bob12a Posted December 10, 2016 Posted December 10, 2016 I am back to the AH SNAP error again it only happens in chrome not Edge or firefox . error message a title of this post Bob12 Quote Bob(bob12a)My 3D pictures need red cyan glasses to viewmedion MD8855,Win 7 IE8, Firefox/3, Avast,MS security essentials, NERO 9,malware bytes.Mailwasher pro ,6.54,Roboform,spybot S&D 1.6, Canon ixus 860 X 2,PS CS5
KenB Posted December 10, 2016 Posted December 10, 2016 Hi Bob, Not come across this one before. Try running Chrome in "Incognito mode" Click the Chrome menu button (☰). Select "New incognito window". A new Chrome window will open with the Incognito logo in the upper-left corner. ... If all is well in this mode then it could possibly be one of the extensions causing the problem. Quote There is an email going around offering processed pork - gelatin - and salt in a can ......this is simply SPAM !! MiniToolBoxNetwork TestWireless Test
bob12a Posted December 10, 2016 Author Posted December 10, 2016 Still happens in incognito mode Must tell you Ken I have tried for months to get rid of Ah snap I ignored it for a while thinking chrome would have fixed it but NO chrome hardly admit it exists never answers my quires I will try removing extensions one by one. Bob Quote Bob(bob12a)My 3D pictures need red cyan glasses to viewmedion MD8855,Win 7 IE8, Firefox/3, Avast,MS security essentials, NERO 9,malware bytes.Mailwasher pro ,6.54,Roboform,spybot S&D 1.6, Canon ixus 860 X 2,PS CS5
KenB Posted December 10, 2016 Posted December 10, 2016 Let me know how you get on Bob :) Quote There is an email going around offering processed pork - gelatin - and salt in a can ......this is simply SPAM !! MiniToolBoxNetwork TestWireless Test
bob12a Posted December 11, 2016 Author Posted December 11, 2016 All extensions removed from chrome will replace one by one over the next few days thank Ken Quote Bob(bob12a)My 3D pictures need red cyan glasses to viewmedion MD8855,Win 7 IE8, Firefox/3, Avast,MS security essentials, NERO 9,malware bytes.Mailwasher pro ,6.54,Roboform,spybot S&D 1.6, Canon ixus 860 X 2,PS CS5
KenB Posted December 11, 2016 Posted December 11, 2016 Give it a good try without extensions Bob - if you don't get the error popping up then it looks like it could be on of them causing the problem :) Quote There is an email going around offering processed pork - gelatin - and salt in a can ......this is simply SPAM !! MiniToolBoxNetwork TestWireless Test
bob12a Posted December 15, 2016 Author Posted December 15, 2016 Give it a good try without extensions Bob I have completely removed all extensions and have got it down to GMAIL causing the ah snap I cant believe google does not answer my request for help Quote Bob(bob12a)My 3D pictures need red cyan glasses to viewmedion MD8855,Win 7 IE8, Firefox/3, Avast,MS security essentials, NERO 9,malware bytes.Mailwasher pro ,6.54,Roboform,spybot S&D 1.6, Canon ixus 860 X 2,PS CS5
KenB Posted December 16, 2016 Posted December 16, 2016 Hi Bob Have you tried re-installing Chrome ? Quote There is an email going around offering processed pork - gelatin - and salt in a can ......this is simply SPAM !! MiniToolBoxNetwork TestWireless Test
bob12a Posted December 16, 2016 Author Posted December 16, 2016 Hi Bob Have you tried re-installing Chrome ? Yes Ken no luck yet I have been following this forum and am down to installing older version of chrome w**.win tips.org /fix- chrome-aw-snap-error/ ** = ww I will get back to you if I get any where with old chrome otherwise I will start using FF until and if google fix in new update in January 2017 Bob Quote Bob(bob12a)My 3D pictures need red cyan glasses to viewmedion MD8855,Win 7 IE8, Firefox/3, Avast,MS security essentials, NERO 9,malware bytes.Mailwasher pro ,6.54,Roboform,spybot S&D 1.6, Canon ixus 860 X 2,PS CS5
KenB Posted December 16, 2016 Posted December 16, 2016 Let's know how you get on Bob :) Quote There is an email going around offering processed pork - gelatin - and salt in a can ......this is simply SPAM !! MiniToolBoxNetwork TestWireless Test
bob12a Posted December 18, 2016 Author Posted December 18, 2016 I tried an older version of chrome and the same fault turned up I give up at present Ken am going to use E for now until google chrome come out with a new version next month. I have tred amost of the fixes for aw snap and threare lots of them I cant understand why google chrome won answer any question Drop this thread for now regards Bob Quote Bob(bob12a)My 3D pictures need red cyan glasses to viewmedion MD8855,Win 7 IE8, Firefox/3, Avast,MS security essentials, NERO 9,malware bytes.Mailwasher pro ,6.54,Roboform,spybot S&D 1.6, Canon ixus 860 X 2,PS CS5
KenB Posted December 18, 2016 Posted December 18, 2016 Keep us up to date if there are any more developments Bob :) Quote There is an email going around offering processed pork - gelatin - and salt in a can ......this is simply SPAM !! MiniToolBoxNetwork TestWireless Test
bob12a Posted December 21, 2016 Author Posted December 21, 2016 Stupid bob I foolishly downloaded SCANGUARD yesterday thinking it would help me with my AWSNAP problem I realised after that I had loaded a scam naughty naughty If its not to near Christmas can I get some help to remove SCANGUARD. While I am here it has been suggested I run google with a new profile (No idea how to do this) BTW I am using MS edge browser Regards Bob Quote Bob(bob12a)My 3D pictures need red cyan glasses to viewmedion MD8855,Win 7 IE8, Firefox/3, Avast,MS security essentials, NERO 9,malware bytes.Mailwasher pro ,6.54,Roboform,spybot S&D 1.6, Canon ixus 860 X 2,PS CS5
KenB Posted December 23, 2016 Posted December 23, 2016 Hi Bob I will ask Pete to take a look :) Quote There is an email going around offering processed pork - gelatin - and salt in a can ......this is simply SPAM !! MiniToolBoxNetwork TestWireless Test
ExTS Admin Starbuck Posted December 23, 2016 ExTS Admin Posted December 23, 2016 Hi Bob, Have a look in the uninstall list for: Scanguard PC Healthboost If there, uninstall both. Sometimes the Scanguard listing is hidden.... just to make it harder to remove. if this is the case... open File Explorer then click on the C drive .... there should be a Scanguard folder in either the Program Files folder or the Program Files (86) folder. Open the Scanguard folder and look for the uninstall file and click this. If none of these options works, we can do this manually: Note: There are both 32-bit and 64-bit versions of Farbar Recovery Scan Tool available. Please pick the version that matches your operating system's bit type. If you are unsure what you're system bit type is..... click Here for help. For x32 bit systems download Farbar Recovery Scan Tool and save it to your Desktop. For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to your Desktop. Double-click the downloaded icon to run the tool. Vista/Windows 7/8/10 users right-click and select Run As Administrator http://img.photobucket.com/albums/v708/starbuck50/frsticon_zpsdc3cbdc3.png When the tool opens click Yes to disclaimer. http://img.photobucket.com/albums/v708/starbuck50/frstdis_zps7f598f12.png Make sure that Addition.txt is selected at the bottom Press Scan button. http://img.photobucket.com/albums/v708/starbuck50/newfrst_zpsa63ffa3d.png It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply. The first time the tool is run, it also makes another log (Addition.txt). Please copy and paste it to your reply also. Thanks Quote Member of:UNITE
ExTS Admin Starbuck Posted December 28, 2016 ExTS Admin Posted December 28, 2016 Reports from Bob: There is no sign of Scanguard in the reports...... Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016 Ran by bob (administrator) on DESKTOP-NHCG096 (26-12-2016 08:07:19) Running from C:\Users\bob\Downloads Loaded Profiles: bob (Available Profiles: bob) Platform: Windows 10 Pro Version 1607 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Edge) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (LastPass) C:\Program Files\WindowsApps\LastPass.LastPass_3.0.0.100_neutral__qq0fmhteeht3j\lpwinmetro.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Farbar) C:\Users\bob\Downloads\FRST64 (1).exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8497368 2015-07-07] (Realtek Semiconductor) HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES/MALWAREBYTES/ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes) HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25779624 2016-12-21] (Dropbox, Inc.) HKU\S-1-5-21-962910320-1154512269-2272114608-1001\...\Run: [Google Update] => C:\Users\bob\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2016-12-17] (Google Inc.) HKU\S-1-5-21-962910320-1154512269-2272114608-1001\...\Run: [Google Photos Backup] => C:\Users\bob\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [3790936 2016-04-08] (Google, Inc) HKU\S-1-5-21-962910320-1154512269-2272114608-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd) HKU\S-1-5-21-962910320-1154512269-2272114608-1001\...\Run: [blueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [1690248 2016-12-01] (BlueStack Systems, Inc.) HKU\S-1-5-21-962910320-1154512269-2272114608-1001\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110376 2016-12-17] (Siber Systems) HKU\S-1-5-21-962910320-1154512269-2272114608-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> none ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{ef66ac54-98f2-4bfb-9442-39b7ee27cdcf}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2016-12-17] (Siber Systems Inc.) BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2016-12-17] (Siber Systems Inc.) Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2016-12-17] (Siber Systems Inc.) Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2016-12-17] (Siber Systems Inc.) Toolbar: HKU\S-1-5-21-962910320-1154512269-2272114608-1001 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2016-12-17] (Siber Systems Inc.) Edge: ====== Edge Extension: (AdBlock) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_1.8.1.0_neutral__c1wakc4j0nefm [2016-12-16] Edge Extension: (No Name) -> EdgeExtension_SiberSystemsIncRoboFormEdge_7kk3kr9e0p1np => C:\Program Files\WindowsApps\SiberSystemsInc.RoboFormEdge_1.1.2.0_neutral__7kk3kr9e0p1np [2016-12-23] Edge Extension: (__MSG_appName__) -> xxx_AmazoncomAmazonAssistant_343d40qqvtj1t => C:\Program Files\WindowsApps\Amazon.com.AmazonAssistant_10.1608.26.0_neutral__343d40qqvtj1t [2016-12-01] FireFox: ======== FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin HKU\S-1-5-21-962910320-1154512269-2272114608-1001: @tools.google.com/Google Update;version=3 -> C:\Users\bob\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin HKU\S-1-5-21-962910320-1154512269-2272114608-1001: @tools.google.com/Google Update;version=9 -> C:\Users\bob\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [486936 2016-12-01] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [470552 2016-12-01] (BlueStack Systems, Inc.) S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [511512 2016-12-01] (BlueStack Systems, Inc.) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-12-17] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-12-17] (Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [42096 2016-12-21] (Dropbox, Inc.) R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2815520 2016-10-11] (ESET) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-12-01] (BlueStack Systems) S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-11-08] (Bluestack System Inc. ) S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-01-21] (Disc Soft Ltd) S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-01-21] (Disc Soft Ltd) R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [232072 2016-10-07] (ESET) S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15488 2016-07-20] (ESET) R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [177792 2016-10-07] (ESET) R1 epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [67712 2016-10-07] (ESET) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77416 2016-12-14] () R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176064 2016-12-20] (Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [102856 2016-12-26] (Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2016-12-26] (Malwarebytes) R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [250816 2016-12-26] (Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2016-12-26] (Malwarebytes) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek ) S3 VUSBSTOR; C:\WINDOWS\System32\Drivers\vusbstor.sys [86064 2013-01-18] (VIA Technologies, Inc.) S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) S3 dbx; system32\DRIVERS\dbx.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-12-26 08:06 - 2016-12-26 08:06 - 02420736 _____ (Farbar) C:\Users\bob\Downloads\FRST64 (1).exe 2016-12-26 07:38 - 2016-12-26 07:38 - 550149394 _____ C:\WINDOWS\MEMORY.DMP 2016-12-26 07:38 - 2016-12-26 07:38 - 00460932 _____ C:\WINDOWS\Minidump\122616-13109-01.dmp 2016-12-24 10:18 - 2016-12-24 10:18 - 00003286 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 2016-12-24 07:45 - 2016-12-24 07:46 - 00006334 _____ C:\Users\bob\Documents\cc_20161224_074458.reg 2016-12-23 11:16 - 2016-12-23 11:16 - 05429944 _____ (DigitalVolcano Software Ltd) C:\Users\bob\Downloads\DuplicateCleaner_setup.exe 2016-12-23 09:02 - 2016-12-23 09:02 - 00044987 _____ C:\Users\bob\Downloads\invoice_BV25998438.pdf 2016-12-23 07:36 - 2016-12-23 07:36 - 00000000 _____ C:\Users\bob\AppData\Local\{6C01E54C-D4FD-4618-8A1D-95F984F1E487} 2016-12-23 07:34 - 2016-12-23 07:34 - 00000000 _____ C:\Users\bob\AppData\Local\{38942BC9-8EF4-4DA6-9EF9-2EA2EAB966F0} 2016-12-22 10:29 - 2016-12-22 10:29 - 02955720 _____ (SORCIM Technologies ) C:\Users\bob\Downloads\cfc_setup (1).exe 2016-12-22 07:54 - 2016-12-22 07:54 - 00000000 ____D C:\Users\bob\AppData\Local\Sorcim_Technologies 2016-12-22 07:50 - 2016-12-22 07:50 - 02955720 _____ (SORCIM Technologies ) C:\Users\bob\Downloads\cfc_setup.exe 2016-12-22 07:36 - 2016-12-22 07:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-12-21 18:15 - 2016-12-21 18:15 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2016-12-21 18:15 - 2016-12-21 18:15 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2016-12-21 18:15 - 2016-12-21 18:15 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2016-12-21 16:24 - 2016-12-21 20:34 - 00000000 ____D C:\Users\bob\Downloads\searchmyfiles-x64 2016-12-21 16:23 - 2016-12-21 16:23 - 00138773 _____ C:\Users\bob\Downloads\searchmyfiles-x64.zip 2016-12-20 13:26 - 2016-12-26 07:38 - 00250816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-12-20 13:26 - 2016-12-26 07:38 - 00102856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2016-12-20 13:26 - 2016-12-26 07:38 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2016-12-20 13:26 - 2016-12-26 07:38 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2016-12-20 13:26 - 2016-12-20 13:26 - 00176064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys 2016-12-20 13:25 - 2016-12-20 13:25 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-12-20 13:25 - 2016-12-20 13:25 - 00000000 ____D C:\Program Files\Malwarebytes 2016-12-20 13:25 - 2016-12-14 12:55 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys 2016-12-20 13:24 - 2016-12-20 13:24 - 54199488 _____ (Malwarebytes ) C:\Users\bob\Downloads\mb3-setup-consumer-3.0.5.1299.exe 2016-12-20 08:03 - 2016-12-20 08:03 - 01065376 _____ (Google Inc.) C:\Users\bob\Downloads\ChromeSetup (2).exe 2016-12-19 18:12 - 2016-12-19 18:12 - 00000000 ____D C:\Users\bob\AppData\Local\ESET 2016-12-19 15:59 - 2016-12-19 15:59 - 00000000 ____D C:\quardata 2016-12-19 15:47 - 2016-12-19 15:47 - 00000000 ____D C:\ProgramData\Package Cache 2016-12-19 15:21 - 2016-12-19 15:21 - 00014840 _____ C:\Users\bob\Documents\cc_20161219_152113.reg 2016-12-17 15:16 - 2016-12-17 15:22 - 00003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2016-12-17 15:16 - 2016-12-17 15:22 - 00003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2016-12-17 15:14 - 2016-12-17 15:15 - 52143696 _____ (Google Inc.) C:\Users\bob\Downloads\_Getintopc.com_ChromeStandaloneSetup64.exe 2016-12-17 13:17 - 2016-12-17 13:17 - 00243424 _____ C:\Users\bob\Downloads\Firefox Setup Stub 50.1.0.exe 2016-12-17 11:06 - 2016-12-17 11:06 - 01065376 _____ (Google Inc.) C:\Users\bob\Downloads\ChromeSetup (1).exe 2016-12-17 10:24 - 2016-12-17 10:24 - 31990184 _____ (Google Inc.) C:\Users\bob\Downloads\22.0.1229.0_22.0.1229.0_chrome_installer (1).exe 2016-12-17 10:22 - 2016-12-17 10:22 - 31990184 _____ (Google Inc.) C:\Users\bob\Downloads\22.0.1229.0_22.0.1229.0_chrome_installer.exe 2016-12-17 09:13 - 2016-12-17 09:13 - 01065376 _____ (Google Inc.) C:\Users\bob\Downloads\ChromeSetup.exe 2016-12-17 07:49 - 2016-12-17 07:50 - 00486640 _____ (Google Inc.) C:\Users\bob\Downloads\google-chrome-0-3-154-9-beta-ChromeSetup.exe 2016-12-17 07:45 - 2016-12-26 07:39 - 00000000 ___RD C:\Users\bob\Dropbox 2016-12-17 07:45 - 2016-12-19 15:11 - 00001299 _____ C:\Users\bob\Desktop\Dropbox.lnk 2016-12-17 07:29 - 2016-12-22 07:36 - 00000000 ____D C:\Program Files (x86)\Dropbox 2016-12-17 07:29 - 2016-12-17 08:08 - 00000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2016-12-17 07:29 - 2016-12-17 08:08 - 00000930 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2016-12-17 07:29 - 2016-12-17 07:45 - 00000000 ____D C:\Users\bob\AppData\Local\Dropbox 2016-12-17 07:29 - 2016-12-17 07:34 - 00003994 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA 2016-12-17 07:29 - 2016-12-17 07:34 - 00003762 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore 2016-12-17 07:29 - 2016-12-17 07:29 - 00688536 _____ (Dropbox, Inc.) C:\Users\bob\Downloads\DropboxInstaller.exe 2016-12-17 07:29 - 2016-12-17 07:29 - 00000000 ____D C:\Users\bob\AppData\Roaming\Dropbox 2016-12-17 07:29 - 2016-12-17 07:29 - 00000000 ____D C:\ProgramData\Dropbox 2016-12-16 10:30 - 2016-12-16 10:30 - 01157656 _____ (Oracle Corporation) C:\Users\bob\Downloads\JavaUninstallTool (1).exe 2016-12-16 10:29 - 2016-12-16 10:29 - 01157656 _____ (Oracle Corporation) C:\Users\bob\Downloads\JavaUninstallTool.exe 2016-12-16 09:57 - 2016-12-16 09:57 - 00000486 _____ C:\Users\bob\Documents\cc_20161216_095726.reg 2016-12-15 11:42 - 2016-12-15 11:42 - 00163372 _____ C:\Users\bob\Documents\cc_20161215_114208.reg 2016-12-15 10:49 - 2016-12-15 10:49 - 06614880 _____ (Piriform Ltd) C:\Users\bob\Downloads\ccsetup525_pro.exe 2016-12-14 16:19 - 2016-12-09 10:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-12-14 16:19 - 2016-12-09 10:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-12-14 16:19 - 2016-12-09 10:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2016-12-14 16:19 - 2016-12-09 10:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2016-12-14 16:19 - 2016-12-09 10:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-12-14 16:19 - 2016-12-09 10:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-12-14 16:19 - 2016-12-09 10:32 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-12-14 16:19 - 2016-12-09 10:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2016-12-14 16:19 - 2016-12-09 10:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2016-12-14 16:19 - 2016-12-09 10:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2016-12-14 16:19 - 2016-12-09 10:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll 2016-12-14 16:19 - 2016-12-09 10:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2016-12-14 16:19 - 2016-12-09 10:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-12-14 16:19 - 2016-12-09 10:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2016-12-14 16:19 - 2016-12-09 10:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-12-14 16:19 - 2016-12-09 10:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2016-12-14 16:19 - 2016-12-09 10:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2016-12-14 16:19 - 2016-12-09 10:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll 2016-12-14 16:19 - 2016-12-09 10:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2016-12-14 16:19 - 2016-12-09 10:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2016-12-14 16:19 - 2016-12-09 10:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2016-12-14 16:19 - 2016-12-09 10:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2016-12-14 16:19 - 2016-12-09 10:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi 2016-12-14 16:19 - 2016-12-09 10:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe 2016-12-14 16:19 - 2016-12-09 10:18 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-12-14 16:19 - 2016-12-09 10:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2016-12-14 16:19 - 2016-12-09 10:15 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2016-12-14 16:19 - 2016-12-09 10:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-12-14 16:19 - 2016-12-09 10:14 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2016-12-14 16:19 - 2016-12-09 10:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2016-12-14 16:19 - 2016-12-09 10:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2016-12-14 16:19 - 2016-12-09 10:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2016-12-14 16:19 - 2016-12-09 10:09 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2016-12-14 16:19 - 2016-12-09 10:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2016-12-14 16:19 - 2016-12-09 10:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2016-12-14 16:19 - 2016-12-09 10:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2016-12-14 16:19 - 2016-12-09 10:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll 2016-12-14 16:19 - 2016-12-09 09:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2016-12-14 16:19 - 2016-12-09 09:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2016-12-14 16:19 - 2016-12-09 09:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2016-12-14 16:19 - 2016-12-09 09:57 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2016-12-14 16:19 - 2016-12-09 09:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-12-14 16:19 - 2016-12-09 09:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2016-12-14 16:19 - 2016-12-09 09:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2016-12-14 16:19 - 2016-12-09 09:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll 2016-12-14 16:19 - 2016-12-09 09:47 - 22563328 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-12-14 16:19 - 2016-12-09 09:45 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2016-12-14 16:19 - 2016-12-09 09:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll 2016-12-14 16:19 - 2016-12-09 09:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2016-12-14 16:19 - 2016-12-09 09:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll 2016-12-14 16:19 - 2016-12-09 09:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll 2016-12-14 16:19 - 2016-12-09 09:40 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys 2016-12-14 16:19 - 2016-12-09 09:38 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll 2016-12-14 16:19 - 2016-12-09 09:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll 2016-12-14 16:19 - 2016-12-09 09:37 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2016-12-14 16:19 - 2016-12-09 09:37 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2016-12-14 16:19 - 2016-12-09 09:36 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2016-12-14 16:19 - 2016-12-09 09:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2016-12-14 16:19 - 2016-12-09 09:36 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2016-12-14 16:19 - 2016-12-09 09:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2016-12-14 16:19 - 2016-12-09 09:36 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2016-12-14 16:19 - 2016-12-09 09:34 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2016-12-14 16:19 - 2016-12-09 09:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll 2016-12-14 16:19 - 2016-12-09 09:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2016-12-14 16:19 - 2016-12-09 09:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll 2016-12-14 16:19 - 2016-12-09 09:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2016-12-14 16:19 - 2016-12-09 09:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2016-12-14 16:19 - 2016-12-09 09:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2016-12-14 16:19 - 2016-12-09 09:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll 2016-12-14 16:19 - 2016-12-09 09:30 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-12-14 16:19 - 2016-12-09 09:30 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-12-14 16:19 - 2016-12-09 09:30 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2016-12-14 16:19 - 2016-12-09 09:29 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2016-12-14 16:19 - 2016-12-09 09:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2016-12-14 16:19 - 2016-12-09 09:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2016-12-14 16:19 - 2016-12-09 09:27 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-12-14 16:19 - 2016-12-09 09:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-12-14 16:19 - 2016-12-09 09:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2016-12-14 16:19 - 2016-12-09 09:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll 2016-12-14 16:19 - 2016-12-09 09:26 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-12-14 16:19 - 2016-12-09 09:26 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2016-12-14 16:19 - 2016-12-09 09:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll 2016-12-14 16:19 - 2016-12-09 09:24 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-12-14 16:19 - 2016-12-09 09:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-12-14 16:19 - 2016-12-09 09:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2016-12-14 16:19 - 2016-12-09 09:22 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2016-12-14 16:19 - 2016-12-09 09:22 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-12-14 16:19 - 2016-12-09 09:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-12-14 16:19 - 2016-12-09 09:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-12-14 16:19 - 2016-12-09 09:21 - 01512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-12-14 16:19 - 2016-12-09 09:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll 2016-12-14 16:19 - 2016-12-09 09:20 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-12-14 16:19 - 2016-12-09 09:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll 2016-12-14 16:19 - 2016-12-09 09:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2016-12-14 16:19 - 2016-12-09 09:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2016-12-14 16:19 - 2016-12-09 09:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe 2016-12-14 16:19 - 2016-12-09 09:19 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2016-12-14 16:19 - 2016-12-09 09:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2016-12-14 16:19 - 2016-12-09 09:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2016-12-14 16:19 - 2016-12-09 09:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll 2016-12-14 16:19 - 2016-12-09 09:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll 2016-12-14 16:19 - 2016-12-09 09:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-12-14 16:19 - 2016-12-09 09:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2016-12-14 16:19 - 2016-12-09 09:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2016-12-14 16:19 - 2016-12-09 09:17 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2016-12-14 16:19 - 2016-12-09 09:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll 2016-12-14 16:19 - 2016-12-09 09:16 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2016-12-14 16:19 - 2016-12-09 09:16 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2016-12-14 16:19 - 2016-12-09 09:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2016-12-14 16:19 - 2016-12-09 09:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2016-12-14 16:19 - 2016-12-09 09:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll 2016-12-14 16:19 - 2016-12-09 09:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll 2016-12-14 16:19 - 2016-12-09 08:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2016-12-14 16:19 - 2016-11-02 10:28 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll 2016-12-14 16:19 - 2016-11-02 10:25 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2016-12-14 16:19 - 2016-09-15 16:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll 2016-12-13 15:04 - 2016-12-13 15:04 - 00001785 _____ C:\Users\bob\Downloads\QA9781407070810 (2).acsm 2016-12-13 15:02 - 2016-12-13 15:02 - 00001785 _____ C:\Users\bob\Downloads\QA9781407070810 (1).acsm 2016-12-13 07:39 - 2016-12-13 07:39 - 00001785 _____ C:\Users\bob\Downloads\QA9781407070810.acsm 2016-12-10 07:57 - 2016-11-11 10:22 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2016-12-10 07:57 - 2016-11-11 10:15 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll 2016-12-10 07:57 - 2016-11-11 10:15 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll 2016-12-10 07:57 - 2016-11-11 10:14 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2016-12-10 07:57 - 2016-11-11 10:14 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll 2016-12-10 07:57 - 2016-11-11 10:14 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll 2016-12-10 07:57 - 2016-11-11 10:13 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2016-12-10 07:57 - 2016-11-11 10:13 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2016-12-10 07:57 - 2016-11-11 10:13 - 00352096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys 2016-12-10 07:57 - 2016-11-11 10:12 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys 2016-12-10 07:57 - 2016-11-11 10:08 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll 2016-12-10 07:57 - 2016-11-11 10:03 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2016-12-10 07:57 - 2016-11-11 10:03 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2016-12-10 07:57 - 2016-11-11 10:03 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll 2016-12-10 07:57 - 2016-11-11 10:02 - 02828376 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2016-12-10 07:57 - 2016-11-11 10:02 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2016-12-10 07:57 - 2016-11-11 10:01 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2016-12-10 07:57 - 2016-11-11 10:01 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2016-12-10 07:57 - 2016-11-11 10:01 - 00637400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2016-12-10 07:57 - 2016-11-11 10:00 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2016-12-10 07:57 - 2016-11-11 10:00 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2016-12-10 07:57 - 2016-11-11 10:00 - 00219488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys 2016-12-10 07:57 - 2016-11-11 09:59 - 00433504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2016-12-10 07:57 - 2016-11-11 09:57 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-12-10 07:57 - 2016-11-11 09:57 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2016-12-10 07:57 - 2016-11-11 09:57 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2016-12-10 07:57 - 2016-11-11 09:56 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2016-12-10 07:57 - 2016-11-11 09:56 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-12-10 07:57 - 2016-11-11 09:56 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2016-12-10 07:57 - 2016-11-11 09:56 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll 2016-12-10 07:57 - 2016-11-11 09:56 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2016-12-10 07:57 - 2016-11-11 09:56 - 00187520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe 2016-12-10 07:57 - 2016-11-11 09:56 - 00163752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll 2016-12-10 07:57 - 2016-11-11 09:56 - 00126568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfaudiocnv.dll 2016-12-10 07:57 - 2016-11-11 09:55 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2016-12-10 07:57 - 2016-11-11 09:55 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll 2016-12-10 07:57 - 2016-11-11 09:55 - 00743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll 2016-12-10 07:57 - 2016-11-11 09:54 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2016-12-10 07:57 - 2016-11-11 09:51 - 00454592 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2016-12-10 07:57 - 2016-11-11 09:31 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll 2016-12-10 07:57 - 2016-11-11 09:29 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2016-12-10 07:57 - 2016-11-11 09:28 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2016-12-10 07:57 - 2016-11-11 09:27 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe 2016-12-10 07:57 - 2016-11-11 09:26 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys 2016-12-10 07:57 - 2016-11-11 09:26 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll 2016-12-10 07:57 - 2016-11-11 09:26 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll 2016-12-10 07:57 - 2016-11-11 09:26 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys 2016-12-10 07:57 - 2016-11-11 09:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe 2016-12-10 07:57 - 2016-11-11 09:25 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll 2016-12-10 07:57 - 2016-11-11 09:25 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll 2016-12-10 07:57 - 2016-11-11 09:25 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe 2016-12-10 07:57 - 2016-11-11 09:25 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll 2016-12-10 07:57 - 2016-11-11 09:25 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll 2016-12-10 07:57 - 2016-11-11 09:24 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll 2016-12-10 07:57 - 2016-11-11 09:24 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll 2016-12-10 07:57 - 2016-11-11 09:24 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll 2016-12-10 07:57 - 2016-11-11 09:24 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll 2016-12-10 07:57 - 2016-11-11 09:24 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll 2016-12-10 07:57 - 2016-11-11 09:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll 2016-12-10 07:57 - 2016-11-11 09:24 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2016-12-10 07:57 - 2016-11-11 09:23 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll 2016-12-10 07:57 - 2016-11-11 09:23 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll 2016-12-10 07:57 - 2016-11-11 09:23 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll 2016-12-10 07:57 - 2016-11-11 09:23 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll 2016-12-10 07:57 - 2016-11-11 09:22 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2016-12-10 07:57 - 2016-11-11 09:22 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe 2016-12-10 07:57 - 2016-11-11 09:21 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2016-12-10 07:57 - 2016-11-11 09:21 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2016-12-10 07:57 - 2016-11-11 09:21 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll 2016-12-10 07:57 - 2016-11-11 09:21 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll 2016-12-10 07:57 - 2016-11-11 09:20 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll 2016-12-10 07:57 - 2016-11-11 09:20 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll 2016-12-10 07:57 - 2016-11-11 09:20 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll 2016-12-10 07:57 - 2016-11-11 09:20 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2016-12-10 07:57 - 2016-11-11 09:20 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll 2016-12-10 07:57 - 2016-11-11 09:20 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll 2016-12-10 07:57 - 2016-11-11 09:20 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe 2016-12-10 07:57 - 2016-11-11 09:20 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll 2016-12-10 07:57 - 2016-11-11 09:20 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll 2016-12-10 07:57 - 2016-11-11 09:19 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-12-10 07:57 - 2016-11-11 09:19 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2016-12-10 07:57 - 2016-11-11 09:19 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll 2016-12-10 07:57 - 2016-11-11 09:19 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll 2016-12-10 07:57 - 2016-11-11 09:19 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll 2016-12-10 07:57 - 2016-11-11 09:19 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll 2016-12-10 07:57 - 2016-11-11 09:19 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll 2016-12-10 07:57 - 2016-11-11 09:19 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2016-12-10 07:57 - 2016-11-11 09:19 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll 2016-12-10 07:57 - 2016-11-11 09:19 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll 2016-12-10 07:57 - 2016-11-11 09:18 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2016-12-10 07:57 - 2016-11-11 09:18 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll 2016-12-10 07:57 - 2016-11-11 09:18 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll 2016-12-10 07:57 - 2016-11-11 09:17 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl 2016-12-10 07:57 - 2016-11-11 09:17 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2016-12-10 07:57 - 2016-11-11 09:17 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll 2016-12-10 07:57 - 2016-11-11 09:16 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll 2016-12-10 07:57 - 2016-11-11 09:16 - 01477632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll 2016-12-10 07:57 - 2016-11-11 09:16 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll 2016-12-10 07:57 - 2016-11-11 09:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll 2016-12-10 07:57 - 2016-11-11 09:16 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll 2016-12-10 07:57 - 2016-11-11 09:16 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll 2016-12-10 07:57 - 2016-11-11 09:15 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2016-12-10 07:57 - 2016-11-11 09:15 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll 2016-12-10 07:57 - 2016-11-11 09:15 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe 2016-12-10 07:57 - 2016-11-11 09:14 - 07654400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2016-12-10 07:57 - 2016-11-11 09:14 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2016-12-10 07:57 - 2016-11-11 09:14 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2016-12-10 07:57 - 2016-11-11 09:14 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll 2016-12-10 07:57 - 2016-11-11 09:14 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll 2016-12-10 07:57 - 2016-11-11 09:13 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2016-12-10 07:57 - 2016-11-11 09:13 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll 2016-12-10 07:57 - 2016-11-11 09:12 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll 2016-12-10 07:57 - 2016-11-11 09:11 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2016-12-10 07:57 - 2016-11-11 09:11 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll 2016-12-10 07:57 - 2016-11-11 09:11 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2016-12-10 07:57 - 2016-11-11 09:09 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2016-12-10 07:57 - 2016-11-11 09:09 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll 2016-12-10 07:57 - 2016-11-11 09:08 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll 2016-12-10 07:57 - 2016-11-11 09:07 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2016-12-10 07:57 - 2016-11-11 09:07 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll 2016-12-10 07:57 - 2016-11-11 09:07 - 01691136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2016-12-10 07:57 - 2016-11-11 09:07 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll 2016-12-10 07:57 - 2016-11-11 09:07 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll 2016-12-10 07:57 - 2016-11-11 09:07 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll 2016-12-10 07:57 - 2016-11-11 09:06 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll 2016-12-10 07:57 - 2016-11-11 09:06 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2016-12-10 07:57 - 2016-11-11 09:06 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2016-12-10 07:57 - 2016-11-11 09:05 - 04136448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll 2016-12-10 07:57 - 2016-11-11 09:05 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll 2016-12-10 07:57 - 2016-11-11 09:05 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-12-10 07:57 - 2016-11-11 09:05 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2016-12-10 07:57 - 2016-11-11 09:04 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe 2016-12-10 07:57 - 2016-11-11 09:04 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll 2016-12-10 07:57 - 2016-11-11 09:04 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll 2016-12-10 07:57 - 2016-11-11 09:04 - 02317312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-12-10 07:57 - 2016-11-11 09:04 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2016-12-10 07:57 - 2016-11-11 09:04 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll 2016-12-10 07:57 - 2016-11-11 09:04 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2016-12-10 07:57 - 2016-11-11 09:04 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2016-12-10 07:57 - 2016-11-11 09:04 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll 2016-12-10 07:57 - 2016-11-11 09:04 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll 2016-12-10 07:57 - 2016-11-11 09:04 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll 2016-12-10 07:57 - 2016-11-11 09:03 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2016-12-10 07:57 - 2016-11-11 09:03 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-12-10 07:57 - 2016-11-11 09:03 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2016-12-10 07:57 - 2016-11-11 09:03 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll 2016-12-10 07:57 - 2016-11-11 09:03 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll 2016-12-10 07:57 - 2016-11-11 09:03 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2016-12-10 07:57 - 2016-11-11 09:03 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2016-12-10 07:57 - 2016-11-11 09:03 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll 2016-12-10 07:57 - 2016-11-11 09:02 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2016-12-10 07:57 - 2016-11-11 09:02 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2016-12-10 07:57 - 2016-11-11 09:02 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll 2016-12-10 07:57 - 2016-11-11 08:39 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2016-12-10 07:57 - 2016-11-11 08:00 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2016-12-10 07:57 - 2016-11-11 07:59 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-12-10 07:57 - 2016-11-11 07:54 - 00122208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll 2016-12-10 07:57 - 2016-11-11 07:49 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2016-12-10 07:57 - 2016-11-11 07:49 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll 2016-12-10 07:57 - 2016-11-11 07:49 - 00248480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll 2016-12-10 07:57 - 2016-11-11 07:48 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2016-12-10 07:57 - 2016-11-11 07:47 - 05722832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2016-12-10 07:57 - 2016-11-11 07:47 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2016-12-10 07:57 - 2016-11-11 07:47 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2016-12-10 07:57 - 2016-11-11 07:42 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2016-12-10 07:57 - 2016-11-11 07:42 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2016-12-10 07:57 - 2016-11-11 07:42 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-12-10 07:57 - 2016-11-11 07:42 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2016-12-10 07:57 - 2016-11-11 07:42 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll 2016-12-10 07:57 - 2016-11-11 07:42 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll 2016-12-10 07:57 - 2016-11-11 07:42 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfaudiocnv.dll 2016-12-10 07:57 - 2016-11-11 07:41 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2016-12-10 07:57 - 2016-11-11 07:41 - 00157536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe 2016-12-10 07:57 - 2016-11-11 07:38 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2016-12-10 07:57 - 2016-11-11 07:28 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2016-12-10 07:57 - 2016-11-11 07:27 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2016-12-10 07:57 - 2016-11-11 07:25 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2016-12-10 07:57 - 2016-11-11 07:25 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll 2016-12-10 07:57 - 2016-11-11 07:24 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll 2016-12-10 07:57 - 2016-11-11 07:24 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll 2016-12-10 07:57 - 2016-11-11 07:24 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll 2016-12-10 07:57 - 2016-11-11 07:24 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll 2016-12-10 07:57 - 2016-11-11 07:23 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll 2016-12-10 07:57 - 2016-11-11 07:23 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll 2016-12-10 07:57 - 2016-11-11 07:22 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe 2016-12-10 07:57 - 2016-11-11 07:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll 2016-12-10 07:57 - 2016-11-11 07:21 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll 2016-12-10 07:57 - 2016-11-11 07:21 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2016-12-10 07:57 - 2016-11-11 07:21 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll 2016-12-10 07:57 - 2016-11-11 07:20 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2016-12-10 07:57 - 2016-11-11 07:20 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2016-12-10 07:57 - 2016-11-11 07:20 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe 2016-12-10 07:57 - 2016-11-11 07:19 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-12-10 07:57 - 2016-11-11 07:19 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll 2016-12-10 07:57 - 2016-11-11 07:19 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll 2016-12-10 07:57 - 2016-11-11 07:19 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2016-12-10 07:57 - 2016-11-11 07:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll 2016-12-10 07:57 - 2016-11-11 07:19 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll 2016-12-10 07:57 - 2016-11-11 07:18 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll 2016-12-10 07:57 - 2016-11-11 07:18 - 01336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll 2016-12-10 07:57 - 2016-11-11 07:18 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll 2016-12-10 07:57 - 2016-11-11 07:18 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll 2016-12-10 07:57 - 2016-11-11 07:17 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll 2016-12-10 07:57 - 2016-11-11 07:17 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe 2016-12-10 07:57 - 2016-11-11 07:15 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-12-10 07:57 - 2016-11-11 07:15 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2016-12-10 07:57 - 2016-11-11 07:15 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll 2016-12-10 07:57 - 2016-11-11 07:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll 2016-12-10 07:57 - 2016-11-11 07:15 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll 2016-12-10 07:57 - 2016-11-11 07:14 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll 2016-12-10 07:57 - 2016-11-11 07:13 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll 2016-12-10 07:57 - 2016-11-11 07:12 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll 2016-12-10 07:57 - 2016-11-11 07:10 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2016-12-10 07:57 - 2016-11-11 07:10 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll 2016-12-10 07:57 - 2016-11-11 07:09 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2016-12-10 07:57 - 2016-11-11 07:09 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll 2016-12-10 07:57 - 2016-11-11 07:08 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll 2016-12-10 07:57 - 2016-11-11 07:06 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe 2016-12-10 07:57 - 2016-11-11 07:06 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll 2016-12-10 07:57 - 2016-11-11 07:06 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll 2016-12-10 07:57 - 2016-11-11 07:06 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll 2016-12-10 07:57 - 2016-11-11 07:06 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll 2016-12-10 07:57 - 2016-11-11 07:06 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll 2016-12-10 07:57 - 2016-11-11 07:05 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2016-12-10 07:57 - 2016-11-11 07:05 - 03370496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2016-12-10 07:57 - 2016-11-11 07:04 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll 2016-12-10 07:57 - 2016-11-11 07:04 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2016-12-10 07:57 - 2016-11-11 07:04 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-12-10 07:57 - 2016-11-11 07:04 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll 2016-12-10 07:57 - 2016-11-11 07:04 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll 2016-12-10 07:57 - 2016-11-11 07:04 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll 2016-12-10 07:57 - 2016-11-11 07:03 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll 2016-12-10 07:57 - 2016-11-11 07:03 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-12-10 07:57 - 2016-11-11 07:03 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2016-12-10 07:57 - 2016-11-11 07:03 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2016-12-10 07:57 - 2016-11-11 07:03 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll 2016-12-10 07:57 - 2016-11-11 07:03 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll 2016-12-10 07:57 - 2016-11-11 07:03 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll 2016-12-10 07:57 - 2016-11-11 07:02 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2016-12-10 07:56 - 2016-11-11 09:28 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll 2016-12-10 07:56 - 2016-11-11 09:27 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe 2016-12-10 07:56 - 2016-11-11 09:25 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll 2016-12-10 07:56 - 2016-11-11 09:25 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll 2016-12-10 07:56 - 2016-11-11 09:24 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll 2016-12-10 07:56 - 2016-11-11 09:22 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll 2016-12-10 07:56 - 2016-11-11 09:22 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll 2016-12-10 07:56 - 2016-11-11 09:21 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll 2016-12-10 07:56 - 2016-11-11 09:21 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll 2016-12-10 07:56 - 2016-11-11 09:20 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll 2016-12-10 07:56 - 2016-11-11 09:20 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll 2016-12-10 07:56 - 2016-11-11 09:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe 2016-12-10 07:56 - 2016-11-11 09:13 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2016-12-10 07:56 - 2016-11-11 09:11 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll 2016-12-10 07:56 - 2016-11-11 09:07 - 03441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll 2016-12-10 07:56 - 2016-11-11 09:07 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll 2016-12-10 07:56 - 2016-11-11 09:07 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll 2016-12-10 07:56 - 2016-11-11 09:05 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2016-12-10 07:56 - 2016-11-11 09:03 - 00632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll 2016-12-10 07:56 - 2016-11-11 08:01 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2016-12-10 07:56 - 2016-11-11 08:01 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll 2016-12-10 07:56 - 2016-11-11 08:01 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll 2016-12-10 07:56 - 2016-11-11 07:42 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-12-10 07:56 - 2016-11-11 07:27 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe 2016-12-10 07:56 - 2016-11-11 07:26 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe 2016-12-10 07:56 - 2016-11-11 07:19 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll 2016-12-10 07:56 - 2016-11-11 07:19 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe 2016-12-10 07:56 - 2016-11-11 07:18 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl 2016-12-10 07:56 - 2016-11-11 07:18 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll 2016-12-10 07:56 - 2016-11-11 07:16 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2016-12-09 10:48 - 2016-12-14 15:28 - 00000000 ____D C:\ProgramData\Screentime 2016-12-09 10:48 - 2016-12-09 10:48 - 00674280 _____ (ScreenTime Media) C:\WINDOWS\system32\3169437.scr 2016-12-09 10:47 - 2016-12-09 10:48 - 00000000 ____D C:\Users\bob\AppData\Local\Screentime 2016-12-09 10:47 - 2016-12-09 10:47 - 06461781 _____ (ScreenTime Media) C:\Users\bob\Downloads\homecoming_3169437.exe 2016-12-08 08:16 - 2016-12-08 08:16 - 00002117 _____ C:\Users\bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileHippo App Manager.lnk 2016-12-08 08:15 - 2016-12-08 08:15 - 02190552 _____ C:\Users\bob\Downloads\appmanagersetup_2.0_b4_292 (1).exe 2016-12-07 16:02 - 2016-12-07 16:01 - 00052780 _____ C:\Users\bob\Documents\IMG_0140-01.jpeg 2016-12-05 20:07 - 2016-12-21 18:15 - 00042096 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2016-12-04 15:14 - 2016-12-04 15:15 - 330796920 _____ (BlueStack Systems Inc.) C:\Users\bob\Downloads\BlueStacks2_native_6e0d254faf9ea238c6c0b4e0ccdb44f9 (1).exe 2016-12-04 14:58 - 2016-12-04 15:15 - 00000000 ____D C:\Users\bob\AppData\Local\Bluestacks 2016-12-04 14:58 - 2016-12-04 14:58 - 00001644 _____ C:\Users\Public\Desktop\BlueStacks.lnk 2016-12-04 14:58 - 2016-12-04 14:58 - 00001644 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BlueStacks.lnk 2016-12-04 14:57 - 2016-12-04 14:58 - 00000000 ____D C:\Program Files (x86)\Bluestacks 2016-12-04 14:57 - 2016-12-01 15:48 - 00000000 ____D C:\ProgramData\Bluestacks 2016-12-04 14:56 - 2016-12-04 14:57 - 330796920 _____ (BlueStack Systems Inc.) C:\Users\bob\Downloads\BlueStacks2_native_6e0d254faf9ea238c6c0b4e0ccdb44f9.exe 2016-12-04 14:26 - 2016-12-04 14:27 - 330796920 _____ (BlueStack Systems Inc.) C:\Users\bob\Downloads\BlueStacks2_native_d9d0290d850fe8e7fdb0b1fc319e9a09.exe 2016-12-04 10:44 - 2016-12-04 10:44 - 00000837 _____ C:\Users\Public\Desktop\Speccy.lnk 2016-12-04 10:44 - 2016-12-04 10:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy 2016-12-04 10:44 - 2016-12-04 10:44 - 00000000 ____D C:\Program Files\Speccy 2016-12-04 10:43 - 2016-12-04 10:43 - 06293184 _____ (Piriform Ltd) C:\Users\bob\Downloads\spsetup130.exe 2016-12-02 14:43 - 2016-12-02 15:06 - 24645269 _____ C:\Users\bob\Downloads\Snapseed_1.6.0.apk 2016-12-01 15:12 - 2016-12-01 15:14 - 330943144 _____ (BlueStack Systems Inc.) C:\Users\bob\Downloads\BlueStacks2_native_32f85a92bc09e3d8117f5634336a3103.exe 2016-12-01 11:19 - 2016-12-01 11:19 - 00000063 _____ C:\Users\bob\Desktop\10 best things.txt 2016-12-01 09:52 - 2016-12-01 09:52 - 00243464 _____ C:\Users\bob\Downloads\Firefox Setup Stub 50.0.2 (1).exe 2016-12-01 09:50 - 2016-12-01 09:50 - 00243464 _____ C:\Users\bob\Downloads\Firefox Setup Stub 50.0.2.exe 2016-12-01 08:24 - 2016-12-01 08:24 - 00001783 _____ C:\Users\bob\Downloads\OpentheCageMurphy9781448170050 (2).acsm 2016-12-01 08:23 - 2016-12-01 08:23 - 00001783 _____ C:\Users\bob\Downloads\OpentheCageMurphy9781448170050 (1).acsm 2016-12-01 08:22 - 2016-12-01 08:22 - 00001783 _____ C:\Users\bob\Downloads\OpentheCageMurphy9781448170050.acsm 2016-11-30 16:24 - 2016-12-20 10:10 - 00000000 ____D C:\Users\bob\AppData\Local\Troubleshooter 2016-11-30 15:51 - 2016-11-30 15:52 - 330943144 _____ (BlueStack Systems Inc.) C:\Users\bob\Downloads\BlueStacks2_native_895b04e7b969f8a760ca803ee048afa1 (2).exe 2016-11-30 13:40 - 2016-11-30 13:42 - 330943144 _____ (BlueStack Systems Inc.) C:\Users\bob\Downloads\BlueStacks2_native_895b04e7b969f8a760ca803ee048afa1 (1).exe 2016-11-30 13:40 - 2016-11-23 13:37 - 00000570 _____ C:\Users\bob\AppData\Local\TroubleshooterConfig.json 2016-11-30 13:37 - 2016-11-30 13:38 - 330943144 _____ (BlueStack Systems Inc.) C:\Users\bob\Downloads\BlueStacks2_native_895b04e7b969f8a760ca803ee048afa1.exe 2016-11-30 08:18 - 2016-11-30 08:18 - 00000000 ____D C:\Users\bob\AppData\Local\ElevatedDiagnostics 2016-11-30 07:58 - 2016-11-30 07:58 - 00243520 _____ C:\Users\bob\Downloads\Firefox Setup Stub 50.0.1 (3).exe 2016-11-30 07:55 - 2016-11-30 07:55 - 00243520 _____ C:\Users\bob\Downloads\Firefox Setup Stub 50.0.1 (2).exe 2016-11-30 07:34 - 2016-11-30 07:34 - 00000000 ____D C:\Users\bob\Desktop\Old Firefox Data 2016-11-29 09:38 - 2016-11-29 09:38 - 00243520 _____ C:\Users\bob\Downloads\Firefox Setup Stub 50.0.1 (1).exe 2016-11-29 09:34 - 2016-12-18 07:30 - 00000000 ____D C:\Users\bob\AppData\LocalLow\Mozilla 2016-11-29 09:33 - 2016-12-18 08:01 - 00000000 ____D C:\Users\bob\AppData\Local\Mozilla 2016-11-29 09:33 - 2016-11-29 09:33 - 00243520 _____ C:\Users\bob\Downloads\Firefox Setup Stub 50.0.1.exe 2016-11-27 14:31 - 2016-11-27 14:31 - 00203928 _____ C:\Users\bob\Downloads\VideostreamNetworkRepair (2).exe 2016-11-27 14:29 - 2016-11-27 14:29 - 00203928 _____ C:\Users\bob\Downloads\VideostreamNetworkRepair (1).exe ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-12-26 08:07 - 2016-10-21 10:53 - 00014876 _____ C:\Users\bob\Downloads\FRST.txt 2016-12-26 08:07 - 2016-10-21 10:53 - 00000000 ____D C:\FRST 2016-12-26 07:56 - 2016-11-07 23:29 - 00000000 ____D C:\WINDOWS\INF 2016-12-26 07:43 - 2016-11-07 15:49 - 02108718 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-12-26 07:42 - 2016-11-09 14:01 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1159A946-D4F8-4A96-BB4A-0473EDAD75E9} 2016-12-26 07:38 - 2016-11-09 08:32 - 00000000 ____D C:\WINDOWS\Minidump 2016-12-26 07:38 - 2016-11-07 15:43 - 00000000 ____D C:\Users\bob 2016-12-26 07:38 - 2016-11-07 15:40 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-12-26 07:38 - 2016-11-07 15:40 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2016-12-26 07:34 - 2016-11-07 23:25 - 03670016 _____ C:\WINDOWS\system32\config\BBI 2016-12-26 07:21 - 2016-11-07 23:30 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2016-12-25 07:30 - 2016-11-07 23:30 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-12-24 10:19 - 2016-01-21 21:58 - 00000000 ___RD C:\Users\bob\OneDrive 2016-12-24 10:18 - 2016-11-07 15:52 - 00002357 _____ C:\Users\bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-12-24 07:29 - 2016-11-07 23:30 - 00000000 ___HD C:\Program Files\WindowsApps 2016-12-21 15:29 - 2016-11-07 15:50 - 00000000 ____D C:\Users\bob\AppData\Local\Packages 2016-12-20 10:06 - 2016-11-11 15:44 - 00000000 ____D C:\ProgramData\BlueStacksSetup 2016-12-20 09:32 - 2016-11-07 23:25 - 00032768 _____ C:\WINDOWS\system32\config\ELAM 2016-12-20 08:14 - 2016-11-08 10:47 - 00000000 ____D C:\Users\bob\AppData\Local\Google 2016-12-20 08:09 - 2016-11-09 13:55 - 00001122 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk 2016-12-20 08:09 - 2016-11-09 13:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro 2016-12-19 15:17 - 2016-10-01 10:38 - 00000000 ___RD C:\Users\bob\Desktop\Image Transfer 2016-12-18 15:42 - 2016-11-17 14:55 - 00000000 ____D C:\Users\bob\Desktop\RIGHT 2016-12-18 08:01 - 2016-11-11 15:46 - 00000000 ____D C:\Users\bob\AppData\Roaming\Mozilla 2016-12-18 08:00 - 2016-11-08 10:47 - 00000000 ____D C:\Program Files (x86)\Google 2016-12-17 07:31 - 2016-11-07 15:50 - 00000000 ____D C:\Users\bob\AppData\Local\VirtualStore 2016-12-17 07:27 - 2016-11-08 07:40 - 00004218 _____ C:\WINDOWS\System32\Tasks\Open URL by RoboForm 2016-12-17 07:27 - 2016-11-08 07:40 - 00003588 _____ C:\WINDOWS\System32\Tasks\Run RoboForm TaskBar Icon 2016-12-17 07:26 - 2016-11-08 07:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm 2016-12-17 07:18 - 2016-11-09 17:18 - 00003672 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-962910320-1154512269-2272114608-1001UA 2016-12-17 07:18 - 2016-11-09 17:18 - 00003404 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-962910320-1154512269-2272114608-1001Core 2016-12-16 11:39 - 2016-11-07 23:30 - 00000000 ____D C:\WINDOWS\rescache 2016-12-16 09:52 - 2016-10-09 13:06 - 00000000 ___RD C:\Users\bob\Desktop\desk tidy 2016-12-16 08:53 - 2016-11-09 13:55 - 00040984 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys 2016-12-15 10:50 - 2016-11-19 15:20 - 00000000 ____D C:\Program Files\CCleaner 2016-12-15 10:49 - 2016-11-19 15:20 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk 2016-12-15 08:48 - 2016-11-07 15:40 - 00194192 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-12-15 08:47 - 2016-11-07 23:30 - 00000000 ____D C:\WINDOWS\ShellExperiences 2016-12-15 08:17 - 2016-11-07 23:25 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-12-15 08:14 - 2016-11-07 17:12 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-12-15 08:13 - 2016-11-07 17:12 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-12-11 23:56 - 2016-11-07 23:31 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-12-11 23:56 - 2016-11-07 23:31 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-12-11 09:27 - 2016-11-17 11:04 - 00000000 ____D C:\Users\bob\Desktop\LEFT 2016-12-10 08:15 - 2016-01-21 21:57 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-12-10 08:12 - 2016-11-07 23:30 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-12-10 08:12 - 2016-11-07 23:30 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe 2016-12-10 08:12 - 2016-11-07 23:30 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2016-12-10 08:12 - 2016-11-07 23:30 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2016-12-10 08:12 - 2016-11-07 23:30 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2016-12-10 08:12 - 2016-11-07 23:30 - 00000000 ____D C:\WINDOWS\system32\oobe 2016-12-10 08:12 - 2016-11-07 23:30 - 00000000 ____D C:\WINDOWS\system32\Dism 2016-12-10 08:12 - 2016-11-07 23:30 - 00000000 ____D C:\WINDOWS\bcastdvr 2016-12-10 08:12 - 2016-11-07 23:25 - 00000000 ____D C:\WINDOWS\servicing 2016-12-10 07:53 - 2016-07-16 11:42 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll 2016-12-08 08:18 - 2016-01-29 17:12 - 00000000 ____D C:\Users\bob\Documents\My Filehippo Downloads 2016-12-04 14:58 - 2016-11-07 23:30 - 00000000 __RHD C:\Users\Public\Libraries 2016-11-29 08:14 - 2016-11-23 09:56 - 00002500 ____H C:\Users\bob\Desktop\ZbThumbnail.info ==================== Files in the root of some directories ======= 2016-11-20 15:19 - 2016-11-20 15:19 - 0005120 _____ () C:\Users\bob\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-11-30 13:40 - 2016-11-23 13:37 - 0000570 _____ () C:\Users\bob\AppData\Local\TroubleshooterConfig.json 2016-12-23 07:34 - 2016-12-23 07:34 - 0000000 _____ () C:\Users\bob\AppData\Local\{38942BC9-8EF4-4DA6-9EF9-2EA2EAB966F0} 2016-12-23 07:36 - 2016-12-23 07:36 - 0000000 _____ () C:\Users\bob\AppData\Local\{6C01E54C-D4FD-4618-8A1D-95F984F1E487} 2016-11-07 15:41 - 2016-11-07 15:41 - 0000000 ____H () C:\ProgramData\DP45977C.lfl ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-12-22 17:46 ==================== End of FRST.txt ============================ Quote Member of:UNITE
ExTS Admin Starbuck Posted December 28, 2016 ExTS Admin Posted December 28, 2016 Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-12-2016 Ran by bob (26-12-2016 08:07:57) Running from C:\Users\bob\Downloads Windows 10 Pro Version 1607 (X64) (2016-11-07 15:48:15) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-962910320-1154512269-2272114608-500 - Administrator - Disabled) bob (S-1-5-21-962910320-1154512269-2272114608-1001 - Administrator - Enabled) => C:\Users\bob DefaultAccount (S-1-5-21-962910320-1154512269-2272114608-503 - Limited - Disabled) Guest (S-1-5-21-962910320-1154512269-2272114608-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-962910320-1154512269-2272114608-1004 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AV: ESET NOD32 Antivirus 10.0.369.0 (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70} AS: ESET NOD32 Antivirus 10.0.369.0 (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.5.78.7302 - BlueStack Systems, Inc.) Canon G.726 WMP-Decoder (HKLM-x32\...\Canon G.726 WMP-Decoder) (Version: 1.1.0.4 - ) Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 2.5.0.15 - ) Canon RAW Image Task for ZoomBrowser EX (HKLM-x32\...\RAW Image Task) (Version: 0.9.3.9 - ) Canon Utilities CameraWindow DC (HKLM-x32\...\CameraWindowDC) (Version: 7.0.0.15 - Canon Inc.) Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 6.4.0.5 - ) Canon Utilities MyCamera DC (HKLM-x32\...\MyCameraDC) (Version: 7.0.0.5 - ) Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.20.44 - ) Canon Utilities RemoteCapture DC (HKLM-x32\...\RemoteCaptureDC) (Version: 3.0.1.8 - ) Canon Utilities RemoteCapture Task for ZoomBrowser EX (HKLM-x32\...\RemoteCaptureTask) (Version: 1.7.1.9 - ) Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.0.0.246 - ) Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.0.0.19 - ) CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform) ChromecastApp (HKU\S-1-5-21-962910320-1154512269-2272114608-1001\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.) Dropbox (HKLM-x32\...\Dropbox) (Version: 16.4.30 - Dropbox, Inc.) Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden ESET NOD32 Antivirus (HKLM\...\{3E28A4F1-F5C8-46AD-862C-81EBA1536FA8}) (Version: 10.0.369.0 - ESET, spol. s r.o.) Google Photos Backup (HKU\S-1-5-21-962910320-1154512269-2272114608-1001\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.) Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.42 - Irfan Skiljan) Malwarebytes version 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes) Microsoft OneDrive (HKU\S-1-5-21-962910320-1154512269-2272114608-1001\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.) Revo Uninstaller Pro 3.1.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.8 - VS Revo Group, Ltd.) RoboForm 7-9-25-5 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-25-5 - Siber Systems) Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-962910320-1154512269-2272114608-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\bob\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-962910320-1154512269-2272114608-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\bob\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {13BC1EFB-43A0-4DD7-B73D-15E77F774339} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-12-17] (Dropbox, Inc.) Task: {3FC013E0-1C6B-48C5-A8CF-EAF2C6BD2054} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-12-17] (Dropbox, Inc.) Task: {418001CE-F544-45C5-B7C3-61D396A3CB2C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd) Task: {4535A12B-9D38-46FB-9B22-D040F471CE25} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation) Task: {6E35E5E4-6B6A-41F6-8F5A-1B4AB75336E4} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/test-pass.html?aaa=KICMJMMMNJGMKMKMPMHMCNLMOJMJIMCNLMLMIMJMCNNJLJMMPMCNNJMJGMKMOMNJMJMMNMMJLMKMJNJICMIMCNGMCNNMKMFMOMOMCNKMIMJMCNOMLMMMGMMMFMPMCNPMCNOMLMMMGMMMCNNMJNPICMOMFMEKMICNJJCKFMMMMMPMJNHICMEKMICNJJCKJNBJCMNJAJNJJNKJCMJNNICMJNDJCMKJBJJNMJCM (the data entry has 55 more characters). Task: {8CD67F38-64FF-4B79-8F8B-AA8B10C226E6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-17] (Google Inc.) Task: {8D1F8E01-295D-4D56-9704-67C6D03196E2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-962910320-1154512269-2272114608-1001Core => C:\Users\bob\AppData\Local\Google\Update\GoogleUpdate.exe [2016-11-09] (Google Inc.) Task: {9056FEE9-4ED3-475A-BE02-22AEA597B646} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation) Task: {91C1957F-6DE0-418A-AF86-C469EA5750DC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation) Task: {978CA28D-5E49-4EFF-B798-401F7F73C658} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-17] (Google Inc.) Task: {9E80CE57-6E2E-42B9-B0C2-1E086A88230C} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2016-12-17] (Siber Systems) Task: {C507B3DB-2880-498D-AF9B-F4DDD27B6DD3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-962910320-1154512269-2272114608-1001UA => C:\Users\bob\AppData\Local\Google\Update\GoogleUpdate.exe [2016-11-09] (Google Inc.) Task: {EFDBD7A4-28F5-4DCD-ADD6-1EB0B7DD2C32} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2016-07-16 11:42 - 2016-07-16 11:42 - 00231424 ____N () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-12-14 16:19 - 2016-12-09 10:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-11-07 15:41 - 2015-11-05 15:08 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-12-20 13:25 - 2016-12-14 12:55 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll 2016-12-20 13:25 - 2016-12-14 12:55 - 02247632 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2016-12-20 13:25 - 2016-12-14 12:55 - 02813904 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll 2016-12-14 16:19 - 2016-12-09 10:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2016-12-24 10:18 - 2016-12-24 10:18 - 01678560 _____ () C:\Users\bob\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\ClientTelemetry.dll 2016-09-15 06:14 - 2016-09-07 04:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2016-12-14 16:19 - 2016-12-09 09:41 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2016-11-09 08:52 - 2016-11-02 10:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-11-09 08:52 - 2016-11-02 10:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-11-09 08:52 - 2016-11-02 10:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2016-11-09 08:52 - 2016-11-02 10:15 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2016-11-09 08:52 - 2016-11-02 10:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-11-09 08:52 - 2016-11-02 10:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-01-06 16:41 - 2016-01-06 16:41 - 00062168 _____ () C:\Program Files\CCleaner\branding.dll 2016-12-17 07:29 - 2016-11-11 20:36 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd 2016-12-17 07:29 - 2016-11-11 20:36 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd 2016-12-17 07:29 - 2016-11-11 20:36 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd 2016-12-17 07:29 - 2016-12-21 18:26 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd 2016-12-17 07:29 - 2016-11-11 20:36 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd 2016-12-22 07:36 - 2016-12-21 18:26 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd 2016-12-17 07:29 - 2016-11-11 20:37 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd 2016-12-22 07:36 - 2016-12-21 18:26 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd 2016-12-22 07:36 - 2016-12-21 18:26 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd 2016-12-22 07:36 - 2016-11-11 20:36 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd 2016-12-22 07:36 - 2016-11-11 20:37 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd 2016-12-22 07:36 - 2016-11-11 20:36 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll 2016-12-17 07:29 - 2016-11-11 20:38 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd 2016-12-17 07:29 - 2016-12-21 18:26 - 00021312 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd 2016-12-22 07:36 - 2016-12-21 18:26 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd 2016-12-22 07:36 - 2016-12-21 18:26 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd 2016-12-22 07:36 - 2016-11-11 20:36 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll 2016-12-22 07:36 - 2016-11-11 20:38 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd 2016-12-17 07:29 - 2016-11-11 20:38 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd 2016-12-17 07:29 - 2016-11-11 20:39 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd 2016-12-17 07:29 - 2016-12-21 18:26 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd 2016-12-17 07:29 - 2016-11-11 20:38 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd 2016-12-17 07:29 - 2016-12-21 18:26 - 00025424 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd 2016-12-17 07:29 - 2016-11-11 20:38 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd 2016-12-17 07:29 - 2016-11-11 20:38 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd 2016-12-17 07:29 - 2016-11-11 20:38 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd 2016-12-17 07:29 - 2016-11-11 20:39 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd 2016-12-17 07:29 - 2016-11-11 20:39 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd 2016-12-17 07:29 - 2016-11-11 20:38 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd 2016-12-17 07:29 - 2016-11-11 20:39 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd 2016-12-22 07:36 - 2016-12-21 18:26 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd 2016-12-22 07:36 - 2016-12-21 18:26 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd 2016-12-17 07:29 - 2016-11-11 20:37 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd 2016-12-22 07:36 - 2016-12-21 18:26 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd 2016-12-17 07:29 - 2016-11-11 20:39 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd 2016-12-17 07:29 - 2016-12-21 18:26 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd 2016-12-17 07:29 - 2016-12-21 18:26 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd 2016-12-17 07:29 - 2016-12-21 18:26 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd 2016-12-17 07:29 - 2016-12-21 18:26 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd 2016-12-17 07:29 - 2016-11-11 20:39 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd 2016-12-17 07:29 - 2016-12-21 18:26 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd 2016-12-22 07:36 - 2016-12-21 18:26 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd 2016-12-22 07:36 - 2016-11-11 20:35 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll 2016-12-22 07:36 - 2016-12-21 18:26 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd 2016-12-22 07:36 - 2016-12-03 08:13 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll 2016-12-22 07:36 - 2016-12-21 18:26 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL 2016-12-22 07:36 - 2016-12-21 18:26 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd 2016-12-17 07:29 - 2016-11-11 20:37 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd 2016-12-22 07:36 - 2016-12-21 18:26 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd 2016-12-22 07:36 - 2016-12-21 18:26 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd 2016-12-22 07:36 - 2016-12-21 18:26 - 01972528 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd 2016-12-22 07:36 - 2016-12-21 18:26 - 00133424 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd 2016-12-22 07:36 - 2016-12-21 18:26 - 00224056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd 2016-12-22 07:36 - 2016-12-21 18:26 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd 2016-12-17 07:29 - 2016-12-21 18:26 - 00020288 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32._winffi_user32.pyd 2016-12-22 07:36 - 2016-11-11 20:42 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll 2016-12-22 07:36 - 2016-11-11 20:42 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll 2016-12-22 07:36 - 2016-12-21 18:26 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd 2016-12-22 07:36 - 2016-12-21 18:26 - 00171320 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd 2016-12-22 07:36 - 2016-12-21 18:26 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd 2016-12-17 07:29 - 2016-11-11 20:39 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd 2016-12-17 07:29 - 2016-12-21 18:26 - 00037192 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd 2016-12-17 07:29 - 2016-12-21 18:26 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd 2016-12-22 07:36 - 2016-12-21 18:26 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2016-11-07 23:30 - 2016-11-07 23:29 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-962910320-1154512269-2272114608-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\bob\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{f9c428f2-1ec3-494f-979c-64cc56c75388}.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKU\S-1-5-21-962910320-1154512269-2272114608-1001\...\StartupApproved\StartupFolder: => "irista Uploader.lnk" HKU\S-1-5-21-962910320-1154512269-2272114608-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_6149B5599A0AC9AD69526D827CBAE268" HKU\S-1-5-21-962910320-1154512269-2272114608-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-962910320-1154512269-2272114608-1001\...\StartupApproved\Run: => "Google Photos Backup" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => LPort=139 FirewallRules: [{4369BE74-3F3D-4786-B04B-699E02EA5BAB}] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe ==================== Restore Points ========================= 17-12-2016 08:21:41 Revo Uninstaller Pro's restore point - Google Chrome 17-12-2016 10:05:27 Revo Uninstaller Pro's restore point - Google Chrome 17-12-2016 10:28:43 Revo Uninstaller Pro's restore point - Google Chrome 17-12-2016 11:00:26 Revo Uninstaller Pro's restore point - Google Chrome 17-12-2016 14:39:46 Revo Uninstaller Pro's restore point - Google Chrome 18-12-2016 07:58:13 Revo Uninstaller Pro's restore point - Google Chrome 18-12-2016 08:00:16 Revo Uninstaller Pro's restore point - Mozilla Firefox 50.1.0 (x86 en-GB) 19-12-2016 15:47:17 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 20-12-2016 08:12:06 Revo Uninstaller Pro's restore point - Google Chrome Canary 20-12-2016 15:51:51 Revo Uninstaller Pro's restore point - I:*jpg 23-12-2016 08:17:11 Revo Uninstaller Pro's restore point - Clone Files Checker 23-12-2016 08:40:27 Revo Uninstaller Pro's restore point - lastpass 23-12-2016 11:27:46 Revo Uninstaller Pro's restore point - Duplicate Cleaner Free 3.2.7 24-12-2016 10:13:50 Revo Uninstaller Pro's restore point - I:" ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (12/26/2016 07:42:36 AM) (Source: Software Protection Platform Service) (EventID: 1001) (User: ) Description: The Software Protection service failed to start. 0x80070005 10.0.14393.351 Error: (12/26/2016 07:42:35 AM) (Source: Software Protection Platform Service) (EventID: 1001) (User: ) Description: The Software Protection service failed to start. 0x80070005 10.0.14393.351 Error: (12/26/2016 07:42:04 AM) (Source: Software Protection Platform Service) (EventID: 1001) (User: ) Description: The Software Protection service failed to start. 0x80070005 10.0.14393.351 Error: (12/26/2016 07:42:04 AM) (Source: Software Protection Platform Service) (EventID: 1001) (User: ) Description: The Software Protection service failed to start. 0x80070005 10.0.14393.351 Error: (12/26/2016 07:41:43 AM) (Source: Software Protection Platform Service) (EventID: 1001) (User: ) Description: The Software Protection service failed to start. 0x80070005 10.0.14393.351 Error: (12/26/2016 07:41:43 AM) (Source: Software Protection Platform Service) (EventID: 1001) (User: ) Description: The Software Protection service failed to start. 0x80070005 10.0.14393.351 Error: (12/26/2016 07:41:03 AM) (Source: Software Protection Platform Service) (EventID: 1001) (User: ) Description: The Software Protection service failed to start. 0x80070005 10.0.14393.351 Error: (12/26/2016 07:41:02 AM) (Source: Software Protection Platform Service) (EventID: 1001) (User: ) Description: The Software Protection service failed to start. 0x80070005 10.0.14393.351 Error: (12/26/2016 07:40:42 AM) (Source: Software Protection Platform Service) (EventID: 1001) (User: ) Description: The Software Protection service failed to start. 0x80070005 10.0.14393.351 Error: (12/26/2016 07:40:41 AM) (Source: Software Protection Platform Service) (EventID: 1001) (User: ) Description: The Software Protection service failed to start. 0x80070005 10.0.14393.351 System errors: ============= Error: (12/26/2016 08:05:36 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-NHCG096) Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user DESKTOP-NHCG096\bob SID (S-1-5-21-962910320-1154512269-2272114608-1001) from address LocalHost (Using LRPC) running in the application container LastPass.LastPass_3.0.0.100_neutral__qq0fmhteeht3j SID (S-1-15-2-1641168231-887382460-1035746133-776720615-3034281571-3630535909-3113139955). This security permission can be modified using the Component Services administrative tool. Error: (12/26/2016 07:42:36 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Software Protection service terminated with the following error: Access is denied. Error: (12/26/2016 07:42:35 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Software Protection service terminated with the following error: Access is denied. Error: (12/26/2016 07:42:04 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Software Protection service terminated with the following error: Access is denied. Error: (12/26/2016 07:42:04 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Software Protection service terminated with the following error: Access is denied. Error: (12/26/2016 07:41:43 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Software Protection service terminated with the following error: Access is denied. Error: (12/26/2016 07:41:43 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Software Protection service terminated with the following error: Access is denied. Error: (12/26/2016 07:41:03 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Software Protection service terminated with the following error: Access is denied. Error: (12/26/2016 07:41:02 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Software Protection service terminated with the following error: Access is denied. Error: (12/26/2016 07:40:42 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Software Protection service terminated with the following error: Access is denied. CodeIntegrity: =================================== Date: 2016-12-26 07:38:35.936 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-12-26 07:38:35.932 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-12-26 07:38:35.927 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET NOD32 Antivirus\Drivers\eelam\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-12-26 07:38:35.921 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET NOD32 Antivirus\Drivers\eelam\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-12-26 07:35:17.061 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-12-26 07:35:17.056 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-12-26 07:35:17.052 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET NOD32 Antivirus\Drivers\eelam\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-12-26 07:35:17.003 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET NOD32 Antivirus\Drivers\eelam\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-12-26 07:21:36.368 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system. Date: 2016-12-26 07:21:36.332 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: AMD FX-6300 Six-Core Processor Percentage of memory in use: 31% Total physical RAM: 8172.61 MB Available physical RAM: 5583.74 MB Total Virtual: 16364.61 MB Available Virtual: 13725.24 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:223.03 GB) (Free:127.88 GB) NTFS Drive e: (everything) (Fixed) (Total:930.51 GB) (Free:917.04 GB) NTFS Drive f: (BOOT) (Fixed) (Total:119.35 GB) (Free:51.03 GB) NTFS Drive g: (D:) (Fixed) (Total:113.53 GB) (Free:93.12 GB) NTFS Drive h: (SAMSUNG) (Fixed) (Total:1863.01 GB) (Free:1210.58 GB) NTFS Drive i: (black hdd) (Fixed) (Total:931.51 GB) (Free:2.46 GB) NTFS Drive j: (Tetra HDD) (Fixed) (Total:931.51 GB) (Free:266.32 GB) NTFS ==>[system with boot components (obtained from drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 9CAD2239) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=223 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) ======================================================== Disk: 1 (Size: 232.9 GB) (Disk ID: 85EE85EE) Partition 1: (Active) - (Size=119.3 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=113.5 GB) - (Type=OF Extended) ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0E0722E0) Partition 1: (Not Active) - (Size=930.5 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=1 GB) - (Type=12) ======================================================== Disk: 3 (Size: 931.5 GB) (Disk ID: 0717E05F) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ======================================================== Disk: 4 (Size: 1863 GB) (Disk ID: 72483040) Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS) ======================================================== Disk: 5 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 7876AC00) Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=1029 KB) - (Type=0E) ==================== End of Addition.txt ============================ Quote Member of:UNITE
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.