Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-01-2017
Ran by Zoe (administrator) on ZOENEW (09-01-2017 21:08:12)
Running from C:\Users\Zoe\Desktop
Loaded Profiles: Zoe (Available Profiles: Zoe)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\igfxCUIService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe
(RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserver.exe
() C:\Program Files\Synergy\synergyd.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncagent.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avpui.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\igfxEM.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserverui.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\kpm.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Zoe\Desktop\AHK\ID.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
() C:\Program Files (x86)\No-IP\ducservice.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Zoe\AppData\Local\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Users\Zoe\AppData\Local\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Pushbullet Inc) C:\Users\Zoe\AppData\Local\Pushbullet\bin\pushbullet_client.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\AutoHotkey\AutoHotkey.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\plugin-nm-server.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Vivaldi Technologies AS) C:\Users\Zoe\AppData\Local\Vivaldi\Application\vivaldi.exe
(Vivaldi Technologies AS) C:\Users\Zoe\AppData\Local\Vivaldi\Application\vivaldi.exe
(Vivaldi Technologies AS) C:\Users\Zoe\AppData\Local\Vivaldi\Application\vivaldi.exe
(Vivaldi Technologies AS) C:\Users\Zoe\AppData\Local\Vivaldi\Application\vivaldi.exe
(Vivaldi Technologies AS) C:\Users\Zoe\AppData\Local\Vivaldi\Application\vivaldi.exe
(Vivaldi Technologies AS) C:\Users\Zoe\AppData\Local\Vivaldi\Application\vivaldi.exe
(Vivaldi Technologies AS) C:\Users\Zoe\AppData\Local\Vivaldi\Application\vivaldi.exe
(Vivaldi Technologies AS) C:\Users\Zoe\AppData\Local\Vivaldi\Application\vivaldi.exe
(Vivaldi Technologies AS) C:\Users\Zoe\AppData\Local\Vivaldi\Application\vivaldi.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [323056 2015-11-04] (Intel Corporation)
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [281696 2015-09-04] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-06-12] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-12-06] (Apple Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25779624 2016-12-21] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoWinKeys] 1
HKU\S-1-5-21-3591470129-1721147500-3194162361-1001\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [44544 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-21-3591470129-1721147500-3194162361-1001\...\Run: [GM4IE] => C:\Program Files (x86)\GM4IE\gm4ie.exe
HKU\S-1-5-21-3591470129-1721147500-3194162361-1001\...\Run: [kpm.exe] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\kpm.exe [7763384 2016-07-15] (AO Kaspersky Lab)
HKU\S-1-5-21-3591470129-1721147500-3194162361-1001\...\Run: [Freedom] => "C:\Users\Zoe\Desktop\Freedom.exe"
HKU\S-1-5-21-3591470129-1721147500-3194162361-1001\...\Run: [Google Update] => C:\Users\Zoe\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2016-12-16] (Google Inc.)
HKU\S-1-5-21-3591470129-1721147500-3194162361-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-11-17] (Apple Inc.)
HKU\S-1-5-21-3591470129-1721147500-3194162361-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1084688 2016-07-09] (Apple Inc.)
HKU\S-1-5-21-3591470129-1721147500-3194162361-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-11-17] (Apple Inc.)
HKU\S-1-5-21-3591470129-1721147500-3194162361-1001\...\RunOnce: [Application Restart #3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1104728 2016-12-08] (Google Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
GroupPolicyScripts-x32\User: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{1d5c43de-f4b5-4af2-bc47-c06694bbc681}: [NameServer] 8.8.8.8,8.8.4.4,208.67.222.222,208.67.220.220,8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{1d5c43de-f4b5-4af2-bc47-c06694bbc681}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{383767de-23bd-4f9a-958f-2e933c4d7bf3}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{58ea12df-fdd1-4038-b49a-0084f397978a}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{8b333e37-775d-43c5-944e-258775e0afd9}: [DhcpNameServer] 172.20.10.1
Internet Explorer:
==================
HKU\S-1-5-21-3591470129-1721147500-3194162361-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-09] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-09] (Microsoft Corporation)
BHO: Kaspersky Password Manager -> {F710F7E5-A520-471D-989C-F653AC328FB2} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\x64\ie_engine.dll [2016-07-15] (AO Kaspersky Lab)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-12-09] (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-24] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-12-09] (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-24] (Oracle Corporation)
BHO-x32: Kaspersky Password Manager -> {F710F7E5-A520-471D-989C-F653AC328FB2} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\ie_engine.dll [2016-07-15] (AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-09] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-09] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-09] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-09] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: iyxmst78.default
FF ProfilePath: C:\Users\Zoe\AppData\Roaming\Mozilla\Firefox\Profiles\iyxmst78.default [2017-01-09]
FF user.js: detected! => C:\Users\Zoe\AppData\Roaming\Mozilla\Firefox\Profiles\iyxmst78.default\user.js [2016-12-15]
FF NewTab: Mozilla\Firefox\Profiles\iyxmst78.default -> about:newtab
FF DefaultSearchEngine.US: Mozilla\Firefox\Profiles\iyxmst78.default -> Google
FF Extension: (Select-and-Define Google Dictionary) - C:\Users\Zoe\AppData\Roaming\Mozilla\Firefox\Profiles\iyxmst78.default\Extensions\
[email protected] [2016-09-01]
FF Extension: (Tile Tabs) - C:\Users\Zoe\AppData\Roaming\Mozilla\Firefox\Profiles\iyxmst78.default\Extensions\
[email protected] [2016-11-14]
FF Extension: (Greasemonkey) - C:\Users\Zoe\AppData\Roaming\Mozilla\Firefox\Profiles\iyxmst78.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-08-24]
FF ProfilePath: C:\Users\Zoe\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\pv04n2i1.default [2017-01-04]
FF Extension: (Guerilla Scripting) - C:\Users\Zoe\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\pv04n2i1.default\Extensions\
[email protected] [2016-12-05] [not signed]
FF HKLM\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-08]
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF HKU\S-1-5-21-3591470129-1721147500-3194162361-1001\...\Firefox\Extensions: [kpm_win_add_on@kaspersky] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\kpm_win_add_on@kaspersky
FF Extension: (Kaspersky Password Manager) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\kpm_win_add_on@kaspersky [2016-09-17]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-14] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-09] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-09] (Microsoft Corporation)
FF Plugin-x32: @millisecond.com/npInquisit,version=3.0 -> C:\Program Files (x86)\Millisecond Software\Inquisit 3.0 Mozilla Plugin\npInquisit_3060.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-3591470129-1721147500-3194162361-1001: @millisecond.com/npInquisit,version=3.0 -> C:\Program Files (x86)\Millisecond Software\Inquisit 3.0 Mozilla Plugin\npInquisit_3060.dll [No File]
FF Plugin HKU\S-1-5-21-3591470129-1721147500-3194162361-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Zoe\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-3591470129-1721147500-3194162361-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Zoe\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-26] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\itms.js [2016-11-17]
Chrome:
=======
CHR HomePage: Default -> hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_011&type=mcy_mdmac_15_35¶m1=yhsbeacon¶m2=f%3D7%26b%3DChrome%26cc%3DUS%26p%3Dmcyahoo%26cd%3D2XzuyEtN2Y1L1QzuyEyCyDyE0C0A0ByCtGtAyEyCtBtGyDyDtA0DtG0BtAyDtAtGtAyEtC0Dzz0EyCtByDyEzy0BtN1L1G1B1V1N2Y1L1Qzu2StAtB0DtAyB0DyBtBtG0Bzyzy0EtGyEtBtAtAtG0B0A0F0CtGyE0C0ByEzyyDtCyDyDtD0EyD2QtN1Q2Zzu0StCtAtAyCtN1L2XzutAtFyDtFtDtFyEyBtN1L1Czu%26cr%3D2095797066%26a%3Dmcy_mdmac_15_35
CHR StartupUrls: Default -> "hxxp://www.mturk.com/"
CHR Profile: C:\Users\Zoe\AppData\Local\Google\Chrome\User Data\Default [2017-01-09]
CHR Extension: (Easy Auto Refresh) - C:\Users\Zoe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2016-11-17]
CHR Extension: (Google Slides) - C:\Users\Zoe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-20]
CHR Extension: (Google Docs) - C:\Users\Zoe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-20]
CHR Extension: (Google Drive) - C:\Users\Zoe\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-20]
CHR Extension: (YouTube) - C:\Users\Zoe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-20]
CHR Extension: (Honey) - C:\Users\Zoe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2016-12-29]
CHR Extension: (Pushbullet) - C:\Users\Zoe\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2017-01-02]
CHR Extension: (Tampermonkey) - C:\Users\Zoe\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-12-15]
CHR Extension: (Text To Speech with Google Drive) - C:\Users\Zoe\AppData\Local\Google\Chrome\User Data\Default\Extensions\dogdgjickfenmhihlgiedkadbbabiagm [2017-01-05]
CHR Extension: (Chrome Connectivity Diagnostics) - C:\Users\Zoe\AppData\Local\Google\Chrome\User Data\Default\Extensions\eemlkeanncmjljgehlbplemhmdmalhdc [2017-01-07]
CHR Extension: (Google Sheets) - C:\Users\Zoe\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-20]
CHR Extension: (User-Agent Switcher for Google Chrome) - C:\Users\Zoe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffhkkpnppgnfaobgihpdblnhmmbodake [2016-11-10]
CHR Extension: (Kaspersky Protection) - C:\Users\Zoe\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2016-08-15]
CHR Extension: (Kaspersky Password Manager) - C:\Users\Zoe\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebpdbfmpedcnopofelmhndhincfkhki [2016-09-17]
CHR Extension: (Google Docs Offline) - C:\Users\Zoe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-20]
CHR Extension: (Mturk Suite) - C:\Users\Zoe\AppData\Local\Google\Chrome\User Data\Default\Extensions\iglbakfobmoijpbigmlfklckogbefnlf [2017-01-09]
CHR Extension: (Distill Web Monitor) - C:\Users\Zoe\AppData\Local\Google\Chrome\User Data\Default\Extensions\inlikjemeeknofckkjolnjbpehgadgge [2016-12-06]
CHR Extension: (Extensity) - C:\Users\Zoe\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjmflmamggggndanpgfnpelongoepncg [2016-09-12]
CHR Extension: (Open Link in Same Tab) - C:\Users\Zoe\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgpefningcojblgciiljmabggbbjiojb [2016-12-18]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\Zoe\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2016-08-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Zoe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-20]
CHR Extension: (Auto Refresh Plus) - C:\Users\Zoe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohfjpkccecpdfkpmfocndhepolhljfhg [2016-09-03]
CHR Extension: (Data Saver) - C:\Users\Zoe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmgfdlgomnbgkofeojodiodmgpgmkac [2016-12-27]
CHR Extension: (Gmail) - C:\Users\Zoe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-20]
CHR Extension: (Chrome Media Router) - C:\Users\Zoe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-15]
CHR Extension: (Turk Assist) - C:\Users\Zoe\Desktop\Turk\TA\ta again [2016-10-26]
CHR Profile: C:\Users\Zoe\AppData\Local\Google\Chrome\User Data\System Profile [2016-10-25]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKU\S-1-5-21-3591470129-1721147500-3194162361-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gebpdbfmpedcnopofelmhndhincfkhki] - hxxps://chrome.google.com/webstore/detail/gebpdbfmpedcnopofelmhndhincfkhki
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2946304 2016-12-09] (Microsoft Corporation)
S3 cphs; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\IntelCpHeciSvc.exe [301536 2016-11-01] (Intel Corporation)
S3 cplspcon; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\IntelCpHDCPSvc.exe [480224 2016-11-01] (Intel Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-07] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-07] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [42096 2016-12-21] (Dropbox, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [19440 2015-11-04] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\igfxCUIService.exe [341984 2016-11-01] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 NoIPDUCService4; C:\Program Files (x86)\No-IP\ducservice.exe [12288 2015-07-20] () [File not signed]
R2 SamsungRapidSvc; C:\WINDOWS\System32\RAPID\SamsungRapidSvc.exe [28256 2015-09-04] (Samsung Electronics Co., Ltd.)
R2 Synergy; C:\Program Files\Synergy\synergyd.exe [314024 2016-08-08] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2016-08-26] (Popcorn Time) [File not signed]
R2 vncserver; C:\Program Files\RealVNC\VNC Server\vncserver.exe [6693456 2016-10-31] (RealVNC Ltd)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-07-26] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
R3 igfx; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\igdkmd64.sys [11033056 2016-11-01] (Intel Corporation)
R1 inpoutx64; C:\WINDOWS\System32\drivers\inpoutx64.sys [15008 2016-03-08] (Highresolution Enterprises [www.highrez.co.uk])
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-14] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-30] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [191312 2016-06-26] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [435032 2016-09-08] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [182360 2016-08-15] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1019616 2016-12-08] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2016-12-08] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-18] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [218920 2016-12-08] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [85984 2016-12-15] ()
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [245512 2016-12-08] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [104720 2016-12-08] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [164888 2016-12-08] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [134880 2016-12-08] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [194480 2016-06-14] (AO Kaspersky Lab)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [935168 2016-07-19] (Realtek )
R0 SamsungRapidDiskFltr; C:\WINDOWS\System32\DRIVERS\SamsungRapidDiskFltr.sys [271968 2015-09-04] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\WINDOWS\System32\DRIVERS\SamsungRapidFSFltr.sys [110688 2015-09-04] (Samsung Electronics Co., Ltd.)
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-06-06] (Intel Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-09 21:08 - 2017-01-09 21:08 - 00034371 _____ C:\Users\Zoe\Desktop\FRST.txt
2017-01-09 21:08 - 2017-01-09 21:08 - 00000000 ____D C:\FRST
2017-01-09 21:07 - 2017-01-09 21:07 - 02419200 _____ (Farbar) C:\Users\Zoe\Downloads\FRST64.exe
2017-01-09 21:07 - 2017-01-09 21:07 - 02419200 _____ (Farbar) C:\Users\Zoe\Desktop\FRST64.exe
2017-01-09 18:42 - 2017-01-09 18:43 - 00113679 _____ C:\Users\Zoe\Desktop\ZOENEW.txt
2017-01-09 18:42 - 2017-01-09 18:42 - 00012573 _____ C:\Users\Zoe\Desktop\System Idle Process.txt
2017-01-09 18:39 - 2017-01-09 18:39 - 02720928 _____ (Sysinternals - www.sysinternals.com) C:\Users\Zoe\Downloads\procexp.exe
2017-01-09 18:39 - 2017-01-09 18:39 - 02720928 _____ (Sysinternals - www.sysinternals.com) C:\Users\Zoe\Desktop\procexp.exe
2017-01-09 18:39 - 2017-01-09 18:39 - 00030598 _____ C:\Users\Zoe\Desktop\MTB.txt
2017-01-09 18:37 - 2017-01-09 18:37 - 00030598 _____ C:\Users\Zoe\Downloads\MTB.txt
2017-01-09 18:36 - 2017-01-09 18:36 - 00892416 _____ (Farbar) C:\Users\Zoe\Downloads\MiniToolBox.exe
2017-01-09 17:42 - 2017-01-09 17:42 - 00087672 _____ C:\Users\Zoe\Desktop\AZGBKAM5JUV5A.xlsx
2017-01-09 17:35 - 2017-01-09 17:35 - 00126768 _____ C:\Users\Zoe\Downloads\EA2 (1).xlsx
2017-01-09 17:33 - 2017-01-09 17:33 - 00126768 _____ C:\Users\Zoe\Downloads\EA2.xlsx
2017-01-09 15:32 - 2017-01-09 15:32 - 00871396 _____ C:\Users\Zoe\Desktop\CHEM123 Proctor.pdf
2017-01-09 14:34 - 2017-01-09 14:36 - 00287744 _____ C:\Users\Zoe\Downloads\Chapter_8_students.ppt
2017-01-09 14:34 - 2017-01-09 14:34 - 00240640 _____ C:\Users\Zoe\Downloads\Chapter_4 students.ppt
2017-01-09 14:34 - 2017-01-09 14:34 - 00237056 _____ C:\Users\Zoe\Downloads\Chapter_3_students.ppt
2017-01-08 21:40 - 2017-01-08 21:40 - 00116577 _____ C:\Users\Zoe\Downloads\B4.xlsx
2017-01-08 20:24 - 2017-01-08 20:24 - 00000000 ____D C:\Users\Zoe\Desktop\HLTH 451
2017-01-08 20:24 - 2017-01-08 20:24 - 00000000 ____D C:\Users\Zoe\Desktop\HLTH 320
2017-01-08 20:21 - 2017-01-09 15:37 - 00000000 ____D C:\Users\Zoe\Desktop\KNES 101
2017-01-08 20:19 - 2017-01-09 12:05 - 00305152 _____ C:\Users\Zoe\Downloads\Chapter_10_Students.ppt
2017-01-08 20:19 - 2017-01-08 20:19 - 00271360 _____ C:\Users\Zoe\Downloads\Chapter_2_Students.ppt
2017-01-08 20:18 - 2017-01-08 21:28 - 00436224 _____ C:\Users\Zoe\Downloads\Chapter_1_Students.ppt
2017-01-08 18:05 - 2017-01-08 18:10 - 00000121 _____ C:\Users\Zoe\Desktop\Internet issues, DNS issues, laggy pages, packet loss. - Networking.url
2017-01-08 17:44 - 2017-01-08 17:44 - 03961184 _____ C:\Users\Zoe\Downloads\hitdb_queryResults.csv
2017-01-07 23:01 - 2017-01-07 23:01 - 00000000 ____D C:\Users\Zoe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Canary Apps
2017-01-07 17:37 - 2017-01-07 17:37 - 00000090 _____ C:\Users\Zoe\Desktop\Google Chrome loads very slow. [Solved].url
2017-01-07 17:31 - 2017-01-07 17:31 - 00000112 _____ C:\Users\Zoe\Desktop\Find Hidden Features On Chrome’s Internal Chrome--- Pages.url
2017-01-07 17:23 - 2017-01-07 17:23 - 00000000 ____D C:\Users\Zoe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2017-01-07 09:09 - 2017-01-07 09:09 - 00000135 _____ C:\Users\Zoe\Desktop\Amazon Mechanical Turk - All Qualifications.url
2017-01-04 07:24 - 2017-01-04 07:24 - 00000000 ____D C:\Users\Zoe\Desktop\OT Stuff
2017-01-04 07:23 - 2017-01-04 07:23 - 00000000 ____D C:\Users\Zoe\Desktop\Chem 123
2017-01-02 16:51 - 2017-01-02 16:51 - 00000000 ____D C:\Users\Zoe\AppData\Local\Pushbullet_Inc
2017-01-02 16:49 - 2017-01-07 19:53 - 00000000 ____D C:\Users\Zoe\AppData\Local\Pushbullet
2017-01-02 16:49 - 2017-01-02 16:49 - 00001104 _____ C:\Users\Public\Desktop\Pushbullet.lnk
2017-01-02 16:49 - 2017-01-02 16:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pushbullet
2017-01-02 16:49 - 2017-01-02 16:49 - 00000000 ____D C:\Program Files (x86)\Pushbullet
2017-01-02 15:10 - 2017-01-02 15:10 - 00000837 _____ C:\Users\Public\Desktop\Speccy.lnk
2017-01-02 15:10 - 2017-01-02 15:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2017-01-02 15:10 - 2017-01-02 15:10 - 00000000 ____D C:\Program Files\Speccy
2017-01-02 10:26 - 2017-01-02 10:26 - 00000070 _____ C:\Users\Zoe\Desktop\hwf.url
2017-01-02 10:26 - 2017-01-02 10:26 - 00000065 _____ C:\Users\Zoe\Desktop\hwf2.url
2016-12-29 19:13 - 2016-12-31 09:15 - 00017391 _____ C:\Users\Zoe\Desktop\Elements song.docx
2016-12-29 07:45 - 2016-12-29 07:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2016-12-29 07:44 - 2016-12-29 07:44 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-12-29 07:44 - 2016-12-29 07:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-12-29 07:44 - 2016-12-29 07:44 - 00000000 ____D C:\Program Files\iTunes
2016-12-29 07:44 - 2016-12-29 07:44 - 00000000 ____D C:\Program Files\iPod
2016-12-21 19:46 - 2016-12-21 19:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-12-21 12:15 - 2016-12-21 12:15 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2016-12-21 12:15 - 2016-12-21 12:15 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2016-12-21 12:15 - 2016-12-21 12:15 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2016-12-21 12:15 - 2016-12-21 12:15 - 00042096 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2016-12-20 16:38 - 2017-01-07 17:54 - 00003240 _____ C:\WINDOWS\System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2016-12-20 16:24 - 2016-12-20 16:24 - 00046156 _____ C:\Users\Zoe\Desktop\DNS default settings.JPG
2016-12-19 22:12 - 2016-12-19 22:12 - 00003268 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2016-12-16 00:26 - 2016-12-16 00:30 - 00625623 _____ C:\Users\Zoe\Desktop\BPS12162016_0003.jpg
2016-12-15 08:29 - 2016-12-15 08:29 - 00085984 _____ C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys
2016-12-15 00:40 - 2016-12-15 00:40 - 00001156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-12-13 23:06 - 2016-12-09 04:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-12-13 23:06 - 2016-12-09 04:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-12-13 23:06 - 2016-12-09 04:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-12-13 23:06 - 2016-12-09 04:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-12-13 23:06 - 2016-12-09 04:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-12-13 23:06 - 2016-12-09 04:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-12-13 23:06 - 2016-12-09 04:32 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-12-13 23:06 - 2016-12-09 04:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-12-13 23:06 - 2016-12-09 04:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-13 23:06 - 2016-12-09 04:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-12-13 23:06 - 2016-12-09 04:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-12-13 23:06 - 2016-12-09 04:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-12-13 23:06 - 2016-12-09 04:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-12-13 23:06 - 2016-12-09 04:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-12-13 23:06 - 2016-12-09 04:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-12-13 23:06 - 2016-12-09 04:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-12-13 23:06 - 2016-12-09 04:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-12-13 23:06 - 2016-12-09 04:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2016-12-13 23:06 - 2016-12-09 04:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-12-13 23:06 - 2016-12-09 04:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-12-13 23:06 - 2016-12-09 04:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-12-13 23:06 - 2016-12-09 04:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-12-13 23:06 - 2016-12-09 04:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-12-13 23:06 - 2016-12-09 04:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-12-13 23:06 - 2016-12-09 04:18 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-12-13 23:06 - 2016-12-09 04:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-12-13 23:06 - 2016-12-09 04:15 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-12-13 23:06 - 2016-12-09 04:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-12-13 23:06 - 2016-12-09 04:14 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-12-13 23:06 - 2016-12-09 04:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-12-13 23:06 - 2016-12-09 04:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-12-13 23:06 - 2016-12-09 04:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-12-13 23:06 - 2016-12-09 04:09 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-12-13 23:06 - 2016-12-09 04:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-12-13 23:06 - 2016-12-09 04:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-12-13 23:06 - 2016-12-09 04:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-12-13 23:06 - 2016-12-09 04:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2016-12-13 23:06 - 2016-12-09 03:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-12-13 23:06 - 2016-12-09 03:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-12-13 23:06 - 2016-12-09 03:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-12-13 23:06 - 2016-12-09 03:57 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-12-13 23:06 - 2016-12-09 03:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-12-13 23:06 - 2016-12-09 03:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-12-13 23:06 - 2016-12-09 03:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-12-13 23:06 - 2016-12-09 03:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-12-13 23:06 - 2016-12-09 03:47 - 22563328 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-12-13 23:06 - 2016-12-09 03:45 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-12-13 23:06 - 2016-12-09 03:45 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSD3DWARP12Debug.dll
2016-12-13 23:06 - 2016-12-09 03:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-12-13 23:06 - 2016-12-09 03:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-12-13 23:06 - 2016-12-09 03:42 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSD3DWARPDebug.dll
2016-12-13 23:06 - 2016-12-09 03:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-12-13 23:06 - 2016-12-09 03:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-12-13 23:06 - 2016-12-09 03:40 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-12-13 23:06 - 2016-12-09 03:40 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VSD3DWARP12Debug.dll
2016-12-13 23:06 - 2016-12-09 03:38 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-12-13 23:06 - 2016-12-09 03:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-12-13 23:06 - 2016-12-09 03:37 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-12-13 23:06 - 2016-12-09 03:37 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VSD3DWARPDebug.dll
2016-12-13 23:06 - 2016-12-09 03:37 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-12-13 23:06 - 2016-12-09 03:36 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-12-13 23:06 - 2016-12-09 03:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-12-13 23:06 - 2016-12-09 03:36 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-12-13 23:06 - 2016-12-09 03:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-12-13 23:06 - 2016-12-09 03:36 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-12-13 23:06 - 2016-12-09 03:34 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-12-13 23:06 - 2016-12-09 03:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-12-13 23:06 - 2016-12-09 03:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-12-13 23:06 - 2016-12-09 03:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-12-13 23:06 - 2016-12-09 03:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-12-13 23:06 - 2016-12-09 03:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-12-13 23:06 - 2016-12-09 03:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-12-13 23:06 - 2016-12-09 03:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-12-13 23:06 - 2016-12-09 03:30 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-12-13 23:06 - 2016-12-09 03:30 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-12-13 23:06 - 2016-12-09 03:30 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-12-13 23:06 - 2016-12-09 03:29 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-12-13 23:06 - 2016-12-09 03:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-12-13 23:06 - 2016-12-09 03:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-12-13 23:06 - 2016-12-09 03:27 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-12-13 23:06 - 2016-12-09 03:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-12-13 23:06 - 2016-12-09 03:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-12-13 23:06 - 2016-12-09 03:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-12-13 23:06 - 2016-12-09 03:26 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-12-13 23:06 - 2016-12-09 03:26 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-12-13 23:06 - 2016-12-09 03:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-12-13 23:06 - 2016-12-09 03:24 - 06583296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d12warp.dll
2016-12-13 23:06 - 2016-12-09 03:24 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-12-13 23:06 - 2016-12-09 03:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-12-13 23:06 - 2016-12-09 03:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-12-13 23:06 - 2016-12-09 03:22 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-12-13 23:06 - 2016-12-09 03:22 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-12-13 23:06 - 2016-12-09 03:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-12-13 23:06 - 2016-12-09 03:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-12-13 23:06 - 2016-12-09 03:21 - 01512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-12-13 23:06 - 2016-12-09 03:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-12-13 23:06 - 2016-12-09 03:20 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-12-13 23:06 - 2016-12-09 03:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-12-13 23:06 - 2016-12-09 03:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-12-13 23:06 - 2016-12-09 03:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-12-13 23:06 - 2016-12-09 03:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-12-13 23:06 - 2016-12-09 03:19 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-12-13 23:06 - 2016-12-09 03:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-12-13 23:06 - 2016-12-09 03:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-12-13 23:06 - 2016-12-09 03:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-12-13 23:06 - 2016-12-09 03:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-12-13 23:06 - 2016-12-09 03:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-12-13 23:06 - 2016-12-09 03:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-12-13 23:06 - 2016-12-09 03:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-12-13 23:06 - 2016-12-09 03:17 - 04978176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d12warp.dll
2016-12-13 23:06 - 2016-12-09 03:17 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-12-13 23:06 - 2016-12-09 03:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-12-13 23:06 - 2016-12-09 03:16 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-12-13 23:06 - 2016-12-09 03:16 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-12-13 23:06 - 2016-12-09 03:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-12-13 23:06 - 2016-12-09 03:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-12-13 23:06 - 2016-12-09 03:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-12-13 23:06 - 2016-12-09 03:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-12-13 23:06 - 2016-12-09 02:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-12-13 23:06 - 2016-11-02 04:28 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-12-13 23:06 - 2016-11-02 04:25 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-12-13 23:06 - 2016-09-15 10:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-09 21:04 - 2016-07-20 17:35 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-01-09 20:57 - 2016-09-30 02:32 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-09 18:51 - 2016-07-16 05:45 - 00000000 ____D C:\WINDOWS\INF
2017-01-09 17:35 - 2016-07-20 11:14 - 00000000 ____D C:\Users\Zoe\AppData\Local\Packages
2017-01-08 20:25 - 2016-10-10 14:17 - 00000000 ____D C:\Users\Zoe\Desktop\ADVISING
2017-01-08 09:23 - 2016-10-25 21:55 - 00002513 _____ C:\Users\Zoe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome Canary.lnk
2017-01-07 17:44 - 2016-09-30 02:34 - 01338214 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-07 17:39 - 2016-11-10 17:11 - 00000000 ___RD C:\Users\Zoe\iCloudDrive
2017-01-07 17:39 - 2016-10-07 09:37 - 00000000 ___RD C:\Users\Zoe\Dropbox
2017-01-07 17:38 - 2016-09-30 02:41 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-07 17:38 - 2016-09-30 02:34 - 00000000 ____D C:\Users\Zoe
2017-01-07 17:38 - 2016-07-19 20:39 - 00000000 __SHD C:\Users\Zoe\IntelGraphicsProfiles
2017-01-07 17:38 - 2016-07-16 00:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-01-07 17:21 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-01-07 08:57 - 2016-07-21 14:11 - 00000000 ____D C:\Users\Zoe\Desktop\Turk
2017-01-07 08:49 - 2016-10-26 09:28 - 00000000 ____D C:\Users\Zoe\Desktop\Shopping
2017-01-06 08:10 - 2016-11-10 17:10 - 00003482 _____ C:\WINDOWS\System32\Tasks\Apple Diagnostics
2017-01-06 02:40 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-05 02:32 - 2016-07-16 05:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-04 07:25 - 2016-07-25 06:15 - 00000000 ____D C:\Program Files (x86)\ShopTracker
2017-01-03 18:56 - 2016-11-30 06:27 - 00000000 ____D C:\Users\Zoe\AppData\LocalLow\Mozilla
2017-01-01 12:08 - 2016-07-19 20:37 - 00000000 ____D C:\Users\Zoe\AppData\Local\ElevatedDiagnostics
2017-01-01 12:03 - 2016-07-16 05:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-01-01 12:02 - 2016-07-20 10:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-12-30 17:12 - 2015-10-11 15:51 - 00000000 ____D C:\Users\Zoe\Resume
2016-12-29 18:23 - 2016-09-08 16:36 - 00000000 ____D C:\Users\Zoe\Documents\Visual Studio 2015
2016-12-29 18:22 - 2016-09-30 02:34 - 00000000 ____D C:\Users\Zoe\AppData\Roaming
2016-12-29 18:22 - 2016-09-30 02:34 - 00000000 ____D C:\Users\Zoe\AppData\Local\Microsoft
2016-12-29 07:44 - 2016-11-05 19:08 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-12-28 07:35 - 2016-11-16 07:36 - 00000000 ____D C:\Users\Zoe\Desktop\Jerry
2016-12-27 13:46 - 2016-07-25 11:09 - 00000000 ____D C:\Users\Zoe\AppData\Roaming\Millisecond Software
2016-12-27 06:38 - 2016-07-16 00:04 - 00000000 ____D C:\WINDOWS\system32\config
2016-12-26 18:31 - 2016-09-02 06:44 - 00000000 ___RD C:\Users\Zoe\Desktop\Kaspersky
2016-12-26 18:31 - 2016-08-24 06:41 - 00000000 ____D C:\Users\Zoe\Desktop\Browsers
2016-12-22 13:08 - 2016-12-05 14:04 - 00002324 _____ C:\Users\Zoe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vivaldi.lnk
2016-12-22 13:08 - 2016-07-20 11:35 - 00000000 ____D C:\Users\Zoe\AppData\Local\Vivaldi
2016-12-22 09:07 - 2016-09-30 02:34 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{f5b135e6-4b48-11e6-80cb-e41d2d012050}.TMContainer00000000000000000001.regtrans-ms
2016-12-22 09:07 - 2016-09-30 02:34 - 00065536 ___SH C:\WINDOWS\system32\config\COMPONENTS{f5b135e6-4b48-11e6-80cb-e41d2d012050}.TM.blf
2016-12-22 09:07 - 2016-07-16 00:04 - 45350912 _____ C:\WINDOWS\system32\config\COMPONENTS
2016-12-21 19:46 - 2016-07-20 11:41 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-12-21 11:39 - 2016-08-13 15:49 - 00000000 ___RD C:\Users\Zoe\Documents\Scanned Documents
2016-12-20 16:38 - 2016-08-15 12:27 - 00000000 ____D C:\Program Files\Common Files\AV
2016-12-20 16:32 - 2016-07-20 10:41 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-12-19 22:12 - 2016-07-20 11:15 - 00002361 _____ C:\Users\Zoe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-19 22:12 - 2016-07-20 11:15 - 00000000 ___RD C:\Users\Zoe\OneDrive
2016-12-18 22:13 - 2016-09-30 02:39 - 00000000 ____D C:\Users\Zoe\AmazonMeter
2016-12-18 22:13 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\system32\WDI
2016-12-17 21:11 - 2016-12-07 20:43 - 00004048 _____ C:\Users\Zoe\Desktop\cookie game.txt
2016-12-16 18:17 - 2016-10-25 21:55 - 00003676 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3591470129-1721147500-3194162361-1001UA
2016-12-16 18:17 - 2016-10-25 21:55 - 00003408 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3591470129-1721147500-3194162361-1001Core
2016-12-16 18:17 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\Tasks
2016-12-16 16:11 - 2016-10-26 09:32 - 00003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-16 16:11 - 2016-10-26 09:32 - 00003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-16 10:42 - 2016-09-30 02:34 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{f5b135e6-4b48-11e6-80cb-e41d2d012050}.TMContainer00000000000000000002.regtrans-ms
2016-12-16 10:22 - 2016-07-16 00:04 - 00000000 ____D C:\WINDOWS\WinSxS
2016-12-16 10:19 - 2016-07-16 05:47 - 00000000 ___RD C:\WINDOWS\assembly
2016-12-15 19:23 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\rescache
2016-12-15 19:04 - 2016-09-30 02:32 - 00346032 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-15 19:04 - 2016-07-22 17:02 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-12-15 19:03 - 2016-09-30 02:32 - 00524288 ___SH C:\WINDOWS\system32\config\DRIVERS{f5b135f1-4b48-11e6-80cb-e41d2d012050}.TMContainer00000000000000000001.regtrans-ms
2016-12-15 19:03 - 2016-09-30 02:32 - 00065536 ___SH C:\WINDOWS\system32\config\DRIVERS{f5b135f1-4b48-11e6-80cb-e41d2d012050}.TM.blf
2016-12-15 19:03 - 2016-08-24 11:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-15 19:03 - 2016-07-16 05:47 - 00000796 ___SH C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-15 19:03 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\SysWOW64\en-US
2016-12-15 19:03 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\system32\en-US
2016-12-15 19:03 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\system32\Boot
2016-12-15 19:03 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-12-15 19:03 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\AppPatch
2016-12-15 19:03 - 2016-07-16 00:04 - 00000000 ____D C:\WINDOWS\SysWOW64
2016-12-15 19:03 - 2016-07-16 00:04 - 00000000 ____D C:\WINDOWS\system32\DriverStore
2016-12-15 19:02 - 2016-09-30 02:34 - 00524288 ___SH C:\Users\Zoe\NTUSER.DAT{c6ae7cd8-86f0-11e6-a274-e4f00bea1336}.TMContainer00000000000000000002.regtrans-ms
2016-12-15 19:02 - 2016-09-30 02:34 - 00065536 ___SH C:\Users\Zoe\NTUSER.DAT{c6ae7cd8-86f0-11e6-a274-e4f00bea1336}.TM.blf
2016-12-15 16:15 - 2016-07-16 05:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-15 16:13 - 2016-07-19 20:45 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-15 16:11 - 2016-07-19 20:45 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-15 00:40 - 2016-07-20 11:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-14 02:20 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-12-14 02:20 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-12-13 15:11 - 2016-10-26 09:32 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-11 17:56 - 2016-07-16 05:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-11 17:56 - 2016-07-16 05:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-10 00:04 - 2016-11-02 05:32 - 00000282 ___SH C:\Users\Zoe\Desktop\desktop.ini
2016-12-10 00:04 - 2016-09-30 07:16 - 00000174 ___SH C:\Users\Zoe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-10 00:04 - 2016-07-20 11:14 - 00000402 ___SH C:\Users\Zoe\Documents\desktop.ini
2016-12-10 00:04 - 2016-07-20 11:14 - 00000282 ___SH C:\Users\Zoe\Downloads\desktop.ini
2016-12-10 00:04 - 2016-07-20 11:14 - 00000174 ___SH C:\Users\Zoe\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
2016-12-10 00:04 - 2016-07-20 11:14 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-12-10 00:04 - 2016-07-20 11:14 - 00000000 ___RD C:\Users\Zoe\Videos
2016-12-10 00:04 - 2016-07-20 11:14 - 00000000 ___RD C:\Users\Zoe\Searches
2016-12-10 00:04 - 2016-07-20 11:14 - 00000000 ___RD C:\Users\Zoe\Saved Games
2016-12-10 00:04 - 2016-07-20 11:14 - 00000000 ___RD C:\Users\Zoe\Pictures
2016-12-10 00:04 - 2016-07-20 11:14 - 00000000 ___RD C:\Users\Zoe\Music
2016-12-10 00:04 - 2016-07-20 11:14 - 00000000 ___RD C:\Users\Zoe\Links
2016-12-10 00:04 - 2016-07-20 11:14 - 00000000 ___RD C:\Users\Zoe\Favorites
2016-12-10 00:04 - 2016-07-20 11:14 - 00000000 ___RD C:\Users\Zoe\Documents
2016-12-10 00:04 - 2016-07-20 11:14 - 00000000 ___RD C:\Users\Zoe\Contacts
2016-12-10 00:04 - 2016-07-20 11:14 - 00000000 ___RD C:\Users\Zoe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-10 00:04 - 2016-07-20 11:14 - 00000000 ___RD C:\Users\Zoe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2016-12-10 00:04 - 2016-07-16 00:04 - 00262144 _____ C:\Users\Default\NTUSER.DAT
2016-12-10 00:03 - 2016-07-16 05:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-12-10 00:03 - 2016-07-16 05:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2016-12-10 00:03 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-12-10 00:03 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-12-10 00:03 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\system32\wbem
2016-12-10 00:03 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-CS
2016-12-10 00:03 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-12-10 00:03 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-12-10 00:03 - 2016-07-16 05:47 - 00000000 ____D C:\Program Files\Internet Explorer
2016-12-10 00:03 - 2016-07-16 05:47 - 00000000 ____D C:\Program Files (x86)\Internet Explorer
2016-12-10 00:03 - 2016-07-16 00:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-12-10 00:03 - 2016-07-16 00:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-12-10 00:03 - 2016-07-16 00:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-12-10 00:03 - 2016-07-16 00:04 - 00000000 ____D C:\WINDOWS\system32\CatRoot
2016-12-10 00:03 - 2016-07-16 00:04 - 00000000 ____D C:\WINDOWS\servicing
==================== Files in the root of some directories =======
2016-07-26 12:43 - 2016-07-26 12:46 - 0007596 _____ () C:\Users\Zoe\AppData\Local\resmon.resmoncfg
2016-09-30 02:33 - 2016-09-30 02:33 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
C:\Users\Zoe\AppData\Local\Temp\i4jdel0.exe
C:\Users\Zoe\AppData\Local\Temp\jre-8u111-windows-au.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-01-02 09:44
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-01-2017
Ran by Zoe (09-01-2017 21:08:37)
Running from C:\Users\Zoe\Desktop
Windows 10 Home Version 1607 (X64) (2016-09-30 08:42:28)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3591470129-1721147500-3194162361-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3591470129-1721147500-3194162361-503 - Limited - Disabled)
Guest (S-1-5-21-3591470129-1721147500-3194162361-501 - Limited - Disabled)
Zoe (S-1-5-21-3591470129-1721147500-3194162361-1001 - Administrator - Enabled) => C:\Users\Zoe
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Total Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Total Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{D079CAAD-0C31-47A2-9AF5-A82F9CD9B221}) (Version: 5.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{64E6007B-1DA9-42CD-BBE4-D5FA67A7C71D}) (Version: 5.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{0E4C791E-B78E-477D-BD5A-CDD0985BA6EC}) (Version: 7.0.20622.1 - Microsoft Corporation)
AutoHotkey 1.1.22.09 (HKLM\...\AutoHotkey) (Version: 1.1.22.09 - Lexikos)
Azure AD Authentication Connected Service (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Color Search version 3.0 (HKLM-x32\...\{9531A0B6-7DDA-4ED7-8B49-9BC3C0ABAEEC}_is1) (Version: 3.0 - Loaded Dog Enterprises)
Dotfuscator and Analytics Community Edition 5.22.0 (x32 Version: 5.22.0.3788 - PreEmptive Solutions) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 16.4.30 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Chrome Canary (HKU\S-1-5-21-3591470129-1721147500-3194162361-1001\...\Google Chrome SxS) (Version: 57.0.2976.0 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
gpedt.msc 1.0 (HKLM-x32\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version: - Richard)
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
iCloud (HKLM\...\{4BB313CE-D3D1-424C-8823-15CF85B00B05}) (Version: 6.1.0.30 - Apple Inc.)
Inquisit 4 Web Player (HKLM\...\{FBB69BDD-AE2D-4E69-BE47-704EBC5B3FC0}) (Version: 4.0.9.0 - Millisecond Software)
Inquisit 5 Player (HKLM\...\{79201F7C-2CDE-4309-BF6F-F831A82DCA31}) (Version: 5.0.6.0 - Millisecond Software)
Intel® Chipset Device Software (x32 Version: 10.1.1.9 - Intel® Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4534 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation)
iTunes (HKLM\...\{81C96689-EA5B-4B7D-A04F-16326EC51BC2}) (Version: 12.5.4.42 - Apple Inc.)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{2C74A102-DC39-4158-A831-02BDE2EC7D5D}) (Version: 8.0.5.485 - Kaspersky Lab)
Kaspersky Password Manager (x32 Version: 8.0.5.485 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Total Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.7.133.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.6965.2115 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3591470129-1721147500-3194162361-1001\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Updates (HKLM-x32\...\{79b486b9-c5f0-4096-a00c-8351f59587c2}) (Version: 14.0.25420.1 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x64 en-US) (HKLM\...\Mozilla Firefox 50.1.0 (x64 en-US)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.1 - Vitalwerks Internet Solutions LLC)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6965.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6965.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6965.2115 - Microsoft Corporation) Hidden
Pale Moon 26.5.0 (x86 en-US) (HKLM-x32\...\Pale Moon 26.5.0 (x86 en-US)) (Version: 26.5.0 - Moonchild Productions)
PicToWeave Version 3.7.2.2 (HKLM-x32\...\PicToWeave_is1) (Version: - Loaded Dog Enterprises)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Pulover's Macro Creator version 5.0.5 (HKLM\...\{223FFB42-2D49-4AF6-9EF2-82B7D0CAF8B4}_is1) (Version: 5.0.5 - Rodolfo U. Batista)
Pushbullet version 338 (HKLM-x32\...\{7578F204-49E7-4830-B051-14C23F408BFE}_is1) (Version: 338 - Pushbullet Inc)
RAPID Mode (Version: 1.0.1.96 - Samsung Electronics Co., Ltd.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.25425 - Microsoft Corporation) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.9.7 - Samsung Electronics)
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
Synergy (64-bit) (HKLM\...\{AE81EF09-AD7A-49BB-897D-F2C9C4453A4B}) (Version: 1.8.2 - The Synergy Project)
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (x32 Version: 14.102.25521 - Microsoft) Hidden
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
TypeScript Power Tool (x32 Version: 1.8.34.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.36.0 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
UserTesting (HKU\S-1-5-21-3591470129-1721147500-3194162361-1001\...\UserTestingPlugin) (Version: - UserTesting.com)
Visual Studio 2015 Update 3 (KB3022398) (HKLM-x32\...\{7a68448b-9cf2-4049-bd73-5875f1aa7ba2}) (Version: 14.0.25420 - Microsoft Corporation)
Vivaldi (HKU\S-1-5-21-3591470129-1721147500-3194162361-1001\...\Vivaldi) (Version: 1.6.689.40 - Vivaldi)
VNC Server 6.0.0 (HKLM\...\{55233098-158E-4500-B536-7FC644535F29}) (Version: 6.0.0.23442 - RealVNC Ltd)
VNC Viewer 6.0.0 (HKLM\...\{A55C0FBA-8B96-4C1C-B276-2E5328C57254}) (Version: 6.0.0.23442 - RealVNC Ltd)
VS Update core components (x32 Version: 14.0.25425 - Microsoft Corporation) Hidden
vs_update3notification (x32 Version: 14.0.25425 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WebM Project Directshow Filters (HKU\S-1-5-21-3591470129-1721147500-3194162361-1001\...\webmdshow) (Version: 1.0.4.1 - WebM Project)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3591470129-1721147500-3194162361-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Zoe\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3591470129-1721147500-3194162361-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Zoe\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3591470129-1721147500-3194162361-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Zoe\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1DBB6782-B7F7-48C5-8CA5-74C51E7C8D6A} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2015-12-09] (Microsoft)
Task: {20030A16-DF52-4136-80F5-55D4003682C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-26] (Google Inc.)
Task: {268E56D4-5886-4E01-8C05-4FB78DEE2C61} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-12-09] (Microsoft Corporation)
Task: {2C60DE9E-DD57-4591-9D0E-E17B14FB6785} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-12-09] (Microsoft Corporation)
Task: {34B28551-0934-46F5-A5A0-F3B58440D59D} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Zoe\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {3916B61F-EC9D-49BB-A3D9-800279EEBDAB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3591470129-1721147500-3194162361-1001Core => C:\Users\Zoe\AppData\Local\Google\Update\GoogleUpdate.exe [2016-10-25] (Google Inc.)
Task: {406BC23A-9FB1-4859-9282-96C29CF6E327} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-12-09] (Microsoft Corporation)
Task: {47852D81-1565-4085-AD9C-26940A3EA336} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-12-10] (Microsoft Corporation)
Task: {48A27D90-FCA6-4BBE-AEC5-27C7DB4140EF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3591470129-1721147500-3194162361-1001UA => C:\Users\Zoe\AppData\Local\Google\Update\GoogleUpdate.exe [2016-10-25] (Google Inc.)
Task: {5C33CB45-8983-42E3-933E-E6F6EC442B14} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {5E47589C-253C-4D76-A4A9-4472E6D70E69} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-10-07] (Dropbox, Inc.)
Task: {71E397C7-13FA-4890-BCA9-BC5E21EEE371} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-12-10] (Microsoft Corporation)
Task: {72CF46AF-A2C8-4B0A-95C2-2139F0CB84CE} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-12-09] (Microsoft Corporation)
Task: {76B93687-B65A-45D7-9EFA-C6F8881CE696} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2016-05-13] (Samsung Electronics.)
Task: {945720DF-A797-413E-AC4A-4B5BCA52A9AF} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-10-07] (Dropbox, Inc.)
Task: {A8BCAFB2-9D6B-47E7-8179-315691805A1A} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2016-11-17] (Apple Inc.)
Task: {AA3BAB94-1104-4745-8E66-D03F9DD62C09} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [2016-07-11] (AO Kaspersky Lab)
Task: {BDE84768-EB1A-4B88-8686-7447449E4846} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-12-10] (Microsoft Corporation)
Task: {F88F826C-3480-456D-AFE1-9BFA46C7DB68} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [2016-06-20] (Microsoft Corporation)
Task: {FC152560-4A62-4307-87D0-0F1A2C14AFEF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-14] (Adobe Systems Incorporated)
Task: {FC845EF9-7781-44E8-9D3C-BB1A0AAD3CC6} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-09] (Microsoft Corporation)
Task: {FFAF1C6A-EA00-4C81-AEB8-DC1B760D7887} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-09] (Microsoft Corporation)
Task: {FFEFC5AC-A127-4D54-BA16-4DB0D7170F8D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-26] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Zoe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Canary Apps\Chrome Connectivity Diagnostics.lnk -> C:\Users\Zoe\AppData\Local\Google\Chrome SxS\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=eemlkeanncmjljgehlbplemhmdmalhdc
ShortcutWithArgument: C:\Users\Zoe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Connectivity Diagnostics.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=eemlkeanncmjljgehlbplemhmdmalhdc
==================== Loaded Modules (Whitelisted) ==============
2016-07-16 05:42 - 2016-07-16 05:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-13 23:06 - 2016-12-09 04:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-10-05 17:17 - 2016-10-05 17:17 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-11-17 01:28 - 2016-11-17 01:28 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-08-08 12:53 - 2016-08-08 12:53 - 00314024 _____ () C:\Program Files\Synergy\synergyd.exe
2016-12-13 23:06 - 2016-12-09 04:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-12-19 22:12 - 2016-12-19 22:12 - 01678560 _____ () C:\Users\Zoe\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\ClientTelemetry.dll
2016-09-30 05:30 - 2016-09-30 05:30 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-12-13 23:06 - 2016-12-09 03:41 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-12-13 23:06 - 2016-12-09 03:40 - 00693248 _____ () C:\Windows\ShellExperiences\MtcUvc.dll
2016-12-13 23:49 - 2016-12-13 23:50 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-12-13 23:49 - 2016-12-13 23:50 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-12-13 23:49 - 2016-12-13 23:50 - 42130432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-12-13 23:49 - 2016-12-13 23:50 - 02216448 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\roottools.dll
2016-07-20 11:03 - 2016-12-09 17:33 - 08919752 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2016-12-13 15:11 - 2016-12-08 02:03 - 02412888 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-13 15:11 - 2016-12-08 02:03 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2016-11-10 11:56 - 2016-11-10 11:56 - 01028608 _____ () C:\Users\Zoe\Desktop\AHK\ID.exe
2015-07-20 09:34 - 2015-07-20 09:34 - 00012288 _____ () C:\Program Files (x86)\No-IP\ducservice.exe
2016-07-20 11:40 - 2015-11-11 05:04 - 01143808 _____ () C:\Program Files\AutoHotkey\AutoHotkey.exe
2016-11-09 06:10 - 2016-11-02 04:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-09 06:10 - 2016-11-02 04:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-09 06:10 - 2016-11-02 04:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-09 06:10 - 2016-11-02 04:15 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-11-09 06:10 - 2016-11-02 04:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-09 06:10 - 2016-11-02 04:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-11-22 12:33 - 2016-11-22 12:33 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-11-22 12:33 - 2016-11-22 12:33 - 20433408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-07-20 11:27 - 2016-07-20 11:30 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-11-22 12:33 - 2016-11-22 12:33 - 01046528 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-11-22 12:33 - 2016-11-22 12:33 - 00353792 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Photos.Inking.dll
2016-06-27 23:19 - 2016-06-27 23:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\kpcengine.2.3.dll
2016-12-19 22:12 - 2016-12-19 22:12 - 01244376 _____ () C:\Users\Zoe\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\ClientTelemetry.dll
2016-07-15 11:06 - 2016-07-15 11:06 - 00434128 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\ipm_service.dll
2016-11-17 01:29 - 2016-11-17 01:29 - 01041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-11-17 01:28 - 2016-11-17 01:28 - 00189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-10-05 17:18 - 2016-10-05 17:18 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-19 20:53 - 2016-05-13 00:35 - 00021600 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2016-10-07 09:36 - 2016-11-11 14:36 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-10-07 09:36 - 2016-11-11 14:36 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-10-07 09:36 - 2016-11-11 14:36 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-10-07 09:36 - 2016-12-21 12:26 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-10-07 09:36 - 2016-11-11 14:36 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-12-21 19:46 - 2016-12-21 12:26 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-10-07 09:36 - 2016-11-11 14:37 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-12-21 19:46 - 2016-12-21 12:26 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-12-21 19:46 - 2016-12-21 12:26 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-12-21 19:46 - 2016-11-11 14:36 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-12-21 19:46 - 2016-11-11 14:37 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-12-21 19:46 - 2016-11-11 14:36 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-10-07 09:36 - 2016-11-11 14:38 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-10-07 09:36 - 2016-12-21 12:26 - 00021312 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2016-12-21 19:46 - 2016-12-21 12:26 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-12-21 19:46 - 2016-12-21 12:26 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-12-21 19:46 - 2016-11-11 14:36 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-12-21 19:46 - 2016-11-11 14:38 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-10-07 09:36 - 2016-11-11 14:38 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-10-07 09:36 - 2016-11-11 14:39 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-10-07 09:36 - 2016-12-21 12:26 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-10-07 09:36 - 2016-11-11 14:38 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-10-07 09:36 - 2016-12-21 12:26 - 00025424 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-10-07 09:36 - 2016-11-11 14:38 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-10-07 09:36 - 2016-11-11 14:38 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-10-07 09:36 - 2016-11-11 14:38 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-10-07 09:36 - 2016-11-11 14:39 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-10-07 09:36 - 2016-11-11 14:39 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-10-07 09:36 - 2016-11-11 14:38 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-10-07 09:36 - 2016-11-11 14:39 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-12-21 19:46 - 2016-12-21 12:26 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-12-21 19:46 - 2016-12-21 12:26 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-10-07 09:36 - 2016-11-11 14:37 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2016-12-21 19:46 - 2016-12-21 12:26 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-10-07 09:36 - 2016-11-11 14:39 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-10-07 09:36 - 2016-12-21 12:26 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-10-07 09:36 - 2016-12-21 12:26 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-10-07 09:36 - 2016-12-21 12:26 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-10-07 09:36 - 2016-12-21 12:26 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-10-07 09:36 - 2016-11-11 14:39 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-10-07 09:36 - 2016-12-21 12:26 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-12-21 19:46 - 2016-12-21 12:26 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-12-21 19:46 - 2016-11-11 14:35 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-12-21 19:46 - 2016-12-21 12:26 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2016-12-21 19:46 - 2016-12-03 02:13 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2016-12-21 19:46 - 2016-12-21 12:26 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-12-21 19:46 - 2016-12-21 12:26 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-10-07 09:36 - 2016-11-11 14:37 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-12-21 19:46 - 2016-12-21 12:26 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-12-21 19:46 - 2016-12-21 12:26 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-12-21 19:46 - 2016-12-21 12:26 - 01972528 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-12-21 19:46 - 2016-12-21 12:26 - 00133424 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-12-21 19:46 - 2016-12-21 12:26 - 00224056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-12-21 19:46 - 2016-12-21 12:26 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-10-07 09:36 - 2016-12-21 12:26 - 00020288 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32._winffi_user32.pyd
2016-12-21 19:46 - 2016-11-11 14:42 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2016-12-21 19:46 - 2016-11-11 14:42 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2016-12-21 19:46 - 2016-12-21 12:26 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-12-21 19:46 - 2016-12-21 12:26 - 00171320 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-12-21 19:46 - 2016-12-21 12:26 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-10-07 09:36 - 2016-12-21 12:26 - 00037192 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2016-10-07 09:36 - 2016-11-11 14:39 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-10-07 09:36 - 2016-12-21 12:26 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-12-21 19:46 - 2016-12-21 12:26 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-10-07 09:36 - 2016-11-11 14:44 - 00697304 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-20 09:34 - 2015-07-20 09:34 - 00073728 _____ () C:\Program Files (x86)\No-IP\ducapi.dll
2016-10-21 02:54 - 2016-12-29 11:23 - 03540680 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\gfx.dll
2016-07-20 11:00 - 2016-12-09 16:49 - 01061576 _____ () C:\Program Files (x86)\Microsoft Office\Root\Office16\ADDINS\UmOutlookAddin.dll
2016-07-20 11:04 - 2016-12-29 11:31 - 00519880 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\msfad.dll
2016-12-22 13:08 - 2016-12-19 05:05 - 01894008 _____ () C:\Users\Zoe\AppData\Local\Vivaldi\Application\1.6.689.40\libglesv2.dll
2016-12-22 13:08 - 2016-12-19 05:05 - 00086648 _____ () C:\Users\Zoe\AppData\Local\Vivaldi\Application\1.6.689.40\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 01:24 - 2015-10-30 01:21 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3591470129-1721147500-3194162361-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\Services: Synergy => 2
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKU\S-1-5-21-3591470129-1721147500-3194162361-1001\...\StartupApproved\Run: => "GM4IE"
HKU\S-1-5-21-3591470129-1721147500-3194162361-1001\...\StartupApproved\Run: => "Icecream_Screen_Recorder_Prefetcher"
HKU\S-1-5-21-3591470129-1721147500-3194162361-1001\...\StartupApproved\Run: => "Speech Recognition"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{A4FBE668-7945-43A4-8DC8-1C1EF5D8C0F6}] => C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{F245F431-3E40-4245-B52B-C2204999CAE9}] => C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{AAD0DD20-9C2E-416F-AE19-C2F3A16CEBA9}] => C:\Program Files (x86)\Mirroring360\mDNSResponder.exe
FirewallRules: [{90013266-3845-46C5-A6F9-5D675BF62F0C}] => C:\Program Files (x86)\Mirroring360\Mirroring360.exe
FirewallRules: [{3007F903-888D-40D2-9635-49710A51E031}] => C:\Program Files (x86)\X-Mirage\x-mirage.exe
FirewallRules: [{25229684-682C-4837-9D94-EA5120BF46D0}] => C:\Program Files (x86)\LonelyScreen\lonelyscreen.exe
FirewallRules: [{22B45A9E-2C21-452F-8163-7313330A0985}] => C:\Program Files (x86)\LonelyScreen\lonelyscreen.exe
FirewallRules: [{FDBFA9D9-BFC2-4A53-8DD9-B3B9EE58CE27}] => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{0AB5A811-C8F4-4A9A-BF1F-5FBABA83C7D2}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{628ADE91-9C5D-4CAB-94CF-97AB678113BA}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7E62AB2F-0757-4210-9B9F-A8D9234DB572}] => C:\Program Files\Synergy\synergys.exe
FirewallRules: [UDP Query User{4DB622F5-E174-4BDA-BFB5-AF2F467123DA}C:\program files\realvnc\vnc server\vncserver.exe] => C:\program files\realvnc\vnc server\vncserver.exe
FirewallRules: [TCP Query User{54FCCAF1-BB5D-43BC-AC95-7D645B5D3FAF}C:\program files\realvnc\vnc server\vncserver.exe] => C:\program files\realvnc\vnc server\vncserver.exe
FirewallRules: [{E620044B-2C46-4B62-9A40-8C812E49479F}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{080518AA-4006-4249-AC46-F1E4D8EB35BA}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{E8CC2D99-E3A4-4F4B-B46E-CF389A68EA42}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{DB20B049-ED35-4D4B-804E-E11858F70807}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{4EAF62CB-493D-4309-B748-EE2C545A479D}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{7F7AD43B-9F6E-4B61-8E34-B4CB4B3F4149}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E9E2AB25-BE6D-4825-ADD3-469114CBDCDE}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{9C12316A-C8E7-4CA2-BD4C-752A2C0DFE57}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{142DD717-67A0-481B-A1CF-6569B3FEF11F}] => C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{4B08C258-9D1C-4AEC-B592-3D7CF06E350F}] => C:\Program Files\RealVNC\VNC Server\vncserver.exe
FirewallRules: [{A3EBA105-6D76-40EE-A3E0-058345B9EBA1}] => C:\Program Files\RealVNC\VNC Server\vncserver.exe
FirewallRules: [{F50832B0-F89A-4DDD-9D0F-C3763DFE61DC}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E9E15438-5E23-4EBF-8ED2-CC14E1A7F09D}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{24D42EBB-CC30-4AA0-8F94-CA51A376ED28}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{959C10E8-A4C4-4A69-A0D0-7338806CAC57}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5BA4941F-B489-4D72-B360-7B8A323B6515}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{19A61030-3395-478F-801F-0D86405D8183}] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{431AB501-51C4-4E0D-B8FA-20DFC79AF33F}] => C:\Users\Zoe\AppData\Local\Vivaldi\Application\vivaldi.exe
FirewallRules: [{08CE75E5-84C2-4806-B061-64E30152FACE}] => C:\Program Files\iTunes\iTunes.exe
==================== Restore Points =========================
24-12-2016 10:53:33 Scheduled Checkpoint
02-01-2017 09:46:51 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/07/2017 05:40:46 PM) (Source: Microsoft-Windows-EFS) (EventID: 4401) (User: ZOENEW)
Description: 7.488: EFS service failed to provision a user for EDP. Error code: 0x80070005.
Error: (01/07/2017 05:38:40 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified.
Error: (01/07/2017 05:38:30 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
(HRESULT : 0x80040210) (0x80040210)
Error: (01/07/2017 05:38:30 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
(HRESULT : 0x80040210) (0x80040210)
Error: (01/07/2017 05:38:30 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
(HRESULT : 0x80040210) (0x80040210)
Error: (01/07/2017 05:38:30 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
(HRESULT : 0x80040210) (0x80040210)
Error: (01/07/2017 05:38:30 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
(HRESULT : 0x80040210) (0x80040210)
Error: (01/07/2017 05:38:30 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
(HRESULT : 0x80040210) (0x80040210)
Error: (01/07/2017 05:38:30 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
(HRESULT : 0x80040210) (0x80040210)
Error: (01/07/2017 05:38:30 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
(HRESULT : 0x80040210) (0x80040210)
System errors:
=============
Error: (01/07/2017 05:38:43 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/07/2017 05:38:02 PM) (Source: DCOM) (EventID: 10010) (User: ZOENEW)
Description: The server App.AppXryc2qd338f5728r9gzzazav8206ba77s.mca did not register with DCOM within the required timeout.
Error: (01/07/2017 04:58:40 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT AUTHORITY)
Description: Miniport Apple Mobile Device Ethernet, {7A2BA90B-2DC7-49FC-92EC-D0B3F2D96451}, had event 76
Error: (01/06/2017 06:22:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/06/2017 06:07:19 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 4:37:12 PM on 1/6/2017 was unexpected.
Error: (01/01/2017 12:03:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/01/2017 12:01:51 PM) (Source: DCOM) (EventID: 10010) (User: ZOENEW)
Description: The server Windows.Media.Capture.Internal.AppCaptureShell did not register with DCOM within the required timeout.
Error: (12/29/2016 06:22:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (12/29/2016 11:07:27 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (12/29/2016 11:06:52 AM) (Source: DCOM) (EventID: 10010) (User: ZOENEW)
Description: The server {16D99191-6280-4B33-A2F5-04805A0FC582} did not register with DCOM within the required timeout.
==================== Memory info ===========================
Processor: Intel® Core i5-6500 CPU @ 3.20GHz
Percentage of memory in use: 49%
Total physical RAM: 16197.37 MB
Available physical RAM: 8106.84 MB
Total Virtual: 17221.37 MB
Available Virtual: 7429.4 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.4 GB) (Free:157.6 GB) NTFS
Drive e: () (Fixed) (Total:931.51 GB) (Free:930.89 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 50129300)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 97A3FD41)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================