Go Back   Cyber Tech Help Support Forums > Software > Malware Removal

Notices

Reply
 
Topic Tools
  #1  
Old March 16th, 2018, 04:44 PM
Skydevil Skydevil is offline
Senior Member
 
Join Date: May 2011
Posts: 136
Got a Virus

I keep getting pop up web browser windows that I've got a virus and then it won't let me close it.

I believe i clicked on an email that i thought was from my insurance carrier but turns out they were hacked.
Reply With Quote


  #2  
Old March 22nd, 2018, 08:24 PM
olgun52's Avatar
olgun52 olgun52 is offline
Malware Removal Team
 
Join Date: Feb 2014
O/S: Windows 10 Pro
Location: Europa
Posts: 2,029
Hello Skydevil and Welcome to the CyberTechHelp Forums. .
Let's check.

Please take note of some guidelines for this fix:

1- My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Keep your sentences short. Thanks for your understanding.
2- Perform everything in the correct order. Sometimes one step requires the previous one.
3- Please open as administrator the computer. How is open as administrator the computer?
4- Disable your AntiVirus and AntiSpyware applications, as they will interfere with our tools and the removal. If you are unsure how to do this, please refer to get help here
How to disable your security applications.
5- To make sure you have an accurate view of files there, make sure you can View Hidden Files. Also uncheck "Hide Extensions for Known File Types"
6- Back up all your private data / important files on another (external) drive before using our tools (if possible).
7- Please subscribe to this thread if you have not done so already, and please don't do any other scans on your own and don't install or remove software.
8- Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal.

Thanks

************************************************** *******************************************

I Would like you to do the followig;

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Have a nice day.

Reply With Quote
  #3  
Old March 28th, 2018, 04:55 PM
Skydevil Skydevil is offline
Senior Member
 
Join Date: May 2011
Posts: 136
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by User (27-03-2018 20:17:31)
Running from C:\Users\User\Downloads
Windows 8.1 Pro (Update) (X64) (2017-12-29 23:02:39)
Boot Mode: Normal
================================================== ========


==================== Accounts: =============================

Administrator (S-1-5-21-2191935193-2170755763-1873414145-500 - Administrator - Disabled)
Guest (S-1-5-21-2191935193-2170755763-1873414145-501 - Limited - Disabled)
User (S-1-5-21-2191935193-2170755763-1873414145-1001 - Administrator - Enabled) => C:\Users\User

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Act! Pro (HKLM-x32\...\{140B48AD-7D99-4CAA-ACE1-2A3CD6AF412B}) (Version: 17.2.0.0 - Swiftpage ACT! LLC) Hidden
Act! Pro (HKLM-x32\...\InstallShield_{140B48AD-7D99-4CAA-ACE1-2A3CD6AF412B}) (Version: 17.2.0.0 - Swiftpage ACT! LLC)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.113 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.1.201 - Adobe Systems, Inc.)
AdWords Editor (HKLM-x32\...\{5D5A3940-C665-11E7-B232-480FCF5D6515}) (Version: 12.2.1.0 - Google)
Audacity 2.2.1 (HKLM-x32\...\Audacity_is1) (Version: 2.2.1 - Audacity Team)
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.0.27.3 - Synaptics Incorporated)
Dropbox (HKLM-x32\...\Dropbox) (Version: 45.4.92 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.65.1 - Dropbox, Inc.) Hidden
Easy Photo Scan (HKLM-x32\...\{BB6241FF-8B76-45A5-95B9-888EDE8E47DC}) (Version: 1.00.0010 - Seiko Epson Corporation)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.4.0 - Seiko Epson Corporation)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.6.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson ReadyInk Agent (A) (HKLM-x32\...\{A9B4584F-A29E-4880-97E6-1744B4AF2AF8}) (Version: 1.0.1.0 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{B55DB65D-EF6E-4E04-89D5-B03603BF681B}) (Version: 4.4.5 - SEIKO EPSON CORPORATION)
EPSON XP-420 Series Printer Uninstall (HKLM\...\EPSON XP-420 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
FFmpeg (Windows) for Audacity version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
Fitbit Connect (HKLM-x32\...\{30C7C152-D711-4A39-AD18-3F675AEAD50A}) (Version: 2.0.2.6982 - Fitbit Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{A106FA6F-E94C-44C9-8A0F-C34BD82C9FE6}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Office Home and Business 2013 - en-us (HKLM\...\HomeBusinessRetail - en-us) (Version: 15.0.5007.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2191935193-2170755763-1873414145-1001\...\OneDriveSetup.exe) (Version: 18.025.0204.0009 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version: - Microsoft Corporation)
Microsoft SQL Server 2014 Setup (English) (HKLM\...\{0EEBDCCA-EF5D-4896-9FEA-D7D410A57E8A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x86) ENU (HKLM-x32\...\{FF63121D-91C6-42CC-B341-F1AA729728E7}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x86) ENU (HKLM-x32\...\{D3A80508-CD83-4CA3-8671-914A1BC78B61}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.0.2000.8 - Microsoft Corporation)
Mozilla Firefox 59.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 59.0.1 (x64 en-US)) (Version: 59.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.3 - Mozilla)
Mozilla Thunderbird 52.6.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 52.6.0 (x86 en-US)) (Version: 52.6.0 - Mozilla)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5007.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5007.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.5007.1000 - Microsoft Corporation) Hidden
Quicken (HKLM-x32\...\{62D93E3E-2F8E-42BD-9343-896F4F0031D3}) (Version: 27.1.6.12 - Quicken)
SQL Server 2014 Common Files (HKLM\...\{BD1CD96B-FE4B-4EAE-83D4-6EF55AB5779C}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Common Files (HKLM\...\{F7012F84-80F5-4C25-852E-B1BA03276FE6}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{17531BCD-C627-46A2-9F1E-7CC920E0E94A}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{5082A9F3-AEE5-4639-9BA7-C19661BA7331}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{ACC530B8-B6B4-40D6-B59B-152468CF47D0}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{D1B847A9-B06B-4264-9EF0-78E6E1571E65}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.0.2000.8 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (HKLM\...\{6476DB81-F263-4C04-8574-AAD31136C304}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Yamaha Steinberg USB Driver (HKLM\...\{1AE66176-C480-4A76-AEFB-5E59942D134A}) (Version: 1.10.0 - Yamaha Corporation) Hidden
Yamaha Steinberg USB Driver (HKLM-x32\...\yUninstall_{2938B185-2D57-47B0-9FC8-C90A67BA9277}) (Version: 1.10.0 - Yamaha Corporation)
YellowPageCrawler (HKLM-x32\...\{7223C4AB-7B6C-4CCB-AAC7-92190FB100B1}) (Version: 2.2.4 - XShan Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2191935193-2170755763-1873414145-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.33.7 \psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2191935193-2170755763-1873414145-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.33.7 \psuser_64.dll (Google Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2016-10-25] (Intel Corporation)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2017-08-13] (IvoSoft)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {015314C8-2AEC-4B56-B8F2-5B84EEB0A86A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2191935193-2170755763-1873414145-1001Core => C:\Users\User\AppData\Local\Google\Update\GoogleUp date.exe [2018-01-29] (Google Inc.)
Task: {07173794-FB1F-41A7-90B9-5A4B1BE1C5E4} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation)
Task: {2C510E1A-A85E-460A-8DC7-15A0A581148F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2191935193-2170755763-1873414145-1001UA => C:\Users\User\AppData\Local\Google\Update\GoogleUp date.exe [2018-01-29] (Google Inc.)
Task: {3CAADC7A-5F74-4260-9A0A-5B39BD2840B7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe [2018-03-14] (Adobe Systems Incorporated)
Task: {3F0A38A9-9360-4618-B8FE-0808F9B4FBE0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {45FAB505-0F60-42EB-87EF-CD28CBD178D4} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_ 0_0_113_Plugin.exe [2018-03-14] (Adobe Systems Incorporated)
Task: {B9BA9E0B-D292-408D-A4AC-7ACB0F6A2BF1} - System32\Tasks\EPSON XP-420 Series Update {F83E90B3-8099-4000-9872-E731DDF2814B} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNAE.E XE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {C5839807-D66C-4913-A19E-AFB3AFF842B3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation)
Task: {CD7E5E5A-3AD7-452B-B6A9-D8A713331CAB} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2018-01-02] (Dropbox, Inc.)
Task: {E5388AAB-0B1E-4314-9355-F31210BFAE5E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2018-01-02] (Dropbox, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\EPSON XP-420 Series Update {F83E90B3-8099-4000-9872-E731DDF2814B}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNAE.E XE:/EXE:{F83E90B3-8099-4000-9872-E731DDF2814B} /F:UpdateWORKGROUP\CENDECONHUB$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-01-02 16:36 - 2018-01-02 16:36 - 008909512 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2018-01-02 16:31 - 2017-01-17 04:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2016-10-25 02:08 - 2016-10-25 02:08 - 000401912 _____ () C:\Windows\system32\igfxTray.exe
2017-06-14 13:08 - 2017-06-14 13:08 - 067718656 ____R () C:\Program Files (x86)\Fitbit Connect\libcef.dll
2017-10-06 17:06 - 2017-10-06 17:06 - 000068608 ____R () C:\Program Files (x86)\Fitbit Connect\MP3Gain.dll
2018-03-15 11:34 - 2018-03-15 04:50 - 000746312 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-03-15 11:34 - 2018-03-15 04:50 - 002079048 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2018-01-02 19:33 - 2018-03-15 04:50 - 000100312 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2018-01-02 19:33 - 2018-03-15 04:50 - 000018896 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2018-01-02 19:33 - 2018-03-15 04:53 - 000020808 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2018-01-02 19:33 - 2018-03-15 04:50 - 000035808 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2018-01-02 19:33 - 2018-03-15 04:50 - 000694232 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2018-03-15 11:34 - 2018-03-15 04:52 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings. _constant_time.pyd
2018-01-02 19:33 - 2018-03-15 04:50 - 000130520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2018-03-15 11:34 - 2018-03-15 04:52 - 001856864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings. _openssl.pyd
2018-03-15 11:34 - 2018-03-15 04:52 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings. _padding.pyd
2018-03-15 11:34 - 2018-03-15 04:50 - 000145880 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2018-03-15 11:34 - 2018-03-15 04:50 - 000116696 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2018-01-02 19:33 - 2018-03-15 04:50 - 000105944 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2018-01-02 19:33 - 2018-03-15 04:53 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_c rt.pyd
2018-03-15 11:34 - 2018-03-15 04:52 - 000063312 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2018-01-02 19:33 - 2018-03-15 04:50 - 000024536 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2018-03-15 11:34 - 2018-03-15 04:52 - 000077120 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2018-03-15 11:34 - 2018-03-15 04:50 - 000020952 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2018-01-02 19:33 - 2018-03-15 04:50 - 000124888 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2018-01-02 19:33 - 2018-03-15 04:50 - 000114136 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2018-03-15 11:34 - 2018-03-15 04:50 - 000392664 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2018-01-02 19:33 - 2018-03-15 04:53 - 000392520 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2018-01-02 19:33 - 2018-03-15 04:53 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._win ffi_kernel32.pyd
2018-01-02 19:33 - 2018-03-15 04:50 - 000043480 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2018-01-02 19:33 - 2018-03-15 04:50 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2018-01-02 19:33 - 2018-03-15 04:50 - 000175576 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2018-01-02 19:33 - 2018-03-15 04:50 - 000030168 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2018-01-02 19:33 - 2018-03-15 04:50 - 000026072 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd
2018-01-02 19:33 - 2018-03-15 04:50 - 000048600 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2018-01-02 19:33 - 2018-03-15 04:50 - 000057816 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2018-03-15 11:34 - 2018-03-15 04:52 - 000021840 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2018-01-02 19:33 - 2018-03-15 04:53 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.p yd
2018-03-15 11:34 - 2018-03-15 04:52 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.p yd
2018-01-02 19:33 - 2018-03-15 04:53 - 000066400 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinE numHandles.pyd
2018-03-15 11:34 - 2018-03-15 04:52 - 001798464 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2018-01-02 19:33 - 2018-03-15 04:50 - 000084944 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2018-03-15 11:34 - 2018-03-15 04:52 - 001959232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2018-03-15 11:34 - 2018-03-15 04:52 - 003863880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2018-03-15 11:34 - 2018-03-15 04:52 - 000155472 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2018-03-15 11:34 - 2018-03-15 04:52 - 000521544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2018-03-15 11:34 - 2018-03-15 04:52 - 000051024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd
2018-03-15 11:34 - 2018-03-15 04:52 - 000043336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2018-03-15 11:34 - 2018-03-15 04:52 - 000131400 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2018-03-15 11:34 - 2018-03-15 04:52 - 000219984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2018-03-15 11:34 - 2018-03-15 04:52 - 000204104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2018-01-02 19:33 - 2018-03-15 04:53 - 000025440 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._Captu reScreenshot.pyd
2018-01-02 19:33 - 2018-03-15 04:50 - 000060888 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2018-01-02 19:33 - 2018-03-15 04:53 - 000054616 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCSer ver.pyd
2018-01-02 19:33 - 2018-03-15 04:50 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2018-01-02 19:33 - 2018-03-15 04:53 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winff i_user32.pyd
2018-01-02 19:33 - 2018-03-15 04:50 - 000028632 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2018-01-02 19:33 - 2018-03-15 04:53 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._win ffi_iphlpapi.pyd
2018-01-02 19:33 - 2018-03-15 04:53 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._win ffi_winerror.pyd
2018-01-02 19:33 - 2018-03-15 04:53 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winf fi_wininet.pyd
2018-03-15 11:34 - 2018-03-15 04:52 - 000027496 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled ._driverinstallation.pyd
2018-01-02 19:33 - 2018-03-15 04:50 - 000349144 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2018-03-15 11:34 - 2018-03-15 04:52 - 000101704 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2018-01-02 19:33 - 2018-03-15 04:53 - 000023904 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._ VerifySignature.pyd
2018-03-15 11:34 - 2018-03-15 04:52 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyn cffi.pyd
2018-03-15 11:34 - 2018-03-15 04:50 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-01-11 11:23 - 2018-03-15 04:53 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._win ffi_advapi32.pyd
2018-03-15 11:34 - 2018-03-15 04:52 - 000181064 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2018-01-02 19:33 - 2018-03-15 04:53 - 000030544 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.p yd
2018-03-15 11:34 - 2018-03-15 04:52 - 000024384 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-03-15 11:34 - 2018-03-15 04:52 - 001638208 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2018-01-02 19:33 - 2018-03-15 04:53 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winf fi_winhttp.pyd
2018-03-15 11:34 - 2018-03-15 04:52 - 000546632 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2018-03-15 11:34 - 2018-03-15 04:52 - 000359744 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2018-03-15 11:34 - 2018-03-15 04:52 - 000038216 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.pyd

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 06:25 - 2018-03-27 20:12 - 000000828 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2191935193-2170755763-1873414145-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{EC177BDC-08C3-435B-8D9C-0D833E7D8564}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{54E2CA4B-BF99-4376-B86B-E521DEA5FF52}] => (Allow) C:\Users\User\AppData\Local\Microsoft\OneDrive\One Drive.exe
FirewallRules: [{94EE2A61-38D7-430D-8043-B3D3C8A08F68}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{AC2126B9-92B9-4043-8FB2-103C33F35BDA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{0E57C83E-D90E-4B7D-8DA0-FA0D1CE3ACF2}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{9289DCEC-C42A-4FC2-A744-68EE7C778BCF}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{6347D601-AA27-4BA0-9AB5-B7BF6E7324DE}] => (Allow) C:\Users\User\AppData\Local\Temp\XP-420\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{3F874171-C04B-4786-8F33-A490E1F85869}] => (Allow) C:\Users\User\AppData\Local\Temp\XP-420\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{ECDE7111-D28E-4AB2-8262-631E54E6B299}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{CF7314A1-9E3B-4970-99F5-7B1D7B682689}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{675ED45F-16A5-403B-B6D1-79444E70CFAA}] => (Allow) C:\Program Files (x86)\ACT\Act for Windows\Act!.exe
FirewallRules: [{8FC0174B-8C00-449E-BFAE-DEA64818E043}] => (Allow) C:\Program Files (x86)\ACT\Act for Windows\ActEmail.exe
FirewallRules: [{185E6C38-C6D6-4785-AD35-D66D2F8EEE4D}] => (Allow) C:\Program Files (x86)\ACT\Act for Windows\Act15.exe
FirewallRules: [{2D73D2D1-4D0F-478E-B619-7A2E23BD5607}] => (Allow) C:\Program Files (x86)\ACT\Act for Windows\Act.Server.Host.exe
FirewallRules: [{52BAFE6C-E8D0-4091-9FF7-D3DB3203E92B}] => (Allow) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
FirewallRules: [{2517049A-1C12-4E0D-9CEA-4233FFE5EAF6}] => (Allow) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
FirewallRules: [{F41FC90B-4EA3-42F3-8FC8-C43784AC0394}] => (Allow) C:\Program Files\Microsoft SQL Server\MSSQL12.ACT7\MSSQL\Binn\sqlservr.exe
FirewallRules: [{26D6C8F7-1C3F-4AFB-B159-CE0EF10E11CF}] => (Allow) LPort=1434
FirewallRules: [{1384517E-6EBF-4BEE-B53D-8EF4CBCDFF8D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Restore Points =========================

05-03-2018 12:19:52 Installed Yamaha Steinberg USB Driver
17-03-2018 02:30:20 Scheduled Checkpoint
24-03-2018 04:15:11 Scheduled Checkpoint
27-03-2018 20:15:23 Removed iSEEK AnswerWorks English Runtime

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/27/2018 08:15:06 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.window s.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f 33d3ecbe86e8.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows. common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec 6aab013aafee.manifest.

Error: (03/27/2018 08:14:16 PM) (Source: MsiInstaller) (EventID: 11706) (User: CENDECONHUB)
Description: Product: ICA -- Error 1706.No valid source could be found for product ICA. The Windows Installer cannot continue.

Error: (03/27/2018 08:14:16 PM) (Source: MsiInstaller) (EventID: 11706) (User: CENDECONHUB)
Description: Product: IPM -- Error 1706.No valid source could be found for product IPM. The Windows Installer cannot continue.

Error: (03/27/2018 08:14:15 PM) (Source: MsiInstaller) (EventID: 11706) (User: CENDECONHUB)
Description: Product: Corel WinDVD -- Error 1706.No valid source could be found for product Corel WinDVD. The Windows Installer cannot continue.

Error: (03/27/2018 08:14:14 PM) (Source: MsiInstaller) (EventID: 11706) (User: CENDECONHUB)
Description: Product: Setup -- Error 1706.No valid source could be found for product Setup. The Windows Installer cannot continue.

Error: (03/27/2018 08:14:14 PM) (Source: MsiInstaller) (EventID: 11706) (User: CENDECONHUB)
Description: Product: Setup -- Error 1706.No valid source could be found for product Setup. The Windows Installer cannot continue.

Error: (03/27/2018 08:13:02 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.window s.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f 33d3ecbe86e8.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows. common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec 6aab013aafee.manifest.

Error: (03/24/2018 10:35:51 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.window s.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f 33d3ecbe86e8.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows. common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec 6aab013aafee.manifest.


System errors:
=============
Error: (03/27/2018 03:55:21 AM) (Source: DCOM) (EventID: 10010) (User: CENDECONHUB)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.

Error: (03/27/2018 03:54:51 AM) (Source: DCOM) (EventID: 10010) (User: CENDECONHUB)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.

Error: (03/26/2018 02:17:20 AM) (Source: DCOM) (EventID: 10010) (User: CENDECONHUB)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.

Error: (03/26/2018 02:16:50 AM) (Source: DCOM) (EventID: 10010) (User: CENDECONHUB)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.

Error: (03/25/2018 04:16:03 AM) (Source: DCOM) (EventID: 10010) (User: CENDECONHUB)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.

Error: (03/25/2018 04:15:28 AM) (Source: DCOM) (EventID: 10010) (User: CENDECONHUB)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.

Error: (03/24/2018 03:50:51 AM) (Source: DCOM) (EventID: 10010) (User: CENDECONHUB)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.

Error: (03/24/2018 03:50:20 AM) (Source: DCOM) (EventID: 10010) (User: CENDECONHUB)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.


Windows Defender:
===================================
Date: 2018-03-18 14:35:32.472
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {3E97A697-30AF-4E04-A43A-8473E72A4E4D}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-03-18 14:20:55.256
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {C79F61AC-8B97-4512-899B-C1E3177E98F2}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-03-18 14:09:47.602
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {E3AA52F0-5456-44AA-97AE-B8D81E23CD62}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-02-25 12:03:26.576
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {2BBB7497-F21F-4039-AE27-53068C0C43C1}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-02-05 14:05:25.933
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {08423DA2-FE3C-4EA6-98CD-64DFAEDA5E54}
Scan Type: Antimalware
Scan Parameters: Full Scan

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 42%
Total physical RAM: 8096.75 MB
Available physical RAM: 4635.82 MB
Total Virtual: 16288.75 MB
Available Virtual: 12537.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:698.29 GB) (Free:384.41 GB) NTFS
Drive d: (H5_SD) (Removable) (Total:28.96 GB) (Free:28.8 GB) FAT32

\\?\Volume{91c0fee4-eceb-11e7-824f-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.34 GB) (Free:0.09 GB) NTFS

==================== MBR & Partition Table ==================

================================================== ======
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: 1E37C763)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=698.3 GB) - (Type=07 NTFS)

================================================== ======
Disk: 1 (Protective MBR) (Size: 29 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================
Reply With Quote
  #4  
Old March 28th, 2018, 04:55 PM
Skydevil Skydevil is offline
Senior Member
 
Join Date: May 2011
Posts: 136
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by User (administrator) on CENDECONHUB (27-03-2018 20:16:46)
Running from C:\Users\User\Downloads
Loaded Profiles: User (Available Profiles: User)
Platform: Windows 8.1 Pro (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft) C:\Program Files (x86)\ACT\Act for Windows\Act.Server.Host.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\PMA_A\PMAService.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.ACT7\MSSQL\Binn\sqlservr.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\Pres entationFontCache.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATINAE. EXE
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(Swiftpage ACT! LLC) C:\Program Files (x86)\ACT\Act for Windows\Act!.Integration.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Swiftpage ACT! LLC) C:\Program Files (x86)\ACT\Act for Windows\Act.Outlook.Service.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\PMA_A\PMA.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (IvoSoft)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567936 2018-03-15] (Dropbox, Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Act.Outlook.Service] => C:\Program Files (x86)\ACT\Act for Windows\Act.Outlook.Service.exe [18944 2015-06-23] (Swiftpage ACT! LLC)
HKLM-x32\...\Run: [Act! Preloader] => C:\Program Files (x86)\ACT\Act for Windows\Act!.exe [268984 2015-06-23] (Swiftpage ACT! LLC)
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [7285920 2017-10-06] (Fitbit, Inc.)
HKU\S-1-5-21-2191935193-2170755763-1873414145-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATINAE. EXE [298560 2014-03-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2191935193-2170755763-1873414145-1001\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [7285920 2017-10-06] (Fitbit, Inc.)
HKU\S-1-5-21-2191935193-2170755763-1873414145-1001\...\Run: [Google Update] => C:\Users\User\AppData\Local\Google\Update\1.3.33.7 \GoogleUpdateCore.exe [601680 2018-01-29] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Act! Integration.lnk [2018-01-08]
ShortcutTarget: Act! Integration.lnk -> C:\Program Files (x86)\ACT\Act for Windows\Act!.Integration.exe (Swiftpage ACT! LLC)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{61198563-95A6-48D4-9E89-83629CBB891E}: [DhcpNameServer] 192.168.200.100 8.8.8.8
Tcpip\..\Interfaces\{B5E065D0-DC1E-4B00-98B0-159CD0F214B6}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKU\S-1-5-21-2191935193-2170755763-1873414145-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?gws_rd=ssl
SearchScopes: HKU\S-1-5-21-2191935193-2170755763-1873414145-1001 -> DefaultScope {7CAF7CBD-B0F1-49A0-BEB6-E1D87345A451} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.micros oft:{language}:{referrer:source}&ie={inputEncoding ?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-2191935193-2170755763-1873414145-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2191935193-2170755763-1873414145-1001 -> {7CAF7CBD-B0F1-49A0-BEB6-E1D87345A451} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.micros oft:{language}:{referrer:source}&ie={inputEncoding ?}&oe={outputEncoding?}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2018-02-23] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2018-02-23] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2017-08-13] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (IvoSoft)
BHO-x32: Act.UI.InternetExplorer.Plugins.AttachFile.CAttach File -> {D5233FCD-D258-4903-89B8-FB1568E7413D} -> C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2017-08-13] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (IvoSoft)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxps://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2018-01-02] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 3el1ez1i.default
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Prof iles\3el1ez1i.default [2018-03-27]
FF Session Restore: Mozilla\Firefox\Profiles\3el1ez1i.default -> is enabled.
FF Extension: (Open Google Calendar in a new tab) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Prof iles\3el1ez1i.default\Extensions\{40c9c847-d965-4817-8dc0-29ce513cdc54}.xpi [2018-01-03]
FF Extension: (TLS 1.3 gradual roll-out) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Prof iles\3el1ez1i.default\features\{b173f6ee-34d6-44ef-87e8-7d1869b72522}\tls13-rollout-bug1442042@mozilla.org.xpi [2018-03-24] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_29_0_0_ 113.dll [2018-03-14] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_ 113.dll [2018-03-14] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1231201 .dll [2017-11-02] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2018-01-02] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2191935193-2170755763-1873414145-1001: @tools.google.com/Google Update;version=3 -> C:\Users\User\AppData\Local\Google\Update\1.3.33.7 \npGoogleUpdate3.dll [2018-01-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-2191935193-2170755763-1873414145-1001: @tools.google.com/Google Update;version=9 -> C:\Users\User\AppData\Local\Google\Update\1.3.33.7 \npGoogleUpdate3.dll [2018-01-29] (Google Inc.)

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 Act! Scheduler; C:\Program Files (x86)\ACT\Act for Windows\Act.Scheduler.exe [90112 2015-06-23] (Swiftpage ACT! LLC) [File not signed]
R2 ActService; C:\Program Files (x86)\ACT\Act for Windows\Act.Server.Host.exe [27136 2015-06-23] (Microsoft) [File not signed]
R2 ActSmartTaskService; C:\Program Files (x86)\ACT\Act for Windows\Act.Server.Host.exe [27136 2015-06-23] (Microsoft) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058392 2017-12-12] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-01-02] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-01-02] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2018-03-15] (Dropbox, Inc.)
R2 Epson PMAService A; C:\Program Files (x86)\Epson Software\PMA_A\PMAService.exe [113144 2017-03-28] (Seiko Epson Corporation)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [6106112 2017-10-06] (Fitbit, Inc.) [File not signed]
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373760 2016-10-25] (Intel Corporation)
R2 MSSQL$ACT7; C:\Program Files\Microsoft SQL Server\MSSQL12.ACT7\MSSQL\Binn\sqlservr.exe [370368 2014-02-21] (Microsoft Corporation)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [251832 2010-12-02] (arvato digital services llc)
S4 SQLAgent$ACT7; C:\Program Files\Microsoft SQL Server\MSSQL12.ACT7\MSSQL\Binn\SQLAGENT.EXE [613056 2014-02-21] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [247400 2015-11-02] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.)
R3 ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [31136 2015-05-28] (ELAN Microelectronic Corp.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R1 MpKsl726dc821; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{77BB7F2E-E30E-4CAD-BBDE-E353675EF791}\MpKsl726dc821.sys [58120 2018-03-27] (Microsoft Corporation)
R3 NETwNs64; C:\Windows\system32\DRIVERS\Netwsw04.sys [3370248 2016-02-27] (Intel Corporation)
S4 RsFx0300; C:\Windows\System32\DRIVERS\RsFx0300.sys [247488 2014-02-21] (Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 ysusb_w8_1_64; C:\Windows\system32\drivers\ysusb_w8_1_64.sys [157088 2017-12-19] (Yamaha Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-27 20:10 - 2018-03-27 20:10 - 002403328 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2018-03-20 10:09 - 2018-03-20 10:09 - 000376058 _____ C:\Users\User\Desktop\f23416c775aac21f931785d3911b ddf7.htm
2018-03-15 13:37 - 2018-03-02 11:55 - 000834552 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-03-15 13:37 - 2018-03-02 11:55 - 000179704 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-03-15 13:35 - 2018-03-15 13:35 - 654141545 _____ C:\Windows\MEMORY.DMP
2018-03-15 13:35 - 2018-03-15 13:35 - 000427336 _____ C:\Windows\Minidump\031518-105015-01.dmp
2018-03-15 11:35 - 2018-03-15 11:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-03-15 04:50 - 2018-03-15 04:50 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2018-03-15 04:50 - 2018-03-15 04:50 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2018-03-15 04:50 - 2018-03-15 04:50 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2018-03-15 04:50 - 2018-03-15 04:50 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2018-03-14 02:55 - 2018-03-14 02:55 - 000004466 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-03-13 13:18 - 2018-02-13 07:20 - 001994752 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-03-13 13:18 - 2018-02-13 07:20 - 000451072 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-03-13 13:17 - 2018-03-03 00:24 - 007407960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-03-13 13:17 - 2018-03-03 00:24 - 000419160 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-03-13 13:17 - 2018-03-03 00:11 - 001737600 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-03-13 13:17 - 2018-03-03 00:11 - 001676064 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-03-13 13:17 - 2018-03-03 00:11 - 001536120 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-03-13 13:17 - 2018-03-03 00:11 - 001500432 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-03-13 13:17 - 2018-03-03 00:11 - 001371352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2018-03-13 13:17 - 2018-03-02 22:23 - 000005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-03-13 13:17 - 2018-03-02 22:22 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-03-13 13:17 - 2018-02-21 14:09 - 000022816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbldfltr.sys
2018-03-13 13:17 - 2018-02-18 13:53 - 004168704 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-03-13 13:17 - 2018-02-16 08:51 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-03-13 13:17 - 2018-02-16 08:51 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-03-13 13:17 - 2018-02-16 08:45 - 025742848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-03-13 13:17 - 2018-02-16 08:44 - 013678080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-03-13 13:17 - 2018-02-16 08:28 - 000128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2018-03-13 13:17 - 2018-02-16 08:24 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-03-13 13:17 - 2018-02-16 08:24 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-03-13 13:17 - 2018-02-16 08:19 - 020286976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-03-13 13:17 - 2018-02-16 07:37 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-03-13 13:17 - 2018-02-16 07:37 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-03-13 13:17 - 2018-02-15 08:15 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-03-13 13:17 - 2018-02-15 07:57 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-03-13 13:17 - 2018-02-14 14:45 - 000145024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-03-13 13:17 - 2018-02-13 07:20 - 001560064 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-03-13 13:17 - 2018-02-13 07:20 - 000740864 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-03-13 13:17 - 2018-02-13 07:20 - 000655872 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-03-13 13:17 - 2018-02-13 07:20 - 000600576 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-03-13 13:17 - 2018-02-13 07:20 - 000380928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-03-13 13:17 - 2018-02-13 07:20 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-03-13 13:17 - 2018-02-13 07:20 - 000237568 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-03-13 13:17 - 2018-02-10 13:24 - 000178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-03-13 13:17 - 2018-02-10 12:29 - 000274272 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2018-03-13 13:17 - 2018-02-10 12:29 - 000124760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS
2018-03-13 13:17 - 2018-02-10 12:29 - 000065888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS
2018-03-13 13:17 - 2018-02-10 12:29 - 000062304 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys
2018-03-13 13:17 - 2018-02-10 12:29 - 000021856 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys
2018-03-13 13:17 - 2018-02-10 12:29 - 000017240 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys
2018-03-13 13:17 - 2018-02-10 12:25 - 000533856 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2018-03-13 13:17 - 2018-02-10 12:08 - 001307328 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-03-13 13:17 - 2018-02-10 12:06 - 000356184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-03-13 13:17 - 2018-02-10 10:50 - 000401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-03-13 13:17 - 2018-02-10 10:40 - 002901504 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-03-13 13:17 - 2018-02-10 10:40 - 000577536 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-03-13 13:17 - 2018-02-10 10:37 - 005779968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-03-13 13:17 - 2018-02-10 10:27 - 000817152 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-03-13 13:17 - 2018-02-10 10:26 - 000440832 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2018-03-13 13:17 - 2018-02-10 10:20 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-03-13 13:17 - 2018-02-10 10:10 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-03-13 13:17 - 2018-02-10 10:09 - 003757056 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2018-03-13 13:17 - 2018-02-10 10:06 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-03-13 13:17 - 2018-02-10 10:03 - 000145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2018-03-13 13:17 - 2018-02-10 10:01 - 000617472 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2018-03-13 13:17 - 2018-02-10 10:00 - 000661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-03-13 13:17 - 2018-02-10 09:59 - 000404992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2018-03-13 13:17 - 2018-02-10 09:58 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-03-13 13:17 - 2018-02-10 09:57 - 015281664 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-03-13 13:17 - 2018-02-10 09:54 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-03-13 13:17 - 2018-02-10 09:52 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-03-13 13:17 - 2018-02-10 09:50 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-03-13 13:17 - 2018-02-10 09:50 - 000380416 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-03-13 13:17 - 2018-02-10 09:48 - 001436672 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-03-13 13:17 - 2018-02-10 09:47 - 002134016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-03-13 13:17 - 2018-02-10 09:46 - 002412544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2018-03-13 13:17 - 2018-02-10 09:44 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-03-13 13:17 - 2018-02-10 09:43 - 000109056 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-03-13 13:17 - 2018-02-10 09:40 - 004496384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-03-13 13:17 - 2018-02-10 09:39 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-03-13 13:17 - 2018-02-10 09:35 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-03-13 13:17 - 2018-02-10 09:34 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-03-13 13:17 - 2018-02-10 09:34 - 000331776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-03-13 13:17 - 2018-02-10 09:33 - 002058240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-03-13 13:17 - 2018-02-10 09:33 - 000747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-03-13 13:17 - 2018-02-10 09:30 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-03-13 13:17 - 2018-02-10 09:29 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-03-13 13:17 - 2018-02-10 09:23 - 001545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-03-13 13:17 - 2018-02-10 09:12 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-03-13 13:17 - 2018-02-10 09:11 - 001313792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-03-13 13:17 - 2018-02-10 09:09 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-03-13 13:17 - 2018-02-08 10:37 - 002779648 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-03-13 13:17 - 2018-02-08 09:57 - 002464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-03-13 13:17 - 2018-02-02 13:42 - 003320832 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-03-13 13:17 - 2018-02-02 12:24 - 003610112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-03-13 13:17 - 2018-01-26 12:04 - 001115648 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2018-03-13 13:17 - 2018-01-12 11:18 - 000538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2018-03-13 13:17 - 2018-01-12 10:26 - 000393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2018-03-13 13:17 - 2018-01-11 11:39 - 000163328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cic.dll
2018-03-13 13:17 - 2018-01-11 11:39 - 000114688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcshext.dll
2018-03-13 13:17 - 2018-01-11 11:34 - 000311296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcbase.dll
2018-03-13 13:17 - 2018-01-11 11:28 - 001562624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
2018-03-13 13:17 - 2018-01-11 11:19 - 002364928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll
2018-03-13 13:17 - 2018-01-11 11:10 - 000202752 _____ (Microsoft Corporation) C:\Windows\system32\cic.dll
2018-03-13 13:17 - 2018-01-11 11:10 - 000128000 _____ (Microsoft Corporation) C:\Windows\system32\mmcshext.dll
2018-03-13 13:17 - 2018-01-11 11:04 - 000350208 _____ (Microsoft Corporation) C:\Windows\system32\mmcbase.dll
2018-03-13 13:17 - 2018-01-11 10:55 - 002003456 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2018-03-13 13:17 - 2018-01-11 10:42 - 002923520 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2018-03-13 13:17 - 2018-01-11 10:13 - 001695744 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2018-03-13 13:17 - 2018-01-10 07:48 - 000559616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2018-03-13 13:17 - 2018-01-09 00:04 - 000276312 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2018-03-13 13:17 - 2018-01-08 23:09 - 000309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2018-03-13 13:17 - 2018-01-08 23:06 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2018-03-13 13:17 - 2018-01-08 22:35 - 000477696 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2018-03-13 13:17 - 2018-01-08 22:35 - 000289280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\compstui.dll
2018-03-13 13:17 - 2018-01-08 22:32 - 000826368 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2018-03-13 13:17 - 2018-01-08 22:32 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2018-03-13 13:17 - 2018-01-08 22:30 - 000260096 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll
2018-03-13 13:17 - 2018-01-08 22:29 - 000221184 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2018-03-13 13:17 - 2018-01-08 22:19 - 001292288 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2018-03-13 13:17 - 2018-01-08 22:09 - 000367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2018-03-13 13:17 - 2018-01-08 22:05 - 000199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2018-03-13 13:17 - 2018-01-08 21:59 - 001060352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2018-03-13 13:17 - 2018-01-08 21:49 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2018-03-13 13:17 - 2018-01-08 21:46 - 001096192 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2018-03-13 13:17 - 2018-01-08 21:39 - 000167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2018-03-05 15:46 - 2018-03-05 15:46 - 000202576 _____ C:\Users\User\Desktop\untitled.wav
2018-03-05 12:20 - 2018-03-05 12:20 - 000000000 ____D C:\Program Files (x86)\Yamaha
2018-03-05 12:19 - 2018-03-05 12:20 - 000000000 ____D C:\ProgramData\Yamaha_Uninstaller
2018-03-02 20:49 - 2017-10-04 01:21 - 000029352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2018-03-02 20:49 - 2017-10-04 01:21 - 000019088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2018-03-02 20:49 - 2017-10-03 20:45 - 000030888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2018-03-02 20:49 - 2017-10-03 20:45 - 000019088 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2018-03-02 18:57 - 2018-03-02 18:57 - 000330825 _____ C:\Users\User\Desktop\Cendecon AOA.pdf
2018-03-01 17:59 - 2018-03-01 17:59 - 000347839 _____ C:\Users\User\Desktop\PSC_Form.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-27 20:17 - 2018-01-02 11:44 - 000014252 _____ C:\Users\User\Downloads\FRST.txt
2018-03-27 20:16 - 2018-01-29 14:48 - 000000168 _____ C:\Users\User\BullseyeCoverageError.txt
2018-03-27 20:16 - 2018-01-02 11:38 - 000000000 ____D C:\FRST
2018-03-27 20:15 - 2018-01-03 13:05 - 000000000 ____D C:\Windows\system32\appmgmt
2018-03-27 20:12 - 2018-01-03 14:11 - 000000000 ____D C:\Users\User\AppData\Local\ClassicShell
2018-03-27 20:11 - 2018-01-02 19:18 - 000000000 ____D C:\Users\User\AppData\LocalLow\Mozilla
2018-03-27 19:47 - 2018-01-05 19:47 - 000000943 _____ C:\Windows\Tasks\EPSON XP-420 Series Update {F83E90B3-8099-4000-9872-E731DDF2814B}.job
2018-03-27 19:35 - 2018-01-02 19:30 - 000000916 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2018-03-27 19:03 - 2018-01-05 19:47 - 000000000 ____D C:\Users\User\AppData\Roaming\Epson
2018-03-27 18:35 - 2018-01-02 19:30 - 000000912 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2018-03-26 08:08 - 2018-01-03 12:19 - 000000000 ____D C:\Users\User\AppData\Roaming\Quicken
2018-03-24 10:43 - 2017-12-29 16:08 - 000003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2191935193-2170755763-1873414145-1001
2018-03-24 10:35 - 2018-01-02 19:20 - 000000948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-03-24 10:35 - 2018-01-02 19:20 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-03-24 10:35 - 2018-01-02 19:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-03-24 10:30 - 2014-03-18 03:04 - 001025714 _____ C:\Windows\system32\PerfStringBackup.INI
2018-03-24 10:30 - 2013-08-22 06:36 - 000000000 ____D C:\Windows\Inf
2018-03-24 10:25 - 2017-12-29 16:48 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-03-24 10:25 - 2017-12-29 16:48 - 000000000 __SHD C:\Users\User\IntelGraphicsProfiles
2018-03-24 10:25 - 2013-08-22 07:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-03-20 20:51 - 2018-01-09 19:39 - 000000000 ____D C:\Users\User\AppData\Roaming\audacity
2018-03-20 08:04 - 2018-01-03 18:45 - 000003176 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2191935193-2170755763-1873414145-1001
2018-03-20 08:04 - 2018-01-03 18:45 - 000002299 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\OneDrive for Business.lnk
2018-03-19 10:16 - 2017-12-29 16:02 - 000000000 ____D C:\Users\User\AppData\Local\Packages
2018-03-17 20:39 - 2013-08-22 08:36 - 000000000 ____D C:\Windows\AppReadiness
2018-03-17 02:31 - 2013-08-22 08:36 - 000000000 ____D C:\Windows\rescache
2018-03-15 13:49 - 2013-08-22 06:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2018-03-15 13:35 - 2018-02-23 12:12 - 000000000 ____D C:\Windows\Minidump
2018-03-15 13:35 - 2013-08-22 07:44 - 000372424 _____ C:\Windows\system32\FNTCACHE.DAT
2018-03-15 13:26 - 2018-01-02 10:24 - 000000000 ____D C:\Windows\system32\appraiser
2018-03-15 13:26 - 2013-08-22 08:36 - 000000000 ___RD C:\Windows\ToastData
2018-03-15 13:26 - 2013-08-22 08:36 - 000000000 ____D C:\Windows\PolicyDefinitions
2018-03-15 11:35 - 2018-01-02 19:30 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-03-14 02:55 - 2018-02-05 14:26 - 000004324 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-03-14 02:55 - 2013-08-22 08:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-03-14 02:55 - 2013-08-22 08:36 - 000000000 ____D C:\Windows\system32\Macromed
2018-03-13 19:16 - 2013-08-22 08:20 - 000000000 ____D C:\Windows\CbsTemp
2018-03-13 19:15 - 2017-12-30 03:10 - 000000000 ____D C:\Windows\system32\MRT
2018-03-13 19:13 - 2017-12-30 03:10 - 130364688 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-03-13 19:13 - 2017-12-30 03:09 - 130364688 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-03-12 15:56 - 2018-01-02 11:46 - 000000000 ___RD C:\Users\User\Dropbox
2018-02-28 00:55 - 2018-01-02 11:17 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-02-27 23:32 - 2013-08-22 08:36 - 000000000 ____D C:\Windows\LiveKernelReports

==================== Files in the root of some directories =======

2018-01-08 18:30 - 2018-01-08 18:31 - 008935392 _____ (Swiftpage Act! LLC ) C:\Users\User\AppData\Roaming\act17sp2hf2bss.exe
2018-01-13 13:55 - 2018-01-13 13:55 - 000000000 ____H () C:\Users\User\AppData\Roaming\ActUpdate.log
2018-01-08 18:43 - 2018-01-08 18:43 - 000032478 _____ () C:\Users\User\AppData\Roaming\NGEN_AppLog_Install. txt
2018-01-03 13:55 - 2018-01-03 13:55 - 000000017 _____ () C:\Users\User\AppData\Local\resmon.resmoncfg

Some files in TEMP:
====================
2018-01-29 14:48 - 2018-01-29 14:48 - 000010520 _____ () C:\Users\User\AppData\Local\Temp\BullseyeCoverage-x86-3.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-03-20 03:28

==================== End of FRST.txt ============================
Reply With Quote
  #5  
Old March 29th, 2018, 11:50 PM
olgun52's Avatar
olgun52 olgun52 is offline
Malware Removal Team
 
Join Date: Feb 2014
O/S: Windows 10 Pro
Location: Europa
Posts: 2,029
Hi Skydevil


C:\Users\User\Desktop\f23416c775aac21f931785d3911b ddf7.htm
Is this file safe?

================================================== =====
Please do this,

Please go to: VirusTotal
On the page you'll find a "Upload and scan file" button.
Click on the "Upload and scan file"button.
"Choose File"

C:\Users\User\AppData\Roaming\act17sp2hf2bss.exe

Next, click the Open button.
This will scan the file. Please be patient.
Once scanned, copy and paste the link to the results page in your next reply.

================================================== =

[DhcpNameServer] 192.168.200.100 8.8.8.8
Did you this DNS setttings. Do you know him?

Thanks,regards.
Reply With Quote
  #6  
Old April 1st, 2018, 08:04 PM
Skydevil Skydevil is offline
Senior Member
 
Join Date: May 2011
Posts: 136
I think that file on my desktop was not good - I deleted it.

here is the link: https://www.virustotal.com/#/file/35...bd8cc5/details (think this is my database file? I use ACT! database)

[DhcpNameServer] 192.168.200.100 8.8.8.8
Did you this DNS setttings. Do you know him? I don't think I do? My husband's computer networks to mine but I dont' think this is his? I don't even know about DNS settings.
Reply With Quote
  #7  
Old April 2nd, 2018, 08:07 PM
olgun52's Avatar
olgun52 olgun52 is offline
Malware Removal Team
 
Join Date: Feb 2014
O/S: Windows 10 Pro
Location: Europa
Posts: 2,029
Hi Skydevil,
Sorry for the delay in writing back. On the logs doesen't seems problem.
----------------------

Please do this following.

Step 1:

Copy the below code to Notepad; Save As fixlist.txt to your Desktop.

Code:
CreateRestorePoint:
CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
FirewallRules: [{6347D601-AA27-4BA0-9AB5-B7BF6E7324DE}] => (Allow) C:\Users\User\AppData\Local\Temp\XP-420\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{3F874171-C04B-4786-8F33-A490E1F85869}] => (Allow) C:\Users\User\AppData\Local\Temp\XP-420\Network\EpsonNetSetup\ENEasyApp.exe
SearchScopes: HKU\S-1-5-21-2191935193-2170755763-1873414145-1001 -> DefaultScope {7CAF7CBD-B0F1-49A0-BEB6-E1D87345A451} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.micros oft:{language}:{referrer:source}&ie={inputEncoding ?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-2191935193-2170755763-1873414145-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2191935193-2170755763-1873414145-1001 -> {7CAF7CBD-B0F1-49A0-BEB6-E1D87345A451} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.micros oft:{language}:{referrer:source}&ie={inputEncoding ?}&oe={outputEncoding?}
C:\Users\User\BullseyeCoverageError.txt
C:\Users\User\AppData\Local\Temp\BullseyeCoverage-x86-3.dll
cmd: netsh winsock reset catalog
cmd: netsh int ip reset C:\resettcpip.txt
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state ON
cmd: Bitsadmin /Reset /Allusers
cmd: ipconfig /flushdns
Hosts:
EMPTYTEMP:
Close Notepad.

NOTE: It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST64 and press the Fix button just once and wait.

If the tool needed a restart please make sure you let the system to restart normally and let the tool complete its run after restart.

The tool will make a log on the Desktop (Fixlog.txt). Attach it to your reply.

Note: If the tool warns you about an outdated version please download and run the updated version.

Step 2:
Please download Adwcleaner Link1,Link2,Link3 by Xplode onto your desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scann, then Clean.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

Regards.

Last edited by olgun52; April 2nd, 2018 at 08:15 PM.
Reply With Quote
  #8  
Old April 2nd, 2018, 11:59 PM
Skydevil Skydevil is offline
Senior Member
 
Join Date: May 2011
Posts: 136
Fix result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by User (02-04-2018 15:51:29) Run:2
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available Profiles: User)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
FirewallRules: [{6347D601-AA27-4BA0-9AB5-B7BF6E7324DE}] => (Allow) C:\Users\User\AppData\Local\Temp\XP-420\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{3F874171-C04B-4786-8F33-A490E1F85869}] => (Allow) C:\Users\User\AppData\Local\Temp\XP-420\Network\EpsonNetSetup\ENEasyApp.exe
SearchScopes: HKU\S-1-5-21-2191935193-2170755763-1873414145-1001 -> DefaultScope {7CAF7CBD-B0F1-49A0-BEB6-E1D87345A451} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.micros oft:{language}:{referrer:source}&ie={inputEncoding ?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-2191935193-2170755763-1873414145-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2191935193-2170755763-1873414145-1001 -> {7CAF7CBD-B0F1-49A0-BEB6-E1D87345A451} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.micros oft:{language}:{referrer:source}&ie={inputEncoding ?}&oe={outputEncoding?}
C:\Users\User\BullseyeCoverageError.txt
C:\Users\User\AppData\Local\Temp\BullseyeCoverage-x86-3.dll
cmd: netsh winsock reset catalog
cmd: netsh int ip reset C:\resettcpip.txt
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state ON
cmd: Bitsadmin /Reset /Allusers
cmd: ipconfig /flushdns
Hosts:
EMPTYTEMP:
*****************

Restore point was successfully created.
Processes closed successfully.
"HKLM\Software\Classes\Directory\Background\ShellE x\ContextMenuHandlers\igfxcui" => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk" => not found
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ex plorer\StartupApproved\StartupFolder\\McAfee Security Scan Plus.lnk" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\\{6347D 601-AA27-4BA0-9AB5-B7BF6E7324DE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\\{3F874 171-C04B-4786-8F33-A490E1F85869}" => removed successfully
"HKU\S-1-5-21-2191935193-2170755763-1873414145-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-21-2191935193-2170755763-1873414145-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"HKU\S-1-5-21-2191935193-2170755763-1873414145-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7CAF7CBD-B0F1-49A0-BEB6-E1D87345A451}" => removed successfully
HKLM\Software\Classes\CLSID\{7CAF7CBD-B0F1-49A0-BEB6-E1D87345A451} => not found
C:\Users\User\BullseyeCoverageError.txt => moved successfully
C:\Users\User\AppData\Local\Temp\BullseyeCoverage-x86-3.dll => moved successfully

========= netsh winsock reset catalog =========


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= End of CMD: =========


========= netsh int ip reset C:\resettcpip.txt =========

Resetting Global, OK!
Resetting Interface, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting , failed.
Access is denied.

Resetting , OK!
Restart the computer to complete this action.


========= End of CMD: =========


========= netsh advfirewall reset =========

Ok.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Ok.


========= End of CMD: =========


========= Bitsadmin /Reset /Allusers =========


BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========


========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 39938955 B
Java, Flash, Steam htmlcache => 294 B
Windows/system/drivers => 32860445 B
Edge => 0 B
Chrome => 0 B
Firefox => 411295045 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 267380 B
User => 537026249 B

RecycleBin => 6083490106 B
EmptyTemp: => 6.6 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 15:52:53 ====
Reply With Quote
  #9  
Old April 3rd, 2018, 12:30 AM
Skydevil Skydevil is offline
Senior Member
 
Join Date: May 2011
Posts: 136
# AdwCleaner 7.0.8.0 - Logfile created on Mon Apr 02 23:02:37 2018
# Updated on 2018/08/02 by Malwarebytes
# Database: 2018-04-02.1
# Running on Windows 8.1 Pro (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************



########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########
Reply With Quote
  #10  
Old April 3rd, 2018, 12:31 AM
Skydevil Skydevil is offline
Senior Member
 
Join Date: May 2011
Posts: 136
I ran this before adware cleaner but the log didn't post so here it is:

Fix result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by User (02-04-2018 15:51:29) Run:2
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available Profiles: User)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
FirewallRules: [{6347D601-AA27-4BA0-9AB5-B7BF6E7324DE}] => (Allow) C:\Users\User\AppData\Local\Temp\XP-420\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{3F874171-C04B-4786-8F33-A490E1F85869}] => (Allow) C:\Users\User\AppData\Local\Temp\XP-420\Network\EpsonNetSetup\ENEasyApp.exe
SearchScopes: HKU\S-1-5-21-2191935193-2170755763-1873414145-1001 -> DefaultScope {7CAF7CBD-B0F1-49A0-BEB6-E1D87345A451} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.micros oft:{language}:{referrer:source}&ie={inputEncoding ?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-2191935193-2170755763-1873414145-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2191935193-2170755763-1873414145-1001 -> {7CAF7CBD-B0F1-49A0-BEB6-E1D87345A451} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.micros oft:{language}:{referrer:source}&ie={inputEncoding ?}&oe={outputEncoding?}
C:\Users\User\BullseyeCoverageError.txt
C:\Users\User\AppData\Local\Temp\BullseyeCoverage-x86-3.dll
cmd: netsh winsock reset catalog
cmd: netsh int ip reset C:\resettcpip.txt
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state ON
cmd: Bitsadmin /Reset /Allusers
cmd: ipconfig /flushdns
Hosts:
EMPTYTEMP:
*****************

Restore point was successfully created.
Processes closed successfully.
"HKLM\Software\Classes\Directory\Background\ShellE x\ContextMenuHandlers\igfxcui" => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk" => not found
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ex plorer\StartupApproved\StartupFolder\\McAfee Security Scan Plus.lnk" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\\{6347D 601-AA27-4BA0-9AB5-B7BF6E7324DE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAcce ss\Parameters\FirewallPolicy\FirewallRules\\{3F874 171-C04B-4786-8F33-A490E1F85869}" => removed successfully
"HKU\S-1-5-21-2191935193-2170755763-1873414145-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-21-2191935193-2170755763-1873414145-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"HKU\S-1-5-21-2191935193-2170755763-1873414145-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7CAF7CBD-B0F1-49A0-BEB6-E1D87345A451}" => removed successfully
HKLM\Software\Classes\CLSID\{7CAF7CBD-B0F1-49A0-BEB6-E1D87345A451} => not found
C:\Users\User\BullseyeCoverageError.txt => moved successfully
C:\Users\User\AppData\Local\Temp\BullseyeCoverage-x86-3.dll => moved successfully

========= netsh winsock reset catalog =========


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= End of CMD: =========


========= netsh int ip reset C:\resettcpip.txt =========

Resetting Global, OK!
Resetting Interface, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting , failed.
Access is denied.

Resetting , OK!
Restart the computer to complete this action.


========= End of CMD: =========


========= netsh advfirewall reset =========

Ok.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Ok.


========= End of CMD: =========


========= Bitsadmin /Reset /Allusers =========


BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========


========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 39938955 B
Java, Flash, Steam htmlcache => 294 B
Windows/system/drivers => 32860445 B
Edge => 0 B
Chrome => 0 B
Firefox => 411295045 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 267380 B
User => 537026249 B

RecycleBin => 6083490106 B
EmptyTemp: => 6.6 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 15:52:53 ====
Reply With Quote
  #11  
Old April 4th, 2018, 05:34 PM
olgun52's Avatar
olgun52 olgun52 is offline
Malware Removal Team
 
Join Date: Feb 2014
O/S: Windows 10 Pro
Location: Europa
Posts: 2,029
Thanks Skydevil,

Scan with Zemana AntiMalware Free:
  • Turn off the real time scanner of any existing antivirus and firewall programs while performing scan
  • Please download and install Zemana AntiMalware Free
  • Double-click software shortcut on the desktop and follow the prompts to install the program .
  • If an update is available, click the Update now button.
  • At the end Click Settings > Advanced > ''I have read the warning an wish to proceed anyway'' Click
  • Auto Launch > Untick the box next
  • Scan type > Smart scan (Default)
  • Close all open files, folders and browsers
  • Click scan now ''Run as Administrator'' and a threat Scan will begin.
  • When the scan is complete, Press report and send me report.
  • Please PC restart now.
-----------------------------------------------------
ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan This process may may take several hours, that is normal.
  • Download esetsmartinstaller_enu.exe and save it to your Desktop
  • Double click the icon
  • Check YES, I accept the Terms of Use
  • Click the Start button
  • Accept any security warnings from your browser
  • Click Advanced settings
  • Check the following items
Enable detection of potentially unwanted applications
Remove found threats
Scan archives
Scan for potentially unsafe applications
Enable Anti-Stealth technology

  • Click Start
  • ESET will then download updates and begin scanning your computer
  • If no threats are found simply click Uninstall application on close and hit Finish
  • If threats are found click List of found threats
  • Click Export to text file
  • Save the file on your Desktop as ESET.txt
  • Click Back
  • Review the list of entries and if there are any you want to keep stop and copy/paste the ESET.txt report in your reply for my review
  • If you do not wish to keep any of the entries check Uninstall application on close and Delete quarantined files
  • Click Finish
  • Close the ESET Online Scanner window
  • Copy and paste the contents of ESET.txt in your reply


Have a nice day.
Reply With Quote
  #12  
Old April 17th, 2018, 05:58 PM
Skydevil Skydevil is offline
Senior Member
 
Join Date: May 2011
Posts: 136
I'm sorry. I didn't see that you had replied. I'll work on this ASAP
Reply With Quote
Reply

Bookmarks

Topic Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump




All times are GMT +1. The time now is 10:14 PM.