Hi, I'm facing the same problem as couple of others (eg. Paul 62) also had before me.
Last week, a system notification popped up saying, that there is low space on local disk D, which was as far as I can remember, quite full, but a couple of hundreds of MB-t were still avaiable.
So I had a look on the disk properties, and only 15 something MB remained free. Someone told me that it can be a virus eating up my disk space, so I deleted some unneccessary things to see what happens, and the notification appeard again yesterday this time the free disk space is 16.7 MB, although I did't download any big files since than.
Can someone (like LiquidTension) help me to fix this?
I thank you in advance for your reply!
Here are the 2 log files, after the Farbar scan:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-12-2015
Ran by amblyop03 (administrator) on AMBLYOP03-PC (04-01-2016 13:04:15)
Running from C:\Users\amblyop03\Desktop
Loaded Profiles: amblyop03 (Available Profiles: amblyop03 & Guest)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Leonar3Do International Inc\LeoSystem\LeoSystem.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Dell) C:\Users\amblyop03\AppData\Local\Apps\2.0\4OZDVBT5.76H\MECA97ZP.1VB\dell..tion_0f612f649c4a10af_0005.0005_9914611622934cec\DellSystemDetect.exe
(Dropbox, Inc.) C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\plugin-nm-server.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() D:\Program Files\bin\win64\MATLABStartupAccelerator.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184112 2012-09-17] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2874120 2013-07-15] (ELAN Microelectronics Corp.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2014-10-19] (Kaspersky Lab ZAO)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-615307183-3760169334-1244734643-1000\...\Run: [DellSystemDetect] => C:\Users\amblyop03\AppData\Local\Apps\2.0\4OZDVBT5.76H\MECA97ZP.1VB\dell..tion_0f612f649c4a10af_0005.0005_9914611622934cec\DellSystemDetect.exe [253952 2014-02-23] (Dell)
HKU\S-1-5-21-615307183-3760169334-1244734643-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-615307183-3760169334-1244734643-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-615307183-3760169334-1244734643-1000\...\Run: [Dropbox Update] => C:\Users\amblyop03\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-21-615307183-3760169334-1244734643-1000\...\MountPoints2: {508b3340-a2bf-11e3-8f61-806e6f6e6963} - E:\setup.exe
HKU\S-1-5-21-615307183-3760169334-1244734643-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-21] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [175880 2015-05-28] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [154256 2015-05-28] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
Startup: C:\Users\amblyop03\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-12]
ShortcutTarget: Dropbox.lnk -> C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.250.30.20
Tcpip\..\Interfaces\{2375ABDB-8BAB-46B9-8F27-104F05279308}: [DhcpNameServer] 10.250.30.20
Tcpip\..\Interfaces\{32E069C1-C4D9-494C-945E-254C3D80F682}: [DhcpNameServer] 192.168.0.1 192.168.0.2
Internet Explorer:
==================
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-10-19] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-10-19] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-10-19] (Kaspersky Lab ZAO)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-23] (Google Inc.)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-10-19] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-10-19] (Kaspersky Lab ZAO)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-10-19] (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll [2014-10-19] (Kaspersky Lab ZAO)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-23] (Google Inc.)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll [2014-10-19] (Kaspersky Lab ZAO)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-23] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-23] (Google Inc.)
FireFox:
========
FF ProfilePath: C:\Users\amblyop03\AppData\Roaming\Mozilla\Firefox\Profiles\5kwh52ps.default
FF Session Restore: -> is enabled.
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-31] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-31] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\amblyop03\AppData\Roaming\Mozilla\Firefox\Profiles\5kwh52ps.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-16]
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\
[email protected] [2015-02-17] [not signed]
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\
[email protected] [2015-02-17] [not signed]
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\
[email protected] [2015-02-17] [not signed]
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\
[email protected] [2015-02-17] [not signed]
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\
[email protected] [2015-02-17] [not signed]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\amblyop03\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\amblyop03\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-25]
CHR Extension: (Kaspersky Protection) - C:\Users\amblyop03\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-12-05]
CHR Extension: (Kaspersky URL Advisor) - C:\Users\amblyop03\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-10-19]
CHR Extension: (Kaspersky Protection) - C:\Users\amblyop03\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh [2014-10-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\amblyop03\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-28]
CHR Extension: (Anti-Banner) - C:\Users\amblyop03\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-10-19]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx [2013-01-28]
CHR HKLM-x32\...\Chrome\Extension: [lpoimibckejjdjcfbdnajaicnklhfplh] - hxxps://chrome.google.com/webstore/detail/lpoimibckejjdjcfbdnajaicnklhfplh
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2013-01-28]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2014-10-19] (Kaspersky Lab ZAO)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-05-31] (Intel Corporation)
R2 LeoSystem; C:\Program Files (x86)\Leonar3Do International Inc\LeoSystem\LeoSystem.exe [452608 2014-04-30] () [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1385272 2013-04-23] (Motorola Solutions, Inc.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [112072 2013-06-13] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-10-19] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [91008 2014-10-19] (Kaspersky Lab ZAO) [File not signed]
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [628320 2014-10-19] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2014-10-19] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-10-19] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2014-10-19] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2014-10-19] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [177864 2015-02-17] (Kaspersky Lab ZAO)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\NETwsw02.sys [3586016 2013-08-30] (Intel Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [409160 2013-05-30] (Realsil Semiconductor Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2014-03-03] (Duplex Secure Ltd.)
U3 af4h3xbi; C:\Windows\System32\Drivers\af4h3xbi.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-01-04 13:04 - 2016-01-04 13:04 - 00023383 _____ C:\Users\amblyop03\Desktop\FRST.txt
2016-01-04 13:03 - 2016-01-04 13:04 - 00000000 ____D C:\FRST
2016-01-04 11:47 - 2016-01-04 11:48 - 02370560 _____ (Farbar) C:\Users\amblyop03\Desktop\FRST64.exe
2015-12-29 14:58 - 2015-12-29 14:58 - 00106793 _____ C:\Users\amblyop03\Downloads\1177306108677886_[2015.11.01].pdf
2015-12-29 14:58 - 2015-12-29 14:58 - 00075152 _____ C:\Users\amblyop03\Downloads\1177306108677886_[2015.12.01].pdf
2015-12-29 14:57 - 2015-12-29 14:57 - 00106483 _____ C:\Users\amblyop03\Downloads\1177306108677886_[2015.10.01].pdf
2015-12-29 14:57 - 2015-12-29 14:57 - 00075360 _____ C:\Users\amblyop03\Downloads\1177306108677886_[2015.09.01].pdf
2015-12-28 22:43 - 2015-12-28 22:44 - 00331880 _____ C:\Users\amblyop03\Desktop\LED_E27_40_60_75.pdf
2015-12-24 17:35 - 2015-12-24 17:35 - 01663689 _____ C:\Users\amblyop03\Desktop\kupon_113954.pdf
2015-12-24 17:35 - 2015-12-24 17:35 - 01663688 _____ C:\Users\amblyop03\Desktop\kupon_113953.pdf
2015-12-15 11:15 - 2015-12-15 11:15 - 00000000 ____D C:\Users\amblyop03\AppData\Roaming\.mono
2015-12-15 11:15 - 2015-12-15 11:15 - 00000000 ____D C:\ProgramData\.mono
2015-12-12 13:12 - 2015-12-12 13:12 - 00000000 ____D C:\Users\amblyop03\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-12-09 18:47 - 2015-11-20 19:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-09 18:47 - 2015-11-20 19:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-09 18:47 - 2015-11-20 19:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-09 18:47 - 2015-11-20 19:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-09 18:47 - 2015-11-20 19:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-09 18:47 - 2015-11-20 19:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-09 18:47 - 2015-11-20 19:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-09 18:47 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-09 18:47 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-09 18:47 - 2015-11-20 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-09 18:47 - 2015-11-20 19:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-09 18:47 - 2015-11-20 19:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-09 18:47 - 2015-11-20 19:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-09 18:47 - 2015-11-20 19:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-09 18:47 - 2015-11-20 19:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-09 18:47 - 2015-11-20 19:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-09 18:47 - 2015-11-11 19:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-09 18:47 - 2015-11-11 19:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-09 18:47 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-09 18:47 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-09 18:47 - 2015-11-10 19:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-09 18:47 - 2015-11-10 19:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-09 18:47 - 2015-11-10 19:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-09 18:47 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-09 18:47 - 2015-11-10 19:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-09 18:47 - 2015-11-10 18:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-09 18:47 - 2015-11-05 20:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-09 18:47 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-09 18:47 - 2015-11-05 20:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-09 18:47 - 2015-11-05 20:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-12-09 18:47 - 2015-11-05 10:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-09 18:47 - 2015-11-03 20:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-09 18:47 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-09 18:47 - 2015-10-09 00:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2015-12-09 18:47 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-12-09 18:47 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2015-12-09 18:47 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2015-12-09 18:47 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2015-12-09 18:47 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-12-09 18:47 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-12-09 18:47 - 2015-10-09 00:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2015-12-09 18:47 - 2015-10-08 20:13 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2015-12-09 18:47 - 2015-10-08 19:52 - 00419928 _____ C:\Windows\system32\locale.nls
2015-12-09 18:46 - 2015-11-11 22:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-09 18:46 - 2015-11-11 21:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-09 18:46 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-09 18:46 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-09 18:46 - 2015-11-11 16:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-09 18:46 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-09 18:46 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-09 18:46 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-09 18:46 - 2015-11-11 15:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-09 18:46 - 2015-11-10 01:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-09 18:46 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-09 18:46 - 2015-11-10 01:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-09 18:46 - 2015-11-10 01:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-09 18:46 - 2015-11-10 01:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-09 18:46 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-09 18:46 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-09 18:46 - 2015-11-10 01:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-09 18:46 - 2015-11-10 01:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-09 18:46 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-09 18:46 - 2015-11-10 01:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-09 18:46 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-09 18:46 - 2015-11-10 01:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-09 18:46 - 2015-11-10 00:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-09 18:46 - 2015-11-10 00:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-09 18:46 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-09 18:46 - 2015-11-10 00:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-09 18:46 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-09 18:46 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-09 18:46 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-09 18:46 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-09 18:46 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-09 18:46 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-09 18:46 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-09 18:46 - 2015-11-08 23:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-09 18:46 - 2015-11-08 23:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-09 18:46 - 2015-11-08 23:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-09 18:46 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-09 18:46 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-09 18:46 - 2015-11-08 23:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-09 18:46 - 2015-11-08 23:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-09 18:46 - 2015-11-08 23:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-09 18:46 - 2015-11-08 23:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-09 18:46 - 2015-11-08 23:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-09 18:46 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-09 18:46 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-09 18:46 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-09 18:46 - 2015-11-08 23:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-09 18:46 - 2015-11-08 23:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-09 18:46 - 2015-11-08 23:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-09 18:46 - 2015-11-08 22:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-09 18:46 - 2015-11-08 22:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-09 18:46 - 2015-11-08 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-09 18:46 - 2015-11-08 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-09 18:46 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-09 18:46 - 2015-11-08 22:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-09 18:46 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-09 18:46 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-09 18:46 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-09 18:46 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-09 18:46 - 2015-11-08 22:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-09 18:46 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-09 18:46 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-09 18:46 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-09 18:46 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-09 18:46 - 2015-11-03 20:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-09 18:46 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-01-04 13:04 - 2015-03-03 16:57 - 00000498 _____ C:\Windows\Tasks\MATLAB R2013b Startup Accelerator.job
2016-01-04 13:04 - 2009-07-14 05:45 - 00031296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-04 13:04 - 2009-07-14 05:45 - 00031296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-04 13:03 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2016-01-04 12:26 - 2014-02-23 22:02 - 00001028 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-04 12:07 - 2015-06-16 12:57 - 00000934 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-615307183-3760169334-1244734643-1000UA.job
2016-01-04 11:07 - 2015-06-16 12:57 - 00000882 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-615307183-3760169334-1244734643-1000Core.job
2016-01-04 09:39 - 2014-03-05 15:09 - 00000000 ____D C:\Users\amblyop03\AppData\Local\Adobe
2016-01-04 09:31 - 2014-10-19 14:02 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-01-04 09:29 - 2014-03-31 15:06 - 00000000 ____D C:\Users\amblyop03\AppData\Roaming\Dropbox
2016-01-04 09:29 - 2014-02-23 22:02 - 00001024 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-04 09:28 - 2014-05-30 15:11 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-01-04 09:28 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-03 13:24 - 2009-07-14 06:13 - 00782470 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-03 13:24 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-19 17:33 - 2015-04-05 10:20 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-12-19 17:33 - 2015-04-05 10:20 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-16 13:53 - 2015-10-26 10:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-16 13:53 - 2014-04-30 12:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-16 12:42 - 2015-09-09 14:47 - 00000000 ____D C:\Users\amblyop03\Desktop\New folder
2015-12-16 12:40 - 2014-07-24 11:49 - 00000000 ____D C:\Users\amblyop03\Desktop\PIAC_13
2015-12-10 15:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-12-10 13:36 - 2009-07-14 05:45 - 05073560 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-09 23:39 - 2014-02-24 17:43 - 00000000 ____D C:\Windows\system32\MRT
2015-12-09 23:32 - 2014-02-24 17:43 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Files in the root of some directories =======
2015-11-26 16:31 - 2015-11-26 16:42 - 0000132 _____ () C:\Users\amblyop03\AppData\Roaming\Adobe BMP Format CS6 Prefs
2014-12-09 07:42 - 2015-07-08 08:48 - 0000132 _____ () C:\Users\amblyop03\AppData\Roaming\Adobe PNG Format CS6 Prefs
2015-12-04 13:04 - 2015-12-04 13:04 - 0003584 _____ () C:\Users\amblyop03\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-07 09:47 - 2014-04-07 09:47 - 0000057 _____ () C:\ProgramData\Ament.ini
Some files in TEMP:
====================
C:\Users\amblyop03\AppData\Local\Temp\ose00000.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-01-02 15:34
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:31-12-2015
Ran by amblyop03 (2016-01-04 13:05:10)
Running from C:\Users\amblyop03\Desktop
Windows 7 Professional Service Pack 1 (X64) (2014-02-23 19:54:12)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-615307183-3760169334-1244734643-500 - Administrator - Disabled)
amblyop03 (S-1-5-21-615307183-3760169334-1244734643-1000 - Administrator - Enabled) => C:\Users\amblyop03
Guest (S-1-5-21-615307183-3760169334-1244734643-501 - Limited - Enabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-615307183-3760169334-1244734643-1003 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Disabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AS: Kaspersky Internet Security (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
1.0.17 (HKLM-x32\...\Tompalátó_is1) (Version: - Tiszai István)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 4.3 (HKLM-x32\...\{AED93BE1-9C37-483E-9133-D1820271B353}) (Version: 4.3.1 - Adobe)
Adobe Reader XI (11.0.13) - Hungarian (HKLM-x32\...\{AC76BA86-7AD7-1038-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
BreezeBrowser Pro (HKLM-x32\...\{10900ADA-A280-4fd4-ADC6-FC290B758283}) (Version: v1.9.8.2 - Breeze Systems Ltd)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Dell Custom Help (Version: 16.01.5000.0269 - Intel Corporation) Hidden
Dell System Detect (HKU\S-1-5-21-615307183-3760169334-1244734643-1000\...\9204f5692a8faf3b) (Version: 5.5.0.19 - Dell)
Dell Touchpad (HKLM\...\Elantech) (Version: 11.3.10.2 - ELAN Microelectronic Corp.)
Dropbox (HKU\S-1-5-21-615307183-3760169334-1244734643-1000\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
HP Officejet 6700 Basic Device Software (HKLM\...\{A1CFA587-90D4-4DE6-B200-68CC0F92252F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6700 Help (HKLM-x32\...\{E1AE0CB7-1333-4728-8520-CB3F88A252B4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.10.1550 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3234 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{302600C1-6BDF-4FD1-1306-148929CC1385}) (Version: 3.1.1306.0352 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{ec0933ca-0e40-49d6-b53e-73c97d08a0da}) (Version: 16.1.5 - Intel Corporation)
Kaspersky Internet Security 2013 (HKLM-x32\...\InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}) (Version: 13.0.1.4190 - Kaspersky Lab)
Kaspersky Internet Security 2013 (x32 Version: 13.0.1.4190 - Kaspersky Lab) Hidden
LeoSystem (HKLM-x32\...\LeoSystem 2.3.0) (Version: 2.3.0 - Leonar3Do International Inc.)
MATLAB R2013b (HKLM\...\Matlab R2013b) (Version: 8.2 - The MathWorks, Inc.)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel 2007 Help-frissítés (KB963678) (HKLM-x32\...\{90120000-0016-040E-0000-0000000FF1CE}_ENTERPRISE_{76BD9044-91EB-46FC-8CA6-0AA239BB8A93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Powerpoint 2007 Help-frissítés (KB963669) (HKLM-x32\...\{90120000-0018-040E-0000-0000000FF1CE}_ENTERPRISE_{6863CE52-1321-482E-B930-B325EE09AEFF}) (Version: - Microsoft)
Microsoft Office Word 2007 Help-frissítés (KB963665) (HKLM-x32\...\{90120000-001B-040E-0000-0000000FF1CE}_ENTERPRISE_{0E56E23A-EDB8-42C7-A285-7258C5944EB4}) (Version: - Microsoft)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Mozilla Firefox 41.0.2 (x86 hu) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 hu)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla)
Mozilla Thunderbird 38.4.0 (x86 hu) (HKLM-x32\...\Mozilla Thunderbird 38.4.0 (x86 hu)) (Version: 38.4.0 - Mozilla)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.06 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.0.14.2148 - Electronic Arts, Inc.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 1.1.9200.17 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.72.410.2013 - Realtek)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.50 - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Validity Sensors DDK (HKLM\...\{40BEDF44-88CF-4FF6-8790-882484452003}) (Version: 4.4.231.0 - Validity Sensors, Inc.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Driver Package - 3D for All CDM Driver Package (10/01/2012 2.08.14) (HKLM\...\257631A12AAF3814428317217BB3DA772F5321C3) (Version: 10/01/2012 2.08.14 - 3D for All)
Windows Driver Package - 3D for All Leonar3Do Driver (10/01/2012 2.08.14) (HKLM\...\BEDB5F7ABE7DDA19FB872289FBD7002BCC4E2AD8) (Version: 10/01/2012 2.08.14 - 3D for All)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-615307183-3760169334-1244734643-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-615307183-3760169334-1244734643-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-615307183-3760169334-1244734643-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-615307183-3760169334-1244734643-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-615307183-3760169334-1244734643-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-615307183-3760169334-1244734643-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-615307183-3760169334-1244734643-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-615307183-3760169334-1244734643-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-615307183-3760169334-1244734643-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-615307183-3760169334-1244734643-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-615307183-3760169334-1244734643-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {05748855-3EF7-4063-AECC-BD6D0574575C} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {06826BE6-D0D0-4411-83A3-6C47B7CE855B} - System32\Tasks\AdobeAAMUpdater-1.0-amblyop03-PC-amblyop03 => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {1042A37B-8903-41DC-8DB3-A39610151FAF} - System32\Tasks\MATLAB R2013b Startup Accelerator => D:\Program Files\bin\win64\MATLABStartupAccelerator.exe [2013-08-05] ()
Task: {14FF9C77-9ECE-4464-B384-823C68283187} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {3E8A3976-AED9-4976-B02C-2513E1B569F0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {4BE10EBD-8034-436A-86D1-5D8E11A08357} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {5DE84473-0FFB-4903-829A-3BFA3D5A7A63} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-615307183-3760169334-1244734643-1000UA => C:\Users\amblyop03\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {6A4CB5DA-9325-46EF-BCB8-8EDC0D2CB4F7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {75DB574B-DD99-447B-BCE7-7378135820CD} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {8DFD63DC-F88A-41BD-832F-10A155612978} - System32\Tasks\ScanToPCActivationApp.exe_{3B7E43F9-1030-43E1-8A20-B0B6810A947A} => C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {9504A404-BCD7-4021-A2D8-DC8EFFBB384F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {AE7F46EF-90CF-45CC-A951-4D47A17B9C03} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {C6700149-5065-49C8-B9B0-463AF378514C} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {C6CC9B19-9359-4FAA-B11C-FA8E5D9AC29B} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {E39160E0-DBA4-4120-BA0F-9372E86A0425} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-615307183-3760169334-1244734643-1000Core => C:\Users\amblyop03\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-615307183-3760169334-1244734643-1000Core.job => C:\Users\amblyop03\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-615307183-3760169334-1244734643-1000UA.job => C:\Users\amblyop03\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\MATLAB R2013b Startup Accelerator.job => D:\Program Files\bin\win64\MATLABStartupAccelerator.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2013-12-18 14:42 - 2015-05-28 08:04 - 00012104 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-02-23 21:44 - 2015-05-28 05:15 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-04-17 14:15 - 2014-04-30 09:08 - 00452608 _____ () C:\Program Files (x86)\Leonar3Do International Inc\LeoSystem\LeoSystem.exe
2015-03-03 16:33 - 2013-08-05 16:44 - 00042496 _____ () D:\Program Files\bin\win64\MATLABStartupAccelerator.exe
2013-01-28 04:22 - 2013-01-28 04:22 - 01310136 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\kpcengine.2.2.dll
2015-04-17 14:15 - 2014-04-30 15:09 - 00011264 _____ () C:\Program Files (x86)\Leonar3Do International Inc\LeoSystem\leoDriver.dll
2013-12-18 14:42 - 2015-05-28 08:04 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2015-12-12 13:12 - 2015-10-31 01:59 - 00034768 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2015-12-12 13:11 - 2015-10-31 02:00 - 00019408 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2015-12-12 13:11 - 2015-12-08 22:36 - 00022848 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\Crypto.Random.OSRNG.winrandom.pyd
2015-12-12 13:11 - 2015-12-08 22:36 - 00023352 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\Crypto.Util._counter.pyd
2015-12-12 13:11 - 2015-12-08 22:36 - 00042296 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\Crypto.Cipher._AES.pyd
2015-12-12 13:12 - 2015-10-31 01:59 - 00116688 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-12 13:12 - 2015-10-31 01:59 - 00093640 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-12 13:12 - 2015-10-31 01:59 - 00018376 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-12 13:12 - 2015-12-08 22:36 - 00019760 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-12 13:12 - 2015-10-31 02:00 - 00105928 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\win32api.pyd
2015-12-12 13:12 - 2015-10-31 01:59 - 00392144 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2015-12-12 13:12 - 2015-12-08 22:36 - 00381752 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-12 13:12 - 2015-10-31 01:59 - 00692688 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2015-12-12 13:11 - 2015-12-08 22:36 - 00020816 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-12 13:12 - 2015-10-31 02:00 - 00109520 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2015-12-12 13:11 - 2015-12-08 22:36 - 01737032 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2015-12-12 13:11 - 2015-12-08 22:36 - 00020808 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-12-12 13:12 - 2015-12-08 22:36 - 00020800 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-12 13:12 - 2015-12-08 22:36 - 00021840 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2015-12-12 13:11 - 2015-12-08 22:36 - 00038696 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\fastpath.pyd
2015-12-12 13:12 - 2015-10-31 02:00 - 00024528 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-12 13:12 - 2015-10-31 02:00 - 00020936 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-12 13:12 - 2015-10-31 02:00 - 00114640 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-12 13:12 - 2015-12-08 22:36 - 00021320 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd
2015-12-12 13:12 - 2015-10-31 02:00 - 00124880 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\win32file.pyd
2015-12-12 13:12 - 2015-10-31 02:00 - 00030160 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-12 13:12 - 2015-10-31 02:00 - 00043472 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-12 13:12 - 2015-10-31 02:00 - 00175560 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-12 13:12 - 2015-10-31 02:00 - 00028616 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-12-12 13:12 - 2015-10-31 02:00 - 00024016 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-12 13:12 - 2015-10-31 02:00 - 00048592 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\win32service.pyd
2015-12-12 13:12 - 2015-12-08 22:36 - 00024392 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2015-12-12 13:12 - 2015-10-31 02:00 - 00036296 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\librsync.dll
2015-12-12 13:12 - 2015-10-31 02:00 - 00024016 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\win32profile.pyd
2015-12-12 13:11 - 2015-12-08 22:36 - 00117056 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2015-12-12 13:12 - 2015-12-08 22:36 - 00023376 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-12 13:12 - 2015-10-31 01:59 - 00134608 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2015-12-12 13:12 - 2015-10-31 01:59 - 00134088 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2015-12-12 13:12 - 2015-10-31 02:00 - 00240584 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2015-12-12 13:11 - 2015-12-08 22:36 - 00020280 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-12 13:12 - 2015-12-08 22:36 - 00052024 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2015-12-12 13:11 - 2015-12-08 22:36 - 00021304 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\Crypto.Util.strxor.pyd
2015-12-12 13:12 - 2015-10-31 02:00 - 00350152 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2015-12-12 13:11 - 2015-12-08 22:36 - 00084792 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2015-12-12 13:12 - 2015-12-08 22:36 - 01826608 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-12 13:12 - 2015-10-31 02:00 - 00083912 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\sip.pyd
2015-12-12 13:12 - 2015-12-08 22:36 - 03891504 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2015-12-12 13:12 - 2015-12-08 22:36 - 01950000 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2015-12-12 13:12 - 2015-12-08 22:36 - 00519984 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2015-12-12 13:12 - 2015-12-08 22:36 - 00133936 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2015-12-12 13:12 - 2015-12-08 22:36 - 00225080 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2015-12-12 13:12 - 2015-12-08 22:36 - 00207672 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2015-12-12 13:12 - 2015-12-08 22:36 - 00024904 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-12-12 13:12 - 2015-12-08 22:36 - 00486704 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2015-12-12 13:12 - 2015-12-08 22:36 - 00357680 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-12-12 13:12 - 2015-10-31 02:01 - 00019920 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-12-12 13:12 - 2015-10-31 02:00 - 00786904 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-12-12 13:12 - 2015-10-31 02:00 - 00063448 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-12-12 13:12 - 2015-10-31 02:00 - 00019408 _____ () C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2012-08-17 20:38 - 2012-08-17 20:38 - 00479160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll
2012-08-17 20:40 - 2012-08-17 20:40 - 00068024 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\QtWebKit\qmlwebkitplugin4.dll
2014-02-23 21:07 - 2013-05-31 13:30 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-12-17 15:31 - 2015-12-11 04:54 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll
2015-12-17 15:31 - 2015-12-11 04:54 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll
2015-12-04 09:42 - 2015-12-04 09:42 - 00153768 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-12-04 09:42 - 2015-12-04 09:42 - 00023208 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:3EFB0FE0
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-615307183-3760169334-1244734643-1000\...\dell.com -> dell.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-615307183-3760169334-1244734643-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\amblyop03\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.250.30.20
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: HP Officejet 6700 (NET) => "C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe" -deviceID "CN38RC5HTM05RQ:NW" -scfn "HP Officejet 6700 (NET)" -AutoStart 1
MSCONFIG\startupreg: HP Officejet 6700 (NET) #2 => "C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe" -deviceID "CN3BUDRGK305RQ:NW" -scfn "HP Officejet 6700 (NET) #2" -AutoStart 1
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{6EFFFE78-4BA2-4731-AC90-EC09DC5E3988}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{8182A822-4906-47FB-A4E1-1D11958E9272}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{28FE8A14-77CB-47D3-B32B-602792A56D47}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{6E7EE0C2-3F61-4257-94AC-76BA74126A0A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{EAD397A0-D670-4E91-A922-0FF69F13459A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5C0A7F21-6135-4B2B-B0E3-BB28437C6C34}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{6B8076C1-90F9-4A4F-8561-47C4920FE9D5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{E767D970-0BE4-468D-B6F2-80D4EC088CD8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D12ACAA5-C31D-4801-9F08-B52BE21C86FB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{712B7FF2-F49B-4943-AED0-0E7ECB4103C7}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\FaxApplications.exe
FirewallRules: [{A0E7FFFE-0D20-4EB6-99DE-DDAF4B354AE9}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\DigitalWizards.exe
FirewallRules: [{6F718E9B-BE16-4081-8BFF-AE3217454061}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\SendAFax.exe
FirewallRules: [{CBD66D1E-C396-4A75-A044-1AC83D5A671A}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\DeviceSetup.exe
FirewallRules: [{A04E9F84-99EF-4E9F-A4D5-2353C7F49DA0}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe
FirewallRules: [{BA844BC1-5DD2-4D90-925F-4C118A4BEC47}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{4B71F54C-DC56-4FFA-87EB-D9586A737DE3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{508F1977-414B-44B6-8A59-867A9E28A7A9}] => (Allow) C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{BDC5AAA7-14C4-414D-99FF-6E446D7ACDFA}] => (Allow) C:\Users\amblyop03\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D6F2BBF7-6999-4E2D-892F-E6F277EDF60D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F7410A5E-7A35-40B8-8E04-EEE8B1142AE3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0D5E73EF-66AC-4550-A6B1-6A34BD470E99}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
27-12-2015 19:00:49 Windows Backup
28-12-2015 23:13:58 Windows Update
02-01-2016 22:15:56 Windows Update
03-01-2016 19:01:31 Windows Backup
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/04/2016 09:28:40 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/03/2016 07:09:42 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: The backup was not successful. The error is: There is not enough space on this drive to save the backup. Free up space by deleting older backups and unnecessary data or change your backup settings. (0x81000005).
Error: (01/03/2016 01:18:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/02/2016 02:13:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/31/2015 01:52:07 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
Error: (12/31/2015 09:33:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/30/2015 08:30:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/29/2015 08:54:06 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
Error: (12/29/2015 02:39:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/28/2015 11:47:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (01/02/2016 10:16:08 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (12/31/2015 01:52:06 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {1A1F4206-0688-4E7F-BE03-D82EC69DF9A5}
Error: (12/28/2015 11:14:08 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (12/23/2015 09:57:42 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (12/23/2015 08:28:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The LeoSystem service terminated unexpectedly. It has done this 1 time(s).
Error: (12/20/2015 08:25:56 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\Windows\System32\IWMSSvc.dll
Error: (12/20/2015 08:25:56 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\Windows\System32\IWMSSvc.dll
Error: (12/20/2015 08:25:56 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\Windows\System32\IWMSSvc.dll
Error: (12/20/2015 08:25:22 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\Windows\System32\IWMSSvc.dll
Error: (12/17/2015 10:04:09 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
CodeIntegrity:
===================================
Date: 2015-02-14 14:27:38.849
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-02-14 14:27:38.488
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-12-12 09:03:33.461
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-12-12 09:03:33.450
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-12-12 09:01:04.578
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-12-12 09:01:04.494
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-11-13 09:19:21.275
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-11-13 09:19:21.260
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-11-13 09:19:21.244
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-11-13 09:19:21.244
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Core i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 73%
Total physical RAM: 4003.78 MB
Available physical RAM: 1050.96 MB
Total Virtual: 8005.76 MB
Available Virtual: 2637.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:97.56 GB) (Free:33.59 GB) NTFS
Drive d: () (Fixed) (Total:367.76 GB) (Free:0.02 GB) NTFS
Drive e: (MATHWORKS_R2013B) (CDROM) (Total:6.75 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 035C3EB6)
Partition 1: (Not Active) - (Size=350 MB) - (Type=DE)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=367.8 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================