Jump to content


Android 8888

Member Since 20 Apr 2013
Offline Last Active Nov 17 2017 12:36 PM

Topics I've Started

Found a pop up while restoring lost printer driver

25 February 2017 - 10:32 AM

Hello lureum.

 

NOTICE: As you can see your topic has been recreated since the previous one was removed due to the software update that the forum suffered. As you were a new member your registration was also removed and you have to re-register to be able to continue to post. If you still need help please make your registration again, go to the last post of this topic and perform the instructions so we can continue the work.

 

Thank you.

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-02-2017 01
Ran by Mike (administrator) on DESKTOP (22-02-2017 16:51:01)
Running from D:\Desktop
Loaded Profiles: Mike & NeroMediaHomeUser.4 (Available Profiles: Mike & NeroMediaHomeUser.4)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
(TechSmith Corporation) C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe
(Western Digital) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Wondershare) C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
() D:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\TrayPopupE\TrayTipAgentE.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\HMService\aaHM.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Bandoo Media Inc.) C:\Users\Mike\AppData\Local\iLivid\iLivid.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsAPHider\AsAPHider.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1743136 2013-05-29] (Wondershare)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-11-01] (Apple Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2010-01-22] (NEC Electronics Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-29] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
HKLM-x32\...\Run: [LTCM Client] => C:\Program Files (x86)\LTCM Client\ltcmClient.exe [2756864 2011-04-07] (Leader Technologies Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3478392 2013-12-21] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [570880 2013-12-27] (Nikon Corporation)
HKLM-x32\...\Run: [EaseUS EPM tray] => D:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe [2089056 2015-04-14] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [EaseUS EPM Tray Agent] => D:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\TrayPopupE\TrayTipAgentE.exe [255072 2014-11-18] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-10-05] (Apple Inc.)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [324976 2010-05-21] (Flexera Software, Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2137744 2016-10-08] (Wondershare)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (CANON INC.)
HKLM-x32\...\Run: [Nero MediaHome 4] => C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe [5178664 2010-10-26] (Nero AG)
HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1563424 2016-06-28] (Seagate Technology LLC)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1971856 2016-10-24] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-3254762720-3357227884-2370198018-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3254762720-3357227884-2370198018-1001\...\Run: [GoogleChromeAutoLaunch_A9A28D217F0AF6C0AE66A9006030A09A] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [945496 2017-02-01] (Google Inc.)
HKU\S-1-5-21-3254762720-3357227884-2370198018-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2015-01-28] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3254762720-3357227884-2370198018-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-3254762720-3357227884-2370198018-1001\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [127816 2016-06-28] (Seagate Technology LLC)
HKU\S-1-5-21-3254762720-3357227884-2370198018-1001\...\MountPoints2: {571b5056-f7c2-11e2-a636-20cf3054361d} - J:\LaunchU3.exe -a
HKU\S-1-5-21-3254762720-3357227884-2370198018-1001\...\MountPoints2: {7cfab43a-6a0f-11e4-9c0a-20cf3054361d} - I:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-3254762720-3357227884-2370198018-1001\...\MountPoints2: {7fe0791e-e3f8-11e2-b86e-20cf3054361d} - "J:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2015-01-28] (Garmin Ltd or its subsidiaries)
IFEO\wddriveutilities.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Mike\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll [2017-02-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Mike\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll [2017-02-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Mike\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll [2017-02-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Mike\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncShell.dll [2017-02-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Mike\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncShell.dll [2017-02-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Mike\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncShell.dll [2017-02-22] (Microsoft Corporation)
Startup: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Epson All-in-one Registration.lnk [2017-02-13]
ShortcutTarget: Epson All-in-one Registration.lnk -> C:\Users\Mike\AppData\Roaming\Leadertech\PowerRegister\Epson All-in-one Registration.exe (Aviata/Epson)
GroupPolicy\User: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-3254762720-3357227884-2370198018-1001\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog9 01 C:\Windows\SysWOW64\LavasoftTcpService.dll [342016 2015-07-04] (Lavasoft Limited)
Winsock: Catalog9 02 C:\Windows\SysWOW64\LavasoftTcpService.dll [342016 2015-07-04] (Lavasoft Limited)
Winsock: Catalog9 03 C:\Windows\SysWOW64\LavasoftTcpService.dll [342016 2015-07-04] (Lavasoft Limited)
Winsock: Catalog9 04 C:\Windows\SysWOW64\LavasoftTcpService.dll [342016 2015-07-04] (Lavasoft Limited)
Winsock: Catalog9 15 C:\Windows\SysWOW64\LavasoftTcpService.dll [342016 2015-07-04] (Lavasoft Limited)
Winsock: Catalog9-x64 01 C:\Windows\system32\LavasoftTcpService64.dll [422400 2015-07-04] (Lavasoft Limited)
Winsock: Catalog9-x64 02 C:\Windows\system32\LavasoftTcpService64.dll [422400 2015-07-04] (Lavasoft Limited)
Winsock: Catalog9-x64 03 C:\Windows\system32\LavasoftTcpService64.dll [422400 2015-07-04] (Lavasoft Limited)
Winsock: Catalog9-x64 04 C:\Windows\system32\LavasoftTcpService64.dll [422400 2015-07-04] (Lavasoft Limited)
Winsock: Catalog9-x64 15 C:\Windows\system32\LavasoftTcpService64.dll [422400 2015-07-04] (Lavasoft Limited)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 209.18.47.62 209.18.47.61
Tcpip\..\Interfaces\{B37EA02F-0560-4466-BC64-C50CB00DD85B}: [DhcpNameServer] 209.18.47.62 209.18.47.61

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\S-1-5-21-3254762720-3357227884-2370198018-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msn.com/?ocid=OIE9MSE&PC=UP09
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKU\S-1-5-21-3254762720-3357227884-2370198018-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3254762720-3357227884-2370198018-1001 -> {205EED0F-638B-47AB-AD4C-89DEDB9959A3} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3254762720-3357227884-2370198018-1001 -> {E9DB9E7B-A275-41D1-8158-D0423FBEBDEB} URL = hxxp://www.google.com/cse?cx=partner-pub-3540673482024757:xbhdw8hkfz5&cof=&q={searchTerms}
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2013-12-20] (Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2013-12-20] (Adobe Systems Incorporated)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll [2016-10-24] (Wondershare)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-30] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-30] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2013-12-20] (Adobe Systems Incorporated)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKU\S-1-5-21-3254762720-3357227884-2370198018-1001 -> No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -  No File
Toolbar: HKU\S-1-5-21-3254762720-3357227884-2370198018-1001 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Toolbar: HKU\S-1-5-21-3254762720-3357227884-2370198018-1001 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 -  No File

FireFox:
========
FF ProfilePath: C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\tt0oiw1d.default [2017-02-22]
FF NewTab: Mozilla\Firefox\Profiles\tt0oiw1d.default -> hxxp://www.bing.com/?pc=COSP&ptag=D070515-A166D148A50&form=CONMHP&conlogo=CT3334470
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\tt0oiw1d.default -> Bing
FF DefaultSearchEngine.US: Mozilla\Firefox\Profiles\tt0oiw1d.default -> Google Default
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\tt0oiw1d.default -> Bing
FF Homepage: Mozilla\Firefox\Profiles\tt0oiw1d.default -> hxxps://www.google.com/
FF Extension: (Adblock Plus) - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\tt0oiw1d.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF Extension: (SHA-1 deprecation staged rollout) - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\tt0oiw1d.default\features\{ea1af062-b7ce-4a1e-98b5-821cf6fd3ff2}\disableSHA1rollout@mozilla.org.xpi [2017-02-20]
FF SearchPlugin: C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\tt0oiw1d.default\searchplugins\google-default.xml [2015-07-05]
FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker => not found
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-11-27] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com_xpi
FF Extension: (Wondershare Video Converter Ultimate) - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com_xpi [2016-11-11]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-14] ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\system32\npDeployJava1.dll [2013-08-18] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-14] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @checkpoint.com/FFApi -> C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2012-12-03] (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2013-12-21] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppluginrichmediaplayer.dll [2013-03-12] ()
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-10-19] <==== ATTENTION

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://searchy.easylifeapp.com/?pid=878&src=ch1&r=2013/07/10&hid=4103723794&lg=EN&cc=US
CHR StartupUrls: Default -> "hxxp://searchy.easylifeapp.com/?pid=878&src=ch1&r=2013/07/10&hid=4103723794&lg=EN&cc=US","hxxp://start.sweetpacks.com/?barid={22E4C354-E8CC-11E2-ADC8-20CF3054361D}&src=10&crg=3.5000006.10042&st=23"
CHR Profile: C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default [2017-02-22]
CHR Extension: (Google Slides) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-04]
CHR Extension: (Google Docs) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-20]
CHR Extension: (YouTube) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Adobe Acrobat) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-02-14]
CHR Extension: (Google Sheets) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-04]
CHR Extension: (Google Docs Offline) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-02]
CHR Extension: (PushControl) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlimcdoaokfndjofnhhlhbnhkjjfkpob [2016-12-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-23]
CHR Extension: (Gmail) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-14]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2013-12-21]
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Windows\SysWOW64\jmdp\SweetNT.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [96896 2009-12-28] (ASUSTeK Computer Inc.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2770312 2016-11-22] (ESET)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [517464 2015-01-28] (Garmin Ltd or its subsidiaries)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed]
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 NeroMediaHomeService.4; C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe [517416 2010-10-26] (Nero AG)
S3 RoxMediaDBVHS; C:\Program Files (x86)\Common Files\Roxio Shared\VHStoDVD\SharedCOM\RoxMediaDBVHS.exe [1112720 2012-07-30] (Corel Corporation)
S3 SandraAgentSrv; D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP2\RpcAgentSrv.exe [73200 2015-05-20] (SiSoftware) [File not signed]
R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16216 2016-06-28] (Seagate Technology LLC)
R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [143656 2016-06-28] (Seagate Technology LLC)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TechSmith Uploader Service; C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3408384 2015-01-26] (TechSmith Corporation) [File not signed]
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1157056 2012-09-19] (Western Digital )
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [248248 2012-09-19] (Western Digital)
R2 WDRulesService; C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [1177536 2012-09-19] (Western Digital )
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-04-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-05] ()
S0 BsStor; C:\Windows\SysWOW64\DRIVERS\bsstor.sys [9344 2002-06-05] (B.H.A Co.,Ltd.) [File not signed]
S2 BsUDF; C:\Windows\SysWow64\Drivers\BsUDF.sys [468480 2003-01-15] (ahead software) [File not signed]
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [262792 2016-11-22] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [251632 2015-07-13] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [197248 2016-11-22] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [181384 2016-11-22] (ESET)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [118160 2016-10-04] (Future Technology Devices International Ltd.)
S3 FTSER2K; C:\Windows\System32\drivers\ftser2k.sys [88752 2016-10-04] ()
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32000 2013-07-21] ()
S1 incdrm; C:\Windows\SysWow64\Drivers\incdrm.sys [7582 2002-10-08] (Ahead Software AG) [File not signed]
S3 ivusb; C:\Windows\System32\DRIVERS\ivusb.sys [29720 2010-07-28] () [File not signed]
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [251848 2017-02-22] (Malwarebytes)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-15] ()
S3 OV550I; C:\Windows\System32\Drivers\ov550ivx.sys [196992 2008-02-22] (Omnivision Technologies, Inc.)
S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [10368 2004-04-01] (Padus, Inc.) [File not signed]
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-07-10] (Corel Corporation)
S3 SANDRA; D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP2\WNt600x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13920 2017-02-22] ()
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 USB28xxBGA; C:\Windows\System32\DRIVERS\emBDA64A.sys [738328 2012-05-04] (eMPIA Technology, Inc.)
S3 USB28xxOEM; C:\Windows\System32\DRIVERS\emOEM64A.sys [1226136 2012-05-04] (eMPIA Technology, Inc.)
R3 WsAudio_Device; C:\Windows\System32\drivers\VirtualAudio.sys [31080 2015-02-27] (Wondershare)
S1 fypejfbj; \??\C:\Windows\system32\drivers\fypejfbj.sys [X]
S2 npf; \??\C:\Windows\system32\drivers\npf.sys [X]
U2 V2iMount; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-22 16:50 - 2017-02-22 16:51 - 00000000 ____D C:\FRST
2017-02-22 15:07 - 2017-02-22 15:08 - 00081696 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-02-22 15:07 - 2017-02-22 15:07 - 00251848 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-02-22 15:07 - 2017-02-22 15:07 - 00176584 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-02-22 15:07 - 2017-02-22 15:07 - 00110536 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-02-22 15:07 - 2017-02-22 15:07 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-02-22 15:07 - 2017-02-22 15:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-02-22 15:07 - 2017-01-20 07:47 - 00077416 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-02-22 15:06 - 2017-02-22 15:06 - 00000000 ____D C:\Program Files\Malwarebytes
2017-02-22 14:11 - 2017-02-22 14:11 - 00000000 ___HD C:\OneDriveTemp
2017-02-22 13:02 - 2017-02-22 13:42 - 00000364 _____ C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - Mike).job
2017-02-22 13:02 - 2017-02-22 13:02 - 00003024 _____ C:\Windows\System32\Tasks\SlimCleaner Plus (Scheduled Scan - Mike)
2017-02-22 12:04 - 2017-02-22 12:04 - 00013920 _____ C:\Windows\system32\Drivers\SWDUMon.sys
2017-02-20 07:33 - 2017-02-20 07:33 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2017-02-20 07:33 - 2017-02-20 07:33 - 00000000 ____D C:\Program Files\Realtek

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-22 16:27 - 2015-01-21 10:16 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2017-02-22 16:21 - 2015-01-19 08:58 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-02-22 16:21 - 2013-07-12 12:09 - 00000000 ____D C:\Program Files (x86)\Conduit
2017-02-22 16:21 - 2013-04-09 20:26 - 00000000 ____D C:\ProgramData\APN
2017-02-22 16:21 - 2012-11-10 15:25 - 00000000 ____D C:\Users\Mike
2017-02-22 15:06 - 2013-07-21 14:11 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-22 14:59 - 2016-11-18 19:01 - 00000000 ____D C:\Users\Mike\AppData\LocalLow\Mozilla
2017-02-22 14:48 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf
2017-02-22 14:21 - 2009-07-14 00:13 - 00782510 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-22 14:19 - 2009-07-13 23:45 - 00023584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-02-22 14:19 - 2009-07-13 23:45 - 00023584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-02-22 14:11 - 2016-11-04 18:15 - 00000412 _____ C:\Windows\Tasks\Nero TuneItUp PRO (Tray).job
2017-02-22 14:11 - 2016-10-20 14:23 - 00000000 ___RD C:\Users\Mike\OneDrive
2017-02-22 14:11 - 2015-10-09 07:21 - 00000433 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2017-02-22 14:11 - 2015-01-21 10:16 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2017-02-22 14:11 - 2013-07-12 13:16 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2017-02-22 14:11 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-22 14:11 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\tracing
2017-02-22 14:07 - 2012-11-10 15:27 - 00000000 ____D C:\ProgramData\EPSON
2017-02-22 14:05 - 2014-11-07 21:53 - 00000000 ____D C:\Program Files (x86)\Epson Software
2017-02-22 14:05 - 2012-11-10 15:50 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-22 14:04 - 2014-11-07 21:53 - 00000000 ____D C:\Program Files (x86)\epson
2017-02-22 06:51 - 2016-12-09 06:54 - 00003168 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-22 06:51 - 2016-10-20 14:23 - 00002156 _____ C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2017-02-21 07:01 - 2013-07-07 06:56 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Skype
2017-02-20 07:57 - 2013-07-07 06:56 - 00000000 ____D C:\ProgramData\Skype
2017-02-14 15:21 - 2015-07-09 07:21 - 20359768 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2017-02-14 15:21 - 2015-01-19 08:58 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-02-14 15:21 - 2014-11-28 14:56 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-02-14 15:21 - 2014-11-28 14:56 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-14 15:21 - 2012-11-10 20:06 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-02-14 15:21 - 2012-11-10 20:04 - 00000000 ____D C:\Windows\system32\Macromed
2017-02-13 13:29 - 2015-01-21 10:17 - 00002074 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-13 13:24 - 2009-07-14 00:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2017-01-30 17:39 - 2016-05-25 19:06 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2017-01-30 17:39 - 2016-05-25 19:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-01-30 17:39 - 2016-05-25 19:06 - 00000000 ____D C:\Program Files (x86)\Java
2017-01-30 17:39 - 2016-05-25 19:01 - 00000000 ____D C:\ProgramData\Oracle
2017-01-30 15:43 - 2013-08-23 11:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-30 14:25 - 2016-11-18 18:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-25 10:02 - 2017-01-18 12:48 - 00000000 ____D C:\ES2WorkTemp
2017-01-24 15:48 - 2017-01-18 12:31 - 00000045 _____ C:\Windows\ET-3600.ini
2017-01-23 13:29 - 2012-12-06 14:34 - 00000000 ____D C:\Users\Mike\AppData\Roaming\vlc
2017-01-23 07:36 - 2015-07-08 08:11 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Files in the root of some directories =======

2013-02-03 11:03 - 2011-08-23 18:34 - 0465264 _____ (Corel) C:\Program Files (x86)\Common Files\AppFramework.dll
2013-02-03 11:03 - 2011-08-23 16:42 - 0148177 _____ () C:\Program Files (x86)\Common Files\BookViewer.xap
2013-02-03 11:03 - 2011-08-23 18:35 - 0402800 _____ () C:\Program Files (x86)\Common Files\facebook.dll
2013-02-03 11:03 - 2011-08-23 18:35 - 0033136 _____ (Corel-V1E) C:\Program Files (x86)\Common Files\FlickrProvider.dll
2013-02-03 11:03 - 2011-08-23 18:42 - 0332144 _____ (Corel) C:\Program Files (x86)\Common Files\MediaOrganizer.dll
2013-02-03 11:03 - 2011-08-23 18:35 - 0130416 _____ () C:\Program Files (x86)\Common Files\PluginCommon.dll
2015-11-07 14:19 - 2015-11-07 14:19 - 0000132 _____ () C:\Users\Mike\AppData\Roaming\Adobe PNG Format CS6 Prefs
2015-01-20 21:02 - 2015-01-20 21:02 - 0000268 ___RH () C:\Users\Mike\AppData\Roaming\Audio Unit Effect
2015-01-20 21:02 - 2015-01-20 21:02 - 0000268 ___RH () C:\Users\Mike\AppData\Roaming\Audio Units
2015-06-29 16:51 - 2015-06-30 05:07 - 14548992 _____ () C:\Users\Mike\AppData\Roaming\Sandra.mdb
2012-11-10 18:09 - 2012-11-10 18:09 - 0000268 ___RH () C:\Users\Mike\AppData\Roaming\Speech Enhancer
2015-01-03 06:45 - 2015-01-03 06:45 - 0000268 ___RH () C:\Users\Mike\AppData\Roaming\Sports
2012-11-10 18:13 - 2012-11-10 18:13 - 0000268 ___RH () C:\Users\Mike\AppData\Roaming\Standard
2015-01-03 06:43 - 2015-01-03 06:43 - 0000268 ___RH () C:\Users\Mike\AppData\Roaming\StatusSheet
2012-11-25 12:44 - 2016-12-26 17:56 - 0018944 _____ () C:\Users\Mike\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-11-10 15:50 - 2013-01-03 14:01 - 0000236 _____ () C:\Users\Mike\AppData\Local\LaunchHomeCenter.log
2013-04-28 15:40 - 2015-07-05 21:13 - 0007613 _____ () C:\Users\Mike\AppData\Local\Resmon.ResmonCfg
2015-12-22 19:08 - 2016-08-13 13:12 - 0025344 _____ () C:\Users\Mike\AppData\Local\rx_audio.Cache
2015-12-22 19:06 - 2015-12-22 19:06 - 0000000 _____ () C:\Users\Mike\AppData\Local\rx_image32.Cache
2015-01-20 21:02 - 2015-01-20 21:02 - 0000268 ___RH () C:\ProgramData\Automator
2015-01-20 21:02 - 2015-01-20 21:02 - 0000268 ___RH () C:\ProgramData\BSD
2012-11-25 12:43 - 2016-10-14 09:41 - 0001838 ___SH () C:\ProgramData\KGyGaAvL.sys
2016-11-10 14:28 - 2016-11-10 14:28 - 0004975 _____ () C:\ProgramData\kjiixkes.ghp
2016-10-14 09:24 - 2016-10-14 09:24 - 0000016 _____ () C:\ProgramData\mntemp
2016-10-14 09:24 - 2016-10-14 09:24 - 0004929 _____ () C:\ProgramData\mudtcpaz.vzs
2015-01-03 06:41 - 2016-04-22 06:21 - 0000020 ____H () C:\ProgramData\PKP_DLbx.DAT
2015-01-20 21:02 - 2015-01-20 21:02 - 0000020 ____H () C:\ProgramData\PKP_DLck.DAT
2012-11-10 18:09 - 2014-02-22 06:53 - 0000020 ____H () C:\ProgramData\PKP_DLdu.DAT
2012-11-10 18:13 - 2015-05-22 15:11 - 0000020 ____H () C:\ProgramData\PKP_DLdw.DAT
2015-01-03 06:45 - 2015-06-15 05:07 - 0000020 ____H () C:\ProgramData\PKP_DLdx.DAT
2015-01-03 06:43 - 2015-01-03 06:51 - 0000020 ____H () C:\ProgramData\PKP_DLeq.DAT
2012-11-10 18:09 - 2012-11-10 18:09 - 0000268 ___RH () C:\ProgramData\StartupItems
2015-01-03 06:45 - 2015-01-03 06:45 - 0000268 ___RH () C:\ProgramData\Static Library
2012-11-10 18:13 - 2012-11-10 18:13 - 0000268 ___RH () C:\ProgramData\StatusSheet
2012-11-10 18:09 - 2015-01-03 06:43 - 0000268 ___RH () C:\ProgramData\Strings
2015-01-03 06:45 - 2015-01-03 06:45 - 0000012 ___RH () C:\ProgramData\SupportPrinters
2012-11-10 18:13 - 2012-11-10 18:13 - 0000012 ___RH () C:\ProgramData\Sync Services
2015-01-03 06:43 - 2015-01-03 06:43 - 0000012 ___RH () C:\ProgramData\Techno Kit
2015-06-29 16:21 - 2015-06-29 16:21 - 0022188 _____ () C:\ProgramData\xml97EC.tmp
2015-06-29 16:21 - 2015-06-29 16:21 - 0000000 _____ () C:\ProgramData\xml99D0.tmp
2015-06-29 16:21 - 2015-06-29 16:21 - 0000000 _____ () C:\ProgramData\xml9C41.tmp

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-02-22 12:28

==================== End of FRST.txt ============================

 

Result of Security Analysis by Rocket Grannie (x86) Updated: 5th February, 2017
Running from:D:\Desktop (16:53:16 - 02/22/2017)
***---------------------------------------------------------***
Microsoft Windows 7 Home Premium X64 Service Pack 1
UAC is *Disabled*
Internet Explorer 11
Default Browser: Firefox
***------------Antivirus - Antispyware - Firewall-----------***
ESET NOD32 Antivirus 9.0.408.0's ProductState is indeterminate
ESET NOD32 Antivirus 9.0.408.0's ProductState is indeterminate
Windows Defender (Enabled - Up to Date)
Windows Firewall (Enabled)
*No other Firewall Installed*
***-------Security Programs - Browsers - Miscellaneous------***
Adobe Flash Player 24 NPAPI (version 24.0.0.221)
Firefox (version 51.0.1)
Google Chrome (version 55)
Java (version 8.0.1210.13)
Microsoft Silverlight (version 5.1)
Windows Live Essentials (version 16.4)

CCleaner (version 5.07) is *out of Date*

***----------------Analysis Complete-------------------------***


Google and five telecoms start using 60 Tbps undersea cable

01 July 2016 - 05:55 AM

Google and five Asian telecoms have begun using an undersea cable connecting Oregon and Japan. At 60Tbps, "this is the highest-capacity undersea cable ever built," and Google will have access to 10Tbps of that, the company said in an announcement yesterday.

 

http://arstechnica.com/information-technology/2016/06/google-boosts-its-cloud-with-highest-capacity-undersea-cable-ever-built/


New terrifying malware - Rombertik

07 May 2015 - 05:01 AM

A new type of malware resorts to crippling a computer if it is detected during security checks, a particularly catastrophic blow to its victims.

Rombertik has been identified to propagate via spam and phishing messages sent to would-be victims.

 

You may read full articles here:

http://www.pcworld.c...f-detected.html

http://blogs.cisco.c...talos/rombertik

 

 


Minecraft usernames and passwords leak online

21 January 2015 - 09:47 AM

For online game users take into attention:

 

http://www.hotforsec...line-11209.html


Iberian Peninsula at Night (seen from deep space by NASA)

02 August 2014 - 12:22 PM

NASA releases photos of Portugal and Spain seen from space at night. :alien:

 

http://www.nasa.gov/...t/#.U90Z-uNdWSo


Member of

Support SpywareInfo Forum - click the button
PayPal - The safer, easier way to pay online!