hi! i have no idea how i got infected, except that my only anti-virus software has been the Windows Defender that was included with Windows 8.1.
Windows Defender stopped being able to download updates last week; I ran a scan with the free version of Malwarebytes and it didn't find anything. I ran the Windows Defender scan and it couldn't find anything either. But after running those two scans, it was possible to update Windows Defender.
I use my laptop for work, so I'm not opposed to paying for a good anti-virus and/or firewall if that's helpful. I'm okay with computers but not super literate with anything beyond the task manager.
geeks to go has helped me a lot in the past (although i can't remember my password for that account so i'm starting anew).
i'm running windows 8.1 on a a Dell Inspiron 15 on a dual-boot system with linux on the other partition. i also just noticed that the flashing is happening on my linux system as well.
best -- elucidave
******************
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by Admin (administrator) on INSPIRONLAPTOP (27-03-2017 11:23:15)
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin (Available Profiles: Admin)
Platform: Windows 8.1 Pro (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161240 2016-05-21] (IvoSoft)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-12-06] (Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [PowerPDF Registry Controller] => C:\Program Files (x86)\Nuance\Power PDF\RegistryController.exe [264416 2016-06-16] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [NuanPowerPdf1NPDFLM] => C:\Program Files (x86)\Nuance\Power PDF\NPDFLM.exe [3456552 2016-06-16] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Nuance Power PDF Standard-reminder] => "C:\Program Files (x86)\Nuance\Power PDF\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\Power PDF Standard\Ereg\Ereg.ini"
HKU\S-1-5-21-2595207769-2048167824-387481639-1001\...\Run: [Spotify Web Helper] => C:\Users\Admin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-03-20] (Spotify Ltd)
HKU\S-1-5-21-2595207769-2048167824-387481639-1001\...\Policies\Explorer: []
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{0AE28A2F-AA3D-45A5-A994-C9CAE78CFA81}: [DhcpNameServer] 75.75.75.75 8.8.8.8 10.0.0.254
Tcpip\..\Interfaces\{6185E5D0-3A50-47A6-A84C-6C92456C259A}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{A425378D-3EA4-4A75-9916-37ED23A6D358}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://www.google.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://www.google.com/
HKU\S-1-5-21-2595207769-2048167824-387481639-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/
HKU\S-1-5-21-2595207769-2048167824-387481639-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://www.google.com/
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2016-05-23] (IObit)
BHO: Nuance PDF Conversion Toolbar Helper -> {940361F8-7F16-4498-AB43-2EFFE0235AFA} -> C:\Program Files (x86)\Nuance\Power PDF\Bin\SZeonIEFavClient_x64.dll [2016-05-13] (Zeon Corporation)
BHO: PlusIEEventHelper Class -> {9D137966-2E29-45C5-9B12-29D5427F8F66} -> C:\Program Files (x86)\Nuance\Power PDF\Bin\PlusIEContextMenu_x64.dll [2016-06-03] (Zeon Corporation)
BHO-x32: Nuance PDF Conversion Toolbar Helper -> {940361F8-7F16-4498-AB43-2EFFE0235AFA} -> C:\Program Files (x86)\Nuance\Power PDF\Bin\SZeonIEFavClient.dll [2016-05-13] (Zeon Corporation)
BHO-x32: PlusIEEventHelper Class -> {9D137966-2E29-45C5-9B12-29D5427F8F66} -> C:\Program Files (x86)\Nuance\Power PDF\Bin\PlusIEContextMenu.dll [2016-06-03] (Zeon Corporation)
Toolbar: HKLM - Nuance PDF Toolbar - {BED78D9C-A025-4FE9-B3BA-27E6D376A3D5} - C:\Program Files (x86)\Nuance\Power PDF\Bin\SZeonIEFavClient_x64.dll [2016-05-13] (Zeon Corporation)
Toolbar: HKLM-x32 - Nuance PDF Toolbar - {BED78D9C-A025-4FE9-B3BA-27E6D376A3D5} - C:\Program Files (x86)\Nuance\Power PDF\Bin\SZeonIEFavClient.dll [2016-05-13] (Zeon Corporation)
FireFox:
========
FF DefaultProfile: 9wxklc6i.default
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9wxklc6i.default [2017-03-27]
FF Homepage: Mozilla\Firefox\Profiles\9wxklc6i.default -> hxxps://www.google.com/
FF Extension: (All Aboard) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9wxklc6i.default\Extensions\@all-aboard-v1-5.xpi [2017-02-03]
FF Extension: (Site Deployment Checker) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9wxklc6i.default\features\{b80fb4a2-91fb-44d5-a4a3-5ef06a32dad1}\[email protected] [2017-03-26]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Nuance\Power PDF\bin\SFirefoxExtn
FF Extension: (Nuance PDF Create) - C:\Program Files (x86)\Nuance\Power PDF\bin\SFirefoxExtn [2017-02-06]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-14] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.11.2571 -> C:\Program Files (x86)\Ringz Studio\Storm Codec\Plugins\nppl3260.dll [2006-10-18] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.1739 -> C:\Program Files (x86)\Ringz Studio\Storm Codec\Plugins\nprpjplug.dll [2006-10-18] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.netflix.com/"
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2017-03-26]
CHR Extension: (Google Slides) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-06]
CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-06]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-06]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-06]
CHR Extension: (Google Sheets) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-06]
CHR Extension: (Google Docs Offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-06]
CHR Extension: (AdBlock) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-03-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-16]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-06]
CHR Extension: (Chrome Media Router) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-10]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373752 2016-11-04] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel® Corporation)
R2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [360736 2016-10-28] (IObit)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [120312 2014-06-03] (Intel Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [251840 2017-03-27] (Malwarebytes)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-25] (Intel Corporation)
S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [3860224 2015-08-05] (Realtek Semiconductor Corporation )
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-27 11:23 - 2017-03-27 11:23 - 00012519 _____ C:\Users\Admin\Desktop\FRST.txt
2017-03-27 11:23 - 2017-03-27 11:23 - 00000000 ____D C:\FRST
2017-03-27 11:22 - 2017-03-27 11:22 - 02424832 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2017-03-27 11:22 - 2017-03-27 11:22 - 02424832 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2017-03-20 23:10 - 2017-03-20 23:10 - 00001753 _____ C:\Users\Admin\Desktop\chrome.exe - Shortcut.lnk
2017-03-16 17:51 - 2017-03-04 01:01 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-03-16 17:51 - 2017-03-04 00:59 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-03-16 17:51 - 2017-03-04 00:48 - 25746944 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-03-16 17:51 - 2017-03-04 00:45 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-03-16 17:51 - 2017-03-04 00:44 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-03-16 17:51 - 2017-03-04 00:31 - 06045696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-03-16 17:51 - 2017-03-04 00:05 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-03-16 17:51 - 2017-03-03 23:54 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-03-16 17:51 - 2017-03-03 23:26 - 15259648 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-03-16 17:51 - 2017-03-03 23:25 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-03-16 17:51 - 2017-03-03 23:12 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-03-16 17:51 - 2017-03-03 23:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-03-16 17:51 - 2017-03-03 21:18 - 20281856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-03-16 17:51 - 2017-03-02 11:01 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-03-16 17:51 - 2017-03-02 10:55 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-03-16 17:51 - 2017-03-02 10:49 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-03-16 17:51 - 2017-03-02 10:25 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-03-16 17:51 - 2017-03-02 10:22 - 04604416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-03-16 17:51 - 2017-03-02 10:19 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-03-16 17:51 - 2017-03-02 10:11 - 13654528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-03-16 17:51 - 2017-03-02 09:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-03-16 17:51 - 2017-03-02 09:50 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-03-16 17:51 - 2017-03-02 09:50 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-03-16 17:51 - 2017-02-11 12:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-03-16 17:51 - 2017-02-10 22:12 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-03-16 17:51 - 2017-02-10 22:12 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2017-03-16 17:51 - 2017-02-10 22:00 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-03-16 17:51 - 2017-02-10 21:58 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-03-16 17:51 - 2017-02-10 21:56 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-03-16 17:51 - 2017-02-10 12:09 - 04169728 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-03-16 17:51 - 2017-02-09 22:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-03-16 17:51 - 2017-02-09 22:10 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-03-16 17:51 - 2017-02-09 22:09 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2017-03-16 17:51 - 2017-02-09 22:08 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-03-16 17:51 - 2017-02-09 22:01 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-03-16 17:51 - 2017-02-09 22:00 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-03-16 17:51 - 2017-02-09 21:59 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-03-16 17:51 - 2017-02-09 18:31 - 01549144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-03-16 17:51 - 2017-02-09 17:12 - 01375960 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-03-16 17:51 - 2017-02-09 08:28 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-03-16 17:51 - 2017-02-09 08:19 - 01377792 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-03-16 17:51 - 2017-02-09 08:16 - 01560064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-03-16 17:51 - 2017-02-09 08:16 - 01094656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-03-16 17:51 - 2017-02-09 07:59 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2017-03-16 17:51 - 2017-02-09 07:58 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2017-03-16 17:51 - 2017-02-09 07:58 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2017-03-16 17:51 - 2017-02-04 13:32 - 07444832 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-03-16 17:51 - 2017-02-04 13:30 - 01663184 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-03-16 17:51 - 2017-02-04 13:30 - 01523216 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2017-03-16 17:51 - 2017-02-04 13:30 - 01490128 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-03-16 17:51 - 2017-02-04 13:30 - 01358960 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2017-03-16 17:51 - 2017-02-04 12:32 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2017-03-16 17:51 - 2017-02-04 12:30 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-03-16 17:51 - 2017-02-04 11:14 - 01001472 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-03-16 17:51 - 2017-02-04 10:50 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2017-03-16 17:51 - 2017-02-04 10:40 - 01754112 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2017-03-16 17:51 - 2017-02-04 10:32 - 00584704 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2017-03-16 17:51 - 2017-02-04 10:17 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2017-03-16 17:51 - 2017-02-04 10:10 - 01491456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2017-03-16 17:51 - 2017-02-04 10:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2017-03-16 17:51 - 2017-01-21 14:37 - 00567152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-03-16 17:51 - 2017-01-21 12:27 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-03-16 17:51 - 2017-01-21 12:27 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\auditpolmsg.dll
2017-03-16 17:51 - 2017-01-21 12:27 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-03-16 17:51 - 2017-01-21 12:22 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-03-16 17:51 - 2017-01-21 12:20 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-03-16 17:51 - 2017-01-21 11:40 - 00756736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-03-16 17:51 - 2017-01-21 11:40 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpolmsg.dll
2017-03-16 17:51 - 2017-01-21 11:40 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-03-16 17:51 - 2017-01-21 11:37 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-03-16 17:51 - 2017-01-21 10:58 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-03-16 17:51 - 2017-01-21 10:48 - 01437696 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-03-16 17:51 - 2017-01-14 10:49 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe
2017-03-16 17:51 - 2017-01-11 12:37 - 02345984 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2017-03-16 17:51 - 2017-01-10 12:08 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2017-03-16 17:51 - 2017-01-05 11:20 - 01697792 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-03-16 17:51 - 2017-01-05 11:09 - 07076864 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2017-03-16 17:51 - 2017-01-05 10:36 - 01501184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-03-16 17:51 - 2017-01-05 10:29 - 05273600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2017-03-16 17:51 - 2017-01-05 10:13 - 07796224 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-03-16 17:51 - 2017-01-05 09:57 - 05268480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-03-16 17:51 - 2016-11-09 12:22 - 00681472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-03-09 19:23 - 2015-07-30 07:04 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2017-03-09 19:23 - 2015-07-30 06:48 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-03-09 19:21 - 2017-02-23 07:50 - 00093360 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-03-09 19:21 - 2017-02-22 07:35 - 01609216 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-03-09 19:21 - 2017-02-22 07:35 - 00646656 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-02-28 09:22 - 2017-03-09 19:22 - 00000000 ____D C:\Windows\system32\appraiser
2017-02-28 01:58 - 2017-03-27 10:57 - 00251840 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-02-28 01:58 - 2017-03-14 22:57 - 00110536 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-02-28 01:58 - 2017-03-14 22:57 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-02-28 01:58 - 2017-03-14 16:03 - 00077408 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-02-28 01:58 - 2017-03-01 19:27 - 00091584 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-02-28 01:58 - 2017-02-28 01:58 - 00176584 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-02-28 01:58 - 2017-02-28 01:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-02-28 01:58 - 2017-02-28 01:58 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-28 01:58 - 2017-02-28 01:58 - 00000000 ____D C:\Program Files\Malwarebytes
2017-02-28 01:54 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2017-02-28 01:54 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2017-02-28 01:50 - 2017-02-28 01:52 - 55566792 _____ (Malwarebytes ) C:\Users\Admin\Downloads\mb3-setup-consumer-3.0.6.1469.exe
2017-02-28 01:43 - 2014-11-15 12:05 - 00801584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2017-02-28 01:43 - 2014-11-14 23:29 - 00962216 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2017-02-28 01:43 - 2014-11-13 23:57 - 01027584 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2017-02-28 01:43 - 2014-11-13 22:03 - 00885760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2017-02-28 01:43 - 2014-11-07 21:00 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2017-02-28 01:43 - 2014-11-07 21:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2017-02-28 01:43 - 2014-11-07 20:58 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2017-02-28 01:43 - 2014-11-07 20:56 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2017-02-28 01:43 - 2014-11-07 20:56 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2017-02-28 01:43 - 2014-11-07 20:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2017-02-28 01:43 - 2014-11-07 20:24 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2017-02-28 01:43 - 2014-11-07 20:13 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2017-02-28 01:43 - 2014-11-07 20:13 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2017-02-28 01:43 - 2014-11-07 20:13 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2017-02-28 01:43 - 2014-11-07 19:48 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2017-02-28 01:43 - 2014-11-07 19:09 - 00182784 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2017-02-28 01:43 - 2014-11-07 19:03 - 00733696 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2017-02-28 01:43 - 2014-11-07 18:59 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2017-02-28 01:43 - 2014-11-07 18:58 - 04837376 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2017-02-28 01:43 - 2014-11-07 18:49 - 01154048 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2017-02-28 01:43 - 2014-11-04 19:12 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\QSHVHOST.DLL
2017-02-28 01:43 - 2014-11-04 19:12 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\QSVRMGMT.DLL
2017-02-28 01:43 - 2014-11-04 19:06 - 00514048 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2017-02-28 01:43 - 2014-11-04 18:39 - 00155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSHVHOST.DLL
2017-02-28 01:43 - 2014-11-04 18:39 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSVRMGMT.DLL
2017-02-28 01:43 - 2014-11-04 18:33 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2017-02-28 01:43 - 2014-11-04 18:21 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2017-02-28 01:43 - 2014-11-04 18:14 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2017-02-28 01:43 - 2014-11-04 18:06 - 00555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2017-02-28 01:43 - 2014-11-04 12:33 - 00058176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2017-02-28 01:43 - 2014-11-03 23:27 - 00128512 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2017-02-28 01:43 - 2014-11-03 22:01 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2017-02-28 01:43 - 2014-10-28 18:55 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2017-02-28 01:43 - 2014-10-28 18:13 - 00169984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2017-02-28 01:43 - 2014-10-20 18:59 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\eventcls.dll
2017-02-28 01:43 - 2014-10-20 18:19 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eventcls.dll
2017-02-28 01:43 - 2014-10-20 17:50 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\vsstrace.dll
2017-02-28 01:43 - 2014-10-20 17:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2017-02-28 01:43 - 2014-10-20 17:31 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vsstrace.dll
2017-02-28 01:43 - 2014-10-20 17:20 - 01142272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2017-02-28 01:43 - 2014-10-16 21:56 - 00039744 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2017-02-28 01:43 - 2014-10-16 20:35 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2017-02-28 01:42 - 2017-01-18 07:35 - 01286144 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-02-28 01:42 - 2017-01-18 07:35 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-02-28 01:42 - 2017-01-18 07:35 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-02-28 01:42 - 2017-01-18 07:35 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-02-28 01:42 - 2017-01-18 07:35 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-02-28 01:42 - 2017-01-18 07:35 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-02-28 01:42 - 2016-06-03 10:11 - 00472576 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2017-02-28 01:42 - 2015-10-22 10:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2017-02-28 01:42 - 2015-10-22 10:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZST.DLL
2017-02-28 01:42 - 2015-10-22 10:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2017-02-28 01:42 - 2015-10-22 10:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2017-02-28 01:42 - 2015-10-22 09:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2017-02-28 01:42 - 2015-10-22 09:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZST.DLL
2017-02-28 01:42 - 2015-10-22 09:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2017-02-28 01:42 - 2015-10-22 09:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2017-02-28 01:41 - 2015-06-09 15:39 - 00081920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2017-02-28 01:41 - 2015-06-09 15:39 - 00053248 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2017-02-28 01:41 - 2015-06-09 15:38 - 01201664 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2017-02-28 01:41 - 2014-11-17 13:17 - 00672984 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2017-02-28 01:41 - 2014-11-13 23:54 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-27 11:20 - 2016-12-05 23:32 - 00000000 ____D C:\Users\Admin\AppData\Local\ClassicShell
2017-03-27 11:12 - 2016-12-09 23:15 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\Mozilla
2017-03-27 11:02 - 2016-12-05 23:38 - 00865068 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-27 11:02 - 2013-08-22 06:36 - 00000000 ____D C:\Windows\Inf
2017-03-27 10:57 - 2016-12-05 15:54 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-03-27 10:57 - 2016-12-05 15:54 - 00000000 __SHD C:\Users\Admin\IntelGraphicsProfiles
2017-03-27 10:57 - 2013-08-22 07:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-26 16:22 - 2016-12-20 14:57 - 00000000 ____D C:\Users\Admin\AppData\Local\Spotify
2017-03-26 11:02 - 2016-12-20 14:56 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Spotify
2017-03-25 05:12 - 2017-01-26 11:54 - 00000000 ____D C:\ProgramData\TEMP
2017-03-25 04:50 - 2017-01-20 00:25 - 00000000 ____D C:\Users\Admin\AppData\Roaming\foobar2000
2017-03-25 04:50 - 2016-12-15 23:42 - 00000000 ____D C:\Users\Admin\Documents\Cascadia Engineering
2017-03-25 04:34 - 2016-12-15 17:49 - 00000000 ____D C:\Users\Admin\AppData\Local\CutePDF Writer
2017-03-22 21:10 - 2016-12-13 22:58 - 00000000 ____D C:\ProgramData\ProductData
2017-03-22 21:03 - 2013-08-22 06:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-03-21 00:45 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\rescache
2017-03-20 18:02 - 2016-12-09 23:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-20 18:02 - 2013-08-22 07:44 - 00433520 _____ C:\Windows\system32\FNTCACHE.DAT
2017-03-18 08:14 - 2016-12-09 23:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-17 17:48 - 2016-12-05 16:19 - 00000000 ____D C:\Windows\system32\MRT
2017-03-17 17:48 - 2013-08-22 08:20 - 00000000 ____D C:\Windows\CbsTemp
2017-03-17 17:47 - 2016-12-05 16:19 - 138634176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-03-16 18:47 - 2016-12-05 23:39 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2595207769-2048167824-387481639-1001
2017-03-16 17:55 - 2013-08-22 08:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-16 17:55 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\AppReadiness
2017-03-14 23:01 - 2016-12-06 02:31 - 00004288 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-03-14 23:01 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-03-14 23:01 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\system32\Macromed
2017-03-09 21:34 - 2016-12-15 20:58 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-03-09 21:34 - 2016-12-15 20:58 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-01 20:53 - 2017-01-20 00:31 - 00000000 ____D C:\Users\Admin\Documents\foobar playlists
2017-03-01 02:20 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\AppCompat
2017-02-28 09:22 - 2016-12-16 02:43 - 00000000 ___SD C:\Windows\system32\CompatTel
2017-02-28 06:30 - 2017-01-17 15:05 - 00000000 ____D C:\Users\Admin\AppData\Local\ElevatedDiagnostics
2017-02-28 01:49 - 2016-12-13 22:58 - 00000308 _____ C:\Windows\Tasks\Uninstaller_SkipUac_Admin.job
2017-02-28 01:48 - 2016-12-05 15:53 - 00000000 ____D C:\Users\Admin\AppData\Local\Deployment
2017-02-28 01:47 - 2016-12-05 15:54 - 00000200 _____ C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-02-28 01:39 - 2016-12-06 02:29 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Files in the root of some directories =======
2017-01-20 01:01 - 2017-01-20 01:01 - 0000286 _____ () C:\ProgramData\{19D697C4-FD79-45CE-AE2E-0A3B13404FC7}_WiseFW.ini
Some files in TEMP:
====================
2016-12-09 21:12 - 2016-01-26 03:40 - 0066496 _____ (Autodesk, Inc.) C:\Users\Admin\AppData\Local\Temp\AcDeltree.exe
2016-12-15 17:46 - 2016-12-15 17:46 - 8108488 _____ () C:\Users\Admin\AppData\Local\Temp\converter.exe
2016-12-13 22:59 - 2016-12-13 22:59 - 2398688 _____ (Flexera Software LLC) C:\Users\Admin\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-03-17 23:28
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by Admin (27-03-2017 11:23:33)
Running from C:\Users\Admin\Desktop
Windows 8.1 Pro (Update) (X64) (2016-12-06 06:30:37)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Admin (S-1-5-21-2595207769-2048167824-387481639-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-2595207769-2048167824-387481639-500 - Administrator - Disabled)
Guest (S-1-5-21-2595207769-2048167824-387481639-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Malwarebytes (Disabled - Out of date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{D079CAAD-0C31-47A2-9AF5-A82F9CD9B221}) (Version: 5.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{64E6007B-1DA9-42CD-BBE4-D5FA67A7C71D}) (Version: 5.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
AutoCAD LT 2017 - English (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD LT 2017 Language Pack - English (Version: 21.0.52.0 - Autodesk) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BricsCAD V17.1.11 (x64) en_US (HKLM\...\{6C1E1910-A53D-4359-8C7F-AFD9692883B3}) (Version: 17.1.11 - Bricsys)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6229 - CDBurnerXP)
Classic Shell (HKLM\...\{D4B3454F-7529-4F5F-851D-2C36933F7D64}) (Version: 4.2.5 - IvoSoft)
CutePDF Writer 3.1 (HKLM\...\CutePDF Writer Installation) (Version: 3.1 - Acro Software Inc.)
foobar2000 v1.3.14 (HKLM-x32\...\foobar2000) (Version: 1.3.14 - Peter Pawlowski)
Google Chrome (HKLM-x32\...\{F9FA265F-947B-3778-A67B-57AC6862C8E1}) (Version: 51.0.2704.103 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Intel® Chipset Device Software (x32 Version: 10.0.22 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.30.1072 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 6.1.0.26 - IObit)
iTunes (HKLM\...\{81C96689-EA5B-4B7D-A04F-16326EC51BC2}) (Version: 12.5.4.42 - Apple Inc.)
Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 52.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 52.0.1 (x86 en-US)) (Version: 52.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.1.6284 - Mozilla)
Nuance Power PDF Standard (HKLM\...\{B9D4F5E3-82CB-4323-9C72-C46E1A7F7C35}) (Version: 2.00.6482 - Nuance Communications, Inc.)
OpenOffice 4.1.2 (HKLM-x32\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39060 - Realtek Semiconductor Corp.)
Spotify (HKU\S-1-5-21-2595207769-2048167824-387481639-1001\...\Spotify) (Version: 1.0.51.693.g6ea1e7f6 - Spotify AB)
Storm Codec (HKLM-x32\...\Storm Codec 5) (Version: 7.01.19 - BaoFeng)
StruCalc 8.0.113 (HKLM-x32\...\{19D697C4-FD79-45CE-AE2E-0A3B13404FC7}) (Version: 8.0.113 - StruCalc Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {3809B8EC-87B3-4978-94B3-42A70DC71B7E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {56AE8278-0F22-4539-8458-F70CD421AE74} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-14] (Adobe Systems Incorporated)
Task: {7B4EC214-6405-40B5-90CA-E53DD8296F6C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-06] (Google Inc.)
Task: {AF83D26C-0D43-43F0-81A9-BE98F3B9EEC0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-06] (Google Inc.)
Task: {EF7F4C27-133D-4DE1-B156-5FB6236A4CEC} - System32\Tasks\Uninstaller_SkipUac_Admin => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-12-01] (IObit)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Uninstaller_SkipUac_Admin.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-12-15 17:46 - 2016-01-22 18:57 - 00089008 _____ () C:\Windows\System32\cpwmon64.dll
2016-11-17 02:28 - 2016-11-17 02:28 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-11-17 02:28 - 2016-11-17 02:28 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-02-28 01:58 - 2017-03-14 16:03 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2016-05-10 16:30 - 2016-11-04 12:05 - 00401912 _____ () C:\Windows\system32\igfxTray.exe
2016-12-13 22:58 - 2016-06-21 20:30 - 00442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2016-12-13 22:58 - 2016-06-21 20:29 - 00210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2016-12-13 22:58 - 2016-06-21 20:29 - 00059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2016-12-13 22:58 - 2016-05-23 22:49 - 00899872 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\webres.dll
2016-12-13 22:58 - 2016-10-18 17:57 - 00631072 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\ProductStatistics.dll
2014-10-10 10:37 - 2014-10-10 10:37 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:AB1A1E3D [316]
AlternateDataStreams: C:\ProgramData\TEMP:F9CFE070 [712]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKLM\...\.scr: Bricscad.load.scr => "C:\Program Files\Bricsys\BricsCAD V17 en_US\bricscad.exe" "%1" <===== ATTENTION
HKU\.DEFAULT\Software\Classes\.scr: Bricscad.load.scr => "C:\Program Files\Bricsys\BricsCAD V17 en_US\bricscad.exe" "%1" <===== ATTENTION
HKU\S-1-5-21-2595207769-2048167824-387481639-1001\Software\Classes\.scr: Bricscad.load.scr => "C:\Program Files\Bricsys\BricsCAD V17 en_US\bricscad.exe" "%1" <===== ATTENTION
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2595207769-2048167824-387481639-1001\...\dell.com -> dell.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 06:25 - 2013-08-22 06:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2595207769-2048167824-387481639-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Nuance Power PDF Standard-reminder"
HKLM\...\StartupApproved\Run32: => "NuanPowerPdf1NPDFLM"
HKLM\...\StartupApproved\Run32: => "PowerPDF Registry Controller"
HKU\S-1-5-21-2595207769-2048167824-387481639-1001\...\StartupApproved\Run: => "DellSystemDetect"
HKU\S-1-5-21-2595207769-2048167824-387481639-1001\...\StartupApproved\Run: => "Spotify Web Helper"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{CA79725C-2E0D-4C7A-8328-C4B1CCB251C3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8A49C122-42F2-4690-826D-7B2559D31A09}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B20554B6-4F1D-4514-8623-421F56D3FDC1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{027C7512-D75B-4719-A8FD-9F65EA7B4ACB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C873581E-1B1D-4227-B5F3-375B089EAD02}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{119D800A-CB77-437A-B172-FA4BB714021C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{038CE845-4CAE-44AA-AA46-3D9B8CC5EDBD}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{5E3AE35A-0A86-485D-886F-8479C39D48C5}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{75FFF45C-8741-473E-A760-37D1504D65D7}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [{48C59BFC-2981-4F3A-804D-9E1008AABBB5}] => (Allow) C:\Program Files (x86)\StruCalc\StruCalc.exe
FirewallRules: [{C064F010-C0DA-40F5-AAA5-F8B391948601}] => (Allow) C:\Program Files (x86)\StruCalc\StruCalc.exe
FirewallRules: [{A826FE54-763D-45CF-9B42-64284C6AB692}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
08-03-2017 06:16:48 Scheduled Checkpoint
17-03-2017 17:47:15 Windows Update
==================== Faulty Device Manager Devices =============
Name: HID-compliant touch pad
Description: HID-compliant touch pad
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/27/2017 11:01:20 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Nuance\Power PDF\NPDFAssist.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (03/26/2017 04:18:46 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Nuance\Power PDF\NPDFAssist.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (03/25/2017 04:18:03 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: The volume Recovery was not optimized because an error was encountered: The parameter is incorrect. (0x80070057)
Error: (03/25/2017 04:03:07 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: The volume Recovery was not optimized because an error was encountered: The parameter is incorrect. (0x80070057)
Error: (03/25/2017 02:49:22 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: The volume Recovery was not optimized because an error was encountered: The parameter is incorrect. (0x80070057)
Error: (03/25/2017 01:42:31 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Nuance\Power PDF\NPDFAssist.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (03/24/2017 03:41:36 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Nuance\Power PDF\NPDFAssist.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (03/23/2017 05:12:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: StruCalc.exe, version: 8.0.113.0, time stamp: 0x51f960e0
Faulting module name: KERNELBASE.dll, version: 6.3.9600.18340, time stamp: 0x5736541b
Exception code: 0xe0434f4d
Fault offset: 0x00014878
Faulting process id: 0x1128
Faulting application start time: 0x01d2a43188e8e921
Faulting application path: C:\Program Files (x86)\StruCalc\StruCalc.exe
Faulting module path: C:\Windows\SYSTEM32\KERNELBASE.dll
Report Id: 81a77443-1026-11e7-829e-780cb8581bae
Faulting package full name:
Faulting package-relative application ID:
Error: (03/23/2017 08:29:05 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Nuance\Power PDF\NPDFAssist.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (03/22/2017 09:12:24 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Nuance\Power PDF\NPDFAssist.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
System errors:
=============
Error: (03/25/2017 04:18:53 AM) (Source: DCOM) (EventID: 10010) (User: INSPIRONLAPTOP)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.
Error: (03/25/2017 04:18:23 AM) (Source: DCOM) (EventID: 10010) (User: INSPIRONLAPTOP)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.
Error: (03/25/2017 04:03:59 AM) (Source: DCOM) (EventID: 10010) (User: INSPIRONLAPTOP)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.
Error: (03/25/2017 04:03:29 AM) (Source: DCOM) (EventID: 10010) (User: INSPIRONLAPTOP)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.
Error: (03/25/2017 02:50:07 AM) (Source: DCOM) (EventID: 10010) (User: INSPIRONLAPTOP)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.
Error: (03/25/2017 02:49:37 AM) (Source: DCOM) (EventID: 10010) (User: INSPIRONLAPTOP)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.
Error: (03/24/2017 04:10:47 PM) (Source: DCOM) (EventID: 10010) (User: INSPIRONLAPTOP)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.
Error: (03/24/2017 04:10:17 PM) (Source: DCOM) (EventID: 10010) (User: INSPIRONLAPTOP)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.
Error: (03/23/2017 09:24:27 AM) (Source: DCOM) (EventID: 10010) (User: INSPIRONLAPTOP)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.
Error: (03/23/2017 08:38:16 AM) (Source: DCOM) (EventID: 10010) (User: INSPIRONLAPTOP)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.
==================== Memory info ===========================
Processor: Intel® Core i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 21%
Total physical RAM: 8102.61 MB
Available physical RAM: 6361.39 MB
Total Virtual: 9382.61 MB
Available Virtual: 7777.03 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.36 GB) (Free:153.19 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: ABC9900C)
Partition: GPT.
==================== End of Addition.txt ============================
Edited by elucidave, 27 March 2017 - 04:56 PM.