Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

I think I'm infected


  • This topic is locked This topic is locked

#1
SumMom

SumMom

    Member

  • Member
  • PipPip
  • 41 posts

Windows 10

Hp TouchSmart laptop

Google Chrome

 

Internet access is disrupted intermittently and when trying to access sites I get the message:

 

This site can't be reached

 

secure.com's server DNS address could not be found.

 

Try:

  Checking the connection

  Checking the proxy, firewall, and DNS configuration (hyperlink)

  Running Windows Network Diagnostics (hyperlink)

 

ERR_NAME_NOT_RESOLVED 

 

(see attached)

 

Sometimes the page loads on it's own.  Other times I have to refresh until it loads.  No other devices on our network are having this problem. 

 

I've tried to reset ipconfig and I've run malwarebytes in safe mode.  I don't see those results because my laptop shuts down each time.  This seems to have happened after I downloaded Pixlr for Desktop which I have since removed.  

 

Thoughts?

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-09-2016 02
Ran by Owner (administrator) on PC (24-09-2016 12:14:21)
Running from C:\Users\Owner\Desktop
Loaded Profiles: Owner (Available Profiles: Owner & Administrator)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Visicom Media Inc.) C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Some Company) C:\Users\Owner\AppData\Roaming\rUpdater Software\rUpdater\rUpdater_agent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Carbonite, Inc.) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicatorCom.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicator.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557984 2014-08-27] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2068856 2011-10-13] (Flexera Software LLC.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [127528 2015-07-08] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [657424 2015-09-03] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [54520 2015-10-22] (Panda Security, S.L.)
HKLM-x32\...\Run: [Carbonite Backup] => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [1154560 2016-08-04] (Carbonite, Inc.)
HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23375200 2016-07-29] (Google)
HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\Run: [rUpdater agent] => C:\Users\Owner\AppData\Roaming\rUpdater Software\rUpdater\rUpdater_agent.exe [1823232 2015-09-01] (Some Company)
HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\Run: [GoogleChromeAutoLaunch_721577D41E77D440C916E2687EBA0267] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [967496 2016-09-13] (Google Inc.)
HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\Run: [HP Photosmart 7520 series (NET)] => C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\RunOnce: [Uninstall C:\Users\Owner\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Owner\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64"
HKU\S-1-5-21-3571816096-2060556278-31395193-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\PhotoScreensaver.scr [572416 2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2016-08-04] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2016-08-04] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2016-08-04] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Owner\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\FileSyncShell64.dll [2016-08-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Owner\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\FileSyncShell64.dll [2016-08-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Owner\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\FileSyncShell64.dll [2016-08-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2016-08-04] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2016-08-04] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2016-08-04] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Owner\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncShell.dll [2016-08-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Owner\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncShell.dll [2016-08-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Owner\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncShell.dll [2016-08-25] (Microsoft Corporation)
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 7520 series (Network).lnk [2016-09-24]
ShortcutTarget: Monitor Ink Alerts - HP Photosmart 7520 series (Network).lnk -> C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
GroupPolicyScripts-x32: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6d8dd44a-b54f-4d3e-b5b2-28304bfcd113}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{846d8780-7221-489f-be6f-0e9d06e5ca62}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT13/1
HKU\S-1-5-21-3571816096-2060556278-31395193-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT13/1
HKU\S-1-5-21-3571816096-2060556278-31395193-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT13/1
HKU\S-1-5-21-3571816096-2060556278-31395193-1002\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/HPNOT13/1
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-3571816096-2060556278-31395193-1002 -> {9885AF27-A56B-4AF8-8294-270C03007661} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-3571816096-2060556278-31395193-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-08-16] (Microsoft Corporation)
BHO: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2015-10-05] ()
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-08-16] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
BHO-x32: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2015-10-05] ()
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
Toolbar: HKLM - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2015-10-05] ()
Toolbar: HKLM-x32 - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2015-10-05] ()
Toolbar: HKU\S-1-5-21-3571816096-2060556278-31395193-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-19] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll [2013-01-10] (Skype Technologies)
 
FireFox:
========
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll [2012-08-08] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-08-02] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: nuance.com/DragonRIAPlugin -> C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\npDgnRia.dll [2012-07-18] (Nuance Communications Inc.)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi
FF Extension: (Dragon NaturallySpeaking Rich Internet Application Support) - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi [2012-07-18] [not signed]
 
Chrome: 
=======
CHR HomePage: Default -> mysearch.avg.com/?rvt=1
CHR StartupUrls: Default -> "hxxps://login.live.com/login.srf?wa=wsignin1.0&rpsnv=12&ct=1453560927&rver=6.4.6456.0&wp=MBI_SSL_SHARED&wreply=hxxps:%2F%2Fmail.live.com%2Fdefault.aspx%3Frru%3Dinbox&lc=1033&id=64855&mkt=en-us&cbcxt=mai","hxxp://www.facebook.com/home.php","hxxps://lastpass.com/?ac=1&lpnorefresh=1"
CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default [2016-09-24]
CHR Extension: (Google Slides) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-01]
CHR Extension: (Google Docs) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-01]
CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-31]
CHR Extension: (Quick Maps) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgbojmobaekecckmomemopckmeipecij [2015-08-01]
CHR Extension: (Cat licking your screen) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bljgfogmfiepjlefknbnfopdoabpldcb [2015-08-01]
CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Honey) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2016-09-24]
CHR Extension: (AVG Secure Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2015-12-26]
CHR Extension: (Google Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Chromebleed) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeoekjnjgppnaegdjbcafdggilajhpic [2015-08-01]
CHR Extension: (Google Sheets) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-01]
CHR Extension: (iCloud Bookmarks) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2015-08-01]
CHR Extension: (Office Editing for Docs, Sheets & Slides) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj [2016-08-19]
CHR Extension: (Google Docs Offline) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Pinterest Save Button) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2016-09-24]
CHR Extension: (AmazonSmile 1Button for Chrome) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdgenjhkjihnmigcommchefpajjhdmba [2015-08-01]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2016-08-27]
CHR Extension: (SuperSorter) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjebfgojnlefhdgmomncgjglmdckngij [2016-01-23]
CHR Extension: (iGive Button) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\igcjdamjhkmdccbmbilbpabpofenchge [2016-06-07]
CHR Extension: (Cisco WebEx Extension) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2015-12-18]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-08-14]
CHR Extension: (MyPoints Score) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcglgmippekbdbmniknikdgkmnnpdnmh [2016-09-24]
CHR Extension: (Dragon NaturallySpeaking Rich Internet Application Support) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mikhcaiakabeeokmenglcdebplfdjicn [2015-08-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (cats.) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdfklfdfahcjkkkogigggbfhbojcnhgb [2016-06-07]
CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-01]
CHR Extension: (Chrome Media Router) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-24]
CHR HKU\S-1-5-21-3571816096-2060556278-31395193-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mikhcaiakabeeokmenglcdebplfdjicn] - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\chromeShim.crx [2012-07-18]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeActiveFileMonitor13.0; C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe [231120 2014-08-31] (Adobe Systems Incorporated)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-05] (Advanced Micro Devices, Inc.) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 CarboniteService; C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe [9037824 2016-08-04] (Carbonite, Inc. (www.carbonite.com)) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3192560 2016-07-26] (Microsoft Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2015-09-03] (Hewlett-Packard Development Company, L.P.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2015-10-18] (Panda Security, S.L.)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [73176 2016-02-22] (Panda Security, S.L.)
R2 panda_url_filtering; C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe [287752 2015-10-02] (Visicom Media Inc.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-10-22] (Panda Security, S.L.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [260704 2016-09-02] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-12-07] (Advanced Micro Devices)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-12-07] (REALiX™)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-24] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 netr28x; C:\Windows\system32\DRIVERS\netr28x.sys [2554528 2015-06-12] (MediaTek Inc.)
R1 NNSALPC; C:\Windows\system32\DRIVERS\NNSALPC.sys [103824 2015-07-16] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\system32\DRIVERS\NNSHTTP.sys [211352 2015-07-16] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\system32\DRIVERS\NNSHTTPS.sys [120216 2015-07-16] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\system32\DRIVERS\NNSIDS.sys [120208 2015-07-16] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [58616 2015-06-19] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\system32\DRIVERS\NNSPICC.sys [112536 2015-07-16] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\system32\DRIVERS\NNSPIHSW.sys [89472 2015-09-01] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\system32\DRIVERS\NNSPOP3.sys [133528 2015-07-16] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\system32\DRIVERS\NNSPROT.sys [309648 2015-07-16] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\system32\DRIVERS\NNSPRV.sys [179608 2015-07-16] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\system32\DRIVERS\NNSSMTP.sys [122776 2015-07-16] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\system32\DRIVERS\NNSSTRM.sys [267160 2015-07-16] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\system32\DRIVERS\NNSTLSC.sys [115600 2015-07-16] (Panda Security, S.L.)
R3 panda_url_filteringd; C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys [51288 2014-03-19] (Visicom Media Inc.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [173464 2015-07-21] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [130968 2015-07-21] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\system32\DRIVERS\PSINKNC.sys [207256 2015-07-21] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [133528 2015-07-21] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [143768 2015-07-21] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\system32\DRIVERS\PSINReg.sys [117144 2015-07-21] (Panda Security, S.L.)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [62080 2015-06-16] (Panda Security, S.L.)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [302808 2015-12-07] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [888064 2015-12-07] (Realtek                                            )
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1219200 2015-06-03] (Ralink Technology, Corp.)
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [67680 2016-09-02] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [33008 2013-04-05] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30544 2015-12-07] (HP)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-09-24 12:14 - 2016-09-24 12:15 - 00030171 _____ C:\Users\Owner\Desktop\FRST.txt
2016-09-24 12:13 - 2016-09-24 12:13 - 02402816 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
2016-09-24 12:07 - 2016-09-24 12:14 - 00000000 ____D C:\FRST
2016-09-24 12:01 - 2016-09-24 12:01 - 00153128 _____ C:\Users\Owner\Downloads\Statement Dated 07-29-2016.pdf
2016-09-24 12:00 - 2016-09-24 12:00 - 00165286 _____ C:\Users\Owner\Downloads\Statement Dated 08-31-2016.pdf
2016-09-24 09:07 - 2016-09-24 09:07 - 00000000 ___HD C:\OneDriveTemp
2016-09-23 15:35 - 2016-09-23 17:14 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-09-23 15:32 - 2016-09-24 10:14 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-23 15:30 - 2016-09-23 15:30 - 00001138 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-09-23 15:30 - 2016-09-23 15:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-09-23 15:30 - 2016-09-23 15:30 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-09-23 15:30 - 2016-09-23 15:30 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-23 15:30 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-09-23 15:30 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-09-23 15:30 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-09-23 15:28 - 2016-09-23 15:29 - 22851472 _____ (Malwarebytes ) C:\Users\Owner\Downloads\mbam-setup-2.2.1.1043.exe
2016-09-21 15:23 - 2016-09-21 15:23 - 00002172 _____ C:\Users\Public\Desktop\Carbonite InfoCenter.lnk
2016-09-21 15:23 - 2016-09-21 15:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carbonite
2016-09-15 15:23 - 2016-09-07 00:17 - 00853344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-09-15 15:23 - 2016-09-07 00:03 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-09-15 15:23 - 2016-09-07 00:03 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccessRes.dll
2016-09-15 15:23 - 2016-09-07 00:02 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-09-15 15:23 - 2016-09-07 00:02 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2016-09-15 15:23 - 2016-09-07 00:01 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-09-15 15:23 - 2016-09-07 00:00 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2016-09-15 15:23 - 2016-09-06 23:59 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-09-15 15:23 - 2016-09-06 23:59 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-09-15 15:23 - 2016-09-06 23:59 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-09-15 15:23 - 2016-09-06 23:58 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2016-09-15 15:23 - 2016-09-06 23:58 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-09-15 15:23 - 2016-09-06 23:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-09-15 15:23 - 2016-09-06 23:56 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-09-15 15:23 - 2016-09-06 23:56 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-09-15 15:23 - 2016-09-06 23:55 - 00820736 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2016-09-15 15:23 - 2016-09-06 23:55 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-09-15 15:23 - 2016-09-06 23:55 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-09-15 15:23 - 2016-09-06 23:54 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-09-15 15:23 - 2016-09-06 23:54 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\NmaDirect.dll
2016-09-15 15:23 - 2016-09-06 23:54 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2016-09-15 15:23 - 2016-09-06 23:52 - 00536576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2016-09-15 15:23 - 2016-09-06 23:52 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-09-15 15:23 - 2016-09-06 23:52 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NmaDirect.dll
2016-09-15 15:23 - 2016-09-06 23:51 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-09-15 15:23 - 2016-09-06 23:49 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-09-15 15:23 - 2016-09-06 23:49 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2016-09-15 15:23 - 2016-09-06 23:48 - 07792640 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-09-15 15:23 - 2016-09-06 23:46 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-09-15 15:23 - 2016-09-06 23:45 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-09-15 15:23 - 2016-09-06 23:42 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-09-15 15:23 - 2016-09-06 23:41 - 03435008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-09-15 15:23 - 2016-09-06 23:41 - 02947072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-09-15 15:23 - 2016-09-06 23:40 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2016-09-15 15:23 - 2016-09-06 23:40 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-09-15 15:23 - 2016-09-06 23:39 - 05376000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-09-15 15:23 - 2016-09-06 23:39 - 04747776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-09-15 15:23 - 2016-09-06 23:39 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-09-15 15:23 - 2016-09-06 23:38 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2016-09-15 15:23 - 2016-09-06 23:36 - 06043136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-09-15 15:23 - 2016-09-06 23:36 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-09-15 15:23 - 2016-09-06 23:36 - 02360832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2016-09-15 15:23 - 2016-09-06 23:35 - 02107392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2016-09-15 15:23 - 2016-09-06 23:34 - 00761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-09-15 15:23 - 2016-09-06 23:34 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-09-15 15:23 - 2016-09-06 23:33 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-09-15 15:23 - 2016-09-06 23:31 - 00461312 _____ (Microsoft) C:\WINDOWS\SysWOW64\DbgModel.dll
2016-09-15 15:23 - 2016-08-02 03:21 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-09-15 15:23 - 2016-08-02 03:15 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-09-15 15:23 - 2016-08-02 03:13 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-09-15 15:22 - 2016-09-07 00:46 - 00423776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-09-15 15:22 - 2016-09-07 00:44 - 05622600 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-09-15 15:22 - 2016-09-07 00:36 - 00405344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-09-15 15:22 - 2016-09-07 00:34 - 01738040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-09-15 15:22 - 2016-09-07 00:34 - 01280352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-09-15 15:22 - 2016-09-07 00:33 - 02446696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-09-15 15:22 - 2016-09-07 00:29 - 08156592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-09-15 15:22 - 2016-09-07 00:25 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-09-15 15:22 - 2016-09-07 00:20 - 00340832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-09-15 15:22 - 2016-09-07 00:18 - 01503032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-09-15 15:22 - 2016-09-07 00:16 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-09-15 15:22 - 2016-09-07 00:13 - 20965248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-09-15 15:22 - 2016-09-07 00:13 - 06653592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-09-15 15:22 - 2016-09-07 00:09 - 01264912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-09-15 15:22 - 2016-09-07 00:08 - 07220224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-09-15 15:22 - 2016-09-07 00:04 - 22566400 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-09-15 15:22 - 2016-09-07 00:04 - 05684736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-09-15 15:22 - 2016-09-07 00:03 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2016-09-15 15:22 - 2016-09-07 00:03 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-09-15 15:22 - 2016-09-07 00:02 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-09-15 15:22 - 2016-09-07 00:02 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-09-15 15:22 - 2016-09-07 00:02 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-09-15 15:22 - 2016-09-07 00:02 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-09-15 15:22 - 2016-09-07 00:02 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-09-15 15:22 - 2016-09-07 00:01 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-09-15 15:22 - 2016-09-07 00:01 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AddressParser.dll
2016-09-15 15:22 - 2016-09-07 00:00 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-09-15 15:22 - 2016-09-06 23:59 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2016-09-15 15:22 - 2016-09-06 23:59 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-09-15 15:22 - 2016-09-06 23:59 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2016-09-15 15:22 - 2016-09-06 23:59 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2016-09-15 15:22 - 2016-09-06 23:59 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-09-15 15:22 - 2016-09-06 23:59 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactActivation.dll
2016-09-15 15:22 - 2016-09-06 23:58 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-09-15 15:22 - 2016-09-06 23:58 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-09-15 15:22 - 2016-09-06 23:58 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AddressParser.dll
2016-09-15 15:22 - 2016-09-06 23:58 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccessRes.dll
2016-09-15 15:22 - 2016-09-06 23:56 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2016-09-15 15:22 - 2016-09-06 23:56 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-09-15 15:22 - 2016-09-06 23:56 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2016-09-15 15:22 - 2016-09-06 23:55 - 00781824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-09-15 15:22 - 2016-09-06 23:55 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2016-09-15 15:22 - 2016-09-06 23:55 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-09-15 15:22 - 2016-09-06 23:55 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-09-15 15:22 - 2016-09-06 23:54 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2016-09-15 15:22 - 2016-09-06 23:54 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-09-15 15:22 - 2016-09-06 23:54 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2016-09-15 15:22 - 2016-09-06 23:54 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2016-09-15 15:22 - 2016-09-06 23:53 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-09-15 15:22 - 2016-09-06 23:53 - 00302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2016-09-15 15:22 - 2016-09-06 23:53 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2016-09-15 15:22 - 2016-09-06 23:52 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2016-09-15 15:22 - 2016-09-06 23:50 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2016-09-15 15:22 - 2016-09-06 23:49 - 09128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-09-15 15:22 - 2016-09-06 23:48 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-09-15 15:22 - 2016-09-06 23:47 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-09-15 15:22 - 2016-09-06 23:47 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2016-09-15 15:22 - 2016-09-06 23:46 - 07623680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-09-15 15:22 - 2016-09-06 23:46 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-09-15 15:22 - 2016-09-06 23:45 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-09-15 15:22 - 2016-09-06 23:45 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-09-15 15:22 - 2016-09-06 23:45 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-09-15 15:22 - 2016-09-06 23:45 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-09-15 15:22 - 2016-09-06 23:44 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-09-15 15:22 - 2016-09-06 23:41 - 08122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-09-15 15:22 - 2016-09-06 23:41 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-09-15 15:22 - 2016-09-06 23:41 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-09-15 15:22 - 2016-09-06 23:41 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-09-15 15:22 - 2016-09-06 23:41 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-09-15 15:22 - 2016-09-06 23:40 - 00959488 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-09-15 15:22 - 2016-09-06 23:40 - 00911872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-09-15 15:22 - 2016-09-06 23:39 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-09-15 15:22 - 2016-09-06 23:39 - 05384192 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2016-09-15 15:22 - 2016-09-06 23:38 - 02630144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-09-15 15:22 - 2016-09-06 23:38 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-09-15 15:22 - 2016-09-06 23:37 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-09-15 15:22 - 2016-09-06 23:37 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-09-15 15:22 - 2016-09-06 23:37 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-09-15 15:22 - 2016-09-06 23:37 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-09-15 15:22 - 2016-09-06 23:37 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-09-15 15:22 - 2016-09-06 23:37 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-09-15 15:22 - 2016-09-06 23:35 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2016-09-15 15:22 - 2016-09-06 23:35 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-09-15 15:22 - 2016-09-06 23:35 - 00650240 _____ (Microsoft) C:\WINDOWS\system32\DbgModel.dll
2016-09-15 15:22 - 2016-09-06 23:34 - 04557824 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-09-15 15:22 - 2016-09-06 23:34 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-09-15 15:22 - 2016-09-06 23:33 - 02217472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-09-15 15:22 - 2016-08-05 22:39 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-09-15 15:22 - 2016-08-05 22:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-09-15 15:22 - 2016-08-01 23:37 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-09-15 15:22 - 2016-07-21 20:27 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-09-15 15:22 - 2016-07-21 19:49 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-09-15 15:21 - 2016-09-07 00:55 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-09-15 15:21 - 2016-09-07 00:53 - 02481768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-09-15 15:21 - 2016-09-07 00:50 - 07813472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-09-15 15:21 - 2016-09-07 00:50 - 00773200 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-09-15 15:21 - 2016-09-07 00:44 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-15 15:21 - 2016-09-07 00:36 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-09-15 15:21 - 2016-09-07 00:34 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-09-15 15:21 - 2016-09-07 00:34 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-09-15 15:21 - 2016-09-07 00:34 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-09-15 15:21 - 2016-09-07 00:34 - 00658272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-09-15 15:21 - 2016-09-07 00:33 - 00681304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2016-09-15 15:21 - 2016-09-07 00:32 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-09-15 15:21 - 2016-09-07 00:30 - 00601200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-09-15 15:21 - 2016-09-07 00:29 - 22218808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-09-15 15:21 - 2016-09-07 00:29 - 04130944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-09-15 15:21 - 2016-09-07 00:29 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-09-15 15:21 - 2016-09-07 00:27 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-09-15 15:21 - 2016-09-07 00:18 - 01430208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-09-15 15:21 - 2016-09-07 00:17 - 05721808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-09-15 15:21 - 2016-09-07 00:15 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-09-15 15:21 - 2016-09-07 00:13 - 03893376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-09-15 15:21 - 2016-09-07 00:04 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-09-15 15:21 - 2016-09-07 00:03 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-09-15 15:21 - 2016-09-07 00:00 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2016-09-15 15:21 - 2016-09-07 00:00 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2016-09-15 15:21 - 2016-09-06 23:59 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-09-15 15:21 - 2016-09-06 23:58 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-09-15 15:21 - 2016-09-06 23:58 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-09-15 15:21 - 2016-09-06 23:57 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-09-15 15:21 - 2016-09-06 23:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactActivation.dll
2016-09-15 15:21 - 2016-09-06 23:55 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-09-15 15:21 - 2016-09-06 23:55 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-09-15 15:21 - 2016-09-06 23:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-09-15 15:21 - 2016-09-06 23:54 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-09-15 15:21 - 2016-09-06 23:54 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-09-15 15:21 - 2016-09-06 23:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-09-15 15:21 - 2016-09-06 23:52 - 17187840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-09-15 15:21 - 2016-09-06 23:52 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-09-15 15:21 - 2016-09-06 23:51 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-09-15 15:21 - 2016-09-06 23:50 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-09-15 15:21 - 2016-09-06 23:50 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-09-15 15:21 - 2016-09-06 23:50 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-09-15 15:21 - 2016-09-06 23:49 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-09-15 15:21 - 2016-09-06 23:49 - 03776512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-09-15 15:21 - 2016-09-06 23:49 - 00714240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-09-15 15:21 - 2016-09-06 23:49 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-09-15 15:21 - 2016-09-06 23:49 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-09-15 15:21 - 2016-09-06 23:47 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2016-09-15 15:21 - 2016-09-06 23:46 - 13434368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-09-15 15:21 - 2016-09-06 23:46 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-09-15 15:21 - 2016-09-06 23:45 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-09-15 15:21 - 2016-09-06 23:45 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2016-09-15 15:21 - 2016-09-06 23:45 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-09-15 15:21 - 2016-09-06 23:44 - 13081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-09-15 15:21 - 2016-09-06 23:44 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-09-15 15:21 - 2016-09-06 23:42 - 03305984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-09-15 15:21 - 2016-09-06 23:40 - 12345856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-09-15 15:21 - 2016-09-06 23:40 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-09-15 15:21 - 2016-09-06 23:40 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-09-15 15:21 - 2016-09-06 23:39 - 12174336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-09-15 15:21 - 2016-09-06 23:39 - 02264064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-09-15 15:21 - 2016-09-06 23:38 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-09-15 15:21 - 2016-09-06 23:38 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-09-15 15:21 - 2016-09-06 23:35 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-09-15 15:21 - 2016-09-06 23:35 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-09-15 15:21 - 2016-09-06 23:34 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-09-15 15:21 - 2016-09-06 23:33 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-09-15 15:21 - 2016-09-06 23:33 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-09-15 15:21 - 2016-08-05 22:50 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-09-15 15:21 - 2016-08-05 22:48 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-09-15 15:21 - 2016-07-21 20:27 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-09-15 15:20 - 2016-09-07 01:10 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-09-15 15:20 - 2016-09-07 00:54 - 01046976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-09-15 15:20 - 2016-09-07 00:54 - 00885824 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-09-15 15:20 - 2016-09-07 00:54 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-09-15 15:20 - 2016-09-07 00:54 - 00133472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2016-09-15 15:20 - 2016-09-07 00:53 - 02183792 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-09-15 15:20 - 2016-09-07 00:51 - 02214784 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-09-15 15:20 - 2016-09-07 00:51 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-09-15 15:20 - 2016-09-07 00:51 - 01163696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-09-15 15:20 - 2016-09-07 00:49 - 00552288 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-09-15 15:20 - 2016-09-07 00:48 - 02256224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-09-15 15:20 - 2016-09-07 00:48 - 00379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2016-09-15 15:20 - 2016-09-07 00:44 - 02049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-09-15 15:20 - 2016-09-07 00:43 - 00764936 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-09-15 15:20 - 2016-09-07 00:41 - 00303968 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-09-15 15:20 - 2016-09-07 00:41 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-09-15 15:20 - 2016-09-07 00:39 - 01217880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-09-15 15:20 - 2016-09-07 00:39 - 00996192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-09-15 15:20 - 2016-09-07 00:37 - 01966288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-09-15 15:20 - 2016-09-07 00:34 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-09-15 15:20 - 2016-09-07 00:34 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-09-15 15:20 - 2016-09-07 00:34 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-09-15 15:20 - 2016-09-07 00:34 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2016-09-15 15:20 - 2016-09-07 00:33 - 00450392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-09-15 15:20 - 2016-09-07 00:33 - 00224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-09-15 15:20 - 2016-09-07 00:32 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-09-15 15:20 - 2016-09-07 00:32 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-09-15 15:20 - 2016-09-07 00:32 - 01099616 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-09-15 15:20 - 2016-09-07 00:32 - 00988000 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-09-15 15:20 - 2016-09-07 00:32 - 00942432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-09-15 15:20 - 2016-09-07 00:32 - 00807776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-09-15 15:20 - 2016-09-07 00:30 - 01707512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-09-15 15:20 - 2016-09-07 00:30 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-09-15 15:20 - 2016-09-07 00:29 - 01990640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-09-15 15:20 - 2016-09-07 00:29 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-09-15 15:20 - 2016-09-07 00:29 - 01472536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-09-15 15:20 - 2016-09-07 00:29 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-09-15 15:20 - 2016-09-07 00:29 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-09-15 15:20 - 2016-09-07 00:29 - 01066104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-09-15 15:20 - 2016-09-07 00:29 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-09-15 15:20 - 2016-09-07 00:29 - 00755656 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-09-15 15:20 - 2016-09-07 00:29 - 00523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2016-09-15 15:20 - 2016-09-07 00:29 - 00382272 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-09-15 15:20 - 2016-09-07 00:29 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-09-15 15:20 - 2016-09-07 00:29 - 00118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\EhStorTcgDrv.sys
2016-09-15 15:20 - 2016-09-07 00:27 - 01362504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2016-09-15 15:20 - 2016-09-07 00:24 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-09-15 15:20 - 2016-09-07 00:24 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-09-15 15:20 - 2016-09-07 00:24 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-09-15 15:20 - 2016-09-07 00:24 - 00057400 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2016-09-15 15:20 - 2016-09-07 00:24 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-09-15 15:20 - 2016-09-07 00:17 - 02251432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-09-15 15:20 - 2016-09-07 00:17 - 00782176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-09-15 15:20 - 2016-09-07 00:17 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-09-15 15:20 - 2016-09-07 00:15 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-09-15 15:20 - 2016-09-07 00:13 - 01853232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-09-15 15:20 - 2016-09-07 00:13 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-09-15 15:20 - 2016-09-07 00:13 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-09-15 15:20 - 2016-09-07 00:13 - 01123360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-09-15 15:20 - 2016-09-07 00:13 - 00980824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-09-15 15:20 - 2016-09-07 00:13 - 00959104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-09-15 15:20 - 2016-09-07 00:13 - 00955520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-09-15 15:20 - 2016-09-07 00:13 - 00640976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-09-15 15:20 - 2016-09-07 00:13 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-09-15 15:20 - 2016-09-07 00:12 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-09-15 15:20 - 2016-09-07 00:07 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-09-15 15:20 - 2016-09-07 00:03 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-09-15 15:20 - 2016-09-07 00:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2016-09-15 15:20 - 2016-09-07 00:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneutilRes.dll
2016-09-15 15:20 - 2016-09-07 00:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneServiceRes.dll
2016-09-15 15:20 - 2016-09-07 00:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2016-09-15 15:20 - 2016-09-07 00:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2016-09-15 15:20 - 2016-09-06 23:59 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-09-15 15:20 - 2016-09-06 23:59 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2016-09-15 15:20 - 2016-09-06 23:58 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-09-15 15:20 - 2016-09-06 23:58 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2016-09-15 15:20 - 2016-09-06 23:58 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-09-15 15:20 - 2016-09-06 23:58 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneutilRes.dll
2016-09-15 15:20 - 2016-09-06 23:58 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2016-09-15 15:20 - 2016-09-06 23:57 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2016-09-15 15:20 - 2016-09-06 23:56 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-09-15 15:20 - 2016-09-06 23:55 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-09-15 15:20 - 2016-09-06 23:54 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-09-15 15:20 - 2016-09-06 23:53 - 02083840 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-09-15 15:20 - 2016-09-06 23:53 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-09-15 15:20 - 2016-09-06 23:52 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-09-15 15:20 - 2016-09-06 23:52 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-09-15 15:20 - 2016-09-06 23:52 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-09-15 15:20 - 2016-09-06 23:52 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-09-15 15:20 - 2016-09-06 23:52 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-09-15 15:20 - 2016-09-06 23:52 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2016-09-15 15:20 - 2016-09-06 23:51 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-09-15 15:20 - 2016-09-06 23:51 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-09-15 15:20 - 2016-09-06 23:50 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-09-15 15:20 - 2016-09-06 23:49 - 01905664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-09-15 15:20 - 2016-09-06 23:49 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-09-15 15:20 - 2016-09-06 23:47 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-09-15 15:20 - 2016-09-06 23:47 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-09-15 15:20 - 2016-09-06 23:46 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2016-09-15 15:20 - 2016-09-06 23:45 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-09-15 15:20 - 2016-09-06 23:45 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-09-15 15:20 - 2016-09-06 23:45 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-09-15 15:20 - 2016-09-06 23:45 - 00944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-09-15 15:20 - 2016-09-06 23:44 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-09-15 15:20 - 2016-09-06 23:44 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-09-15 15:20 - 2016-09-06 23:44 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2016-09-15 15:20 - 2016-09-06 23:43 - 01316352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-09-15 15:20 - 2016-09-06 23:43 - 01106944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-09-15 15:20 - 2016-09-06 23:42 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-09-15 15:20 - 2016-09-06 23:41 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-09-15 15:20 - 2016-09-06 23:41 - 01891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-09-15 15:20 - 2016-09-06 23:41 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-09-15 15:20 - 2016-09-06 23:41 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-09-15 15:20 - 2016-09-06 23:41 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-09-15 15:20 - 2016-09-06 23:41 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2016-09-15 15:20 - 2016-09-06 23:41 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-09-15 15:20 - 2016-09-06 23:40 - 01780736 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-09-15 15:20 - 2016-09-06 23:40 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-09-15 15:20 - 2016-09-06 23:40 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-09-15 15:20 - 2016-09-06 23:40 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-09-15 15:20 - 2016-09-06 23:40 - 01006080 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-09-15 15:20 - 2016-09-06 23:39 - 03116544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-09-15 15:20 - 2016-09-06 23:39 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2016-09-15 15:20 - 2016-09-06 23:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-09-15 15:20 - 2016-09-06 23:38 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-09-15 15:20 - 2016-09-06 23:38 - 02289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-09-15 15:20 - 2016-09-06 23:38 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-09-15 15:20 - 2016-09-06 23:38 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-09-15 15:20 - 2016-09-06 23:38 - 01491968 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-09-15 15:20 - 2016-09-06 23:38 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-09-15 15:20 - 2016-09-06 23:37 - 07468032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-09-15 15:20 - 2016-09-06 23:37 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-09-15 15:20 - 2016-09-06 23:37 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-09-15 15:20 - 2016-09-06 23:37 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-09-15 15:20 - 2016-09-06 23:37 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-09-15 15:20 - 2016-09-06 23:37 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-09-15 15:20 - 2016-09-06 23:37 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-09-15 15:20 - 2016-09-06 23:36 - 02423296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2016-09-15 15:20 - 2016-09-06 23:36 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-09-15 15:20 - 2016-09-06 23:35 - 03299328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-09-15 15:20 - 2016-09-06 23:35 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-09-15 15:20 - 2016-09-06 23:35 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-09-15 15:20 - 2016-09-06 23:35 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-09-15 15:20 - 2016-09-06 23:34 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-09-15 15:20 - 2016-09-06 23:34 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-09-15 15:20 - 2016-09-06 23:34 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-09-15 15:20 - 2016-09-06 23:33 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-09-15 15:20 - 2016-09-06 23:33 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2016-09-15 15:20 - 2016-09-06 23:32 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-09-15 15:20 - 2016-09-06 23:31 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-09-15 15:20 - 2016-09-06 23:31 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-09-15 15:20 - 2016-09-06 23:11 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-09-15 15:20 - 2016-08-05 23:26 - 00409944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-09-15 15:20 - 2016-08-05 23:16 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2016-09-15 15:20 - 2016-08-05 23:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-09-15 15:20 - 2016-08-05 23:16 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2016-09-15 15:20 - 2016-08-05 23:13 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-09-15 15:20 - 2016-08-02 03:44 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-09-15 15:20 - 2016-08-02 03:14 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-09-15 15:20 - 2016-08-01 23:47 - 00079536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-09-15 15:19 - 2016-09-06 23:58 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-09-15 15:19 - 2016-09-06 23:58 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-09-15 15:19 - 2016-09-06 23:56 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-09-15 15:19 - 2016-09-06 23:56 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-09-15 15:19 - 2016-09-06 23:56 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-09-15 15:19 - 2016-09-06 23:56 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XamlTileRender.dll
2016-09-15 15:19 - 2016-09-06 23:55 - 06574592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-09-15 15:19 - 2016-09-06 23:55 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-09-15 15:19 - 2016-09-06 23:55 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-09-15 15:19 - 2016-09-06 23:55 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-09-15 15:19 - 2016-09-06 23:55 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-09-15 15:19 - 2016-09-06 23:54 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-09-15 15:19 - 2016-09-06 23:54 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-09-15 15:19 - 2016-09-06 23:53 - 01014784 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-09-15 15:19 - 2016-09-06 23:53 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-09-15 15:19 - 2016-09-06 23:53 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-09-15 15:19 - 2016-09-06 23:52 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-09-15 15:19 - 2016-09-06 23:51 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-09-15 15:19 - 2016-09-06 23:50 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-09-15 15:19 - 2016-09-06 23:50 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-09-15 15:19 - 2016-09-06 23:48 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-09-15 15:19 - 2016-09-06 23:48 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2016-09-15 15:19 - 2016-09-06 23:48 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-09-15 15:19 - 2016-09-06 23:47 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-09-15 15:19 - 2016-09-06 23:47 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-09-15 15:19 - 2016-09-06 23:47 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-09-15 15:19 - 2016-09-06 23:46 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-09-15 15:19 - 2016-09-06 23:46 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2016-09-15 15:19 - 2016-09-06 23:45 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-09-15 15:19 - 2016-09-06 23:43 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-09-15 15:19 - 2016-09-06 23:43 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-09-15 15:19 - 2016-09-06 23:42 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2016-09-15 15:19 - 2016-09-06 23:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-09-15 15:19 - 2016-09-06 23:41 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-09-15 15:19 - 2016-09-06 23:41 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2016-09-15 15:19 - 2016-09-06 23:39 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2016-09-15 15:19 - 2016-09-06 23:37 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-09-15 15:19 - 2016-09-06 23:37 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-09-15 15:19 - 2016-09-06 23:34 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-09-15 15:19 - 2016-09-06 23:34 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-09-15 15:19 - 2016-09-06 23:32 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-09-15 15:19 - 2016-08-05 22:48 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-09-15 15:19 - 2016-08-05 22:48 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-09-15 15:19 - 2016-08-05 22:47 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-09-15 15:19 - 2016-08-05 22:43 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2016-09-15 15:19 - 2016-08-05 22:42 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-09-15 15:19 - 2016-08-05 22:40 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-09-15 15:19 - 2016-08-05 22:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-15 15:19 - 2016-08-05 22:38 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-09-15 15:19 - 2016-08-05 22:37 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-15 15:19 - 2016-08-05 22:35 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-09-15 15:19 - 2016-08-05 22:29 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2016-09-15 15:19 - 2016-08-02 03:20 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-09-15 15:19 - 2016-08-02 03:15 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-09-15 15:19 - 2016-08-01 23:36 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-09-15 15:19 - 2016-08-01 23:33 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-09-13 09:39 - 2016-09-13 09:39 - 00003750 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - 13b048195d264b5fb015dcb5688a0bf990b19bbb1e4241188313634cf36ebf65
2016-09-13 08:07 - 2016-09-13 08:07 - 00003750 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - 60b9449260e84595a093000ee04f48dc42803145a44e44549b09086fdf283130
2016-09-13 07:32 - 2016-09-13 15:18 - 00000000 ____D C:\Users\Owner\AppData\Local\Autodesk
2016-09-02 16:44 - 2016-09-02 16:53 - 00000000 ____D C:\Users\Owner\Documents\Random Scans
2016-09-02 03:02 - 2016-09-02 03:02 - 00435296 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynCom.dll
2016-09-02 03:02 - 2016-09-02 03:02 - 00071264 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel_Aux.sys
2016-09-02 03:02 - 2016-09-02 03:02 - 00067680 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_AMDASF_Aux.sys
2016-09-02 03:02 - 2016-09-02 03:02 - 00066144 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynRMIHID_Aux.sys
2016-08-31 13:13 - 2016-08-27 00:12 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-08-31 13:13 - 2016-08-26 23:58 - 00121368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-08-31 13:13 - 2016-08-26 23:39 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-08-31 13:13 - 2016-08-26 23:38 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-08-31 13:13 - 2016-08-26 23:38 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-08-31 13:13 - 2016-08-26 23:37 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-08-31 13:13 - 2016-08-26 23:25 - 00804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-08-31 13:13 - 2016-08-20 01:05 - 01377008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-08-31 13:13 - 2016-08-20 01:03 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-08-31 13:13 - 2016-08-20 00:46 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-08-31 13:13 - 2016-08-20 00:34 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2016-08-31 13:13 - 2016-08-20 00:22 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-08-31 13:13 - 2016-08-20 00:21 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2016-08-31 13:13 - 2016-08-20 00:21 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_G18030.DLL
2016-08-31 13:13 - 2016-08-20 00:21 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-08-31 13:13 - 2016-08-20 00:21 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\c_GSM7.DLL
2016-08-31 13:13 - 2016-08-20 00:20 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-08-31 13:13 - 2016-08-20 00:20 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-08-31 13:13 - 2016-08-20 00:20 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-08-31 13:13 - 2016-08-20 00:20 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_IS2022.DLL
2016-08-31 13:13 - 2016-08-20 00:19 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-08-31 13:13 - 2016-08-20 00:19 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-08-31 13:13 - 2016-08-20 00:18 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-08-31 13:13 - 2016-08-20 00:18 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-08-31 13:13 - 2016-08-20 00:18 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-08-31 13:13 - 2016-08-20 00:18 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-08-31 13:13 - 2016-08-20 00:17 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2016-08-31 13:13 - 2016-08-20 00:17 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-08-31 13:13 - 2016-08-20 00:17 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll
2016-08-31 13:13 - 2016-08-20 00:16 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-08-31 13:13 - 2016-08-20 00:15 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-08-31 13:13 - 2016-08-20 00:15 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-08-31 13:13 - 2016-08-20 00:14 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_G18030.DLL
2016-08-31 13:13 - 2016-08-20 00:14 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-08-31 13:13 - 2016-08-20 00:14 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-08-31 13:13 - 2016-08-20 00:14 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_IS2022.DLL
2016-08-31 13:13 - 2016-08-20 00:14 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\c_GSM7.DLL
2016-08-31 13:13 - 2016-08-20 00:13 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-08-31 13:13 - 2016-08-20 00:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-31 13:13 - 2016-08-20 00:12 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-08-31 13:13 - 2016-08-20 00:12 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-08-31 13:13 - 2016-08-20 00:11 - 00965120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-08-31 13:13 - 2016-08-20 00:11 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-08-31 13:13 - 2016-08-20 00:11 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-08-31 13:13 - 2016-08-20 00:10 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-08-31 13:13 - 2016-08-20 00:08 - 00204288 _____ (Windows ® Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll
2016-08-31 13:13 - 2016-08-20 00:07 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-08-31 13:13 - 2016-08-20 00:07 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2016-08-31 13:13 - 2016-08-20 00:07 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-08-31 13:13 - 2016-08-20 00:06 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-08-31 13:13 - 2016-08-20 00:06 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll
2016-08-31 13:13 - 2016-08-20 00:04 - 03245056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-08-31 13:13 - 2016-08-20 00:04 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-08-31 13:13 - 2016-08-20 00:04 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll
2016-08-31 13:13 - 2016-08-20 00:03 - 02846208 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-08-31 13:13 - 2016-08-20 00:01 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2016-08-31 13:13 - 2016-08-20 00:00 - 00141824 _____ (Windows ® Win 7 DDK provider) C:\WINDOWS\SysWOW64\DscCoreConfProv.dll
2016-08-31 13:13 - 2016-08-19 23:59 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2016-08-31 13:13 - 2016-08-19 23:58 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-08-31 13:13 - 2016-08-19 23:58 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi_passthru.dll
2016-08-31 13:13 - 2016-08-19 23:56 - 02711040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-08-31 13:13 - 2016-08-19 23:56 - 02143232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-08-31 13:13 - 2016-08-19 23:56 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-31 13:13 - 2016-08-19 23:56 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\delegatorprovider.dll
2016-08-31 13:13 - 2016-08-19 23:55 - 00726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-08-31 13:13 - 2016-08-19 23:54 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-08-31 13:13 - 2016-08-19 23:51 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-08-31 13:12 - 2016-08-27 07:45 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-08-31 13:12 - 2016-08-27 04:37 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-08-31 13:12 - 2016-08-26 23:44 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\encapi.dll
2016-08-31 13:12 - 2016-08-26 23:43 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\encapi.dll
2016-08-31 13:12 - 2016-08-20 01:06 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-31 13:12 - 2016-08-20 00:20 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-08-31 13:12 - 2016-08-20 00:14 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2016-08-31 13:12 - 2016-08-20 00:11 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-08-31 13:12 - 2016-08-20 00:04 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-08-31 13:12 - 2016-08-18 20:33 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS
2016-08-25 19:24 - 2016-08-25 19:24 - 00003316 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2016-08-25 19:22 - 2016-08-25 19:22 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Skype
2016-08-25 13:21 - 2016-08-05 23:33 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-08-25 13:21 - 2016-08-05 23:31 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2016-08-25 13:21 - 2016-08-05 23:29 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-08-25 13:21 - 2016-08-05 23:26 - 01176664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-08-25 13:21 - 2016-08-05 23:18 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-08-25 13:21 - 2016-08-05 23:17 - 00790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-08-25 13:21 - 2016-08-05 23:16 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-25 13:21 - 2016-08-05 23:09 - 00151224 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-25 13:21 - 2016-08-05 23:03 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-08-25 13:21 - 2016-08-05 23:03 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-08-25 13:21 - 2016-08-05 22:48 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2016-08-25 13:21 - 2016-08-05 22:48 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2016-08-25 13:21 - 2016-08-05 22:47 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-08-25 13:21 - 2016-08-05 22:47 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-08-25 13:21 - 2016-08-05 22:46 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-08-25 13:21 - 2016-08-05 22:45 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2016-08-25 13:21 - 2016-08-05 22:45 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-08-25 13:21 - 2016-08-05 22:45 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-08-25 13:21 - 2016-08-05 22:45 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2016-08-25 13:21 - 2016-08-05 22:45 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2016-08-25 13:21 - 2016-08-05 22:45 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2016-08-25 13:21 - 2016-08-05 22:44 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2016-08-25 13:21 - 2016-08-05 22:43 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2016-08-25 13:21 - 2016-08-05 22:43 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-08-25 13:21 - 2016-08-05 22:41 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-08-25 13:21 - 2016-08-05 22:41 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-08-25 13:21 - 2016-08-05 22:41 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2016-08-25 13:21 - 2016-08-05 22:40 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-25 13:21 - 2016-08-05 22:40 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2016-08-25 13:21 - 2016-08-05 22:40 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2016-08-25 13:21 - 2016-08-05 22:39 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-08-25 13:21 - 2016-08-05 22:39 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2016-08-25 13:21 - 2016-08-05 22:33 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-08-25 13:21 - 2016-08-05 22:31 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-08-25 13:21 - 2016-08-05 22:28 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2016-08-25 13:21 - 2016-08-05 22:28 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-08-25 13:21 - 2016-08-05 22:26 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-25 13:21 - 2016-08-05 22:21 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-08-25 13:21 - 2016-08-05 04:14 - 01066328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2016-08-25 13:21 - 2016-08-05 04:10 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2016-08-25 13:21 - 2016-08-05 04:05 - 00665768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2016-08-25 13:21 - 2016-08-05 03:28 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2016-08-25 13:21 - 2016-08-05 03:22 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2016-08-25 13:21 - 2016-08-05 03:20 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-08-25 13:21 - 2016-08-05 03:08 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2016-08-25 13:20 - 2016-08-05 23:31 - 00077664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-08-25 13:20 - 2016-08-05 23:29 - 00199008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2016-08-25 13:20 - 2016-08-05 23:23 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-25 13:20 - 2016-08-05 23:17 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-25 13:20 - 2016-08-05 23:15 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2016-08-25 13:20 - 2016-08-05 23:13 - 01847048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-08-25 13:20 - 2016-08-05 23:13 - 00044472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-08-25 13:20 - 2016-08-05 23:08 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-08-25 13:20 - 2016-08-05 23:04 - 00361096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2016-08-25 13:20 - 2016-08-05 22:48 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2016-08-25 13:20 - 2016-08-05 22:47 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-08-25 13:20 - 2016-08-05 22:46 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2016-08-25 13:20 - 2016-08-05 22:46 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2016-08-25 13:20 - 2016-08-05 22:46 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-08-25 13:20 - 2016-08-05 22:45 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2016-08-25 13:20 - 2016-08-05 22:45 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-08-25 13:20 - 2016-08-05 22:44 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2016-08-25 13:20 - 2016-08-05 22:44 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2016-08-25 13:20 - 2016-08-05 22:44 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2016-08-25 13:20 - 2016-08-05 22:43 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-08-25 13:20 - 2016-08-05 22:43 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-08-25 13:20 - 2016-08-05 22:41 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2016-08-25 13:20 - 2016-08-05 22:41 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2016-08-25 13:20 - 2016-08-05 22:39 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2016-08-25 13:20 - 2016-08-05 22:36 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-08-25 13:20 - 2016-08-05 22:31 - 01052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-08-25 13:20 - 2016-08-05 22:31 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-08-25 13:20 - 2016-08-05 22:29 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-08-25 13:20 - 2016-08-05 22:29 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-08-25 13:20 - 2016-08-05 22:29 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-08-25 13:20 - 2016-08-05 22:28 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-08-25 13:20 - 2016-08-05 22:23 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-25 13:20 - 2016-08-05 22:23 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2016-08-25 13:20 - 2016-08-05 22:19 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-08-25 13:20 - 2016-08-05 03:29 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2016-08-25 13:20 - 2016-08-05 03:20 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2016-08-25 13:19 - 2016-08-05 22:48 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2016-08-25 13:19 - 2016-08-05 22:48 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2016-08-25 13:19 - 2016-08-05 22:48 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2016-08-25 13:19 - 2016-08-05 22:48 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2016-08-25 13:19 - 2016-08-05 22:47 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2016-08-25 13:19 - 2016-08-05 22:47 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2016-08-25 13:19 - 2016-08-05 22:46 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2016-08-25 13:19 - 2016-08-05 22:46 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-08-25 13:19 - 2016-08-05 22:40 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2016-08-25 13:19 - 2016-08-05 03:23 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2016-08-25 13:19 - 2016-08-05 03:18 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-09-24 12:09 - 2016-01-01 18:10 - 00000000 ____D C:\Users\Owner\Documents\CheckBook
2016-09-24 12:07 - 2016-08-17 05:15 - 00003230 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForOwner
2016-09-24 12:07 - 2016-07-04 14:00 - 00000338 _____ C:\WINDOWS\Tasks\HPCeeScheduleForOwner.job
2016-09-24 11:40 - 2016-01-03 09:55 - 00000000 ____D C:\Users\Owner\Documents\Medical
2016-09-24 11:13 - 2016-01-01 18:11 - 00000000 ____D C:\Users\Owner\Documents\Christmas
2016-09-24 10:00 - 2016-08-17 04:33 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-09-24 09:43 - 2016-07-16 06:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-24 09:43 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-24 09:13 - 2015-08-11 12:30 - 00000000 ____D C:\Users\Owner\AppData\Local\Adobe
2016-09-24 09:07 - 2015-10-04 12:45 - 00000000 ___RD C:\Users\Owner\iCloudDrive
2016-09-24 09:07 - 2015-09-03 16:45 - 00000000 ___RD C:\Users\Owner\OneDrive
2016-09-24 09:07 - 2015-08-09 18:04 - 00000000 ___RD C:\Users\Owner\Google Drive
2016-09-24 09:05 - 2016-08-17 05:15 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-24 09:04 - 2016-07-16 01:04 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2016-09-24 09:04 - 2015-12-01 15:12 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2016-09-24 09:04 - 2015-08-01 18:31 - 00000000 ____D C:\ProgramData\panda_url_filtering
2016-09-24 07:37 - 2016-08-17 04:42 - 01170334 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-23 20:28 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\Cursors
2016-09-22 02:46 - 2013-11-01 12:25 - 00000000 ____D C:\ProgramData\TEMP
2016-09-20 04:26 - 2016-07-16 06:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-20 04:25 - 2015-08-01 19:08 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-09-18 08:54 - 2015-08-08 11:03 - 00000000 ____D C:\Users\Owner\Desktop\Temp
2016-09-17 08:08 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\rescache
2016-09-16 17:31 - 2015-08-01 18:05 - 00002239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-15 19:21 - 2014-01-14 18:28 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-09-15 19:17 - 2016-07-16 06:45 - 00000000 ____D C:\WINDOWS\INF
2016-09-15 19:16 - 2016-08-17 04:33 - 00292344 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-09-15 19:14 - 2016-07-16 06:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-09-15 19:14 - 2016-07-16 06:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-09-15 19:14 - 2016-07-16 06:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-09-15 19:14 - 2016-07-16 06:47 - 00000000 ___RD C:\Program Files\Windows Defender
2016-09-15 19:14 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-09-15 19:14 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-09-15 19:14 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-09-15 19:14 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-09-15 19:14 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-09-15 19:14 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-09-15 19:14 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-15 19:14 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-09-15 19:14 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\Provisioning
2016-09-15 19:14 - 2016-07-16 06:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-09-15 19:14 - 2016-07-16 01:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-09-15 19:14 - 2016-07-16 01:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-09-15 17:37 - 2016-07-16 06:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-15 17:36 - 2014-12-15 23:42 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-09-15 17:24 - 2014-12-15 23:42 - 144199024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-09-15 13:03 - 2016-08-17 05:15 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-09-13 15:15 - 2013-04-27 21:55 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2016-09-13 15:15 - 2013-04-27 21:54 - 00000000 ____D C:\ProgramData\WildTangent
2016-09-11 10:06 - 2016-07-16 01:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-09-11 09:54 - 2016-01-03 09:55 - 00000000 ____D C:\Users\Owner\Documents\Life
2016-09-07 11:32 - 2016-07-16 06:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-09-07 11:32 - 2016-07-16 06:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-06 11:54 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-09-06 11:54 - 2014-12-13 21:09 - 00000000 ____D C:\Users\Owner\AppData\Local\Packages
2016-09-05 13:30 - 2016-01-03 09:54 - 00000000 ____D C:\Users\Owner\Documents\Crossroads Animal Shelter
2016-09-03 08:44 - 2016-01-03 09:56 - 00000000 ____D C:\Users\Owner\Documents\STMA L&F Pets
2016-09-02 16:48 - 2016-01-03 09:55 - 00000000 ____D C:\Users\Owner\Documents\Graphics
2016-09-02 16:45 - 2016-01-03 09:54 - 00000000 ____D C:\Users\Owner\Documents\Biz Stuff
2016-09-02 16:43 - 2016-07-30 10:54 - 00000000 ____D C:\Users\Owner\Documents\Geneology
2016-09-02 03:03 - 2015-12-01 16:07 - 01804696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2016-09-02 03:02 - 2015-12-09 11:34 - 00863328 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynTP.sys
2016-09-02 03:02 - 2015-12-09 11:34 - 00287840 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo41.dll
2016-09-02 03:02 - 2015-12-09 11:34 - 00285792 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll
2016-09-02 03:02 - 2015-12-09 11:29 - 00806496 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2016-09-02 03:02 - 2015-12-01 16:07 - 00067680 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_AMDASF.sys
2016-08-31 22:11 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-08-31 13:03 - 2016-07-16 06:43 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-08-31 13:02 - 2016-07-16 06:43 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-08-31 13:02 - 2016-07-16 06:42 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-08-31 13:02 - 2016-07-16 06:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-08-29 16:56 - 2016-01-03 09:56 - 00000000 ___RD C:\Users\Owner\Documents\Scanned Documents
2016-08-26 17:08 - 2016-08-17 04:45 - 00000000 ____D C:\Users\Owner
2016-08-25 19:24 - 2015-12-01 16:02 - 00002370 _____ C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
 
==================== Files in the root of some directories =======
 
2015-10-31 10:28 - 2016-06-03 16:49 - 0007601 _____ () C:\Users\Owner\AppData\Local\Resmon.ResmonCfg
2015-08-20 15:31 - 2015-08-20 15:31 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-07-31 08:33 - 2016-07-31 08:34 - 0001150 _____ () C:\ProgramData\StreamingMediaTechnologyLog.txt
 
Files to move or delete:
====================
C:\Windows\Tasks\{A1E1687E-D899-4739-9B41-F1FD35D7E492}.job
 
 
Some files in TEMP:
====================
C:\Users\Owner\AppData\Local\Temp\AcDeltree.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-09-24 09:45
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-09-2016 02
Ran by Owner (24-09-2016 12:17:11)
Running from C:\Users\Owner\Desktop
Windows 10 Home Version 1607 (X64) (2016-08-17 10:33:41)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3571816096-2060556278-31395193-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-3571816096-2060556278-31395193-503 - Limited - Disabled)
Guest (S-1-5-21-3571816096-2060556278-31395193-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3571816096-2060556278-31395193-1004 - Limited - Enabled)
mari__000 (S-1-5-21-3571816096-2060556278-31395193-1006 - Administrator - Enabled)
Owner (S-1-5-21-3571816096-2060556278-31395193-1002 - Administrator - Enabled) => C:\Users\Owner
rwilb_000 (S-1-5-21-3571816096-2060556278-31395193-1005 - Administrator - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Panda Free Antivirus (Enabled - Up to date) {AAF74A68-8713-CDF1-004F-30003398BE9E}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Free Antivirus (Enabled - Up to date) {1196AB8C-A129-C27F-3AFF-0B72481FF423}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Firewall (Disabled) {92CCCB4D-CD7C-CCA9-2B10-9935CD4BF9E5}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Photoshop Elements 13 (HKLM-x32\...\{609818B9-23EB-4196-B466-EFE05E92A32F}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.6.636 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{3EAD91D5-2004-1B7F-26FF-C0B4AE3C62F7}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Carbonite (HKLM-x32\...\{D0D08FBC-6D5F-482C-B2ED-32E67D8FFAFF}) (Version: 6.0.1 build 6421 (Aug-04-2016) - Carbonite)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.3.2606 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.6.5011 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dragon NaturallySpeaking 12 (HKLM-x32\...\{D5D422B9-6976-4E98-8DDF-9632CB515D7E}) (Version: 12.00.100 - Nuance Communications Inc.)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
ffdshow [rev 2527] [2008-12-19] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.116 - Google Inc.)
Google Drive (HKLM-x32\...\{459CE109-4E46-4340-92BC-054642BC3BC2}) (Version: 1.31.2873.2758 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A}) (Version: 6.0.28.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}) (Version: 2.10.51 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{A64DC543-B6C3-4745-AAD6-AC9F1B765BCF}) (Version: 1.2.0.0 - Hewlett-Packard)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP MyRoom (HKLM-x32\...\{2C839F0F-5494-454D-9980-A14C5C5EB3EF}) (Version: 10.4.0168 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart 7520 series Basic Device Software (HKLM\...\{27ABA988-D480-4F44-B0FD-45E5656D2CFE}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 7520 series Help (HKLM-x32\...\{08295D09-E002-48F8-905D-34E4B08509BA}) (Version: 28.0.0 - Hewlett Packard)
HP Photosmart 7520 series Product Improvement Study (HKLM\...\{16B872EE-C458-41BD-BEAE-52758A3F3168}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6317.4309 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.3.34.7 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{F6A11738-3EE4-4573-AEA5-6CD5D491C167}) (Version: 12.5.32.37 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{6B1ECC61-B581-400D-BFAF-101B1AAEA5AB}) (Version: 1.4.7 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Utility Center (HKLM\...\{73237EBB-B26F-4628-8754-4EFE563D72E9}) (Version: 2.1.5 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
iCloud (HKLM\...\{724A887F-2B55-4306-B6F9-8F0E7A04B1B5}) (Version: 5.2.2.87 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6491.0 - IDT)
iTunes (HKLM\...\{955524E7-79EB-4CA9-BA4D-FD2DF587651B}) (Version: 12.4.3.1 - Apple Inc.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4859.1002 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{C89A97B6-F991-EBB5-77B7-927BCF420EBE}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4859.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4859.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4859.1002 - Microsoft Corporation) Hidden
Panda Devices Agent (x32 Version: 1.03.07 - Panda Security) Hidden
Panda Devices Agent (x32 Version: 1.06.00 - Panda Security) Hidden
Panda Free Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 16.0.2 - Panda Security)
Panda Free Antivirus (Version: 8.04.00.0000 - Panda Security) Hidden
Panda Security Toolbar (HKLM-x32\...\pandasecuritytb) (Version: 4.3.1.9 - Panda Security and Visicom Media Inc.)
PSTViewer Pro 7 (HKLM\...\{B515BC8D-408D-4CF5-AC6C-9B1E0E0F0DDF}) (Version: 7.5.460.0 - Encryptomatic, LLC)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Ralink Bluetooth Stack64 (HKLM\...\{307AA214-8490-9119-DA81-C8E875AD1C94}) (Version: 11.0.737.5 - Mediatek)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.37.0 - Mediatek)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.29068 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
RonyaSoft Poster Printer (ProPoster) 3.01 (HKLM-x32\...\RonyaSoft Poster Printer (ProPoster)) (Version: 3.01 - RonyaSoft)
rUpdater (HKLM-x32\...\{F42E1C4B-0C59-4165-BFD4-FA8C46C84996}) (Version: 2.5 - rUpdater Software)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.2.4.10 - Synaptics Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3571816096-2060556278-31395193-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Owner\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {034EA9BC-0F5E-4BF8-B4DB-92B4505DCFDD} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-08-18] (HP Inc.)
Task: {044350E6-C3C5-4CED-8E81-E108D50431F3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-08-23] (HP Inc.)
Task: {088726A0-A221-4D37-9CA0-66CF0B422E23} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {0D778531-F309-493F-B908-FE28FB7F3606} - \YCMServiceAgent -> No File <==== ATTENTION
Task: {0ECCCD2A-597A-4459-A61A-363C978C9A10} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {0F0C67EC-8E5A-4C25-B3F3-1F73DF489C9B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {10AE2ED3-1B20-4805-A65D-7D421CA08CC6} - System32\Tasks\HP AR Program Upload - 13b048195d264b5fb015dcb5688a0bf990b19bbb1e4241188313634cf36ebf65 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {2DA7BE35-1F3C-443F-9695-4104B8582160} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {32B6EC46-1E7F-4512-85F4-2CC6D30F1F7B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {3495BB16-2E14-4DAC-AB62-655B3B0BA71B} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2016-07-08] (Apple Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe
Task: {3794419E-E8A3-4320-87F1-E4417612950D} - System32\Tasks\HPCustParticipation HP Photosmart 7520 series => C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {3924BA5F-FDB3-43D6-92C5-87F41A1CCC8D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {400F66B8-07BE-4DB3-BC52-BA839403206F} - System32\Tasks\AdobeAAMUpdater-1.0-PC-Owner => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-08-27] (Adobe Systems Incorporated)
Task: {48F3CA6F-826F-4888-B2C1-33EAD7E7DF3E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-01] (Google Inc.)
Task: {66D5B3F6-BE8F-4974-AE40-6C4BF5CEEC6C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-09-15] (Microsoft Corporation)
Task: {66F1E160-B411-48FD-ADED-FFD1EFEBE882} - System32\Tasks\HP AR Program Upload - 59efb5f037674031b411c4abdc22dbabfc064db05304497a8144a2de34945686 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {67942D69-0812-4412-994A-FFC9AF27E0BB} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {6D0BE5D3-C0AF-4914-87D0-58F0D6EEB26F} - System32\Tasks\Microsoft\Windows\SysResetLogSuccess => Rundll32.exe ResetEng.dll,RjvLogSuccessEntryPoint
Task: {799237A8-40CB-4BE5-B57A-AD8EAD4E6CD3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-08] (Adobe Systems Incorporated)
Task: {827104DF-5CD3-41FE-BF14-DE784E404802} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.)
Task: {90F02EDA-B3E2-4F92-BCEF-6A0BEF528E56} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2016-09-02] (Synaptics Incorporated)
Task: {934D048D-6A77-439E-BAB6-CF200D9E9EE9} - System32\Tasks\HP AR Program Upload - d237079b094e40d5b92c2a7a186b1ae878c9d48866ac41e785a85267ca21038b => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {93EF3557-8EEB-4F1F-9657-C4E583490EDB} - System32\Tasks\HP AR Program Upload - cc5fe602b0454df298e9f2213c70f5915cedda117e3e4b0ea206214d67c464a8 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {94C66E5B-F752-4DDF-B70F-A8B44ACF4981} - System32\Tasks\HP AR Program Upload - 7a620f6a9e794ac4935f1bd437f9a7568627dc9a7981485cb22ce992afa6a70b => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {96C81D51-D447-4500-8994-980C0C3A727F} - System32\Tasks\HP AR Program Upload - 04c32abb928e41d58951629e32c48e15a9b744708e4048439af7a9b6f3b1a21f => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {991BBBBB-EBDF-485C-B498-4A823DBADC3A} - \{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4} -> No File <==== ATTENTION
Task: {9D1444AC-0A5C-486E-BB52-BCCC46B0BFF4} - \WPD\SqmUpload_S-1-5-21-3571816096-2060556278-31395193-1002 -> No File <==== ATTENTION
Task: {A6CD674D-E253-4A8B-B67E-F8BD6074E621} - System32\Tasks\HP AR Program Upload - 95a0f5c3e17a43178792f2d4fd896425c9b7170f30bd4833ad85df257c454e0d => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {AA9646CB-519F-4CF0-BB80-C881C88B72B8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)
Task: {AAD3CA78-EAF4-4F49-AB5A-991A94B7A9E8} - System32\Tasks\Driver Booster SkipUAC (Owner) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {AEDA639D-00B6-4EFF-9BDE-C796EC7A44D5} - System32\Tasks\HP AR Program Upload - 60b9449260e84595a093000ee04f48dc42803145a44e44549b09086fdf283130 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {BD82E335-26E4-421E-BDBB-CC21E1414541} - System32\Tasks\HP AR Program Upload - d630fbb24d2e4b58828058b993cfddb084940f9ba3dc42edb773fd41bc9add95 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {BE06E552-7606-40C2-A537-E51E43287E11} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.)
Task: {C05D4101-466F-440D-9F60-3BE1216E6CDF} - System32\Tasks\DriverMaxAgent => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
Task: {C73FDDB3-E38C-4C8A-9235-C8C996221277} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-07-26] (Microsoft Corporation)
Task: {C7584784-086B-4731-8793-6901F0950842} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {CAD0BE23-ABD7-4504-80B0-656B8C02719E} - System32\Tasks\{A1E1687E-D899-4739-9B41-F1FD35D7E492} => C:\Program Files (x86)\Panda Security\Panda Security Protection\JobLauncher.exe [2015-10-20] (Panda Security, S.L.)
Task: {CAF5EB68-236D-4AEA-9DE0-FFFDA880E3F3} - System32\Tasks\HP AR Program Upload - 47af6eb2eb55495ea77bf8d7240bdb802bb1319547d240f684d2261ca10577c3 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {CF6A0242-24C3-4D56-9504-35C88A271C4F} - System32\Tasks\HP AR Program Upload - 27e16fb787014adb989b3b6d3ae895d9ca3fb2e99092439a83ced62f18f59f1d => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {D68DC9B7-9724-48D6-AFFA-F326B3CB4C50} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-01] (Google Inc.)
Task: {D9AA527F-7F7F-4E2C-92DC-D6F0D031C8BC} - System32\Tasks\HP AR Program Upload - 157c157312034a29b55b03fdf0e7a42f5849161fad3940c18ac3edc072ba8db7 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {E71854BD-6AEF-425B-9355-927837005826} - \Microsoft OneDrive Auto Update Task-S-1-5-21-3571816096-2060556278-31395193-1002 -> No File <==== ATTENTION
Task: {E8750D5A-1AA6-4BFB-A681-B9CE7FC21B07} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {E8F05230-863A-4482-9B69-B54C526DE88E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-08-23] (HP Inc.)
Task: {ECBFA069-DEED-4542-A47C-19C573961578} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-07-26] (Microsoft Corporation)
Task: {F5657CE0-9A7F-4B26-AB8F-775E10D69A66} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Owner\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-25] (Microsoft Corporation)
Task: {F611FBA4-AC6A-4BAB-B8DB-CC32414281CF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {F808D0D3-C894-4B4F-BA3E-5B63E3522E3C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {F86DD61A-78CA-4A0D-A3BB-98C4A359859E} - System32\Tasks\HP AR Program Upload - 9dff23a5152d4eff91c964a9ac6f6adbb4ff3d7ea8ad4acb9c824bd72ea89781 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {FB0405CE-1534-4DEA-B5F6-8822D36939F2} - System32\Tasks\HP AR Program Upload - 05043a01f62c4db8ac8ef14dd94e6d096f6a2ff3485e42539b3d7369458b29b4 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {FD971D67-82D8-4823-B26D-9BACC344A69E} - System32\Tasks\HPCeeScheduleForOwner => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {FE8A1AD1-2C74-44EF-BDCF-86BAB3EAF9B2} - System32\Tasks\HP AR Program Upload - 5dbd5b0315a34311b8639bddbaba717c86cf94835bb34f0e9f10d544291b21d3 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {FFE1B373-6E5A-4BBB-9E89-4F8D86D9C60F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForOwner.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: C:\WINDOWS\Tasks\{A1E1687E-D899-4739-9B41-F1FD35D7E492}.job => C:\Program Files (x86)\Panda Security\Panda Security Protection\JobLauncher.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-07-16 06:42 - 2016-07-16 06:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-15 15:21 - 2016-09-07 00:44 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2014-07-05 00:33 - 2014-07-05 00:33 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-04 08:24 - 2016-05-24 09:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2016-09-15 15:21 - 2016-09-07 00:44 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-25 19:23 - 2016-08-25 19:23 - 01864384 _____ () C:\Users\Owner\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-07-29 05:25 - 2016-05-24 11:43 - 08909504 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2016-07-16 06:42 - 2016-07-16 06:42 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2016-09-15 15:21 - 2016-09-06 23:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-09-15 15:20 - 2016-09-06 23:57 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-09-15 15:21 - 2016-09-06 23:41 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-09-15 15:21 - 2016-09-06 23:35 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-15 15:19 - 2016-09-06 23:35 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-09-15 15:21 - 2016-09-06 23:35 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-09-15 15:21 - 2016-09-06 23:35 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-09-15 15:22 - 2016-09-06 23:40 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-08-30 09:31 - 2016-08-30 09:36 - 00071168 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-08-30 09:31 - 2016-08-30 09:36 - 00178176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-08-30 09:31 - 2016-08-30 09:36 - 35288064 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2013-04-12 12:23 - 2013-04-12 12:23 - 00612664 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
2015-09-01 17:10 - 2015-09-01 17:10 - 00069632 _____ () C:\Users\Owner\AppData\Roaming\rUpdater Software\rUpdater\rupd_dll.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 00244536 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01041208 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-08-25 19:22 - 2016-08-25 19:22 - 01383616 _____ () C:\Users\Owner\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll
2016-08-25 19:22 - 2016-08-25 19:22 - 00118976 _____ () C:\Users\Owner\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncViews.dll
2016-09-24 09:06 - 2016-09-24 09:06 - 00098816 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI67722\win32api.pyd
2016-09-24 09:06 - 2016-09-24 09:06 - 00110080 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI67722\pywintypes27.dll
2016-09-24 09:06 - 2016-09-24 09:06 - 00364544 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI67722\pythoncom27.dll
2016-09-24 09:06 - 2016-09-24 09:06 - 00320512 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI67722\win32com.shell.shell.pyd
2016-09-24 09:06 - 2016-09-24 09:06 - 00776704 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI67722\_hashlib.pyd
2016-09-24 09:06 - 2016-09-24 09:06 - 01176576 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI67722\wx._core_.pyd
2016-09-24 09:06 - 2016-09-24 09:06 - 00806400 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI67722\wx._gdi_.pyd
2016-09-24 09:06 - 2016-09-24 09:06 - 00816128 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI67722\wx._windows_.pyd
2016-09-24 09:06 - 2016-09-24 09:06 - 01067008 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI67722\wx._controls_.pyd
2016-09-24 09:06 - 2016-09-24 09:06 - 00733184 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI67722\wx._misc_.pyd
2016-09-24 09:06 - 2016-09-24 09:06 - 00682496 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI67722\pysqlite2._sqlite.pyd
2016-09-24 09:06 - 2016-09-24 09:06 - 00088064 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI67722\_ctypes.pyd
2016-09-24 09:06 - 2016-09-24 09:06 - 00119808 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI67722\win32file.pyd
2016-09-24 09:06 - 2016-09-24 09:06 - 00108544 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI67722\win32security.pyd
2016-09-24 09:06 - 2016-09-24 09:06 - 00007168 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI67722\hashobjs_ext.pyd
2016-09-24 09:06 - 2016-09-24 09:06 - 00017920 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI67722\thumbnails_ext.pyd
2016-09-24 09:06 - 2016-09-24 09:06 - 00088064 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI67722\usb_ext.pyd
2016-09-24 09:06 - 2016-09-24 09:06 - 00012800 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI67722\common.time34.pyd
2016-09-24 09:06 - 2016-09-24 09:06 - 00018432 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI67722\win32event.pyd
2016-09-24 09:06 - 2016-09-24 09:06 - 00167936 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI67722\win32gui.pyd
2016-09-24 09:06 - 2016-09-24 09:06 - 00046080 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI67722\_socket.pyd
2016-09-24 09:06 - 2016-09-24 09:06 - 01208320 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI67722\_ssl.pyd
2016-09-24 09:06 - 2016-09-24 09:06 - 00128512 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI67722\_elementtree.pyd
2016-09-24 09:06 - 2016-09-24 09:06 - 00127488 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI67722\pyexpat.pyd
2016-09-24 09:06 - 2016-09-24 09:06 - 00038912 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI67722\win32inet.pyd
2016-09-24 09:06 - 2016-09-24 09:06 - 00036864 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI67722\_psutil_windows.pyd
2016-09-24 09:06 - 2016-09-24 09:06 - 00525208 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI67722\windows._lib_cacheinvalidation.pyd
2016-09-24 09:06 - 2016-09-24 09:06 - 00011264 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI67722\win32crypt.pyd
2016-09-24 09:06 - 2016-09-24 09:06 - 00077312 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI67722\wx._html2.pyd
2016-09-24 09:06 - 2016-09-24 09:06 - 00027136 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI67722\_multiprocessing.pyd
2016-09-24 09:06 - 2016-09-24 09:06 - 00020480 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI67722\_yappi.pyd
2016-09-24 09:06 - 2016-09-24 09:06 - 00035840 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI67722\win32process.pyd
2016-09-24 09:06 - 2016-09-24 09:06 - 00686080 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI67722\unicodedata.pyd
2016-09-24 09:06 - 2016-09-24 09:06 - 00078848 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI67722\wx._animate.pyd
2016-09-24 09:06 - 2016-09-24 09:06 - 00123392 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI67722\wx._wizard.pyd
2016-09-24 09:06 - 2016-09-24 09:06 - 00024064 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI67722\win32pipe.pyd
2016-09-24 09:06 - 2016-09-24 09:06 - 00010240 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI67722\select.pyd
2016-09-24 09:06 - 2016-09-24 09:06 - 00025600 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI67722\win32pdh.pyd
2016-09-24 09:06 - 2016-09-24 09:06 - 00017408 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI67722\win32profile.pyd
2016-09-24 09:06 - 2016-09-24 09:06 - 00022528 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI67722\win32ts.pyd
2016-09-16 17:31 - 2016-09-13 19:38 - 01806152 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libglesv2.dll
2016-09-16 17:31 - 2016-09-13 19:38 - 00094024 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libegl.dll
2016-09-20 04:24 - 2016-09-20 04:24 - 00325824 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:0FF263E8 [132]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3571816096-2060556278-31395193-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Owner\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Photo Gallery Wallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\Services: wercplsupport => 3
MSCONFIG\Services: WerSvc => 3
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{93185099-1E73-4EB3-8453-61B76D2DD2B0}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [UDP Query User{25BB462A-3926-42E9-9008-C5EA57BF69D3}C:\program files (x86)\hewlett-packard\hp support solutions\modules\hpdevicedetection3.exe] => (Allow) C:\program files (x86)\hewlett-packard\hp support solutions\modules\hpdevicedetection3.exe
FirewallRules: [TCP Query User{518D0F4D-1C6D-4C62-B7D6-542DCE8E38AB}C:\program files (x86)\hewlett-packard\hp support solutions\modules\hpdevicedetection3.exe] => (Allow) C:\program files (x86)\hewlett-packard\hp support solutions\modules\hpdevicedetection3.exe
FirewallRules: [{6BED2BA7-7EE0-421F-819D-168785BCBB23}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS18D5\HPDiagnosticCoreUI.exe
FirewallRules: [{F67360EC-D1B4-4492-BF95-126FB166C09A}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS18D5\HPDiagnosticCoreUI.exe
FirewallRules: [{00C14A15-BA90-42E0-90AF-F6501B2B34CE}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe
FirewallRules: [{6121C2E9-D55E-4AEA-8056-FCF01E4A60E4}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe
FirewallRules: [{2DDFEF7C-4252-47A7-A850-7F6DE7AAE8A2}] => (Allow) C:\Program Files (x86)\pandasecuritytb\cleanupie.exe
FirewallRules: [{CE704780-EA55-45B5-863D-329DC98C67BA}] => (Allow) C:\Program Files (x86)\pandasecuritytb\cleanupie.exe
FirewallRules: [{74F795BD-037C-42F3-81DB-B9123E5D8BA2}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{97A3064E-8034-4672-A47B-89428E45EB41}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{B0B82F4E-742A-4039-A581-3BBAAD3A109A}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{FAD139DC-3C20-46A0-B0FA-79B788C4D521}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{87BFF0F6-3908-45E2-B21B-1F8B5D09ACB4}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{9C6496B5-B155-48B3-A5DC-71ED669DDD17}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{807CC95B-1D77-4C4C-B83D-EB202C737235}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{0BDD030A-D508-44F3-881D-36A5BA0CAEC8}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{2EC70B66-EC65-4DC8-9203-F32D2A2FBCC2}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\DeviceSetup.exe
FirewallRules: [{214D5439-35C4-4425-8A31-C79185FDD4C5}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\SendAFax.exe
FirewallRules: [{B6557E65-EE02-4C14-A7BB-B1BDEFB02549}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\DigitalWizards.exe
FirewallRules: [{C2FBD466-EC4C-422F-8AD3-484662D1B0FB}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\FaxApplications.exe
FirewallRules: [{83923E4A-E76D-417E-B862-9020CFB46E4E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{351EF3AF-88D8-482E-945B-25FF2832EE88}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{D638B2EF-CC5C-4538-B716-EAA5B4743DF3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{A7CA6AA7-4AEF-416D-AB9E-30E35D196984}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{BD15BCC9-A39B-4AD8-895C-72C83C45273D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{D5259FD3-0338-4BE1-B6CD-8CC43E6C1E6F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{8D0072BD-E00E-45AF-BB20-C494CC61DCAB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{4B9F8D77-C991-4DC1-B527-A69887EC7768}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [{F1599A5B-1DAA-4C18-A357-CD55FBC5E13F}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [{396330BB-5710-41EF-A8BA-23CE2FADD2A9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7A1165C8-33B0-45CC-B0BD-67A27987A24A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{ACA4B57B-91B6-4C55-B263-5CB0F0513E44}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7779F5EA-1A36-4D36-B05D-EF490367065A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2CC95ACD-940D-4E6A-9710-2E0E68460B8B}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe
FirewallRules: [{84FB5B07-15B4-4B51-BC03-4B3BE4AFA0D9}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe
FirewallRules: [{35EA0C09-0C1A-4D45-920C-28EAC803655A}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe
FirewallRules: [{E7AD625E-BF54-4F83-ABC3-705FE22BF357}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe
FirewallRules: [{FE25341A-3A39-4AD8-8479-68329B3176D0}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe
FirewallRules: [{C9E34CCC-7F9B-4D57-88BA-2C4232D6C9FF}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe
FirewallRules: [{D558E438-88B2-4F22-842A-A4D153B87271}] => (Allow) C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{347CEAF3-405C-475C-86AD-B20989C9B73E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{7C3927CE-AB1F-4BCF-8442-1058D560C8C3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{634BCF34-41D8-4812-9210-DA02A9C518A1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{55E88299-1570-4F2A-BC9A-DE240029A836}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{45AF73DB-CD3D-4F03-8EF9-049243F17417}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{00746B45-66F9-4130-9C7B-7A7A54A70541}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{9134EBE7-9E0F-40DE-BB1B-2CCA814DDD34}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{F92DAB55-2100-4496-B092-7E35940BFF7B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{51C4E45A-C5B3-4317-93B6-2665A00761F2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{79DCA3DD-4808-443E-BFB4-44676B141AC5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{07811608-DE1B-41AB-809C-6947EBE250FC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{97FA3EA0-087C-417B-A5C6-B3921B71BD78}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{85069B8E-3B43-4C5C-8590-AFC4E70CC0BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid32.exe
FirewallRules: [{D5670B83-EC57-4AB4-81A7-6AAFEF693881}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid32.exe
FirewallRules: [{9036D1A4-7A6A-4072-8CCC-DEB98F6E11FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe
FirewallRules: [{C75FE225-25C9-4498-B13D-E528F0E138D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe
FirewallRules: [{921CE967-0573-4D10-AAA0-300AFB330F3E}] => (Allow) C:\Program Files (x86)\pandasecuritytb\dtuser.exe
FirewallRules: [{A78FD93C-B533-401E-823E-2461329B8FE1}] => (Allow) C:\Program Files (x86)\pandasecuritytb\dtuser.exe
FirewallRules: [{0965F846-D44F-4F7D-B066-5877018DE037}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe
FirewallRules: [{E1DF5F8A-6CE9-4C46-8D8F-68EEDB4A2D6F}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe
FirewallRules: [{A841F4B1-5F9E-4474-A2D0-95352830D027}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{C6475F0E-5D77-4B16-97C6-587DA739B3FD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{4968CAF8-E343-4C59-9CA7-2A3471C5E885}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{98DA7191-3F2A-47F7-8BA3-C7DCABB2E231}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{AAAD9B1F-46F0-443B-A64C-9D661F2551C3}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{E4B674E1-82E2-46E4-A221-9919620027C7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{DF95C8D4-A149-4209-AC3E-15C8C92565A1}] => (Allow) LPort=2869
FirewallRules: [{5A0F632A-07F3-47FE-9D97-F6AF0B12BFFE}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{71AC7401-346A-45C3-B98B-D550DC856710}C:\program files\verizon cloud\verizon cloud service.exe] => (Allow) C:\program files\verizon cloud\verizon cloud service.exe
FirewallRules: [UDP Query User{A2AF0334-2FCF-4785-8A0B-C9CF15103A60}C:\program files\verizon cloud\verizon cloud service.exe] => (Allow) C:\program files\verizon cloud\verizon cloud service.exe
FirewallRules: [{D9F0CD80-DBDF-4F1D-999F-D27C39E72091}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BCB20815-7187-40E4-93FD-33F9652EC2B4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{532A1504-1CD6-4EB1-9D88-832CBD4B5C61}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0E3C8F37-B259-467D-9705-8B028BE6EC29}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{797ABAC1-34D5-4E68-9FD4-B9F1920C463F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
22-09-2016 11:30:37 Windows Update
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/24/2016 08:56:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: microsoftedgecp.exe, version: 11.0.14393.82, time stamp: 0x57a55786
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000604
Fault offset: 0x0000000000000000
Faulting process id: 0x2ca8
Faulting application start time: 0x01d2166b64f68573
Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Faulting module path: unknown
Report Id: a058da15-5056-4d44-ba2e-a606087083e7
Faulting package full name: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Faulting package-relative application ID: MicrosoftEdge
 
Error: (09/24/2016 08:56:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: microsoftedgecp.exe, version: 11.0.14393.82, time stamp: 0x57a55786
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000604
Fault offset: 0x0000000000000000
Faulting process id: 0x2ca8
Faulting application start time: 0x01d2166b64f68573
Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Faulting module path: unknown
Report Id: 30e1486a-502a-4770-b2fd-a238875dcedb
Faulting package full name: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Faulting package-relative application ID: MicrosoftEdge
 
Error: (09/24/2016 08:53:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: PSUAMain.exe, version: 4.0.0.646, time stamp: 0x56291049
Faulting module name: CC3290MT.DLL, version: 9.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x000193ee
Faulting process id: 0x2d44
Faulting application start time: 0x01d21660b36d2be8
Faulting application path: C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
Faulting module path: C:\Program Files (x86)\Panda Security\Panda Security Protection\CC3290MT.DLL
Report Id: 2414c1c0-712f-4029-9b91-8923ca13c811
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (09/24/2016 08:16:53 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Error: (09/24/2016 07:39:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_MapsBroker, version: 10.0.14393.0, time stamp: 0x57899b1c
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x8400000f
Fault offset: 0x0000000000000000
Faulting process id: 0x2ebc
Faulting application start time: 0x01d2166095987a25
Faulting application path: C:\WINDOWS\System32\svchost.exe
Faulting module path: unknown
Report Id: 7b854a57-f542-419b-8d68-32edbbab9e7b
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (09/23/2016 08:32:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 30922
 
Error: (09/23/2016 08:32:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 30922
 
Error: (09/23/2016 08:32:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (09/23/2016 08:31:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15562
 
Error: (09/23/2016 08:31:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15562
 
 
System errors:
=============
Error: (09/24/2016 09:41:55 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200b: Hewlett-Packard  - Imaging, Other hardware - Null Print - HP Photosmart 7520 series.
 
Error: (09/24/2016 09:05:59 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (09/24/2016 09:05:59 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (09/24/2016 09:05:57 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (09/24/2016 09:05:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AODDriver4.2.0 service failed to start due to the following error: 
The system cannot find the file specified.
 
Error: (09/24/2016 07:41:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Downloaded Maps Manager service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (09/24/2016 07:33:29 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (09/24/2016 07:33:29 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (09/24/2016 07:33:27 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (09/23/2016 08:31:25 PM) (Source: DCOM) (EventID: 10010) (User: PC)
Description: The server {D63B10C5-BB46-4990-A94F-E40B9D520160} did not register with DCOM within the required timeout.
 
 
==================== Memory info =========================== 
 
Processor: AMD A10-5745M APU with Radeon™ HD Graphics 
Percentage of memory in use: 48%
Total physical RAM: 5336.26 MB
Available physical RAM: 2764.33 MB
Total Virtual: 6232.26 MB
Available Virtual: 3099.76 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:668.68 GB) (Free:526.27 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (RECOVERY) (Fixed) (Total:28.33 GB) (Free:2.82 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: () (Removable) (Total:14.83 GB) (Free:14.83 GB) FAT32
Drive g: (FreeAgent Drive) (Fixed) (Total:298.09 GB) (Free:215.56 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 44766419)
 
Partition: GPT.
 
========================================================
Disk: 1 (Size: 14.8 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
========================================================
Disk: 2 (Size: 298.1 GB) (Disk ID: A4B57300)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

 

 


  • 0

Advertisements


#2
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions! :)



Next

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the logfile button and the log will open in Notepad.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished and the PC has rebooted.
  • Please post the content of that log file with your next answer.
  • The report will be saved in the C:\AdwCleaner folder.

    Next
    Please download Junkware Removal Tool to your Desktop.
    Please close your security software to avoid potential conflicts. See Here how to disable you security protection (Anti Virus)
    Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
    The tool will open and start scanning your system.
    Please be patient as this can take a while to complete, depending on your system's specifications.
    On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
    Please post the contents of JRT.txt into your reply.

    Next


  • Please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mbam-setup-version.exe and follow the prompts to install the program.
  • Launch Malwarebytes Anti-Malware
  • Then click Finish.
  • If an update is found, you will be prompted to download and install the latest version.
  • Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
  • When the scan is complete , make sure that that all Threats are selected, and click Remove Selected.
  • Reboot your computer if prompted.


    Posting the Malwarebytes log.

    [list]
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • post that saved log to your next reply.

    In your next reply post;
  • The AdwCleaner [C1].txt Log
  • The JRT.txt Log
  • Malwarebyteslog

  • 0

#3
SumMom

SumMom

    Member

  • Topic Starter
  • Member
  • PipPip
  • 41 posts

Hi zep516!

 

Thanks for your help.

 

# AdwCleaner v6.020 - Logfile created 30/09/2016 at 07:53:53
# Updated on 14/09/2016 by ToolsLib
# Database : 2016-09-28.1 [Server]
# Operating System : Windows 10 Home  (X64)
# Username : Owner - PC
# Running from : C:\Users\Owner\Desktop\AdwCleaner.exe
# Mode: Clean
 
 
 
***** [ Services ] *****
 
 
 
***** [ Folders ] *****
 
[-] Folder deleted: C:\Users\Owner\AppData\LocalLow\iac
[-] Folder deleted: C:\Users\Owner\AppData\LocalLow\pandasecuritytb
[#] Folder deleted on reboot: C:\Users\Owner\AppData\LocalLow\IAC
[-] Folder deleted: C:\Program Files (x86)\pandasecuritytb
[-] Folder deleted: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
 
 
***** [ Files ] *****
 
 
 
***** [ DLL ] *****
 
 
 
***** [ WMI ] *****
 
 
 
***** [ Shortcuts ] *****
 
 
 
***** [ Scheduled Tasks ] *****
 
 
 
***** [ Registry ] *****
 
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
[-] Value deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}]
 
 
***** [ Web browsers ] *****
 
[-] [C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: chfdnecihphmhljaaejmgoiahnihplgn
 
 
*************************
 
:: "Tracing" keys deleted
:: Winsock settings cleared
 
*************************
 
C:\AdwCleaner\AdwCleaner[C0].txt - [1908 Bytes] - [30/09/2016 07:53:53]
C:\AdwCleaner\AdwCleaner[S0].txt - [2135 Bytes] - [30/09/2016 07:50:36]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2054 Bytes] ##########
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.8 (09.20.2016)
Operating System: Windows 10 Home x64 
Ran by Owner (Administrator) on Fri 09/30/2016 at  8:12:14.43
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 15 
 
Successfully deleted: C:\ProgramData\iobit\driver booster (Folder) 
Successfully deleted: C:\ProgramData\productdata (Folder) 
Successfully deleted: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj (Folder) 
Successfully deleted: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjebfgojnlefhdgmomncgjglmdckngij (Folder) 
Successfully deleted: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bmnlcjabgnpnenekpadlanbbkooimhnj (Folder) 
Successfully deleted: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bmnlcjabgnpnenekpadlanbbkooimhnj_0.localstorage-journal (File) 
Successfully deleted: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bmnlcjabgnpnenekpadlanbbkooimhnj_0.localstorage (File) 
Successfully deleted: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hjebfgojnlefhdgmomncgjglmdckngij_0.localstorage-journal (File) 
Successfully deleted: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hjebfgojnlefhdgmomncgjglmdckngij_0.localstorage (File) 
Successfully deleted: C:\Users\Owner\AppData\Local\innovative solutions (Folder) 
Successfully deleted: C:\Users\Owner\AppData\Roaming\innovative solutions (Folder) 
Successfully deleted: C:\Users\Owner\AppData\Roaming\iobit\driver booster (Folder) 
Successfully deleted: C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (Owner) (Task)
Successfully deleted: C:\WINDOWS\system32\Tasks\DriverMaxAgent (Task)
Successfully deleted: C:\WINDOWS\wininit.ini (File) 
 
 
 
Registry: 1 
 
Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_721577D41E77D440C916E2687EBA0267 (Registry Value) 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 09/30/2016 at  8:20:52.85
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
  • Malwarebytes found nothing.. 

Next sir?  

 

  • 0

#4
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
Hello,

I'm off to work, I'll check back upon return.

A few items to fix

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Open notepad (Start =>All Programs => Accessories => Notepad).
Copy/Paste the contents of the code box below into Notepad.

start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
GroupPolicyScripts-x32: Restriction <======= ATTENTION
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-3571816096-2060556278-31395193-1002 -> {9885AF27-A56B-4AF8-8294-270C03007661} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-3571816096-2060556278-31395193-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
Toolbar: HKU\S-1-5-21-3571816096-2060556278-31395193-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
C:\Windows\Tasks\{A1E1687E-D899-4739-9B41-F1FD35D7E492}.job
C:\Users\Owner\AppData\Local\Temp\AcDeltree.exe
Task: {088726A0-A221-4D37-9CA0-66CF0B422E23} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {0D778531-F309-493F-B908-FE28FB7F3606} - \YCMServiceAgent -> No File <==== ATTENTION
Task: {0ECCCD2A-597A-4459-A61A-363C978C9A10} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {0F0C67EC-8E5A-4C25-B3F3-1F73DF489C9B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {2DA7BE35-1F3C-443F-9695-4104B8582160} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {3924BA5F-FDB3-43D6-92C5-87F41A1CCC8D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {67942D69-0812-4412-994A-FFC9AF27E0BB} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {991BBBBB-EBDF-485C-B498-4A823DBADC3A} - \{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4} -> No File <==== ATTENTION
Task: {9D1444AC-0A5C-486E-BB52-BCCC46B0BFF4} - \WPD\SqmUpload_S-1-5-21-3571816096-2060556278-31395193-1002 -> No File <==== ATTENTION
Task: {C7584784-086B-4731-8793-6901F0950842} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {E71854BD-6AEF-425B-9355-927837005826} - \Microsoft OneDrive Auto Update Task-S-1-5-21-3571816096-2060556278-31395193-1002 -> No File <==== ATTENTION
Task: {E8750D5A-1AA6-4BFB-A681-B9CE7FC21B07} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {F611FBA4-AC6A-4BAB-B8DB-CC32414281CF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {F808D0D3-C894-4B4F-BA3E-5B63E3522E3C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {FFE1B373-6E5A-4BBB-9E89-4F8D86D9C60F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:0FF263E8 [132]
CMD: netsh winsock reset catalog
CMD: ipconfig /flushdns
CMD: netsh winsock reset all
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
hosts:
Emptytemp:
  • Click Format and ensure Wordwrap is unchecked.
  • Save as Fixlist.txt to your Desktop (Must be in this location)
  • Run FRST/FRST64 and press the Fix button just once and wait.
  • If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
  • The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.
  • 0

#5
SumMom

SumMom

    Member

  • Topic Starter
  • Member
  • PipPip
  • 41 posts

.


Edited by SumMom, 30 September 2016 - 10:10 AM.

  • 0

#6
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
FRST is Farber Recovery Scan Tool is the program you originally used to scan and post the log reports


FRST will look like this on your desktop.
index_zpsae74eeb3.png

And when you open FRST it looks like this
frst.JPG
  • 0

#7
SumMom

SumMom

    Member

  • Topic Starter
  • Member
  • PipPip
  • 41 posts

Thanks.  I remembered after I posted.

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 28-09-2016
Ran by Owner (30-09-2016 11:10:36) Run:1
Running from C:\Users\Owner\Desktop
Loaded Profiles: Owner (Available Profiles: Owner & Administrator)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
GroupPolicyScripts-x32: Restriction <======= ATTENTION
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-3571816096-2060556278-31395193-1002 -> {9885AF27-A56B-4AF8-8294-270C03007661} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-3571816096-2060556278-31395193-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
Toolbar: HKU\S-1-5-21-3571816096-2060556278-31395193-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
C:\Windows\Tasks\{A1E1687E-D899-4739-9B41-F1FD35D7E492}.job
C:\Users\Owner\AppData\Local\Temp\AcDeltree.exe
Task: {088726A0-A221-4D37-9CA0-66CF0B422E23} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {0D778531-F309-493F-B908-FE28FB7F3606} - \YCMServiceAgent -> No File <==== ATTENTION
Task: {0ECCCD2A-597A-4459-A61A-363C978C9A10} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {0F0C67EC-8E5A-4C25-B3F3-1F73DF489C9B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {2DA7BE35-1F3C-443F-9695-4104B8582160} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {3924BA5F-FDB3-43D6-92C5-87F41A1CCC8D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {67942D69-0812-4412-994A-FFC9AF27E0BB} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {991BBBBB-EBDF-485C-B498-4A823DBADC3A} - \{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4} -> No File <==== ATTENTION
Task: {9D1444AC-0A5C-486E-BB52-BCCC46B0BFF4} - \WPD\SqmUpload_S-1-5-21-3571816096-2060556278-31395193-1002 -> No File <==== ATTENTION
Task: {C7584784-086B-4731-8793-6901F0950842} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {E71854BD-6AEF-425B-9355-927837005826} - \Microsoft OneDrive Auto Update Task-S-1-5-21-3571816096-2060556278-31395193-1002 -> No File <==== ATTENTION
Task: {E8750D5A-1AA6-4BFB-A681-B9CE7FC21B07} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {F611FBA4-AC6A-4BAB-B8DB-CC32414281CF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {F808D0D3-C894-4B4F-BA3E-5B63E3522E3C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {FFE1B373-6E5A-4BBB-9E89-4F8D86D9C60F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:0FF263E8 [132]
CMD: netsh winsock reset catalog
CMD: ipconfig /flushdns
CMD: netsh winsock reset all
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
hosts:
Emptytemp:
*****************
 
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
C:\WINDOWS\SysWOW64\GroupPolicy\Machine => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => key removed successfully
HKCR\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC} => key not found. 
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => key removed successfully
HKCR\Wow6432Node\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC} => key not found. 
"HKU\S-1-5-21-3571816096-2060556278-31395193-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9885AF27-A56B-4AF8-8294-270C03007661}" => key removed successfully
HKCR\CLSID\{9885AF27-A56B-4AF8-8294-270C03007661} => key not found. 
"HKU\S-1-5-21-3571816096-2060556278-31395193-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => key removed successfully
HKCR\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC} => key not found. 
HKU\S-1-5-21-3571816096-2060556278-31395193-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value removed successfully
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => key not found. 
C:\Windows\Tasks\{A1E1687E-D899-4739-9B41-F1FD35D7E492}.job => moved successfully
C:\Users\Owner\AppData\Local\Temp\AcDeltree.exe => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{088726A0-A221-4D37-9CA0-66CF0B422E23}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{088726A0-A221-4D37-9CA0-66CF0B422E23}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0D778531-F309-493F-B908-FE28FB7F3606}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D778531-F309-493F-B908-FE28FB7F3606}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YCMServiceAgent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0ECCCD2A-597A-4459-A61A-363C978C9A10}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0ECCCD2A-597A-4459-A61A-363C978C9A10}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0F0C67EC-8E5A-4C25-B3F3-1F73DF489C9B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0F0C67EC-8E5A-4C25-B3F3-1F73DF489C9B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2DA7BE35-1F3C-443F-9695-4104B8582160}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2DA7BE35-1F3C-443F-9695-4104B8582160}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3924BA5F-FDB3-43D6-92C5-87F41A1CCC8D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3924BA5F-FDB3-43D6-92C5-87F41A1CCC8D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{67942D69-0812-4412-994A-FFC9AF27E0BB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{67942D69-0812-4412-994A-FFC9AF27E0BB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{991BBBBB-EBDF-485C-B498-4A823DBADC3A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{991BBBBB-EBDF-485C-B498-4A823DBADC3A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9D1444AC-0A5C-486E-BB52-BCCC46B0BFF4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9D1444AC-0A5C-486E-BB52-BCCC46B0BFF4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-3571816096-2060556278-31395193-1002" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C7584784-086B-4731-8793-6901F0950842}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C7584784-086B-4731-8793-6901F0950842}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E71854BD-6AEF-425B-9355-927837005826}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E71854BD-6AEF-425B-9355-927837005826}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft OneDrive Auto Update Task-S-1-5-21-3571816096-2060556278-31395193-1002" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E8750D5A-1AA6-4BFB-A681-B9CE7FC21B07}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E8750D5A-1AA6-4BFB-A681-B9CE7FC21B07}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F611FBA4-AC6A-4BAB-B8DB-CC32414281CF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F611FBA4-AC6A-4BAB-B8DB-CC32414281CF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F808D0D3-C894-4B4F-BA3E-5B63E3522E3C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F808D0D3-C894-4B4F-BA3E-5B63E3522E3C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FFE1B373-6E5A-4BBB-9E89-4F8D86D9C60F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FFE1B373-6E5A-4BBB-9E89-4F8D86D9C60F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
C:\ProgramData\TEMP => ":0FF263E8" ADS removed successfully.
 
========= netsh winsock reset catalog =========
 
 
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
 
 
========= End of CMD: =========
 
 
========= ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
 
========= netsh winsock reset all =========
 
 
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
 
 
========= End of CMD: =========
 
 
========= netsh int ipv4 reset =========
 
Resetting Global, OK!
Resetting Interface, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting , failed.
Access is denied.
 
Resetting , OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
========= netsh int ipv6 reset =========
 
Resetting Interface, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting , failed.
Access is denied.
 
Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
========= RemoveProxy: =========
 
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-3571816096-2060556278-31395193-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-3571816096-2060556278-31395193-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
 
 
========= End of RemoveProxy: =========
 
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 3338048 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 58927495 B
Java, Flash, Steam htmlcache => 5807 B
Windows/system/drivers => 30575470 B
Edge => 7193228 B
Chrome => 842093969 B
Firefox => 3771461 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 192822 B
NetworkService => 19178 B
Owner => 562822460 B
Administrator => 9826 B
 
RecycleBin => 8542742 B
EmptyTemp: => 1.4 GB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 11:19:34 ====
 
Thank you!

  • 0

#8
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
In Chrome browser, type or just copy an paste in the address bar-> chrome://net-internals/#dns and then press the Clear host cache button.

If Chrome still has an issue reset Chrome

To do that;
1.In the top-right corner of the browser window, click the Chrome menu
2.Select Settings.
3.At the bottom, click Show advanced settings.
4.Under the section "Reset settings,” click Reset settings.
5.In the dialog that appears, click Reset.
  • 0

#9
SumMom

SumMom

    Member

  • Topic Starter
  • Member
  • PipPip
  • 41 posts

Hi zep!  Thanks for all your help.  Things are behaving much better now.  

 

Is something supposed to happen when I click the Clear host cache button?  Nothing does.  


  • 0

#10
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
As far as I know it simply clears the cache, but does not indicate anything to the user.

I'll leave the topic open for a day or so in case anything else comes up.

Thanks
Joe :)
  • 0

Advertisements


#11
SumMom

SumMom

    Member

  • Topic Starter
  • Member
  • PipPip
  • 41 posts

Looks like I spoke too soon. The issue is back intermittently and response time is slow when loaded sites.  No other devices (2 other laptops, iphones, ipads) are experiencing this.  Only this one is Windows 10 if that's info of importance.  

 

Thank you Joe!  


  • 0

#12
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
Hello,

That's why i left the topic open :)

Is this only with Chrome browser ?

Try this next before we reinstall Chrome completely


Download zoek.exe to your Desktop: http://hijackthis.nl/smeenk/
Important: Disable your AntiVirus and AntiSpyware programs, so they do not interfere with the running of Zoek.exe.

right-click Zoek.exe and select: Run as Administrator
give it a few seconds to appear
copy/paste the entire script inside the codebox below into the input field of Zoek:
autoclean;
emptyalltemp;
emptyclsid;
  • close any open programs.
  • click the Run script button, and wait. It takes a few minutes to run.
  • when the tool finishes, the zoek-results.log is opened in Notepad: the log can also be found on the systemdrive, normally C:\
  • if a reboot is needed, the log will be opened after the reboot.


    Next download Chrome clean up tool
    https://www.google.c...e/cleanup-tool/

    Let me know how things are after.

  • 0

#13
SumMom

SumMom

    Member

  • Topic Starter
  • Member
  • PipPip
  • 41 posts

You're so smart.  Mozilla Firefox and IE are also slow, but sites do open eventually.  I did run Zoek.exe, but it seems to have stalled and no log opened.  I'll let it run longer.  Here's where it is at 12:37pm

 

 
Zoek.exe v5.0.0.1 Updated 19-September-2016
Tool run by Owner on Sat 10/01/2016 at 11:25:39.27.
Microsoft Windows 10 Home 10.0.14393  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Owner\Desktop\zoek.exe [Scan all users] [Script inserted] 
 
===== Runcheck 11:47:02.63 =====
 
--- Create Environment Variables 11:47:55.64 
--- Create System Restore Point 11:51:29.63 
--- Checking Input 11:53:42.21 
--- AU AppData Check 12:06:17.81 
--- Remove From Windows Installer 12:08:16.87 

  • 0

#14
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
Sounds like it did stall. Might have to reboot and try 1 more time to run it. If it still has issue we probably should reinstall Chrome and start fresh. I'll provide those instructions now. You will need to save your bookmarks if there important to you.


Re-install Chrome

If you have bookmarks, let's save them by exporting them - Export Bookmarks
1. Now we need to uninstall chrome via control panel .
Note: When asked about user data or settings you must remove this also so please check the box.
2. Restart the computer and reinstall chrome, You can download The latest version from here - Google Chrome
3. Import your bookmarks back into Chrome
4. Sign back in to your Chrome browser so that your bookmarks sync with your online account.


Lets work on Chrome and then we can take a look at Firefox an IE. Resetting them may help
  • 0

#15
SumMom

SumMom

    Member

  • Topic Starter
  • Member
  • PipPip
  • 41 posts

I clicked on Run Script again right after I posted that and it informed me that it is still running.  It is now 3:50p and it posted a message at 15:12 so it is still running.  I'll just let it run, I'm not going anywhere.  Thanks Joe!


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP