Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
Ran by jstadrmer (administrator) on DONNAS (02-09-2017 21:21:07)
Running from C:\Users\jstadrmer\Desktop
Loaded Profiles: jstadrmer (Available Profiles: jstadrmer)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9181696 2016-12-23] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1483264 2016-12-23] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [239856 2017-08-31] (AVAST Software)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [657424 2016-01-11] (HP Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-3784584723-1383416702-3227458746-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-3784584723-1383416702-3227458746-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [788480 2014-10-28] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1728952 2015-06-22] (CyberLink Corp.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 208.180.42.68 208.180.42.100
Tcpip\..\Interfaces\{2EA581E0-C648-49CE-8DC1-180DF68C2B55}: [DhcpNameServer] 208.180.42.68 208.180.42.100
Tcpip\..\Interfaces\{7691DFD3-241B-4987-A4A6-9DC6F984835B}: [DhcpNameServer] 208.180.42.68 208.180.42.100
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT14/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT14/1
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT14/1
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT14/1
HKU\S-1-5-21-3784584723-1383416702-3227458746-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://
www.yahoo.com/
HKU\S-1-5-21-3784584723-1383416702-3227458746-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT14/1
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-08-31] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-08-31] (AVAST Software)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-04-04] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
FireFox:
========
FF ProfilePath: C:\Users\jstadrmer\AppData\Roaming\Mozilla\Firefox\Profiles\iwye3jv9.default-1477071995893 [2017-09-02]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\iwye3jv9.default-1477071995893 -> Yahoo
FF Homepage: Mozilla\Firefox\Profiles\iwye3jv9.default-1477071995893 ->
www.yahoo.com
FF Extension: (Avast SafePrice) - C:\Users\jstadrmer\AppData\Roaming\Mozilla\Firefox\Profiles\iwye3jv9.default-1477071995893\Extensions\sp@avast.com.xpi [2017-08-24]
FF Extension: (Avast Online Security) - C:\Users\jstadrmer\AppData\Roaming\Mozilla\Firefox\Profiles\iwye3jv9.default-1477071995893\Extensions\wrc@avast.com.xpi [2017-08-17]
FF HKLM-x32\...\Firefox\Extensions: [firefox@bho.com] - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-10] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-10] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-03-24] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-03-24] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-03-24] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-03-24] (Foxit Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-05] ()
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fidikogfgleiaefnjbmnjaplmgknppkg] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7452288 2017-08-31] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [275208 2017-08-31] (AVAST Software)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [321896 2017-07-06] (HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2016-01-11] (HP Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [318568 2015-08-18] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [322560 2016-12-23] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [258152 2016-12-01] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [320528 2017-08-31] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [198976 2017-08-31] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [343296 2017-08-31] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [57736 2017-08-31] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [47016 2017-08-31] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41832 2017-08-31] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [147784 2017-08-31] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [110376 2017-08-31] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [84416 2017-08-31] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1016384 2017-08-31] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [590880 2017-08-31] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [199312 2017-08-31] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [361336 2017-08-31] (AVAST Software)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [100624 2015-06-08] (CyberLink)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2015-08-17] (Intel Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-08-17] (REALiX(tm))
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2014-01-23] (Intel Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [328920 2016-12-01] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [6393856 2016-12-29] (Realtek Semiconductor Corporation )
S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33448 2015-08-17] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [31656 2016-12-01] (HP)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [31656 2016-12-01] (HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-09-02 20:14 - 2017-09-02 20:14 - 000001835 _____ C:\Users\jstadrmer\Desktop\JRT.txt
2017-09-02 19:39 - 2017-09-02 19:39 - 000002578 _____ C:\Users\jstadrmer\Desktop\AdwCleaner[C0].txt
2017-09-02 18:52 - 2017-09-02 18:52 - 001790024 _____ (Malwarebytes) C:\Users\jstadrmer\Desktop\JRT.exe
2017-09-02 18:26 - 2017-09-02 18:26 - 008182736 _____ C:\Users\jstadrmer\Desktop\adwcleaner_7.0.2.1.exe
2017-09-02 18:24 - 2017-09-02 19:38 - 000000000 ____D C:\AdwCleaner
2017-09-02 18:21 - 2017-09-02 18:21 - 000001050 _____ C:\Users\jstadrmer\Desktop\Malwarebytes.txt
2017-09-02 16:06 - 2017-09-02 16:06 - 000028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2017-09-02 16:05 - 2017-09-02 17:11 - 000000000 ____D C:\ProgramData\RogueKiller
2017-09-02 16:05 - 2017-09-02 16:05 - 000000883 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2017-09-02 16:05 - 2017-09-02 16:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2017-09-02 16:05 - 2017-09-02 16:05 - 000000000 ____D C:\Program Files\RogueKiller
2017-09-02 16:00 - 2017-09-02 16:00 - 008182736 _____ (Malwarebytes) C:\Users\jstadrmer\Desktop\AdwCleaner.exe
2017-09-02 15:58 - 2017-09-02 15:58 - 035783232 _____ (Adlice Software ) C:\Users\jstadrmer\Desktop\RogueKiller_setup_ref3.exe
2017-09-01 13:09 - 2017-09-01 13:10 - 000033076 _____ C:\Users\jstadrmer\Desktop\Addition.txt
2017-09-01 13:07 - 2017-09-02 21:21 - 000012733 _____ C:\Users\jstadrmer\Desktop\FRST.txt
2017-09-01 13:07 - 2017-09-02 21:21 - 000000000 ____D C:\FRST
2017-09-01 13:04 - 2017-09-01 13:04 - 002395648 _____ (Farbar) C:\Users\jstadrmer\Desktop\FRST64.exe
2017-09-01 12:59 - 2017-09-01 12:59 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-08-31 12:49 - 2017-08-31 12:49 - 000003888 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1458769468
2017-08-31 12:49 - 2017-08-31 12:49 - 000001072 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-08-31 12:47 - 2017-08-31 12:47 - 000003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-08-31 12:47 - 2017-08-31 12:46 - 000590880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-08-31 12:47 - 2017-08-31 12:46 - 000361336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-08-31 12:47 - 2017-08-31 12:46 - 000199312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-08-31 12:47 - 2017-08-31 12:46 - 000147784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-08-31 12:47 - 2017-08-31 12:46 - 000110376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-08-31 12:47 - 2017-08-31 12:46 - 000084416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-08-31 12:47 - 2017-08-31 12:46 - 000047016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-08-31 12:47 - 2017-08-31 12:45 - 001016384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-08-31 12:47 - 2017-08-31 12:45 - 000343296 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-08-31 12:47 - 2017-08-31 12:45 - 000320528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-08-31 12:47 - 2017-08-31 12:45 - 000198976 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-08-31 12:47 - 2017-08-31 12:45 - 000057736 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-08-31 12:47 - 2017-08-31 12:45 - 000041832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-08-31 12:46 - 2017-08-31 12:46 - 000401488 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-08-29 18:46 - 2017-09-02 18:46 - 000003184 _____ C:\Windows\System32\Tasks\HPCeeScheduleForjstadrmer
2017-08-29 18:46 - 2017-09-02 18:46 - 000000362 _____ C:\Windows\Tasks\HPCeeScheduleForjstadrmer.job
2017-08-12 02:48 - 2017-08-12 04:42 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-08-12 02:46 - 2017-08-12 02:46 - 047607360 _____ (Mozilla) C:\Users\jstadrmer\Desktop\Firefox Setup 52.3.0esr.exe
2017-08-11 14:07 - 2017-08-31 01:48 - 000001879 _____ C:\Users\jstadrmer\Desktop\Snapshot_20170811.lnk
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-09-02 21:17 - 2016-11-18 05:21 - 000000000 ____D C:\Users\jstadrmer\AppData\LocalLow\Mozilla
2017-09-02 21:14 - 2015-08-16 22:42 - 000000000 ____D C:\Users\jstadrmer\Documents\Youcam
2017-09-02 19:09 - 2015-08-16 18:46 - 000003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3784584723-1383416702-3227458746-1001
2017-09-02 18:45 - 2014-03-18 05:53 - 000956540 _____ C:\Windows\system32\PerfStringBackup.INI
2017-09-02 18:45 - 2013-08-22 09:36 - 000000000 ____D C:\Windows\Inf
2017-09-02 18:37 - 2013-08-22 10:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-09-02 18:37 - 2013-08-22 09:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2017-09-02 18:36 - 2015-08-17 04:32 - 000000000 ____D C:\Users\jstadrmer\AppData\LocalLow\IObit
2017-09-02 18:36 - 2015-08-17 04:30 - 000000000 ____D C:\Users\jstadrmer\AppData\Roaming\IObit
2017-09-02 18:36 - 2015-08-17 04:29 - 000000000 ____D C:\ProgramData\IObit
2017-09-02 17:14 - 2015-11-02 16:53 - 000192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-09-02 16:53 - 2013-08-22 11:36 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2017-08-22 13:40 - 2015-08-16 22:40 - 000000000 ____D C:\Users\jstadrmer
2017-08-21 21:40 - 2016-09-24 03:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-08-21 21:40 - 2015-08-16 19:22 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-20 13:12 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\AppReadiness
2017-08-12 04:42 - 2015-08-16 19:22 - 000000949 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-08-10 14:52 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\system32\NDF
2017-08-10 14:23 - 2015-08-16 23:01 - 000000000 ____D C:\Users\jstadrmer\AppData\Local\Adobe
2017-08-10 14:22 - 2016-11-30 19:25 - 000004288 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-08-10 14:22 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-08-10 14:22 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\system32\Macromed
2017-08-09 16:13 - 2013-08-22 11:36 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-06 18:14 - 2016-10-27 13:06 - 000000000 ___RD C:\Users\jstadrmer\Desktop\Mp3s2
2017-08-05 15:30 - 2013-08-22 11:20 - 000000000 ____D C:\Windows\CbsTemp
2017-08-04 06:32 - 2016-12-14 02:23 - 000000000 ____D C:\Users\jstadrmer\Desktop\New folder
2017-08-03 05:06 - 2017-07-23 01:29 - 000000000 ____D C:\Users\jstadrmer\Desktop\Mp3s1
2017-08-03 04:09 - 2017-05-21 19:46 - 000000000 ____D C:\Users\jstadrmer\ACDC
2017-08-03 03:36 - 2016-02-13 00:43 - 000000059 _____ C:\Users\jstadrmer\AppData\Local\UserProducts.xml
2017-08-03 03:36 - 2016-02-13 00:43 - 000000000 ____D C:\Program Files (x86)\Skillbrains
==================== Files in the root of some directories =======
2016-01-06 20:29 - 2016-01-06 20:29 - 000164625 _____ () C:\Users\jstadrmer\AppData\Local\ars.cache
2016-01-06 20:29 - 2016-01-06 20:29 - 000410995 _____ () C:\Users\jstadrmer\AppData\Local\census.cache
2016-01-06 20:18 - 2016-01-06 20:18 - 000000036 _____ () C:\Users\jstadrmer\AppData\Local\housecall.guid.cache
2016-01-06 20:24 - 2016-01-06 20:24 - 000000010 _____ () C:\Users\jstadrmer\AppData\Local\sponge.last.runtime.cache
2016-02-13 00:43 - 2016-02-13 00:43 - 000000003 _____ () C:\Users\jstadrmer\AppData\Local\updater.log
2016-02-13 00:43 - 2017-08-03 03:36 - 000000059 _____ () C:\Users\jstadrmer\AppData\Local\UserProducts.xml
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-08-25 17:20
==================== End of FRST.txt ============================