoshop Elements 13 (HKLM-x32\...\{609818B9-23EB-4196-B466-EFE05E92A32F}) (Version: 13.0 - Adobe Systems Incorporated)
Amazon MP3 Downloader 1.0.17 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)
Amazon Music Importer (HKLM-x32\...\com.amazon.music.uploader) (Version: 3.0.0 - Amazon Services LLC)
Amazon Music Importer (x32 Version: 3.0.0 - Amazon Services LLC) Hidden
AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.2.2288 - AVAST Software)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.0 - Bethesda Softworks)
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bubble Wrap (HKLM-x32\...\{5BFFDDEB-AFD7-499F-BB13-7A6EAD927CDA}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
calibre (HKLM-x32\...\{1F1FE718-ACE3-4D26-A9F0-7F443B3526F1}) (Version: 2.77.0 - Kovid Goyal)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM-x32\...\MyCamera Download Plugin) (Version: 3.1.1.2 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.9.0.9 - Canon Inc.)
Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.8.0.7 - Canon Inc.)
Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.6.0.1 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.7.0.4 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.10 (HKLM-x32\...\DPP) (Version: 3.10.2.0 - Canon Inc.)
Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.0.204 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.10.2.0 - Canon Inc.)
Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX (HKLM-x32\...\EOS Video Snapshot Task) (Version: 1.0.0.10 - Canon Inc.)
Canon Utilities Movie Uploader for YouTube (HKLM-x32\...\MovieUploaderForYouTube) (Version: 1.2.0.7 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.9.0.0 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.7.0.24 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.5.0.9 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Core FTP LE (x64) (HKLM-x32\...\CoreFTP(x64)) (Version:  - )
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DeepSkyStacker (HKLM-x32\...\{18435829-4E75-4CD1-9796-A62DBBAE2ED7}) (Version: 3.2.0 -  )
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dropbox (HKU\S-1-5-21-239473584-822298280-3168733615-1001\...\Dropbox) (Version: 21.4.25 - Dropbox, Inc.)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Escape the Emerald Star (x32 Version: 2.2.0.98 - WildTangent) Hidden
Facebook (HKLM-x32\...\{8AE50893-3A87-4439-9A57-942ED43F7189}) (Version: 1.1.0004 - Hewlett-Packard)
Fallout Shelter (HKLM-x32\...\Fallout Shelter) (Version:  - Bethesda Softworks)
Fantasy Hockey League (HKLM-x32\...\ST5UNST #1) (Version:  - )
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (x32 Version: 2.2.0.97 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fitbit Connect (HKLM-x32\...\{9EC69368-C1C7-48BA-AD93-01EFC142DDF9}) (Version: 2.0.0.6630 - Fitbit Inc.)
FITS Liberator 3.0.1 (HKLM-x32\...\FITS Liberator) (Version: 3.0.1 - ESO/ESA/NASA)
Golden Trails 2: The Lost Legacy Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP Application Assistant (HKLM\...\{0CE7EBAF-157D-4111-9146-057CB2A4023E}) (Version: 1.1.466.3970 - Hewlett-Packard)
HP Calendar (HKLM-x32\...\{2B38E0FA-D8A5-4EBF-A018-E3C1C8E7A2E2}) (Version: 5.1.4245.23508 - Hewlett-Packard)
HP Clock (HKLM-x32\...\{750E9D0F-B188-4A7E-ADD2-84B7ED7D32F6}) (Version: 5.1.4281.27332 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Magic Canvas (HKLM-x32\...\{DDFDC9D6-4220-41F8-BF9A-8E7512C4EF52}) (Version: 5.1.15.0 - Hewlett-Packard)
HP Magic Canvas Tutorials (HKLM-x32\...\{858FCB65-7C6D-4BA4-AD80-A3CB3744CE09}_is1) (Version: 6.0.0.0 - Hewlett-Packard)
HP Notes (HKLM-x32\...\{86BAB08A-5E66-4C53-82E3-C1E91673C7CA}) (Version: 5.1.4274.30382 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photosmart D110 All-In-One Driver 14.0 Rel. 7 (HKLM\...\{14BC6853-A74E-4874-B50D-679889D1544D}) (Version: 14.0 - HP)
HP RSS (HKLM-x32\...\{452479C5-0118-48E9-AA69-0A7339F95FC8}) (Version: 5.1.4289.23799 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15430.4033 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.3.50.9 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 11.00.0001 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.5.32.203 - Hewlett-Packard Company)
HP TouchSmart Background - Beats (HKLM-x32\...\{6A6F8D36-04BA-41E9-9004-1789BD545874}) (Version: 1.0.1.0 - Hewlett-Packard)
HP TouchSmart RecipeBox (HKLM-x32\...\{20714B53-FC73-4F9C-9687-49EB237D6FD7}) (Version: 3.0.3830.27730 - Hewlett-Packard)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HP Weather (HKLM-x32\...\{776CC95E-8160-401B-AC79-164822AA8306}) (Version: 5.1.4245.22595 - Hewlett-Packard)
inSSIDer 3 (HKLM-x32\...\{A80CEA4E-74C1-4F9F-806B-E1D9AFC01768}) (Version: 3.0.7.48 - MetaGeek, LLC)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4507 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.4507 - CyberLink Corp.) Hidden
LeapFTP 3.0 (HKLM-x32\...\LeapFTP 3.0_is1) (Version: 3.1.0.50 - LeapWare)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Luxor HD (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Metric Converter (HKLM-x32\...\{D0661463-50F7-4A1E-83CB-37CC590589AE}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.7870.2024 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50905.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mortimer Beckett and the Crimson Thief Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mozilla Firefox 52.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 52.0.1 (x86 en-US)) (Version: 52.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.1.6284 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Farm Life 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Network64 (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
Noiseware Community Edition (HKLM-x32\...\{CB3B7C24-30A1-4961-8039-94919F5ED2EE}) (Version: 2.6.0.1 - Imagenomic)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.3.3 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
PDF Complete Corporate Edition (HKLM-x32\...\PDF Complete) (Version: 4.2.11 - PDF Complete, Inc)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.20.1-r121449-release - Plays.tv, LLC)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.6305 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.6305 - CyberLink Corp.) Hidden
PS_AIO_07_D110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
Ralink 802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 3.2.12.0 - Ralink)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.8-r120085-release - Raptr, Inc)
RealDownloader (x32 Version: 18.1.7.343 - RealNetworks) Hidden
RealDownloader (x32 Version: 18.1.7.343 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (RealTimes) (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.7 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recovery Manager (x32 Version: 5.5.0.5119 - CyberLink Corp.) Hidden
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
RogueKiller version 11 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 11 - Adlice Software)
SafeZone Stable 3.55.2393.590 (x32 Version: 3.55.2393.590 - Avast Software) Hidden
Scan (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Should I Remove It (HKU\S-1-5-21-239473584-822298280-3168733615-1001\...\Should I Remove It 1.0.4) (Version: 1.0.4 - Reason Software Company Inc.)
Should I Remove It (x32 Version: 1.0.4 - Reason Software Company Inc.) Hidden
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
Spot (HKLM-x32\...\{3D171340-B528-42E0-92E4-BDA7AEEF6F32}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
Spotify (HKU\S-1-5-21-239473584-822298280-3168733615-1001\...\Spotify) (Version: 1.0.50.41368.gbd68dbef - Spotify AB)
Stellarium 0.12.1 (HKLM\...\Stellarium_is1) (Version: 0.12.1 - Stellarium team)
Tales of Lagoona (x32 Version: 2.2.0.98 - WildTangent) Hidden
Tap Tap Bear (HKLM-x32\...\{A393CDFF-BEB8-48EA-990D-2EB35B311D23}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
TI USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{355FBD67-5A4F-44DA-86A1-56EEC4C20EC0}) (Version: 1.12.18.0 - Texas Instruments Inc.)
TI USB3 Host Driver (x32 Version: 1.12.18.0 - Texas Instruments Inc.) Hidden
Toolbox (x32 Version: 140.0.424.000 - Hewlett-Packard) Hidden
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
TSHostedAppLauncher (x32 Version: 5.1.15.0 - Hewlett-Packard) Hidden
Unchecky v1.0.2 (HKLM-x32\...\Unchecky) (Version: 1.0.2 - RaMMicHaeL)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
vc2012_redist (x32 Version: 1.0.0.0 - Realnetworks) Hidden
Video Downloader (x32 Version: 18.1.7 - RealNetworks) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
vs2015_redist x86 (x32 Version: 1.0.0.0 - Realnetworks) Hidden
WildTangent Games App (HP Games) (x32 Version: 4.0.10.5 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Youda Fisherman (x32 Version: 2.2.0.98 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-239473584-822298280-3168733615-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\BReese76\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-239473584-822298280-3168733615-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-239473584-822298280-3168733615-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\BReese76\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-239473584-822298280-3168733615-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BReese76\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-239473584-822298280-3168733615-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BReese76\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-239473584-822298280-3168733615-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BReese76\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-239473584-822298280-3168733615-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BReese76\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-239473584-822298280-3168733615-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BReese76\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-239473584-822298280-3168733615-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BReese76\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-239473584-822298280-3168733615-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BReese76\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-239473584-822298280-3168733615-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BReese76\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-239473584-822298280-3168733615-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BReese76\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-239473584-822298280-3168733615-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BReese76\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-239473584-822298280-3168733615-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\BReese76\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {000A66B4-C5A7-40C0-ABE1-08F62EE40AAA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {0406DBBA-40CE-4240-AD94-F886564B8268} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {0ADF8F2A-251F-496A-8F06-1422BFE0EBA0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-03-08] (Microsoft Corporation)
Task: {0BA293D4-F286-405D-9528-31DE9FBE2D7F} - System32\Tasks\{BD2F09FE-1C3C-4F9E-A784-8CEBADF2026B} => C:\FHL\FHL.exe
Task: {1E00BF53-E352-4DA4-B795-01FED872799B} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {208CF033-9271-4CC3-8BFF-B522E1187478} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {2C4E2AFC-80B7-46C7-B26D-5180FE33866A} - System32\Tasks\{8B25D408-4E28-43DA-94EF-35438DECEE3C} => C:\FHL\FHL.exe
Task: {2E03BF41-6C59-45DE-B37D-88BDFDC32797} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {30803A54-CB8F-47C6-BFB5-F8C0125E6156} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-03-17] (AVAST Software)
Task: {32B0AA4F-52BC-42AE-B6D7-BFBF6E75664C} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)
Task: {33076945-963E-4EC4-A13C-EB638BBC2955} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-15] (Adobe Systems Incorporated)
Task: {35BC159C-ED13-4B67-8077-239CF04152FE} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-03-08] (Microsoft Corporation)
Task: {3A7660D4-5184-4B98-8E6F-7FC5D3681F40} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-239473584-822298280-3168733615-1001 => C:\program files (x86)\real\realplayer\RealDownloader\RealUpgrade.exe [2017-03-14] (RealNetworks, Inc.)
Task: {4016CEA2-4A96-4197-84E2-B6CC049C3966} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-03-05] (Microsoft Corporation)
Task: {46A5A90B-A669-442B-8B6B-FF40C235C02E} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {47BCBAF8-EDF6-4720-AA30-A26592B1263C} - System32\Tasks\{D14CF766-1BD2-47AE-8D73-433264AE42A0} => C:\FHL\FHL.exe
Task: {5029C1CA-5BCE-4679-A841-B76E8DFF3FC8} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {5413864E-39F1-4188-87F0-3DCCA3C3468F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {57750B2C-E7B4-4E67-B965-1A7C21CE2304} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-03-08] (Microsoft Corporation)
Task: {6D1A6026-BC31-47D6-A7D9-500ABA4418B8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {75C8E018-FAF0-4181-980B-8D0C5400D07E} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-239473584-822298280-3168733615-1001UA => C:\Users\BReese76\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {78E8953C-1A35-4DDC-B8D7-0C722EE7D206} - System32\Tasks\{9A14A599-D6A5-4299-B950-4D2D42C1F21D} => C:\FHL\FHL.exe
Task: {79FBD397-7388-485E-82FD-88AC6D41044E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-02-08] (HP Inc.)
Task: {804ED0C8-DAED-4907-AE08-75451D38BC97} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {842D53A5-84E8-4CBF-A881-A86BC997E692} - System32\Tasks\HPCeeScheduleForBReese76 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {848BECA2-ACC0-4D4E-874D-04F17BDE60AC} - System32\Tasks\RealDownloader Update Check => C:\program files (x86)\real\realplayer\RealDownloader\downloader2.exe [2017-03-14] ()
Task: {9420A5AA-43B0-436C-844D-D60495D91273} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {9CB1120C-48FE-45A1-839E-D793E9AED94B} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {BAD5407C-EF68-4424-9623-ECDD618259FE} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-239473584-822298280-3168733615-1001Core => C:\Users\BReese76\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {BC0B38A5-D4D5-46F8-AFBD-29638758B612} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {C2180D8E-0C63-4F7B-845C-244CE76A002D} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-03-05] (Microsoft Corporation)
Task: {C565CFE2-E149-4C20-B147-9C5ED37C90ED} - System32\Tasks\SafeZone scheduled Autoupdate 1458782453 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-03-03] (Avast Software)
Task: {E5937814-01F5-4765-A731-3DD78EE5817F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.)
Task: {E80EF42B-9B23-4E55-812F-D46A4C437637} - System32\Tasks\{26E3AFF3-8AA0-4B3F-AA20-44E7D417C089} => C:\FHL\FHL.exe
Task: {E870D75C-F851-459E-B3F8-6BB7B63CDA68} - System32\Tasks\Java Check => “C:\Program
Task: {E9348A4E-9932-4F16-A079-233DC63FBF06} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {F52BDA37-8830-496B-AC8D-FE65D87B2AB4} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-239473584-822298280-3168733615-1001 => C:\program files (x86)\real\realplayer\RealDownloader\RealUpgrade.exe [2017-03-14] (RealNetworks, Inc.)
Task: {FD319211-8999-4D2C-9369-886A2EDA5CEE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-03-02] (HP Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-239473584-822298280-3168733615-1001Core.job => C:\Users\BReese76\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-239473584-822298280-3168733615-1001UA.job => C:\Users\BReese76\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForBReese76.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-02-20 22:09 - 2013-06-17 16:40 - 00035944 _____ () C:\windows\system32\ddmon4-64x.dll
2017-03-14 20:44 - 2017-03-14 20:44 - 00035104 _____ () C:\program files (x86)\real\realplayer\UpdateService\RealPlayerUpdateSvc.exe
2017-03-10 15:49 - 2017-02-24 06:23 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-03-10 15:49 - 2017-02-24 06:23 - 02264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-03-17 10:39 - 2017-03-17 10:39 - 00162600 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll
2017-03-17 10:40 - 2017-03-17 10:40 - 00792656 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll
2016-10-25 09:57 - 2016-10-25 09:57 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2017-01-12 13:57 - 2017-02-25 01:59 - 08921648 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2017-02-12 15:31 - 2017-02-12 15:31 - 00230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2017-03-14 19:56 - 2017-03-14 19:56 - 00738032 _____ () C:\Program Files (x86)\Real\RealPlayer\RealDownloader\downloader2.exe
2016-10-25 09:57 - 2016-10-25 09:57 - 31723696 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2017-03-17 10:39 - 2017-03-17 10:39 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-03-22 21:00 - 2017-03-22 21:00 - 05991696 _____ () C:\Program Files\AVAST Software\Avast\defs\17032205\algo.dll
2017-03-17 10:40 - 2017-03-17 10:40 - 00655056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-03-15 15:59 - 2017-03-15 15:59 - 00033280 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\cx_Logging.cp35-win32.pyd
2017-03-15 15:59 - 2017-03-15 15:59 - 00103424 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2017-03-15 15:59 - 2017-03-15 15:59 - 00111616 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes35.dll
2017-03-15 15:59 - 2017-03-15 15:59 - 00041984 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2017-03-15 15:59 - 2017-03-15 15:59 - 00405504 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom35.dll
2017-03-15 15:59 - 2017-03-15 15:59 - 00173568 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2017-03-15 15:59 - 2017-03-15 15:59 - 01934336 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2017-03-15 15:59 - 2017-03-15 15:59 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2017-03-15 15:59 - 2017-03-15 15:59 - 01780736 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2017-03-15 15:59 - 2017-03-15 15:59 - 00505856 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2017-03-15 15:59 - 2017-03-15 15:59 - 03812864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2017-03-14 20:44 - 2017-03-14 20:44 - 00040248 _____ () C:\program files (x86)\real\realplayer\UpdateService\DL2UpdatePlugin.dll
2017-03-14 20:44 - 2017-03-14 20:44 - 00042296 _____ () C:\program files (x86)\real\realplayer\UpdateService\RealDownloaderUpdatePlugin.dll
2017-03-14 20:43 - 2017-03-14 20:43 - 00039752 _____ () C:\program files (x86)\real\realplayer\UpdateService\VideoDLUpdatePlugin.dll
2014-12-11 17:40 - 2014-12-11 17:40 - 40622592 ____R () C:\Program Files (x86)\Fitbit Connect\libcef.dll
2017-03-09 20:42 - 2017-03-06 13:59 - 00807232 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\dropbox_watchdog.dll
2016-08-19 13:18 - 2017-02-08 19:19 - 00035792 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-08-19 13:18 - 2017-02-08 19:19 - 00100296 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-02-10 18:28 - 2017-02-08 19:19 - 00018888 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\select.pyd
2016-02-10 18:28 - 2017-03-06 14:01 - 00019776 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-02-10 18:28 - 2017-02-08 19:19 - 00694224 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2017-03-09 20:42 - 2017-03-06 14:01 - 00020824 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-08-19 13:18 - 2017-02-08 19:20 - 00123856 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2017-03-09 20:42 - 2017-03-06 14:01 - 01682768 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2017-03-09 20:42 - 2017-03-06 14:01 - 00020816 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2017-03-09 20:42 - 2017-02-08 19:19 - 00145864 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2017-03-09 20:42 - 2017-02-08 19:20 - 00019408 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2017-03-09 20:42 - 2017-02-08 19:19 - 00116688 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-02-10 18:28 - 2017-02-08 19:22 - 00105928 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-08-19 13:18 - 2017-03-06 14:01 - 00022864 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2017-03-09 20:42 - 2017-03-06 14:01 - 00038712 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\fastpath.pyd
2017-03-09 20:42 - 2017-03-06 14:01 - 00060736 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-02-10 18:28 - 2017-02-08 19:22 - 00024528 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-02-10 18:28 - 2017-02-08 19:22 - 00175560 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\win32gui.pyd
2017-03-09 20:42 - 2017-02-08 19:19 - 00392144 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2017-03-09 20:42 - 2017-02-08 19:22 - 00020936 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-02-10 18:28 - 2017-02-08 19:22 - 00116176 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-02-10 18:28 - 2017-03-06 14:01 - 00381760 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-02-10 18:28 - 2017-02-08 19:22 - 00124880 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-08-19 13:18 - 2017-03-06 14:01 - 00026456 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-02-10 18:28 - 2017-02-08 19:22 - 00024016 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-02-10 18:28 - 2017-02-08 19:22 - 00030160 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-02-10 18:28 - 2017-02-08 19:22 - 00043472 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-02-10 18:28 - 2017-02-08 19:22 - 00048592 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-02-10 18:28 - 2017-02-08 19:22 - 00057808 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-02-10 18:28 - 2017-02-08 19:22 - 00024016 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\win32profile.pyd
2017-03-09 20:42 - 2017-03-06 14:01 - 00246608 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2017-03-09 20:42 - 2017-03-06 14:01 - 00027488 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-08-19 13:18 - 2017-02-08 19:21 - 00241104 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\_jpegtran.pyd
2017-03-09 20:42 - 2017-03-06 14:01 - 00022336 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-08-19 13:18 - 2017-03-06 14:01 - 00025432 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-02-10 18:28 - 2017-02-08 19:22 - 00028616 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\win32ts.pyd
2017-03-09 20:42 - 2017-03-06 14:01 - 01826104 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-02-10 18:28 - 2017-02-08 19:20 - 00083912 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\sip.pyd
2017-03-09 20:42 - 2017-03-06 14:01 - 01972536 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2017-03-09 20:42 - 2017-03-06 14:01 - 03928896 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2017-03-09 20:42 - 2017-03-06 14:01 - 00531264 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2017-02-27 21:33 - 2017-03-06 14:01 - 00053072 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\winrpcserver.compiled._RPCServer.pyd
2017-03-09 20:42 - 2017-03-06 14:01 - 00133432 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2017-03-09 20:42 - 2017-03-06 14:01 - 00224064 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2017-03-09 20:42 - 2017-03-06 14:01 - 00207680 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2017-01-23 22:09 - 2017-03-06 14:01 - 00022864 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\winffi.user32.compiled._winffi_user32.pyd
2017-01-23 22:09 - 2017-03-06 14:01 - 00022872 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-01-23 22:09 - 2017-03-06 14:01 - 00021848 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\winffi.winerror.compiled._winffi_winerror.pyd
2017-01-23 22:09 - 2017-03-06 14:01 - 00022872 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\winffi.wininet.compiled._winffi_wininet.pyd
2016-08-19 13:18 - 2017-02-08 19:22 - 00350152 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-08-19 13:18 - 2017-03-06 14:01 - 00023896 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2017-03-09 20:42 - 2017-03-06 14:01 - 00025936 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2017-03-09 20:42 - 2017-02-08 19:17 - 00036296 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\librsync.dll
2017-03-09 20:42 - 2017-03-06 14:01 - 00084288 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2017-03-09 20:42 - 2017-02-08 19:27 - 00017864 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\libEGL.dll
2017-03-09 20:42 - 2017-02-08 19:27 - 01631184 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2017-03-09 20:42 - 2017-03-06 14:01 - 00042816 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2017-03-09 20:42 - 2017-03-06 14:01 - 00171336 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2017-03-09 20:42 - 2017-03-06 14:01 - 00357688 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-02-10 18:28 - 2017-02-08 19:22 - 00060880 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-08-19 13:18 - 2017-03-06 14:01 - 00026456 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-03-09 20:42 - 2017-03-06 14:01 - 00546104 _____ () C:\Users\BReese76\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-06-29 22:04 - 2016-06-29 22:04 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-03-17 10:39 - 2017-03-17 10:39 - 00290352 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2016-10-25 10:51 - 2016-10-25 10:51 - 40523456 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2016-10-12 01:08 - 2016-10-12 01:08 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-10-12 01:08 - 2016-10-12 01:08 - 00223232 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-10-12 01:08 - 2016-10-12 01:08 - 00117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2016-10-12 01:08 - 2016-10-12 01:08 - 00124928 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-10-25 10:49 - 2016-10-25 10:49 - 00109760 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin7.dll
2016-10-12 01:08 - 2016-10-12 01:08 - 00166400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2016-10-10 23:15 - 2016-10-10 23:15 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-10-10 23:15 - 2016-10-10 23:15 - 00117760 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node
2016-10-10 23:15 - 2016-10-10 23:15 - 00125440 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-10-10 23:17 - 2016-10-10 23:17 - 00223232 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-10-25 10:41 - 2016-10-25 10:41 - 00109760 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin7.dll
2016-10-10 23:14 - 2016-10-10 23:14 - 00121856 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\bufferutil\build\Release\bufferutil.node
2016-10-10 23:14 - 2016-10-10 23:14 - 00166400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Adobe Photoshop CS6 13.0 Final  Multilanguage (patch-PainteR) [ChingLiu]:com.dropbox.attributes [168]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2017-03-22 20:59 - 00001235 ____A C:\windows\system32\Drivers\etc\hosts

0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com

There are 4 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-239473584-822298280-3168733615-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\BReese76\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Dropbox Update => "C:\Users\BReese76\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: HP Software Update => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: HPSYSDRV => C:\Program Files (x86)\Hewlett-Packard\HP Odometer\HPSYSDRV.EXE
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: Malwarebytes TrayApp => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: OneDrive => "C:\Users\BReese76\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: PlaysTV => "C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe" --startup
MSCONFIG\startupreg: PointsPanel => C:\Program Files\PointsPanel\UsageMonitor.UI.App.exe /StartMinimized
MSCONFIG\startupreg: PointsPanelHealthcheck => C:\Program Files\PointsPanel\UsageMonitor.HealthCheck.exe
MSCONFIG\startupreg: Raptr => "C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe" --startup
MSCONFIG\startupreg: RealDownloader => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
MSCONFIG\startupreg: Spotify => "C:\Users\BReese76\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\BReese76\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{D86A00B7-D787-4FCF-99DE-7828BCCCAAB4}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{9207830A-E076-48DE-923C-0ED795B6911A}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{0351AACC-82F6-431C-833C-B0F6AE936B88}] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{0E08BD01-86AA-40C4-BB2E-CCDBC0329DF4}] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{095F3AF2-74A2-4702-8814-383084FFEAAC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5BF64805-C0E7-4D45-B92D-444F9F19CE0C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{90F94230-F5F8-4433-B01C-E2F733161CD9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{406EDAFD-BDB5-45CB-85EA-9E5A623398D9}C:\users\breese76\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\breese76\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{A10894CE-0E9F-4B8C-B334-5219B7792227}C:\users\breese76\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\breese76\appdata\roaming\spotify\spotify.exe
FirewallRules: [{0AE574CF-CB8F-45DA-B1E0-C510D13BDE60}] => (Block) C:\users\breese76\appdata\roaming\spotify\spotify.exe
FirewallRules: [{4626A069-0430-4CB6-B649-D014987AC2E3}] => (Block) C:\users\breese76\appdata\roaming\spotify\spotify.exe
FirewallRules: [{10E8E9B5-9911-40A5-BEA5-38CAA56F9C13}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.561_0\SZBrowser.exe
FirewallRules: [{8AFC252E-D87F-40A1-BDC8-823D52E1445A}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.590_0\SZBrowser.exe
FirewallRules: [{81B7D1FB-13D4-4C34-8636-CAB2FB99C130}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{4878E0EA-44E9-491B-ABC7-A68331422EA0}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{32D52DA7-7038-4FEA-A40B-7F192CCA5A9A}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{052782F2-2F56-48A6-894D-B0AAF7C85305}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{397F67DA-7FA0-48F4-91E1-A9D6E2FF016C}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{8499C925-E03E-4489-AC50-4C3A46D0F887}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{D7AE063B-700E-45C0-B0E7-700026F79D40}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{894F0BF2-6125-4A48-AF23-A36755E1683A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{FB8F4E8E-67DA-421B-AEB5-C0A32CD85F08}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{428AA943-3566-460C-9E26-9985482FCCC4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{40DDC61A-3ADA-4E13-B05F-40BC8D433297}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{EF3476F2-26EC-4E5B-AD7E-21CDF97D8242}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\LeapFTP 3.0\LeapFTP.exe] => Enabled:LeapFTP 3.0

==================== Restore Points =========================

14-03-2017 23:29:18 Windows Update
15-03-2017 21:57:40 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
15-03-2017 21:59:03 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918
16-03-2017 11:05:29 Removed HP LinkUp.

==================== Faulty Device Manager Devices =============

Name: Photosmart D110 series
Description: Photosmart D110 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Photosmart D110 series
Description: Photosmart D110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/22/2017 09:31:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service BREESE76-HP._rp-media._tcp.local. port 15048.

Error: (03/22/2017 09:30:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service BREESE76-HP._rp-media._tcp.local. port 15048.

Error: (03/22/2017 09:29:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service BREESE76-HP._rp-media._tcp.local. port 15048.

Error: (03/22/2017 09:28:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service BREESE76-HP._rp-media._tcp.local. port 15048.

Error: (03/22/2017 09:28:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service BREESE76-HP._rp-media._tcp.local. port 15048.

Error: (03/22/2017 09:27:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service BREESE76-HP._rp-media._tcp.local. port 15048.

Error: (03/22/2017 09:26:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service BREESE76-HP._rp-media._tcp.local. port 15048.

Error: (03/22/2017 09:25:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service BREESE76-HP._rp-media._tcp.local. port 15048.

Error: (03/22/2017 09:24:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service BREESE76-HP._rp-media._tcp.local. port 15048.

Error: (03/22/2017 09:23:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service BREESE76-HP._rp-media._tcp.local. port 15048.


System errors:
=============
Error: (03/22/2017 09:31:55 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 and APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (03/22/2017 09:21:55 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 and APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (03/22/2017 09:11:55 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 and APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (03/22/2017 09:07:54 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Listener service depends on the Server service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (03/22/2017 09:07:54 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Listener service depends on the Server service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (03/22/2017 09:07:45 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070422'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

Error: (03/22/2017 09:07:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Listener service depends on the Server service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (03/22/2017 09:01:55 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 and APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (03/22/2017 09:01:51 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070422'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

Error: (03/22/2017 08:59:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Ralink UPnP Media Server service to connect.


CodeIntegrity:
===================================
  Date: 2016-08-14 12:05:37.398
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-08-14 12:05:37.117
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-08-13 21:57:08.212
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-08-13 21:57:08.103
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-08-13 07:26:34.351
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-08-13 07:26:34.180
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-08-12 11:18:58.852
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-08-12 11:18:58.618
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-08-11 22:01:42.088
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-08-11 22:01:41.916
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™ i5-2400 CPU @ 3.10GHz
Percentage of memory in use: 60%
Total physical RAM: 6100.01 MB
Available physical RAM: 2382.4 MB
Total Virtual: 12198.21 MB
Available Virtual: 8280.29 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:914.65 GB) (Free:555.61 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:16.64 GB) (Free:2.07 GB) NTFS
Drive g: () (Removable) (Total:0.48 GB) (Free:0.08 GB) FAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 4C3DA384)

Partition: GPT.

========================================================
Disk: 2 (Size: 488.7 MB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================


  • 0

#38
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,594 posts
Hi BrianR1976

Your logs look clean - nothing to be concerned about. :)

Just a couple of advisories

CCleaner - Please be careful in using this tool and ensure you only use the cleaning function and not the registry cleaner part - I don't recommend the use of registry cleaners -they tend not to give any improved performance and can potentially break the registry.

MSConfig - The MSConfig utility is designed for troubleshooting and I would not recommend using this for preventing applications running at start up.

I advise you consider this application to use instead, it will also provide a extra layer of system protection via its monitoring activities.

WinPatrol:

Download it from here .

You can find information about how WinPatrol works here .

Multiple AV

Malwarebytes version 3 (free edition) now gives a 14 day trial of the full pro version which includes full AV protection. You already have AVAST installed and I would normally recommend removal so only one AV is installed and running on the system. However after the 14 day trial the malwarebytes version will revert back to the on demand scanner. You can temporarily turn this off by -
  • right click on the Malwarebytes icon in the sytem tray
  • Uncheck Enable Protection and click yes to confirm.
  • Right click on the icon again and uncheck Start with windows.


    The Bonjour application has reported errors in your log on 3/22/17. If these persist you may want to uninstall and then reinstall this application.

    There are some system errors reported as below

    Error: (03/22/2017 09:31:55 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
    {C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
    and APPID
    {344ED43D-D086-4961-86A6-1106F4ACAD9B}
    to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.


    Whilst these errors are not causing any real concern you may be able to fix these. See this article here and scroll down to the answer.


    Once you have reviewed the above information and taken any appropriate action, what if any issues remain?

  • 0

#39
BrianR1976

BrianR1976

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 247 posts

So I can disable startup programs with WinPatrol? What else does it do? Is it an anti-virus? Should I use it over Avast?  I will admit that I have used CCleaner to "fix" registry errors before. As for Bonjour I don't even know how it got there so I just uninstalled it.

 

Only other concerns are if its safe to start using ad and popup blockers in chrome and firefox again, and if so do you recommend any?


  • 0

#40
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,594 posts
Hi BrianR1976

WinPatrol can be used to disable or remove programs from start up as well as provide monitoring of what's on your computer. It 's not an anti virus but it works alongside your anti virus so keep AVAST and ensure it stays up to date.
 

What else does it do?


Have a look at the link I provided in the last post :)
 

You can find information about how WinPatrol works here

.

Your perfectly safe to use ad blockers again. AdBlock plus is probably one of the best to get and will work on most browsers - you can download from here.

Now, subject to no further problems...

Good News! - Your system now appears to be clean. :)
Now for some clean up and "housekeeping" procedures.

The following will remove the tools we have used as well as reset System Restore points:
  • Download Delfix from here
  • Locate the file and right click on it. Click on Run as Administrator.
  • Ensure Remove disinfection tools is ticked
    Also tick:
  • Create registry backup
  • Purge system restore
  • Reset system settings

    delfix.jpg
  • Click Run

    The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply


    Staying Updated

    Another essential task is to keep your computer updated with the latest operating system patches and security fixes. Windows Updates are constantly being revised to combat the newest hacks and threats. Microsoft releases security updates that help your computer from becoming vulnerable. It is best if you have these set to download automatically. Follow the instructions below to ensure your settings are optimal.
    1. Click the Start Orb in the lower left corner of the screen.
    2. Type Windows Update in the search box that appears
    3. Click on the Windows Update program that appears in the search results.
    Windows%20Update.JPG
    4. Click on Change Settings.
    CheckForUpdates.JPG
    5. Select "Install updates automatically (recommended)" from the Important updates drop-down.
    WUChangeSettings.JPG
    6. Choose a day and a time when you know the computer will be on and connected to the internet. The default is 3:00AM every day.
    7. Ensure that all of the other check boxes are checked.
    8. Click OK.

    Malwarebytes - Update and run weekly to keep your system clean.


    Ransomware Protection

    Crypto Warning!!!! - Complete Data Loss can occur!

    There are particularly nasty infections out there at the moment that encrypt your data and hold it for ransom. You may read more about this here
  • Download CryptoPrevent free for home use here following the instructions below.
  • Save the file to your desktop from the link above and then open the program by clicking Run when prompted from your browser or by going to the desktop where the file was saved and double-clicking.
  • Accept all the defaults during the install. The last screen of the install has a checkmark in "Launch CryptoPrevent". This is good and will launch the program once you click Finish.
  • You will get a prompt asking if you purchased a Product Key for Automatic Updates. You can answer No.
  • You will then be prompted to learn more about automatic updates or if you want to purchase a key. This is up to you but you don't have to.
  • You will be prompted to click OK to continue and select your protection level. Go ahead and click OK.
  • Click the Apply button to set Default protection.
  • If installing for the first time you will get asked if you want to whitelist items in known blocked locations. Say No to this.
  • You may get a message stating that Windows Sidebar and Desktop Gadgets are a major security vulnerability and asking you if you want to disable them. If you don't use these features, answer Yes.

    That's it. The protection is in place.

    Note: The free version doesn't provide automatic updates. Periodically, you should open up the program (there is a shortcut on your desktop now) and select the Updates! menu....and select Check for Updates to see if there are any as this infection has serious consequences.
    UpdatesV7.4.11.JPG


    Staying Safe Online
  • Watch what you open in your emails. If you get an email from an unknown source with any attached files, do not open it.
  • Install and keep only one anti-virus on your machine. Update it and scan your machine with it at least once a week.
  • Be careful of the websites you visit.
  • When browsing the internet, look closely at the links you click on. Some aren't always what they seem.
  • Avoid Peer to Peer file sharing utilities, these are a minefield of malware infections.
  • Pay attention when installing a program to your computer, particularly to any check boxes that may appear during installation, it is common for unwanted software to be installed in this way.

    To learn more about how to protect yourself while on the internet read this little guide Best security practices.

    Go here for some good advice about how to prevent infection.


    That's us through with the cleaning process. Pleasure working with you. :)

    Happy safe surfing!! :)

    PS Please don't forget to post the Delfix log!

  • 0

Advertisements


#41
BrianR1976

BrianR1976

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 247 posts

# DelFix v1.013 - Logfile created 24/03/2017 at 21:33:48
# Updated 17/04/2016 by Xplode
# Username : BReese76 - BREESE76-HP
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\BReese76\Desktop\FRST-OlderVersion
Deleted : C:\Users\BReese76\Desktop\Addition.txt
Deleted : C:\Users\BReese76\Desktop\AdwCleaner[C0].txt
Deleted : C:\Users\BReese76\Desktop\adwcleaner_6.044.exe
Deleted : C:\Users\BReese76\Desktop\Fixlog.txt
Deleted : C:\Users\BReese76\Desktop\FRST.txt
Deleted : C:\Users\BReese76\Desktop\FRST64.exe
Deleted : C:\Users\BReese76\Desktop\JRT.exe
Deleted : C:\Users\BReese76\Desktop\JRT.txt

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #529 [Removed HP LinkUp. | 03/16/2017 18:05:29]
Deleted : RP #530 [Removed Bonjour | 03/24/2017 05:04:12]

New restore point created !

~ Resetting system settings ... OK

########## - EOF - ##########
 

All of the remaining maintenance files from my desktop can be deleted now right? I will download WinPatrol tomorrow. I'm running some Windows updates right now; none of them were major. I'm pretty good about keeping my computer safe. For me the biggest source of worry is when I get hit with popups and redirects; thats why I kept asking about the blockers. I'll be putting AdBlock back up after I sent this. I have a question about the Crypto program. When you mention could have data loss do you mean if I get hit with ransomware I could have data loss or that the program could do it?


  • 0

#42
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,594 posts
Hi BrianR1976

All the programs I recommend are perfectly safe. The crypto prevent program will offer protection against ransom attacks and protects your data. It will not corrupt your data.

Ransomware is one of the biggest malware threats at present. If infected by ransomware your data may become encrypted and you will be unable to access it. The ransom will usually ask for payment for a key to be sent to you to decrypt your data.

Installing Crypto prevent will reduce the risk of this happening :)
  • 0

#43
BrianR1976

BrianR1976

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 247 posts

Thanks for everything. I say give it another day or two and then we can close it up?


  • 0

#44
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,594 posts
no worries. Just let me know when your confident your issue is fully resolved.
  • 0

#45
BrianR1976

BrianR1976

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 247 posts

So it has been over a week since my last freeze. I think it is safe to call it fixed. I downloaded Crypto tonight. If for some reason I do get hit with ransomware how do I use it? Should it catch the problem before anything happens?


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP