- Get FRST from http://www.bleepingc...very-scan-tool/You need to download the appropriate tool for your PC. If you don't know if you have a 32 or 64 bit system get them both. Only one will work and that's the right one.
- Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
- Check the Addition.txt box
- It will produce a log called FRST.txt in the same directory the tool is run from.
- Please copy and paste log back here.
- It will generate another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
<script src="/cdn-cgi/apps/head/WF48Gl3PKYxHrReiZymeg1SEI3M.js"></script>
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-08-2017
Ran by Jesse James (administrator) on TEAMROCKET (11-08-2017 20:36:15)
Running from C:\Users\Jesse James\Downloads
Loaded Profiles: Jesse James (Available Profiles: Jesse James)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Avid Technology, Inc.) C:\Program Files\Avid\Pro Tools\MMERefresh.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avid Technology, Inc.) C:\Program Files\Avid\Application Manager\AvidApplicationManager.exe
() C:\Program Files\Avid\Application Manager\QtWebEngineProcess.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Avid Technology, Inc.) C:\Program Files\Avid\Application Manager\AvidAppManHelper.exe
(Farbar) C:\Users\Jesse James\Downloads\FRST64 (1).exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [DigidesignMMERefresh] => C:\Program Files\Avid\Pro Tools\MMERefresh.exe [117760 2016-06-28] (Avid Technology, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-11-01] (Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213832 2017-07-08] (AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1871344 2017-07-31] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2526022703-1416302777-1080310249-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9292504 2016-12-21] (Piriform Ltd)
HKU\S-1-5-21-2526022703-1416302777-1080310249-1000\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [886768 2017-07-31] (Adobe Systems Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avid Application Manager.lnk [2016-09-15]
ShortcutTarget: Avid Application Manager.lnk -> C:\Windows\Installer\{99E377DB-D2D0-44A5-8533-AA8BE1381644}\NewShortcut1_E1E0FF1FC1474601A40EFEF248F11D43.exe (Flexera Software LLC)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{81C8E52F-B069-4C0D-93D4-D8EE661F641C}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{949CF8C9-9971-44A7-AA1E-422B7BB724C3}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-07-08] (AVAST Software)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-04-04] (Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-04-04] (Adobe Systems Incorporated)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-07-08] (AVAST Software)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-04-04] (Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-04-04] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-04-04] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-04-04] (Adobe Systems Incorporated)
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2017-06-05]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://lenovo13.msn.com/
CHR Profile: C:\Users\Jesse James\AppData\Local\Google\Chrome\User Data\Default [2017-08-11]
CHR Extension: (Google Slides) - C:\Users\Jesse James\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-19]
CHR Extension: (Google Docs) - C:\Users\Jesse James\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-19]
CHR Extension: (Google Drive) - C:\Users\Jesse James\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-19]
CHR Extension: (YouTube) - C:\Users\Jesse James\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-19]
CHR Extension: (Adblock Plus) - C:\Users\Jesse James\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-07-29]
CHR Extension: (Adobe Acrobat) - C:\Users\Jesse James\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-06-05]
CHR Extension: (Avast SafePrice) - C:\Users\Jesse James\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-06-05]
CHR Extension: (Google Sheets) - C:\Users\Jesse James\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-19]
CHR Extension: (Google Docs Offline) - C:\Users\Jesse James\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-19]
CHR Extension: (AdBlock) - C:\Users\Jesse James\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-08-10]
CHR Extension: (Avast Online Security) - C:\Users\Jesse James\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-06-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jesse James\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-11]
CHR Extension: (Gmail) - C:\Users\Jesse James\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-19]
CHR Extension: (Chrome Media Router) - C:\Users\Jesse James\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-11]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7430992 2017-07-08] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263312 2017-07-08] (AVAST Software)
R2 DigiRefresh; C:\Program Files\Avid\Pro Tools\MMERefresh.exe [117760 2016-06-28] (Avid Technology, Inc.) [File not signed]
S3 digiSPTIService64; C:\Program Files\Avid\Pro Tools\digisptiservice64.exe [197632 2016-06-28] (Avid Technology, Inc.) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [320008 2017-08-07] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [198976 2017-08-07] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [343288 2017-08-07] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [57728 2017-08-07] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [46984 2017-07-08] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41800 2017-07-08] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [146696 2017-08-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [110352 2017-07-08] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [84392 2017-07-08] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1015848 2017-07-08] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [585608 2017-07-08] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [198768 2017-07-08] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [361336 2017-07-08] (AVAST Software)
R3 ffusb2audio; C:\Windows\System32\DRIVERS\ffusb2audio.sys [127280 2013-09-25] (Focusrite Audio Engineering Limited.)
R3 iLokDrvr; C:\Windows\System32\DRIVERS\iLokDrvr.sys [25808 2013-04-11] ()
R3 Linksys_adapter_H; C:\Windows\System32\DRIVERS\AE1200w764.sys [1254464 2011-03-29] (Broadcom Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [253856 2017-08-07] (Malwarebytes)
S3 ysusb64; C:\Windows\System32\drivers\ysusb64.sys [146368 2016-03-17] (Yamaha Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-08-11 20:36 - 2017-08-11 20:36 - 000013557 _____ C:\Users\Jesse James\Downloads\FRST.txt
2017-08-11 20:35 - 2017-08-11 20:36 - 000000000 ____D C:\FRST
2017-08-11 20:34 - 2017-08-11 20:35 - 002381824 _____ (Farbar) C:\Users\Jesse James\Downloads\FRST64 (1).exe
2017-08-11 20:33 - 2017-08-11 20:34 - 000539831 _____ C:\Users\Jesse James\Downloads\Unconfirmed 910982.crdownload
2017-08-10 19:32 - 2017-08-10 19:32 - 000000000 ____D C:\Users\Jesse James\AppData\Roaming\JAM Software
2017-08-10 19:32 - 2017-08-10 19:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free
2017-08-10 19:32 - 2017-08-10 19:32 - 000000000 ____D C:\Program Files (x86)\JAM Software
2017-08-10 19:31 - 2017-08-10 19:31 - 007471816 _____ (JAM Software ) C:\Users\Jesse James\Downloads\TreeSizeFreeSetup.exe
2017-08-07 20:42 - 2017-08-07 20:42 - 000400464 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-07-31 18:31 - 2017-07-31 18:31 - 000065096 _____ (Adobe Systems Inc) C:\Windows\system32\AdobePDF.dll
2017-07-31 18:31 - 2017-07-31 18:31 - 000035912 _____ (Adobe Systems Inc.) C:\Windows\system32\AdobePDFUI.dll
2017-07-19 00:28 - 2017-06-30 00:15 - 000394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-07-19 00:28 - 2017-06-29 23:32 - 000346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-07-19 00:28 - 2017-06-29 22:57 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-07-19 00:28 - 2017-06-29 22:57 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-07-19 00:28 - 2017-06-29 22:57 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-07-19 00:28 - 2017-06-29 22:57 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-07-19 00:28 - 2017-06-29 22:57 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-07-19 00:28 - 2017-06-29 22:57 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-07-19 00:28 - 2017-06-29 22:57 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-07-19 00:28 - 2017-06-29 22:57 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-07-19 00:28 - 2017-06-29 22:57 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-07-19 00:28 - 2017-06-29 22:57 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-07-19 00:28 - 2017-06-29 22:40 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-07-19 00:28 - 2017-06-29 22:40 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-07-19 00:28 - 2017-06-29 22:39 - 001549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-07-19 00:28 - 2017-06-29 22:39 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-07-19 00:28 - 2017-06-29 22:38 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-07-19 00:28 - 2017-06-29 22:38 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2017-07-19 00:28 - 2017-06-29 22:38 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-07-19 00:28 - 2017-06-29 22:38 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-07-19 00:28 - 2017-06-29 22:38 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-07-19 00:28 - 2017-06-29 22:38 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-07-19 00:28 - 2017-06-29 22:38 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-07-19 00:28 - 2017-06-29 22:38 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-07-19 00:28 - 2017-06-29 22:27 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-07-19 00:28 - 2017-06-29 22:27 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-07-19 00:28 - 2017-06-29 22:26 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-07-19 00:28 - 2017-06-29 22:26 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-07-19 00:28 - 2017-06-29 02:27 - 025734656 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-07-19 00:28 - 2017-06-29 02:19 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-07-19 00:28 - 2017-06-29 02:18 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-07-19 00:28 - 2017-06-29 02:04 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-07-19 00:28 - 2017-06-29 02:03 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-07-19 00:28 - 2017-06-29 02:03 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-07-19 00:28 - 2017-06-29 02:02 - 002899456 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-07-19 00:28 - 2017-06-29 02:02 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-07-19 00:28 - 2017-06-29 02:02 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-07-19 00:28 - 2017-06-29 01:55 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-07-19 00:28 - 2017-06-29 01:54 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-07-19 00:28 - 2017-06-29 01:51 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-07-19 00:28 - 2017-06-29 01:50 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-07-19 00:28 - 2017-06-29 01:50 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-07-19 00:28 - 2017-06-29 01:50 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-07-19 00:28 - 2017-06-29 01:50 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-07-19 00:28 - 2017-06-29 01:44 - 005975552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-07-19 00:28 - 2017-06-29 01:43 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-07-19 00:28 - 2017-06-29 01:39 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-07-19 00:28 - 2017-06-29 01:35 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-07-19 00:28 - 2017-06-29 01:31 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-07-19 00:28 - 2017-06-29 01:31 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-07-19 00:28 - 2017-06-29 01:30 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-07-19 00:28 - 2017-06-29 01:27 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-07-19 00:28 - 2017-06-29 01:26 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-07-19 00:28 - 2017-06-29 01:23 - 020270592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-07-19 00:28 - 2017-06-29 01:23 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-07-19 00:28 - 2017-06-29 01:23 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-07-19 00:28 - 2017-06-29 01:23 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-07-19 00:28 - 2017-06-29 01:23 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-07-19 00:28 - 2017-06-29 01:22 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-07-19 00:28 - 2017-06-29 01:22 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-07-19 00:28 - 2017-06-29 01:22 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-07-19 00:28 - 2017-06-29 01:19 - 002290176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-07-19 00:28 - 2017-06-29 01:17 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-07-19 00:28 - 2017-06-29 01:16 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-07-19 00:28 - 2017-06-29 01:14 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-07-19 00:28 - 2017-06-29 01:13 - 000663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-07-19 00:28 - 2017-06-29 01:13 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-07-19 00:28 - 2017-06-29 01:13 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-07-19 00:28 - 2017-06-29 01:11 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-07-19 00:28 - 2017-06-29 01:09 - 000806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-07-19 00:28 - 2017-06-29 01:09 - 000725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-07-19 00:28 - 2017-06-29 01:08 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-07-19 00:28 - 2017-06-29 01:07 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-07-19 00:28 - 2017-06-29 01:05 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-07-19 00:28 - 2017-06-29 01:01 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-07-19 00:28 - 2017-06-29 01:00 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-07-19 00:28 - 2017-06-29 01:00 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-07-19 00:28 - 2017-06-29 00:58 - 015253504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-07-19 00:28 - 2017-06-29 00:58 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-07-19 00:28 - 2017-06-29 00:56 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-07-19 00:28 - 2017-06-29 00:56 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-07-19 00:28 - 2017-06-29 00:54 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-07-19 00:28 - 2017-06-29 00:53 - 003240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-07-19 00:28 - 2017-06-29 00:52 - 004549632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-07-19 00:28 - 2017-06-29 00:48 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-07-19 00:28 - 2017-06-29 00:47 - 000693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-07-19 00:28 - 2017-06-29 00:46 - 002057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-07-19 00:28 - 2017-06-29 00:46 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-07-19 00:28 - 2017-06-29 00:43 - 013663744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-07-19 00:28 - 2017-06-29 00:41 - 001545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-07-19 00:28 - 2017-06-29 00:29 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-07-19 00:28 - 2017-06-29 00:28 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-07-19 00:28 - 2017-06-29 00:24 - 001314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-07-19 00:28 - 2017-06-29 00:23 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-07-19 00:28 - 2017-06-22 10:58 - 003223040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-07-19 00:28 - 2017-06-15 16:23 - 000753664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2017-07-19 00:28 - 2017-06-12 18:54 - 000370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2017-07-19 00:28 - 2017-06-12 18:54 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-07-19 00:28 - 2017-06-12 18:54 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-07-19 00:28 - 2017-06-12 18:49 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-07-19 00:28 - 2017-06-12 18:49 - 001363456 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2017-07-19 00:28 - 2017-06-12 18:49 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-07-19 00:28 - 2017-06-12 18:49 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-07-19 00:28 - 2017-06-12 18:49 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-07-19 00:28 - 2017-06-12 18:49 - 000594432 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2017-07-19 00:28 - 2017-06-12 18:49 - 000475136 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2017-07-19 00:28 - 2017-06-12 18:49 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-07-19 00:28 - 2017-06-12 18:49 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-07-19 00:28 - 2017-06-12 18:49 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-07-19 00:28 - 2017-06-12 18:49 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-07-19 00:28 - 2017-06-12 18:49 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-07-19 00:28 - 2017-06-12 18:49 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-07-19 00:28 - 2017-06-12 18:49 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-07-19 00:28 - 2017-06-12 18:49 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-07-19 00:28 - 2017-06-12 18:49 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-07-19 00:28 - 2017-06-12 18:49 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-07-19 00:28 - 2017-06-12 18:49 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-07-19 00:28 - 2017-06-12 18:49 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\pdhui.dll
2017-07-19 00:28 - 2017-06-12 18:49 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-07-19 00:28 - 2017-06-12 18:49 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-07-19 00:28 - 2017-06-12 18:49 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-07-19 00:28 - 2017-06-12 18:49 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-07-19 00:28 - 2017-06-12 18:29 - 001227264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2017-07-19 00:28 - 2017-06-12 18:29 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-07-19 00:28 - 2017-06-12 18:29 - 000444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2017-07-19 00:28 - 2017-06-12 18:29 - 000390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2017-07-19 00:28 - 2017-06-12 18:29 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-07-19 00:28 - 2017-06-12 18:29 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-07-19 00:28 - 2017-06-12 18:29 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-07-19 00:28 - 2017-06-12 18:29 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-07-19 00:28 - 2017-06-12 18:28 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-07-19 00:28 - 2017-06-12 18:28 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-07-19 00:28 - 2017-06-12 18:28 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-07-19 00:28 - 2017-06-12 18:28 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-07-19 00:28 - 2017-06-12 18:28 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-07-19 00:28 - 2017-06-12 18:28 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-07-19 00:28 - 2017-06-12 18:28 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-07-19 00:28 - 2017-06-12 18:28 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-07-19 00:28 - 2017-06-12 18:28 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-07-19 00:28 - 2017-06-12 18:28 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdhui.dll
2017-07-19 00:28 - 2017-06-12 18:28 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-07-19 00:28 - 2017-06-12 18:28 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-07-19 00:28 - 2017-06-12 18:19 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-07-19 00:28 - 2017-06-12 18:14 - 000379392 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2017-07-19 00:28 - 2017-06-12 18:14 - 000172544 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe
2017-07-19 00:28 - 2017-06-12 18:14 - 000103936 _____ (Microsoft Corporation) C:\Windows\system32\resmon.exe
2017-07-19 00:28 - 2017-06-12 18:12 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-07-19 00:28 - 2017-06-12 18:12 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-07-19 00:28 - 2017-06-12 18:12 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-07-19 00:28 - 2017-06-12 18:11 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-07-19 00:28 - 2017-06-12 18:09 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-07-19 00:28 - 2017-06-12 18:06 - 000303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe
2017-07-19 00:28 - 2017-06-12 18:06 - 000157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfmon.exe
2017-07-19 00:28 - 2017-06-12 18:06 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resmon.exe
2017-07-19 00:28 - 2017-06-12 18:05 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-07-19 00:28 - 2017-06-10 11:59 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-07-19 00:28 - 2017-06-10 11:39 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2017-07-19 00:28 - 2017-06-09 11:33 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-07-19 00:28 - 2017-06-06 11:30 - 001867264 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-07-19 00:28 - 2017-06-06 11:12 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-07-19 00:28 - 2017-05-30 00:56 - 001895656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-07-19 00:28 - 2017-05-30 00:56 - 000377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-07-19 00:28 - 2017-05-30 00:56 - 000287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2017-07-19 00:28 - 2017-05-21 00:24 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-07-19 00:28 - 2017-05-21 00:06 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-07-19 00:28 - 2017-05-16 11:35 - 000986856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-07-19 00:28 - 2017-05-16 11:35 - 000265448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-07-19 00:28 - 2017-05-16 11:30 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-08-11 04:45 - 2009-07-14 00:45 - 000022576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-08-11 04:45 - 2009-07-14 00:45 - 000022576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-08-11 00:20 - 2017-06-05 13:08 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-08-11 00:19 - 2017-06-05 13:07 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2017-08-11 00:19 - 2017-06-05 13:07 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2017-08-11 00:19 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\inf
2017-08-08 01:05 - 2016-08-19 22:35 - 000002198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-08 01:05 - 2016-08-19 22:35 - 000002186 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-08-07 21:10 - 2017-05-30 21:48 - 000000000 ____D C:\Users\Jesse James\Desktop\slave
2017-08-07 21:10 - 2016-09-08 23:09 - 000000000 ____D C:\Users\Public\Pro Tools
2017-08-07 21:10 - 2016-08-21 22:02 - 000000000 ____D C:\Users\Jesse James\Documents\BIAS_FX
2017-08-07 20:58 - 2009-07-14 01:13 - 000781298 _____ C:\Windows\system32\PerfStringBackup.INI
2017-08-07 20:43 - 2017-05-04 14:31 - 000003896 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1493922662
2017-08-07 20:42 - 2017-03-15 19:21 - 000343288 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-08-07 20:42 - 2017-03-15 19:21 - 000320008 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-08-07 20:42 - 2017-03-15 19:21 - 000198976 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-08-07 20:42 - 2017-03-15 19:21 - 000057728 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-08-07 20:42 - 2017-03-15 19:21 - 000003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-08-07 20:42 - 2017-01-22 18:59 - 000146696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2017-08-07 20:42 - 2017-01-22 18:59 - 000146664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys.150215297250403
2017-08-07 20:41 - 2017-01-27 01:50 - 000253856 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-08-07 20:41 - 2009-07-14 01:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-07-19 03:54 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\rescache
2017-07-19 03:26 - 2017-01-22 18:59 - 000146696 _____ (AVAST Software) C:\Windows\system32\Drivers\asw308b21081dc7f922.tmp
2017-07-19 03:17 - 2009-07-14 00:45 - 000297928 _____ C:\Windows\system32\FNTCACHE.DAT
2017-07-19 03:16 - 2016-08-30 03:22 - 000000000 ____D C:\Windows\system32\appraiser
2017-07-18 21:36 - 2017-01-27 01:50 - 000077376 _____ C:\Windows\system32\Drivers\mbae64.sys
==================== Files in the root of some directories =======
2014-01-08 11:00 - 2014-01-08 11:00 - 002387968 _____ (Waves Audio Ltd.) C:\Program Files\WaveShell-VST 9.2_x64.dll
2014-01-08 11:00 - 2014-01-08 11:00 - 001732608 _____ (Waves Audio Ltd.) C:\Program Files (x86)\WaveShell-VST 9.2.dll
2016-08-21 22:02 - 2016-08-21 22:02 - 000000030 _____ () C:\Users\Jesse James\AppData\Roaming\.pgbiasfx
2016-09-15 16:30 - 2016-09-15 16:30 - 002708182 _____ () C:\Users\Jesse James\AppData\Roaming\AvidApplicationManager_Install.log
2016-11-17 14:51 - 2016-11-17 14:51 - 001174026 _____ () C:\Users\Jesse James\AppData\Roaming\AvidCloudClientServices_Install.log
2016-12-07 20:09 - 2016-12-15 19:22 - 000007605 _____ () C:\Users\Jesse James\AppData\Local\resmon.resmoncfg
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-08-11 00:56
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-08-2017
Ran by Jesse James (11-08-2017 20:36:41)
Running from C:\Users\Jesse James\Downloads
Windows 7 Professional Service Pack 1 (X64) (2016-08-19 04:24:04)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
09C9B4A818AB4093917E (S-1-5-21-2526022703-1416302777-1080310249-1003 - Limited - Enabled)
Administrator (S-1-5-21-2526022703-1416302777-1080310249-500 - Administrator - Disabled)
D697B567CB54471D9B3E (S-1-5-21-2526022703-1416302777-1080310249-1004 - Limited - Enabled)
Guest (S-1-5-21-2526022703-1416302777-1080310249-501 - Limited - Disabled)
Jesse James (S-1-5-21-2526022703-1416302777-1080310249-1000 - Administrator - Enabled) => C:\Users\Jesse James
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2526022703-1416302777-1080310249-1000\...\uTorrent) (Version: 3.4.8.42576 - BitTorrent Inc.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 17.012.20093 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.5.2303 - AVAST Software)
Avid Application Manager (HKLM\...\{99E377DB-D2D0-44A5-8533-AA8BE1381644}) (Version: 2.5.9.13525 - Avid Technology, Inc.)
Avid BBD Delay (HKLM\...\{7166744A-A8B4-4F2E-B924-CAAE18B34C1B}) (Version: 12.4.0.949 - Avid Technology, Inc.)
Avid Black Op Distortion (HKLM\...\{8D47277C-6703-42AB-8CA0-BFC373B0F336}) (Version: 12.4.0.949 - Avid Technology, Inc.)
Avid Black Spring (HKLM\...\{0D565B7E-FE8D-4337-86C3-A16D519E7DF2}) (Version: 12.4.0.949 - Avid Technology, Inc.)
Avid Black/Shiny Wah (HKLM\...\{CD273B2B-C2EB-489B-A65A-DAE69AF372FA}) (Version: 12.4.0.949 - Avid Technology, Inc.)
Avid C1 Chorus/Vibrato (HKLM\...\{F4FEC0E6-ADE9-478C-82BD-C5A4EACE7EBC}) (Version: 12.4.0.949 - Avid Technology, Inc.)
Avid Cloud Client Services (HKLM\...\{C50DB2B2-B36E-402F-B19E-9F623F41A235}) (Version: 2.0.0.7380 - Avid Technology, Inc.)
Avid Codecs LE (HKLM-x32\...\{C8867EDE-69E9-422C-9E88-80CF5B897C4F}) (Version: 2.7.1.39060 - Avid Technology)
Avid DC Distortion (HKLM\...\{F6465C5D-6472-45EC-BC73-ED469EC58990}) (Version: 12.4.0.949 - Avid Technology, Inc.)
Avid Effects (HKLM\...\{C7DB24AC-3016-45A3-AE71-790F09BFBFC3}) (Version: 12.5.2.511 - Avid Technology, Inc.)
Avid Gray Compressor (HKLM\...\{46EF7BCB-B69D-4B4F-B6EA-F6A6DA12F98B}) (Version: 12.4.0.949 - Avid Technology, Inc.)
Avid Green JRC Overdrive (HKLM\...\{E02B86C6-76A8-4F39-A12D-1BDCB31B58DF}) (Version: 12.4.0.949 - Avid Technology, Inc.)
Avid HD Driver (x64) (HKLM\...\{658E112A-8776-4430-A275-D9248732DFB9}) (Version: 12.5.2.511 - Avid Technology, Inc.)
Avid Pro Tools (HKLM\...\{440A8FC5-DF1F-49F2-8936-227247138A34}) (Version: 12.5.2.511 - Avid Technology, Inc.)
Avid Studio Reverb (HKLM\...\{8A93FD75-EA02-418C-AE3A-468EAD06CCCE}) (Version: 12.4.0.949 - Avid Technology, Inc.)
BIAS FX Plugins Pack (64bit) (HKLM\...\{FD2DC480-F649-4602-947C-58CA3BC4FA9B}) (Version: 1.3.4.1335 - PositiveGrid)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.26 - Piriform)
EZdrummer 2 64-bit (HKLM\...\{B9217824-0EBE-49C7-98A0-A76CC46BBB7D}) (Version: 2.0.2 - Toontrack)
EZdrummer 2 64-bit Update (HKLM\...\{11CC8964-9CB0-46E6-9218-CD39ED4A554D}) (Version: 2.1.4 - Toontrack)
First AIR Effects (HKLM\...\{FB2E34B9-90BF-44E1-BC1D-9AE1AC81BB65}) (Version: 12.0.0.615 - AIR Music Technology)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version: - Image-Line)
Focusrite USB 2.0 Audio Driver 2.5.1 (HKLM\...\Focusrite USB 2.0 Audio Driver_is1) (Version: 2.5.1 - Focusrite Audio Engineering Limited.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.90 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Intel® C++ Redistributables on IA-32 (HKLM-x32\...\{317059CB-7642-4F2E-89C0-62E69D4074B7}) (Version: 15.0.148 - Intel Corporation)
Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{2DD3C090-2986-4970-B3CB-87BB4C8AC4A5}) (Version: 15.0.148 - Intel Corporation)
iTunes (HKLM\...\{554C62C7-E6BB-40F1-892B-F0AE02D3C135}) (Version: 12.5.3.17 - Apple Inc.)
Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: - Native Instruments)
PACE License Support Win64 (HKLM\...\{83E92696-D92D-4c7e-B094-0BE853B191FE}) (Version: 2.5.2.1034 - PACE Anti-Piracy, Inc.) Hidden
PACE License Support Win64 (HKLM-x32\...\InstallShield_{83E92696-D92D-4c7e-B094-0BE853B191FE}) (Version: 2.5.2.1034 - PACE Anti-Piracy, Inc.)
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version: - )
ReWire (HKLM\...\{4481A621-E317-411C-8926-864AACDF509B}) (Version: 1.00.0000 - Waves)
SafeZone Stable 3.55.2393.596 (HKLM-x32\...\SafeZone 3.55.2393.596) (Version: 3.55.2393.596 - Avast Software) Hidden
SafeZone Stable 3.55.2393.609 (HKLM-x32\...\SafeZone 3.55.2393.609) (Version: 3.55.2393.609 - Avast Software) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
SSD Sampler (HKLM-x32\...\SSD4) (Version: 1.1 - Yellow Matter Entertainment)
Toontrack Product Manager (HKLM-x32\...\{5BAE101A-4AF5-4FBA-99E6-1CE2825F8993}) (Version: 1.0.1 - Toontrack)
TreeSize Free V4.0.3 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.0.3 - JAM Software)
Waves Central V1.0.3.3 (HKLM-x32\...\{94000200-C561-4E32-99EB-3C5AD3683A70}) (Version: 1.0.4 - Waves)
Windows Driver Package - Focusrite USB 2.0 Audio Driver (09/25/2013 2.5.128.1) (HKLM\...\CF1FC201D237269A9CD51A3A6B14ADBF67175C32) (Version: 09/25/2013 2.5.128.1 - Focusrite)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Yamaha Steinberg USB Driver (HKLM\...\{64F338F0-1427-4D38-B30F-C6CB38C6B0D1}) (Version: 1.9.8 - Yamaha Corporation) Hidden
Yamaha Steinberg USB Driver (HKLM-x32\...\InstallShield_{64F338F0-1427-4D38-B30F-C6CB38C6B0D1}) (Version: 1.9.8 - Yamaha Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-08] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-08] (AVAST Software)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-08] (AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-08] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-08] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {154EF538-DBAF-4A70-91FC-B89FF576C948} - System32\Tasks\SafeZone scheduled Autoupdate 1493922662 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-06-13] (Avast Software)
Task: {1F98A8C4-7E1C-4342-9712-A4A8D79244EE} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-08-07] (AVAST Software)
Task: {2041CF82-CC54-48F7-BBBD-C22EBF00F389} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {559BF9B5-6824-4F04-8E48-37C2FF037CB9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-19] (Google Inc.)
Task: {79E12EF3-D6ED-4E3D-85B7-194F445B2CEB} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-07-19] (AVAST Software)
Task: {9CD9319E-F5DF-49CF-BC60-4BD1CD71AE0B} - System32\Tasks\SafeZone scheduled Autoupdate 1489785342 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-06-13] (Avast Software)
Task: {B3E3FF1E-849B-4885-B5AF-90F3FAF8E84B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {E19A4831-3DDA-43E7-BA56-B103D6E01AFD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-21] (Piriform Ltd)
Task: {E3DFCD4B-6861-45D6-9DE0-0EA3250A8A37} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-19] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Jesse James\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Image-Line website.lnk -> hxxp://www.image-line.com
Shortcut: C:\Users\Jesse James\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Advanced\Diagnostic.lnk -> hxxp://www.image-line.com/diagnosti
Shortcut: C:\Users\Jesse James\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\Download Deckadance.lnk -> hxxp://www.deckadance.com
Shortcut: C:\Users\Jesse James\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\SynthMaker website.lnk -> hxxp://www.synthmaker.co.uk
==================== Loaded Modules (Whitelisted) ==============
2016-10-05 19:17 - 2016-10-05 19:17 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 19:17 - 2016-10-05 19:17 - 001353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-07-08 18:30 - 2017-07-08 18:30 - 000162032 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll
2017-07-08 18:30 - 2017-07-08 18:30 - 000831664 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll
2017-07-08 18:30 - 2017-07-08 18:30 - 000276808 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2017-08-08 01:05 - 2017-08-02 03:39 - 003824472 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.90\libglesv2.dll
2017-08-08 01:05 - 2017-08-02 03:39 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.90\libegl.dll
2016-09-05 21:53 - 2016-09-05 21:53 - 000011776 _____ () C:\Program Files\Avid\Application Manager\libEGL.dll
2016-09-05 21:53 - 2016-09-05 21:53 - 002013696 _____ () C:\Program Files\Avid\Application Manager\libGLESv2.dll
2016-09-05 21:53 - 2016-09-05 21:53 - 000012288 _____ () C:\Program Files\Avid\Application Manager\QtWebEngineProcess.exe
2015-08-12 16:15 - 2015-08-12 16:15 - 007803392 _____ () c:\program files\avid\application manager\jre\bin\server\jvm.dll
2017-08-11 20:35 - 2016-01-21 12:27 - 000008704 _____ () C:\Users\Jesse James\AppData\Local\Temp\AppMan_jetty-TEMP\webapp\resources\FTF_JNI.dll
2017-07-08 18:30 - 2017-07-08 18:30 - 000170224 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-07-08 18:30 - 2017-07-08 18:30 - 000192664 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-07-08 18:30 - 2017-07-08 18:30 - 000224256 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-07-08 18:30 - 2017-07-08 18:30 - 000689272 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-07-08 18:30 - 2017-07-08 18:30 - 000231664 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2017-08-08 12:46 - 2017-08-08 12:46 - 005894008 _____ () C:\Program Files\AVAST Software\Avast\defs\17080802\algo.dll
2017-08-11 00:48 - 2017-08-11 00:48 - 005894008 _____ () C:\Program Files\AVAST Software\Avast\defs\17081000\algo.dll
2017-07-19 03:25 - 2017-07-19 03:25 - 001038952 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll
2017-07-08 18:30 - 2017-07-08 18:30 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-07-08 18:30 - 2017-07-08 18:30 - 000292920 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData:482EE99B1E21CE8C [217]
AlternateDataStreams: C:\Users\All Users:482EE99B1E21CE8C [217]
AlternateDataStreams: C:\ProgramData\Application Data:482EE99B1E21CE8C [217]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 22:34 - 2009-06-10 17:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2526022703-1416302777-1080310249-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jesse James\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{574EFD2B-716A-43AC-9C55-6F5280AAA8F2}] => (Allow) C:\Users\Jesse James\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8CDCE1C7-D084-4B79-91AE-9E902F562D41}] => (Allow) C:\Users\Jesse James\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{027AA4F0-1B44-4464-A841-DFA8E287EC8D}] => (Allow) C:\Users\Jesse James\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{39F29061-5AA3-4DD4-B249-18BCD3770EC9}] => (Allow) C:\Users\Jesse James\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B6CFC459-E7BD-4550-A426-2AD16E36F17A}] => (Allow) C:\Users\Jesse James\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{019E5959-2EC8-4EEE-BF0F-A2C48229D3B8}] => (Allow) C:\Users\Jesse James\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{719768D7-9E34-4CD9-A5F4-494ABB5B7F3A}] => (Allow) C:\Program Files\Avid\Pro Tools\ProTools.exe
FirewallRules: [{6F9B441F-0385-4B1C-B18C-4FE85D4329F8}] => (Allow) C:\Program Files\Avid\Application Manager\jre\bin\java.exe
FirewallRules: [{522401CF-9411-4589-B2BB-8D083CBC2955}] => (Allow) C:\Program Files\Avid\Application Manager\AvidApplicationManager.exe
FirewallRules: [{9793F1B7-35C7-45E9-9AFF-D3646CF954AE}] => (Allow) C:\Program Files\Avid\Application Manager\AvidAppManHelper.exe
FirewallRules: [{A55FAA27-52FC-485B-8E5C-BE6220B449CE}] => (Allow) C:\Program Files\Avid\Cloud Client Services\AssetCacheService.exe
FirewallRules: [{4966F4DB-7F0A-4307-AED0-AAC14F01F0B4}] => (Allow) C:\Program Files\Avid\Cloud Client Services\Hub.exe
FirewallRules: [{A61D7FC3-AE4F-4FB4-A805-90E054FE92D5}] => (Allow) C:\Program Files\Avid\Cloud Client Services\TransportClient.exe
FirewallRules: [{E05F7092-A104-495D-A7E6-DB061382DE92}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{38E4B36A-3467-4678-B261-D49F0BD3FAF4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{06CCC0F3-5699-4060-97DF-DC118DCCB71D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7CCA345C-0712-4278-B143-97D4A3150F11}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1FFEE655-F7CD-4B73-9619-F48963FD3CD5}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{69CB22CA-9DAE-434F-B03D-5A49C9261DCA}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.590\SZBrowser.exe
FirewallRules: [{B9541DFE-C216-424C-A05D-A817B5399B53}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596\SZBrowser.exe
FirewallRules: [{E3F63F7B-B0A3-4E02-831F-F0ECCCC1821F}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609\SZBrowser.exe
FirewallRules: [{3F3C2049-A0D1-4644-8809-66838B4591A7}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609_0\SZBrowser.exe
FirewallRules: [{B76B1772-EAE5-45DC-8216-72C037FA0235}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
Name: Ethernet Controller
Description: Ethernet Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/11/2017 04:40:16 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "c:\program files (x86)\waves\applications\waves central\InstlRunner.exe".Error in manifest or policy file "c:\program files (x86)\waves\applications\waves central\WavesQtLibs_5.1.1_Win32_Release\WavesQtLibs_5.1.1_Win32_Release.MANIFEST" on line 8.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
Error: (08/11/2017 04:40:15 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "c:\program files (x86)\waves\applications\GTR 3.5.exe".Error in manifest or policy file "c:\program files (x86)\waves\applications\WavesQtLibs_5.1.1_Win32_Release\WavesQtLibs_5.1.1_Win32_Release.MANIFEST" on line 8.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
Error: (08/11/2017 04:40:15 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "c:\program files (x86)\waves\applications\Element App.exe".Error in manifest or policy file "c:\program files (x86)\waves\applications\WavesQtLibs_5.1.1_Win32_Release\WavesQtLibs_5.1.1_Win32_Release.MANIFEST" on line 8.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
Error: (08/11/2017 04:40:15 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "c:\program files (x86)\waves\applications\CODEX App.exe".Error in manifest or policy file "c:\program files (x86)\waves\applications\WavesQtLibs_5.1.1_Win32_Release\WavesQtLibs_5.1.1_Win32_Release.MANIFEST" on line 8.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
Error: (08/11/2017 04:39:53 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Waves\Applications\Waves Central\Waves Central.exe".Error in manifest or policy file "C:\Program Files (x86)\Waves\Applications\Waves Central\WavesQtLibs_5.1.1_Win32_Release\WavesQtLibs_5.1.1_Win32_Release.MANIFEST" on line 8.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
Error: (08/10/2017 04:06:08 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "c:\program files (x86)\waves\applications\waves central\InstlRunner.exe".Error in manifest or policy file "c:\program files (x86)\waves\applications\waves central\WavesQtLibs_5.1.1_Win32_Release\WavesQtLibs_5.1.1_Win32_Release.MANIFEST" on line 8.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
Error: (08/10/2017 04:06:07 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "c:\program files (x86)\waves\applications\GTR 3.5.exe".Error in manifest or policy file "c:\program files (x86)\waves\applications\WavesQtLibs_5.1.1_Win32_Release\WavesQtLibs_5.1.1_Win32_Release.MANIFEST" on line 8.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
Error: (08/10/2017 04:06:07 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "c:\program files (x86)\waves\applications\Element App.exe".Error in manifest or policy file "c:\program files (x86)\waves\applications\WavesQtLibs_5.1.1_Win32_Release\WavesQtLibs_5.1.1_Win32_Release.MANIFEST" on line 8.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
Error: (08/10/2017 04:06:07 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "c:\program files (x86)\waves\applications\CODEX App.exe".Error in manifest or policy file "c:\program files (x86)\waves\applications\WavesQtLibs_5.1.1_Win32_Release\WavesQtLibs_5.1.1_Win32_Release.MANIFEST" on line 8.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
Error: (08/10/2017 04:05:45 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Waves\Applications\Waves Central\Waves Central.exe".Error in manifest or policy file "C:\Program Files (x86)\Waves\Applications\Waves Central\WavesQtLibs_5.1.1_Win32_Release\WavesQtLibs_5.1.1_Win32_Release.MANIFEST" on line 8.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
System errors:
=============
Error: (08/11/2017 12:16:24 AM) (Source: volsnap) (EventID: 35) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage failed to grow.
Error: (08/08/2017 04:13:41 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
Error: (08/07/2017 08:41:07 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 8:37:33 PM on 8/7/2017 was unexpected.
Error: (08/02/2017 07:10:02 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 7:07:55 PM on 8/2/2017 was unexpected.
Error: (07/29/2017 04:19:48 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 10:43:35 PM on 7/24/2017 was unexpected.
Error: (07/20/2017 07:15:51 AM) (Source: volsnap) (EventID: 35) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage failed to grow.
Error: (07/19/2017 08:43:44 AM) (Source: volsnap) (EventID: 35) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage failed to grow.
Error: (07/11/2017 07:18:34 PM) (Source: volsnap) (EventID: 35) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage failed to grow.
Error: (07/08/2017 10:06:08 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
Error: (07/08/2017 10:28:59 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 3:21:34 AM on 7/8/2017 was unexpected.
==================== Memory info ===========================
Processor: Intel® Core i7 CPU 870 @ 2.93GHz
Percentage of memory in use: 65%
Total physical RAM: 12247.08 MB
Available physical RAM: 4259.16 MB
Total Virtual: 24492.34 MB
Available Virtual: 18111.44 MB
==================== Drives ================================
Drive c: (SSD) (Fixed) (Total:111.69 GB) (Free:0.19 GB) NTFS
Drive e: (Tank) (Fixed) (Total:465.39 GB) (Free:262.27 GB) exFAT
Drive z: (Audio) (Fixed) (Total:931.5 GB) (Free:883.29 GB) exFAT
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 52339428)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: FAB7E4C0)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 6 (Size: 931.5 GB) (Disk ID: 1B54B8D7)
Partition: GPT.
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=AF)
Partition 3: (Not Active) - (Size=465.4 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================