Here are the first logs that had been run earlier.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:12-12-2015 01
Ran by Jimmy Sutton III (administrator) on JIMMY (12-12-2015 12:04:03)
Running from C:\Users\Jimmy Sutton III\Downloads
Loaded Profiles: Jimmy Sutton III & Administrator (Available Profiles: Jimmy Sutton III & Administrator)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.5337.5000.105\Bin\ccSvcHst.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.5337.5000.105\Bin\ccSvcHst.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.5337.5000.105\Bin\DoScan.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Users\Jimmy Sutton III\AppData\Roaming\Dashlane\Dashlane.exe
() C:\Users\Jimmy Sutton III\AppData\Roaming\Dashlane\DashlanePlugin.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
(Farbar) C:\Users\Jimmy Sutton III\Downloads\FRST64 (3).exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3030256 2013-05-16] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-02-25] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [843480 2014-10-07] (BlueStack Systems, Inc.)
HKU\S-1-5-21-3101188819-3860113077-1056553616-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3389080 2015-04-04] (Electronic Arts)
HKU\S-1-5-21-3101188819-3860113077-1056553616-1002\...\Run: [Dashlane] => C:\Users\Jimmy Sutton III\AppData\Roaming\Dashlane\Dashlane.exe [227512 2015-07-22] ()
HKU\S-1-5-21-3101188819-3860113077-1056553616-1002\...\Run: [DashlanePlugin] => C:\Users\Jimmy Sutton III\AppData\Roaming\Dashlane\DashlanePlugin.exe [285880 2015-07-22] ()
HKU\S-1-5-21-3101188819-3860113077-1056553616-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\WLXPGSS.SCR [322048 2012-09-12] (Microsoft Corporation)
HKU\S-1-5-21-3101188819-3860113077-1056553616-500\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1711680 2013-01-27] (CyberLink Corp.)
HKU\S-1-5-21-3101188819-3860113077-1056553616-500\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{F803C66F-155E-44B7-ABD7-63DD73AF2E73}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Internet Explorer:
==================
HKU\S-1-5-21-3101188819-3860113077-1056553616-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?gws_rd=ssl
SearchScopes: HKU\S-1-5-21-3101188819-3860113077-1056553616-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3101188819-3860113077-1056553616-1002 -> {18E600E2-DAF2-4A86-A356-B62185F9F2F5} URL = hxxps://search.yahoo.com/search?p= {searchTerms}&ei=UTF-8&fr=w3i&type=W3i_DS,136,0_0,Search,20150209,20028,0,25,0
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll [2014-03-17] (Yahoo! Inc.)
BHO-x32: Dashlane BHO -> {42D79B50-CC4A-4A8E-860F-BE674AF053A2} -> C:\Users\Jimmy Sutton III\AppData\Roaming\Dashlane\ie\Dashlanei.dll [2015-07-22] (Dashlane)
BHO-x32: Symantec Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.5337.5000.105\bin\IPS\IPSBHO.DLL [2014-09-12] (Symantec Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09] (Hewlett-Packard)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll [2014-03-17] (Yahoo! Inc.)
Toolbar: HKLM-x32 - Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\Jimmy Sutton III\AppData\Roaming\Dashlane\ie\KWIEBar.dll [2015-07-22] (Dashlane)
Toolbar: HKU\S-1-5-21-3101188819-3860113077-1056553616-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM-x32 {444785F1-DE89-4295-863A-D46C3A781394} hxxp://webplayer.unity3d.com/download_w ... Player.cab
FireFox:
========
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll [2012-08-08] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @otee.dk/UnityWebPlayer -> C:\Program Files (x86)\OverTheEdge\Unity\WebPlayer\loader\npUnityWeb32.dll [2007-05-01] (OverTheEdge I/S)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-12] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll [2015-06-21] ()
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.5337.5000.105\Data\IPSFF
FF Extension: Symantec Vulnerability Protection - C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.5337.5000.105\Data\IPSFF [2014-11-26] [not signed]
Chrome:
=======
CHR Profile: C:\Users\Jimmy Sutton III\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Jimmy Sutton III\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-21]
CHR Extension: (Google Docs) - C:\Users\Jimmy Sutton III\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-21]
CHR Extension: (Google Drive) - C:\Users\Jimmy Sutton III\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-12]
CHR Extension: (YouTube) - C:\Users\Jimmy Sutton III\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-12]
CHR Extension: (Google Search) - C:\Users\Jimmy Sutton III\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-12]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Jimmy Sutton III\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jimmy Sutton III\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-03]
CHR Extension: (Gmail) - C:\Users\Jimmy Sutton III\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-21]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [File not signed]
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-10-07] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2014-10-07] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [782040 2014-10-07] (BlueStack Systems, Inc.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-02-01] (Hewlett-Packard Development Company, L.P.)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-03-04] (Realtek Semiconductor)
R2 SepMasterService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.5337.5000.105\Bin\ccSvcHst.exe [144496 2014-09-12] (Symantec Corporation)
S3 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.5337.5000.105\Bin64\snac64.exe [394592 2014-09-12] (Symantec Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-08-06] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-08-06] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [94208 2013-02-14] (Advanced Micro Devices)
R1 BHDrvx64; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.5337.5000.105\Data\Definitions\BASHDefs\20150728.013\BHDrvx64.sys [1647856 2015-06-22] (Symantec Corporation)
S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-10-07] (BlueStack Systems)
R1 ccSettings_{5A2B9522-769B-49C3-9B8E-C708A1FEF279}; C:\Windows\System32\Drivers\SEP\0C0114D9\1388.105\x64\ccSetx64.sys [162392 2014-09-12] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-08-06] (Symantec Corporation)
U3 EraserUtilDrv11511; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11511.sys [153936 2015-08-06] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [145200 2015-06-12] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.5337.5000.105\Data\Definitions\IPSDefs\20150806.011\IDSvia64.sys [671448 2015-08-06] (Symantec Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 NAVENG; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.5337.5000.105\Data\Definitions\VirusDefs\20150806.003\ENG64.SYS [138488 2015-08-06] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.5337.5000.105\Data\Definitions\VirusDefs\20150806.003\EX64.SYS [2146040 2015-08-06] (Symantec Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [288328 2013-01-23] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29424 2013-05-07] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [33008 2013-05-07] (Synaptics Incorporated)
R1 SRTSP; C:\Windows\System32\Drivers\SEP\0C0114D9\1388.105\x64\SRTSP64.SYS [880856 2014-09-12] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SEP\0C0114D9\1388.105\x64\SRTSPX64.SYS [37592 2014-09-12] (Symantec Corporation)
S3 SyDvCtrl; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.5337.5000.105\Bin64\SyDvCtrl64.sys [36952 2014-09-12] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\symefasi\0500010.01F\symefasi.sys [1611992 2014-11-26] (Symantec Corporation)
S4 SymELAM; C:\Windows\system32\Drivers\SEP\0C0114D9\1388.105\x64\SymELAM.sys [23568 2014-09-12] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-11-26] (Symantec Corporation)
R1 SymIRON; C:\Windows\System32\Drivers\SEP\0C0114D9\1388.105\x64\Ironx64.SYS [266968 2014-09-12] (Symantec Corporation)
R1 SYMNETS; C:\Windows\System32\Drivers\SEP\0C0114D9\1388.105\x64\SYMNETS.SYS [593112 2014-09-12] (Symantec Corporation)
R1 SysPlant; C:\Windows\System32\Drivers\SysPlant.sys [159552 2014-11-26] (Symantec Corporation)
R1 Teefer2; C:\Windows\system32\DRIVERS\Teefer.sys [103384 2014-09-12] (Symantec Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44024 2015-08-06] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [264000 2015-08-06] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-08-06] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-12 12:04 - 2015-12-12 12:05 - 00017459 _____ C:\Users\Jimmy Sutton III\Downloads\FRST.txt
2015-12-12 12:03 - 2015-12-12 12:04 - 00000000 ____D C:\FRST
2015-12-12 12:03 - 2015-12-12 12:03 - 02369536 _____ (Farbar) C:\Users\Jimmy Sutton III\Downloads\FRST64 (3).exe
2015-12-12 12:02 - 2015-12-12 12:02 - 02369536 _____ (Farbar) C:\Users\Jimmy Sutton III\Downloads\FRST64 (2).exe
2015-12-12 12:01 - 2015-12-12 12:01 - 00000000 _____ C:\Users\Jimmy Sutton III\Downloads\FRST64 (1).exe
2015-12-12 12:00 - 2015-12-12 12:00 - 00000000 _____ C:\Users\Jimmy Sutton III\Downloads\FRST64.exe
2015-12-12 11:34 - 2015-12-12 11:34 - 00001453 _____ C:\Users\Jimmy Sutton III\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-12-12 11:32 - 2015-12-12 11:32 - 00000020 ___SH C:\Users\Jimmy Sutton III\ntuser.ini
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-12 12:03 - 2013-08-22 05:36 - 00000000 ____D C:\Windows
2015-12-12 12:02 - 2014-11-13 20:45 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3101188819-3860113077-1056553616-1002
2015-12-12 11:59 - 2013-08-22 05:36 - 00000000 ____D C:\WINDOWS\Inf
2015-12-12 11:57 - 2015-06-21 11:59 - 00002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-12 11:57 - 2015-06-21 11:58 - 00000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-12 11:52 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-12 11:48 - 2015-06-21 11:58 - 00003890 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-12 11:48 - 2015-06-21 11:58 - 00003654 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-12 11:48 - 2015-06-21 11:58 - 00000914 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-12 11:47 - 2014-01-05 18:12 - 00000000 ____D C:\Users\Jimmy Sutton III\AppData\Local\Packages
2015-12-12 11:47 - 2013-08-22 07:36 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-12 11:45 - 2015-06-21 11:53 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-12-12 11:42 - 2015-08-06 18:42 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-12-12 11:40 - 2014-11-21 14:09 - 00000000 ___HD C:\$Windows.~BT
2015-12-12 11:35 - 2015-08-06 19:09 - 00000000 ___DC C:\WINDOWS\Panther
2015-12-12 11:35 - 2014-11-01 21:11 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2015-12-12 11:32 - 2015-08-06 18:35 - 00000000 ____D C:\Users\Jimmy Sutton III
2015-12-12 11:31 - 2014-11-21 00:44 - 00956476 _____ C:\WINDOWS\system32\PerfStringBackup.INI
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-08-06 18:11
==================== End of FRST.txt ============================