Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Spyware redirects my search to a different site.

Started by TGMcCallie , May 11 2017 11:20 PM

  • This topic is locked This topic is locked

#1
TGMcCallie
Posted 11 May 2017 - 11:20 PM

TGMcCallie

    Member

  • Member
  • PipPip
  • 30 posts

Only happens on e-bay.com........

 

I go to e-bay.com and it opens.  I type a item in the search option and I am instantly redirected to: pages.ebay.com.  I do not open up the

pages.ebay.com page but instead I close it out by checking the Red X., the pages.ebay.com redirect is closed and then I am taken back to

the e-bay original page.

 

Every time that I search for another item, I am redirected to the pages.ebay.com but when I close it out I am sent to the search page that I 

requested.

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-05-2017
Ran by Tom (administrator) on DESKTOP-Q1AN705 (12-05-2017 01:08:10)
Running from C:\Users\Tom\Desktop
Loaded Profiles: Tom (Available Profiles: defaultuser0 & Tom)
Platform: Windows 10 Home Version 1703 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki119560.inf_amd64_5a492b6b44b20fba\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Schneider Electric) C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avp.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki119560.inf_amd64_5a492b6b44b20fba\IntelCpHDCPSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Online Connect\iocHelperService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Intel\Intel® Online Connect Access\IntelTechnologyAccessService.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel® Corporation) C:\Program Files\Intel\Intel® Online Connect Access\LegacyCsLoaderService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Ready Mode Technology\IRMTService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Schneider Electric) C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki119560.inf_amd64_5a492b6b44b20fba\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.0_none_1a733a82001933cc\TiWorker.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki119560.inf_amd64_5a492b6b44b20fba\igfxEM.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_1.8.0.0_x64__8wekyb3d8bbwe\Microsoft.StickyNotes.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avpui.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILIE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILIE.EXE
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
() C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD15Agent.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
(Schneider Electric) C:\Program Files (x86)\APC\PowerChute Personal Edition\apcsystray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\wmi64.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9039880 2016-10-28] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [320584 2016-10-31] (Intel Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [567088 2016-10-14] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [936368 2016-10-19] (Waves Audio Ltd.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8029576 2016-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [421768 2016-04-25] (Acronis International GmbH)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7382232 2016-10-14] ()
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Display] => C:\Program Files (x86)\APC\PowerChute Personal Edition\DataCollectionLauncher.exe [284024 2012-01-24] (Schneider Electric)
HKLM-x32\...\Run: [PowerDVD15Agent] => C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD15Agent.exe [958504 2016-09-14] (CyberLink Corp.)
HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [RUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [115048 2011-09-20] (Renesas Electronics Corporation)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist Corporate\1165\G2AWinLogon_x64.dll (Citrix Systems, Inc.)
HKU\S-1-5-21-794965033-3937228011-3467878875-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9532120 2017-04-10] (Piriform Ltd)
HKU\S-1-5-21-794965033-3937228011-3467878875-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILIE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-794965033-3937228011-3467878875-1001\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILIE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-794965033-3937228011-3467878875-1001\...\Run: [NETGEARGenie] => C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [611584 2016-03-09] (NETGEAR Inc.)
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILIE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILIE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-03-18] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-03-18] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-03-18] (Acronis)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\APC UPS Status.lnk [2017-04-16]
ShortcutTarget: APC UPS Status.lnk -> C:\Program Files (x86)\APC\PowerChute Personal Edition\Display.exe (Schneider Electric)
Startup: C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2017-04-21]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7328d964-b2ee-4657-a6b2-171879d6f9eb}: [DhcpNameServer] 192.168.240.1
Tcpip\..\Interfaces\{810517e1-088c-49fc-becb-f260d5c5b8f1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f7e641dc-1a69-4797-8d48-1d41c9267ef4}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Internet Explorer:
==================
HKU\S-1-5-21-794965033-3937228011-3467878875-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.cbsnews.com/
HKU\S-1-5-21-794965033-3937228011-3467878875-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-794965033-3937228011-3467878875-1001 -> DefaultScope {D62C52C7-4408-4FF8-BF8B-440C6DF1968D} URL =
SearchScopes: HKU\S-1-5-21-794965033-3937228011-3467878875-1001 -> {D62C52C7-4408-4FF8-BF8B-440C6DF1968D} URL =
BHO: Kaspersky Protection -> {0E2877D3-2641-4970-B794-A553E295428D} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\IEExt\ie_plugin.dll [2017-04-29] (AO Kaspersky Lab)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-11] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-11] (Microsoft Corporation)
BHO-x32: Kaspersky Protection -> {0E2877D3-2641-4970-B794-A553E295428D} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\IEExt\ie_plugin.dll [2017-04-29] (AO Kaspersky Lab)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-05-11] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-05-11] (Microsoft Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\IEExt\ie_plugin.dll [2017-04-29] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\IEExt\ie_plugin.dll [2017-04-29] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Toolbar: HKU\S-1-5-21-794965033-3937228011-3467878875-1001 -> No Name - {093F479D-712E-46CD-9E06-62E734A05F68} -  No File
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2016-01-04] (Belarc, Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-11] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-11] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-11] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-11] (Microsoft Corporation)
Edge:
======
Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.9.0_neutral__d55gg7py3s0m0 [2017-04-14]
FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-04-29]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2017-05-06] [not signed]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-04-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-04-26] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems Inc.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
CHR HKLM-x32\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1244408 2016-10-14] ()
S2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2016-12-06] ()
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [4463592 2017-04-14] ()
R2 APC Data Service; C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe [21880 2012-01-24] (Schneider Electric)
R2 APC UPS Service; C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe [705912 2012-01-24] (Schneider Electric)
R2 AVP18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avp.exe [354672 2017-01-24] (AO Kaspersky Lab)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3801280 2017-05-04] (Microsoft Corporation)
R3 cphs; C:\WINDOWS\System32\DriverStore\FileRepository\ki119560.inf_amd64_5a492b6b44b20fba\IntelCpHeciSvc.exe [284144 2016-11-25] (Intel Corporation)
R2 cplspcon; C:\WINDOWS\System32\DriverStore\FileRepository\ki119560.inf_amd64_5a492b6b44b20fba\IntelCpHDCPSvc.exe [462832 2016-11-25] (Intel Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-13] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-13] (Dropbox, Inc.)
S2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2016-12-21] (Dell Inc.)
S2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [97616 2017-01-11] (Dell)
S2 Dell Help & Support; C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe [77648 2016-12-22] (Dell Inc.)
S2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [120872 2017-04-07] (Dell)
S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2017-04-11] (Dell Inc.)
S2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488 2017-04-11] (Dell Inc.)
S2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [230248 2016-09-22] (Dell Inc.)
R2 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [677376 2016-08-02] (SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
S3 GoToAssist; C:\Program Files (x86)\Citrix\GoToAssist Corporate\1165\G2AC_Service.exe [309720 2017-05-05] (Citrix Systems, Inc.)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2016-10-31] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\System32\DriverStore\FileRepository\ki119560.inf_amd64_5a492b6b44b20fba\igfxCUIService.exe [324592 2016-11-25] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel® Corporation)
S3 Intel® Online Connect; C:\Program Files\Intel\Intel® Online Connect\ioc.exe [25824 2016-10-04] (Intel Corporation)
R2 Intel® Online Connect Helper; C:\Program Files\Intel\Intel® Online Connect\iocHelperService.exe [22752 2016-10-04] (Intel Corporation)
S3 Intel® Online Connect Software Asset Manager; C:\Program Files (x86)\Intel\Intel® Online Connect Access\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-09-29] (Intel Corporation)
R2 Intel® TechnologyAccessLegacyCSLoader; C:\Program Files\Intel\Intel® Online Connect Access\LegacyCsLoaderService.exe [173288 2016-10-05] (Intel® Corporation)
R2 Intel® TechnologyAccessService; C:\Program Files\Intel\Intel® Online Connect Access\IntelTechnologyAccessService.exe [496872 2016-10-05] (Intel® Corporation)
R2 IRMTService; C:\Program Files\Intel\Intel® Ready Mode Technology\IRMTService.exe [182896 2016-10-13] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [177440 2016-10-20] (Intel Corporation)
S3 klvssbridge64_18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\vssbridge64.exe [425768 2017-04-29] (AO Kaspersky Lab)
S3 KSDE2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4884064 2015-08-11] (Acronis)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-08-04] ()
S3 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2016-03-09] (NETGEAR)
S2 Product Registration; C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [80208 2016-09-22] (Dell)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [321032 2016-10-28] (Realtek Semiconductor)
S2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [32728 2017-04-25] (Dell Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [9698296 2016-04-16] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10888944 2017-04-25] (TeamViewer GmbH)
R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [410032 2016-10-19] (Waves Audio Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-08-04] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 A6100; C:\WINDOWS\System32\drivers\A6100.sys [5004560 2016-02-17] (Realtek Semiconductor Corporation                           )
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0311000.inf_amd64_7a628daad2b6c80c\atikmdag.sys [26574344 2017-02-08] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0311000.inf_amd64_7a628daad2b6c80c\atikmpag.sys [529304 2017-02-08] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110104 2016-09-28] (Advanced Micro Devices)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [247008 2016-12-26] (AO Kaspersky Lab)
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [32960 2017-04-11] (Dell Inc.)
R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [32568 2017-04-11] (Dell Computer Corporation)
R3 ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [40872 2014-02-10] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40872 2014-02-10] (SlySoft, Inc.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-03-22] ()
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [366432 2017-04-14] (Acronis International GmbH)
S3 iaLPSS2_SPI; C:\WINDOWS\System32\drivers\iaLPSS2_SPI.sys [151352 2016-08-30] (Intel Corporation)
R3 iaLPSS2_UART2; C:\WINDOWS\System32\drivers\iaLPSS2_UART2.sys [282424 2016-08-30] (Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [249104 2016-10-06] (Intel Corporation)
R3 igfx; C:\WINDOWS\System32\DriverStore\FileRepository\ki119560.inf_amd64_5a492b6b44b20fba\igdkmd64.sys [11039704 2016-11-25] (Intel Corporation)
R3 IntelReadyModeDriver; C:\WINDOWS\System32\drivers\IntelReadyModeDriver.sys [34720 2016-10-13] (Intel Corporation)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554408 2016-10-01] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [70880 2016-12-22] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86240 2016-12-27] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [29816 2016-10-14] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [206552 2017-04-29] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [522736 2017-04-29] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP18.0.0\Bases\klids.sys [171312 2017-05-11] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1051360 2017-04-29] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2016-10-12] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [57056 2016-12-23] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [58592 2016-12-07] (AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [50672 2017-04-18] (AO Kaspersky Lab)
S3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [44768 2017-01-20] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [229288 2017-04-18] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2017-04-14] (AO Kaspersky Lab)
S3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [251664 2017-04-18] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [112912 2017-04-18] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [173144 2017-04-18] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [93920 2016-12-20] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [136176 2017-04-18] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [198432 2017-01-22] (AO Kaspersky Lab)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [186304 2017-05-11] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [111544 2017-05-12] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-05-12] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251832 2017-05-12] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92096 2017-05-12] (Malwarebytes)
R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrfl.sys [59792 2016-09-13] (Intel Corporation)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7308560 2016-09-13] (Intel Corporation)
R2 NPF; C:\Windows\system32\drivers\npf.sys [35344 2017-05-05] (CACE Technologies, Inc.)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1267552 2017-04-14] (Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [193376 2017-04-14] (Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [601432 2017-04-14] (Acronis International GmbH)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [279392 2017-04-14] (Acronis International GmbH)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-04-25] (Zemana Ltd.)
R2 {687703DE-DC6D-4649-892B-B8497854A6AB}; C:\Program Files (x86)\CyberLink\PowerDVD15\Common\NavFilter\000.fcl [29896 2016-09-14] (CyberLink Corp.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-12 01:08 - 2017-05-12 01:08 - 00028757 _____ C:\Users\Tom\Desktop\FRST.txt
2017-05-12 01:07 - 2017-05-12 01:07 - 00000000 ____D C:\Users\Tom\Desktop\FRST-OlderVersion
2017-05-11 19:07 - 2017-05-11 19:07 - 00000000 ____D C:\Users\Tom\Documents\DeWaynes Poperty Lines
2017-05-11 02:41 - 2017-05-11 02:41 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-11 02:41 - 2017-05-11 02:41 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-11 02:41 - 2017-05-11 02:41 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-11 02:41 - 2017-05-11 02:41 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-11 02:41 - 2017-05-11 02:41 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-11 02:41 - 2017-05-11 02:41 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-11 02:41 - 2017-05-11 02:41 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00980992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-05-11 02:41 - 2017-05-11 02:41 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-11 02:41 - 2017-05-11 02:41 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-05-11 02:41 - 2017-05-11 02:41 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-11 02:41 - 2017-05-11 02:41 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-05-11 02:41 - 2017-05-11 02:41 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-11 02:41 - 2017-05-11 02:41 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-11 02:41 - 2017-05-11 02:41 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-05-11 02:41 - 2017-05-11 02:41 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-05-11 02:41 - 2017-05-11 02:41 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-05-11 02:41 - 2017-05-11 02:41 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-11 02:41 - 2017-05-11 02:41 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-11 02:41 - 2017-05-11 02:41 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-05-11 02:41 - 2017-05-11 02:41 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-05-11 02:41 - 2017-05-11 02:41 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00000000 ____D C:\Windows.old
2017-05-11 02:39 - 2017-05-11 02:39 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-05-11 02:39 - 2017-05-10 22:44 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-05-11 02:38 - 2017-05-11 02:38 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-05-11 02:38 - 2017-05-11 02:38 - 00000000 ____D C:\Program Files\MSBuild
2017-05-11 02:38 - 2017-05-11 02:38 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-05-11 02:38 - 2017-05-11 02:38 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-05-11 02:38 - 2017-02-10 15:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-05-11 02:38 - 2017-02-10 15:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-05-11 02:38 - 2017-02-10 15:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-05-11 02:38 - 2017-02-10 15:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-05-11 02:38 - 2017-02-10 15:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-05-11 02:38 - 2017-02-10 15:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-05-10 23:51 - 2017-05-10 23:51 - 00000000 ____D C:\Users\Tom\AppData\Roaming\23538
2017-05-10 23:01 - 2017-05-10 23:01 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-05-10 23:00 - 2017-05-10 23:00 - 00000000 ____D C:\Users\Tom\AppData\Local\DBG
2017-05-10 23:00 - 2017-05-10 23:00 - 00000000 ____D C:\ProgramData\USOShared
2017-05-10 23:00 - 2017-05-10 23:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2017-05-10 23:00 - 2017-05-10 23:00 - 00000000 ____D C:\Program Files\ATI Technologies
2017-05-10 22:59 - 2017-05-10 22:59 - 00000020 ___SH C:\Users\Tom\ntuser.ini
2017-05-10 22:56 - 2017-05-10 22:56 - 00000000 _SHDL C:\Users\Default\My Documents
2017-05-10 22:54 - 2017-05-11 18:36 - 01015508 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-10 22:54 - 2017-05-10 22:54 - 00011433 _____ C:\WINDOWS\diagwrn.xml
2017-05-10 22:54 - 2017-05-10 22:54 - 00011433 _____ C:\WINDOWS\diagerr.xml
2017-05-10 22:52 - 2017-05-12 01:06 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-10 22:52 - 2017-05-10 23:01 - 00003286 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-05-10 22:52 - 2017-05-10 22:52 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-05-10 22:52 - 2017-05-10 22:52 - 00003508 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2017-05-10 22:52 - 2017-05-10 22:52 - 00003502 _____ C:\WINDOWS\System32\Tasks\EPSON XP-950 Series Update {E06463BA-A713-427D-BBE1-30D3247CD569}
2017-05-10 22:52 - 2017-05-10 22:52 - 00003502 _____ C:\WINDOWS\System32\Tasks\EPSON XP-950 Series Update {C3B7300D-3228-44E6-8A12-FB2D532D4FEB}
2017-05-10 22:52 - 2017-05-10 22:52 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-05-10 22:52 - 2017-05-10 22:52 - 00003324 _____ C:\WINDOWS\System32\Tasks\EPSON XP-950 Series Invitation {E06463BA-A713-427D-BBE1-30D3247CD569}
2017-05-10 22:52 - 2017-05-10 22:52 - 00003324 _____ C:\WINDOWS\System32\Tasks\EPSON XP-950 Series Invitation {C3B7300D-3228-44E6-8A12-FB2D532D4FEB}
2017-05-10 22:52 - 2017-05-10 22:52 - 00003284 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2017-05-10 22:52 - 2017-05-10 22:52 - 00003280 _____ C:\WINDOWS\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2017-05-10 22:52 - 2017-05-10 22:52 - 00003118 _____ C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification
2017-05-10 22:52 - 2017-05-10 22:52 - 00003096 _____ C:\WINDOWS\System32\Tasks\PCDDataUploadTask
2017-05-10 22:52 - 2017-05-10 22:52 - 00003074 _____ C:\WINDOWS\System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7
2017-05-10 22:52 - 2017-05-10 22:52 - 00003042 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2017-05-10 22:52 - 2017-05-10 22:52 - 00002982 _____ C:\WINDOWS\System32\Tasks\SystemToolsDailyTest
2017-05-10 22:52 - 2017-05-10 22:52 - 00002708 _____ C:\WINDOWS\System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon
2017-05-10 22:52 - 2017-05-10 22:52 - 00002318 _____ C:\WINDOWS\System32\Tasks\DropboxOEM
2017-05-10 22:52 - 2017-05-10 22:52 - 00002304 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_PushButton
2017-05-10 22:52 - 2017-05-10 22:52 - 00002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-05-10 22:52 - 2017-05-10 22:52 - 00002120 _____ C:\WINDOWS\System32\Tasks\Dell Cleanup
2017-05-10 22:51 - 2017-05-10 22:51 - 00000951 _____ C:\WINDOWS\Tasks\EPSON XP-950 Series Update {7D65C34F-A410-4193-8182-BC7218E50F2A}.job
2017-05-10 22:51 - 2017-05-10 22:51 - 00000765 _____ C:\WINDOWS\Tasks\EPSON XP-950 Series Invitation {7D65C34F-A410-4193-8182-BC7218E50F2A}.job
2017-05-10 22:49 - 2017-05-10 22:49 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-05-10 22:48 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-05-10 22:47 - 2017-05-12 01:06 - 00000000 ____D C:\Users\Tom
2017-05-10 22:47 - 2017-05-10 22:52 - 00000000 ____D C:\Users\defaultuser0
2017-05-10 22:47 - 2017-05-10 22:48 - 00000000 ____D C:\ProgramData\EPSON
2017-05-10 22:47 - 2017-05-10 22:47 - 00000951 _____ C:\WINDOWS\Tasks\EPSON XP-950 Series Update {9A7D9758-5208-4C2F-8116-77535233C04F}.job
2017-05-10 22:47 - 2017-05-10 22:47 - 00000765 _____ C:\WINDOWS\Tasks\EPSON XP-950 Series Invitation {9A7D9758-5208-4C2F-8116-77535233C04F}.job
2017-05-10 22:47 - 2017-05-10 22:47 - 00000000 _SHDL C:\Users\Tom\My Documents
2017-05-10 22:47 - 2017-05-10 22:47 - 00000000 _SHDL C:\Users\Tom\Documents\My Videos
2017-05-10 22:47 - 2017-05-10 22:47 - 00000000 _SHDL C:\Users\Tom\Documents\My Pictures
2017-05-10 22:47 - 2017-05-10 22:47 - 00000000 _SHDL C:\Users\Tom\Documents\My Music
2017-05-10 22:47 - 2017-05-10 22:47 - 00000000 _SHDL C:\Users\defaultuser0\My Documents
2017-05-10 22:47 - 2017-05-10 22:47 - 00000000 _SHDL C:\Users\defaultuser0\Documents\My Videos
2017-05-10 22:47 - 2017-05-10 22:47 - 00000000 _SHDL C:\Users\defaultuser0\Documents\My Pictures
2017-05-10 22:47 - 2017-05-10 22:47 - 00000000 _SHDL C:\Users\defaultuser0\Documents\My Music
2017-05-10 22:47 - 2017-05-10 22:47 - 00000000 ____D C:\Program Files\Common Files\EPSON
2017-05-10 22:46 - 2017-05-12 01:05 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-05-10 22:46 - 2017-05-10 23:00 - 00000000 ____D C:\Program Files\AMD
2017-05-10 22:46 - 2017-05-10 22:48 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-05-10 22:46 - 2017-05-10 22:48 - 00000000 ____D C:\ProgramData\Package Cache
2017-05-10 22:46 - 2017-05-10 22:48 - 00000000 ____D C:\Program Files\Intel
2017-05-10 22:46 - 2017-05-10 22:46 - 00000000 ____D C:\Program Files\Realtek
2017-05-10 22:46 - 2017-05-10 22:46 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2017-05-10 22:46 - 2017-05-10 22:46 - 00000000 ____D C:\Program Files (x86)\AMD
2017-05-10 22:46 - 2017-05-10 22:46 - 00000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2017-05-10 22:46 - 2017-03-18 16:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-05-10 22:44 - 2017-05-12 01:06 - 05005848 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-10 22:44 - 2017-05-11 23:00 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-10 22:44 - 2017-05-10 22:44 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2017-05-10 22:44 - 2017-05-10 22:44 - 00000000 ____D C:\WINDOWS\Firmware
2017-05-10 21:14 - 2017-05-10 22:59 - 00000000 ___DC C:\WINDOWS\Panther
2017-05-10 13:55 - 2017-05-10 13:55 - 00000960 _____ C:\Users\Tom\Desktop\My DVD Covers - Shortcut.lnk
2017-05-10 00:02 - 2017-05-10 00:02 - 00001254 _____ C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update and Privacy Settings.lnk
2017-05-10 00:02 - 2017-05-10 00:02 - 00000000 ____D C:\Users\Tom\AppData\Local\UNP
2017-05-09 23:38 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-05-09 23:38 - 2017-05-09 23:39 - 00000000 ____D C:\Program Files\UNP
2017-05-09 23:35 - 2017-03-04 02:26 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-05-09 16:42 - 2017-05-09 16:42 - 00027879 _____ C:\Users\Tom\Documents\ViewerX.alb
2017-05-06 22:39 - 2017-05-06 22:39 - 14725904 _____ (TeamViewer GmbH) C:\Users\Tom\Downloads\TeamViewer_Setup.exe
2017-05-06 22:39 - 2017-05-06 22:39 - 00001114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-05-06 21:55 - 2017-05-06 21:56 - 03590144 _____ C:\Users\Tom\Downloads\EpsonConnect140.exe
2017-05-06 18:46 - 2017-05-06 18:46 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Easeware
2017-05-06 18:45 - 2017-05-06 18:46 - 02211944 _____ (Easeware ) C:\Users\Tom\Downloads\DriverNavigator_Setup.exe
2017-05-06 18:06 - 2017-05-06 18:06 - 00000000 _____ C:\Users\Tom\Downloads\Setup_DriverDoc_2016.exe
2017-05-05 21:54 - 2017-05-06 10:05 - 00000000 ____D C:\Users\Tom\AppData\Local\NETGEARGenie
2017-05-05 21:54 - 2017-05-05 21:54 - 00369168 _____ (CACE Technologies, Inc.) C:\WINDOWS\system32\wpcap.dll
2017-05-05 21:54 - 2017-05-05 21:54 - 00281104 _____ (CACE Technologies, Inc.) C:\WINDOWS\SysWOW64\wpcap.dll
2017-05-05 21:54 - 2017-05-05 21:54 - 00106000 _____ (CACE Technologies, Inc.) C:\WINDOWS\system32\packet.dll
2017-05-05 21:54 - 2017-05-05 21:54 - 00096784 _____ (CACE Technologies, Inc.) C:\WINDOWS\SysWOW64\packet.dll
2017-05-05 21:54 - 2017-05-05 21:54 - 00035344 _____ (CACE Technologies, Inc.) C:\WINDOWS\system32\Drivers\npf.sys
2017-05-05 21:54 - 2017-05-05 21:54 - 00002137 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR Genie.lnk
2017-05-05 21:54 - 2017-05-05 21:54 - 00002125 _____ C:\Users\Public\Desktop\NETGEAR Genie.lnk
2017-05-05 21:53 - 2017-05-05 21:54 - 00000000 ____D C:\Program Files (x86)\NETGEAR Genie
2017-05-05 20:30 - 2017-05-05 21:47 - 00000951 _____ C:\WINDOWS\Tasks\EPSON XP-950 Series Update {E06463BA-A713-427D-BBE1-30D3247CD569}.job
2017-05-05 20:30 - 2017-05-05 21:47 - 00000765 _____ C:\WINDOWS\Tasks\EPSON XP-950 Series Invitation {E06463BA-A713-427D-BBE1-30D3247CD569}.job
2017-05-05 20:13 - 2017-05-05 20:13 - 00000000 ____D C:\ProgramData\NETGEAR
2017-05-05 20:12 - 2017-05-05 20:12 - 00000000 ____D C:\WINDOWS\Downloaded Installations
2017-05-05 20:08 - 2017-05-05 20:08 - 00000000 ____D C:\Users\Tom\Downloads\NETGEAR
2017-05-05 19:10 - 2017-05-10 22:59 - 00000000 ____D C:\ProgramData\AMD
2017-05-05 18:34 - 2017-05-05 18:34 - 00000000 ____D C:\ProgramData\51f91071-2c6c-4d65-a800-21d2b065d56f
2017-05-05 18:33 - 2017-05-05 18:33 - 00000000 ____D C:\ProgramData\844166d9-115b-46d2-9d36-ae47babfe8ed
2017-05-05 18:19 - 2017-05-05 18:19 - 00000000 ____D C:\ProgramData\Citrix
2017-05-05 18:18 - 2017-05-05 18:18 - 00000000 ____D C:\Users\Tom\AppData\Local\Citrix
2017-05-05 18:18 - 2017-05-05 18:18 - 00000000 ____D C:\Program Files (x86)\Citrix
2017-05-05 15:10 - 2017-05-10 22:46 - 00000000 ____D C:\AMD
2017-05-05 02:18 - 2017-05-05 02:18 - 00000000 ____D C:\Users\Tom\AppData\Local\Elaborate Bytes
2017-05-04 20:27 - 2017-05-10 22:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Profiler
2017-05-04 20:27 - 2017-05-04 20:27 - 00001180 _____ C:\Users\Tom\Desktop\DVD Profiler.lnk
2017-05-04 20:27 - 2017-05-04 20:27 - 00000000 ____D C:\Program Files (x86)\DVD Profiler
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\2C0A
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\0C0A
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\0C04
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\0816
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\0804
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\0424
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\041F
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\041E
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\041D
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\041B
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\0419
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\0416
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\0415
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\0414
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\0413
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\0412
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\0411
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\0410
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\040E
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\040D
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\040C
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\040B
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\040A
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\0408
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\0407
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\0406
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\0405
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\0404
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\0401
2017-05-04 17:24 - 2017-05-04 17:24 - 00000000 ____D C:\ProgramData\Downloaded Installations
2017-05-04 17:24 - 2017-05-04 17:24 - 00000000 ____D C:\Program Files (x86)\Renesas Electronics
2017-05-03 22:32 - 2017-05-10 22:48 - 00000000 ____D C:\WINDOWS\ShellNew
2017-05-03 18:03 - 2015-05-22 22:13 - 00036864 _____ C:\Users\Tom\Documents\DVDFAB BR Lifetime Key DFab BR copy.msg
2017-05-03 18:02 - 2017-03-29 17:04 - 503053408 _____ C:\Users\Tom\Documents\AcronisTrueImage2016_6581.exe
2017-05-03 18:02 - 2015-05-31 00:45 - 00026624 _____ C:\Users\Tom\Documents\AnyDVD-SlySoft - License Key(s) (Ref# 6117181).msg
2017-05-03 18:02 - 2010-12-16 13:11 - 00000281 _____ C:\Users\Tom\Documents\AnyDVD_Key_6117181.AnyDVD
2017-05-03 17:55 - 2016-02-17 20:21 - 00000417 _____ C:\Users\Tom\Documents\CloneCD_Key_13879133.CloneCD
2017-05-03 17:55 - 2013-08-04 10:24 - 00000542 _____ C:\Users\Tom\Documents\Kevin's Emergency Contact Information.txt
2017-05-03 17:54 - 2015-09-17 16:16 - 08012167 _____ C:\Users\Tom\Documents\Samsung 75 UHD TV E-Manual.pdf
2017-05-03 17:54 - 2015-07-04 19:28 - 00063488 _____ C:\Users\Tom\Documents\Q-See Remote Set Up  desktop & Cell and IPad.msg
2017-05-03 17:54 - 2015-07-02 14:03 - 00001411 _____ C:\Users\Tom\Documents\Q-See Mobile Setup.txt
2017-05-03 17:54 - 2013-11-09 16:12 - 11447609 _____ C:\Users\Tom\Documents\ON-Star Manual Gen. 9.pdf
2017-05-03 17:53 - 2015-06-08 23:27 - 00616830 _____ C:\Users\Tom\Documents\Total Training CS5 by Andy Anderson.ec4
2017-05-03 11:25 - 2017-05-03 11:25 - 00000000 __HDC C:\ProgramData\{6E35203C-6E98-4378-8362-112CFE55C2C1}
2017-05-03 11:24 - 2017-05-03 11:24 - 00000000 ____D C:\ProgramData\SupportAssistAgent
2017-05-02 22:39 - 2017-05-02 22:39 - 00000000 ____D C:\Users\Tom\AppData\LocalLow\Temp
2017-05-02 22:16 - 2017-05-02 22:20 - 00000951 _____ C:\WINDOWS\Tasks\EPSON XP-950 Series Update {C3B7300D-3228-44E6-8A12-FB2D532D4FEB}.job
2017-05-02 22:16 - 2017-05-02 22:20 - 00000765 _____ C:\WINDOWS\Tasks\EPSON XP-950 Series Invitation {C3B7300D-3228-44E6-8A12-FB2D532D4FEB}.job
2017-05-02 22:14 - 2017-05-02 22:14 - 00000164 _____ C:\Users\Public\Desktop\EPSON XP-950 User’s Guide.url
2017-05-02 22:13 - 2017-05-03 22:32 - 00000870 _____ C:\Users\Public\Desktop\Print CD.lnk
2017-05-02 22:12 - 2017-05-02 22:12 - 00000000 ____D C:\Program Files\EPSON
2017-05-02 22:11 - 2017-05-10 22:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2017-05-02 22:11 - 2017-05-06 21:57 - 00000000 ____D C:\Program Files (x86)\EPSON Software
2017-05-02 22:11 - 2017-05-02 22:11 - 00000000 ____D C:\Program Files\EpsonNet
2017-05-02 22:11 - 2012-11-12 20:41 - 00535552 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppui.dll
2017-05-02 22:11 - 2012-11-12 20:41 - 00535552 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppui.dll
2017-05-02 22:11 - 2012-11-12 15:15 - 00558592 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppmon.dll
2017-05-02 22:11 - 2012-11-12 15:15 - 00558592 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppmon.dll
2017-05-02 22:11 - 2012-10-22 17:19 - 00219648 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enspres.dll
2017-05-02 22:11 - 2012-10-22 17:19 - 00219648 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enpres.dll
2017-05-02 22:10 - 2017-05-10 22:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2017-05-02 22:10 - 2017-05-02 22:10 - 00001005 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2017-05-02 22:10 - 2013-10-22 04:04 - 00179712 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ILMBLIE.DLL
2017-05-02 22:10 - 2012-07-24 00:00 - 00466432 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\esxw2ud.dll
2017-05-02 22:10 - 2012-05-17 00:00 - 00144560 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\escsvc64.exe
2017-05-02 22:10 - 2011-03-15 03:03 - 00083968 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ID4BLIE.DLL
2017-05-02 22:10 - 2007-04-10 01:06 - 00010752 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\E_GCINST.DLL
2017-05-02 22:09 - 2017-05-02 22:09 - 00000036 _____ C:\WINDOWS\XP-950.ini
2017-05-01 02:33 - 2017-05-12 01:07 - 02429440 _____ (Farbar) C:\Users\Tom\Desktop\FRST64.exe
2017-04-30 22:10 - 2017-04-30 22:11 - 00000000 ____D C:\Users\Tom\Documents\Dell Recovery Image Files
2017-04-29 23:06 - 2017-05-10 22:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2017-04-29 23:06 - 2017-05-10 22:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2017-04-29 23:06 - 2017-04-29 23:06 - 00001311 _____ C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk
2017-04-29 23:06 - 2017-04-29 23:05 - 00002225 _____ C:\Users\Public\Desktop\Safe Money.lnk
2017-04-29 23:06 - 2017-04-29 23:05 - 00002207 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2017-04-29 23:05 - 2017-04-29 23:05 - 00522736 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2017-04-29 23:05 - 2017-04-29 23:05 - 00149584 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\klhkum.dll
2017-04-29 18:55 - 2017-04-29 23:04 - 157560416 _____ (Kaspersky Lab) C:\Users\Tom\Downloads\KIS18.0.0.405en-US_full.exe
2017-04-29 16:37 - 2017-04-29 16:37 - 00001115 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves MaxxAudioPro.lnk
2017-04-29 16:37 - 2017-04-29 16:37 - 00000000 ____D C:\Program Files\Waves
2017-04-29 03:02 - 2017-05-10 23:52 - 00000000 ____D C:\Users\Tom\Documents\DVDFabCommon
2017-04-29 02:43 - 2017-04-29 02:43 - 00000000 ____D C:\Users\Tom\AppData\Roaming\13681
2017-04-28 18:20 - 2017-04-28 18:21 - 00001225 _____ C:\Users\Tom\Desktop\XPS 8920 Service Manual - Shortcut.lnk
2017-04-27 12:59 - 2017-05-12 01:08 - 00031616 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2017-04-27 12:59 - 2017-04-27 13:31 - 00170759 _____ C:\WINDOWS\ZAM.krnl.trace
2017-04-26 20:44 - 2017-05-12 01:08 - 00000000 ____D C:\FRST
2017-04-26 18:59 - 2017-04-26 19:09 - 01489894 _____ C:\TDSSKiller.3.1.0.15_26.04.2017_18.59.26_log.txt
2017-04-25 13:22 - 2017-04-25 13:31 - 00000178 _____ C:\Users\Tom\Desktop\NetFlix.url
2017-04-25 00:06 - 2017-04-27 13:32 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2017-04-25 00:06 - 2017-04-25 00:06 - 00203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2017-04-25 00:05 - 2017-04-25 00:05 - 00000000 ____D C:\Users\Tom\AppData\Local\Zemana
2017-04-24 23:54 - 2017-04-27 16:06 - 00000000 ____D C:\AdwCleaner
2017-04-24 16:40 - 2017-04-24 16:40 - 00000087 _____ C:\Users\Tom\AppData\Roaming\1de0de73-de3e-46c6-81b0-f6455f081644
2017-04-24 16:37 - 2017-04-24 16:37 - 00000000 ____D C:\Users\Tom\AppData\Roaming\11515
2017-04-22 19:59 - 2017-04-22 19:59 - 00000000 ____D C:\ProgramData\PC-Doctor, Inc
2017-04-22 19:20 - 2017-04-22 19:20 - 00000000 ____D C:\Users\Tom\Documents\Reg Back Up 4-21-17
2017-04-21 19:30 - 2017-04-21 19:30 - 00000017 _____ C:\Users\Tom\AppData\Local\resmon.resmoncfg
2017-04-21 00:29 - 2017-04-21 00:29 - 00000000 ____D C:\Users\Tom\Documents\OneNote Notebooks
2017-04-21 00:27 - 2017-04-21 00:27 - 00002445 _____ C:\Users\Tom\Desktop\Publisher 2016.lnk
2017-04-21 00:22 - 2017-04-21 00:22 - 00002494 _____ C:\Users\Tom\Desktop\PowerPoint 2016.lnk
2017-04-21 00:22 - 2017-04-21 00:22 - 00002457 _____ C:\Users\Tom\Desktop\Excel 2016.lnk
2017-04-21 00:22 - 2017-04-21 00:22 - 00002437 _____ C:\Users\Tom\Desktop\OneNote 2016.lnk
2017-04-21 00:21 - 2017-04-21 00:21 - 00002495 _____ C:\Users\Tom\Desktop\Word 2016.lnk
2017-04-21 00:21 - 2017-04-21 00:21 - 00002451 _____ C:\Users\Tom\Desktop\Outlook 2016.lnk
2017-04-21 00:15 - 2017-04-21 00:15 - 00001798 _____ C:\Users\Tom\Desktop\Photoshop - Shortcut.lnk
2017-04-21 00:13 - 2017-04-21 00:13 - 00000000 ____D C:\Users\Tom\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2017-04-20 21:58 - 2017-04-20 22:06 - 00000244 _____ C:\Users\Tom\Desktop\Samsung Monitor Manual.url
2017-04-20 20:51 - 2015-05-13 13:47 - 00000000 ____D C:\Users\Tom\Documents\adobe photoshop cs6
2017-04-18 22:02 - 2017-04-22 22:18 - 00000000 ____D C:\Users\Tom\AppData\LocalLow\Adobe
2017-04-18 13:07 - 2017-05-10 22:48 - 00000000 ____D C:\WINDOWS\system32\1b8474904af9acf547e803cad7de00a9128c28081695a..bin
2017-04-18 10:10 - 2017-04-18 10:10 - 00251664 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2017-04-18 10:09 - 2017-04-18 10:09 - 00229288 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2017-04-18 10:09 - 2017-04-18 10:09 - 00173144 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2017-04-18 10:09 - 2017-04-18 10:09 - 00112912 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2017-04-16 21:55 - 2017-04-22 00:21 - 00000184 _____ C:\Users\Tom\Desktop\Customaniacs.org.url
2017-04-16 21:53 - 2017-04-22 00:19 - 00000183 _____ C:\Users\Tom\Desktop\HiresCovers.net.url
2017-04-16 21:52 - 2017-04-22 00:18 - 00000182 _____ C:\Users\Tom\Desktop\FreeCovers.net.url
2017-04-16 21:44 - 2017-05-11 01:24 - 00000000 ____D C:\Users\Tom\AppData\Roaming\DVDFab10
2017-04-16 21:44 - 2017-05-10 22:50 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDFab 10
2017-04-16 21:44 - 2017-05-10 22:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 10
2017-04-16 21:44 - 2017-04-29 02:44 - 00002035 _____ C:\Users\Tom\Desktop\DVDFab Mini.lnk
2017-04-16 21:44 - 2017-04-29 02:44 - 00001993 _____ C:\Users\Tom\Desktop\DVDFab 10.lnk
2017-04-16 21:44 - 2017-04-29 02:44 - 00000000 ____D C:\Program Files (x86)\DVDFab 10
2017-04-16 21:43 - 2017-04-16 21:44 - 00000000 ____D C:\Users\Tom\Documents\DVDFab10
2017-04-16 19:37 - 2017-05-12 01:05 - 00045489 _____ C:\WINDOWS\SysWOW64\PCPELog.txt
2017-04-16 19:36 - 2017-05-10 22:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlySoft
2017-04-16 19:36 - 2017-04-16 19:36 - 00001188 _____ C:\Users\Public\Desktop\CloneCD.lnk
2017-04-16 19:36 - 2017-04-16 19:36 - 00000000 ____D C:\ProgramData\SlySoft
2017-04-16 19:36 - 2017-04-16 19:36 - 00000000 ____D C:\Program Files (x86)\SlySoft
2017-04-16 19:34 - 2017-04-16 19:34 - 00000000 ____D C:\Users\Tom\Documents\UnderCover10
2017-04-16 19:33 - 2017-05-10 22:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnderCover10
2017-04-16 19:33 - 2017-04-16 19:33 - 00001126 _____ C:\Users\Tom\Desktop\UnderCover10.lnk
2017-04-16 19:33 - 2017-04-16 19:33 - 00000000 ____D C:\Program Files (x86)\UnderCover10
2017-04-16 19:28 - 2017-05-11 02:31 - 00000000 ____D C:\Users\Tom\AppData\Local\DVD Profiler
2017-04-16 19:28 - 2017-04-16 19:28 - 00000000 ____D C:\Users\Tom\Documents\DVD Profiler
2017-04-16 19:15 - 2017-04-16 19:15 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Elaborate Bytes
2017-04-16 19:14 - 2017-04-16 19:14 - 00001246 _____ C:\Users\Public\Desktop\CloneBD.lnk
2017-04-16 19:14 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2017-04-16 19:14 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2017-04-16 19:13 - 2017-05-10 22:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2017-04-16 19:13 - 2017-04-16 19:13 - 00000000 ____D C:\ProgramData\Elaborate Bytes
2017-04-16 19:13 - 2017-04-16 19:13 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2017-04-16 13:24 - 2017-04-16 13:25 - 00000000 ____D C:\ProgramData\install_backup
2017-04-16 13:23 - 2017-04-16 13:24 - 171890104 _____ C:\Users\Tom\Documents\PowerDVD_15.0.3305.58_test_Patch_DVD160726-05.exe
2017-04-16 13:22 - 2017-04-16 13:23 - 01089304 _____ (CyberLink) C:\Users\Tom\Documents\CyberLink_PowerDVD_Downloader.exe
2017-04-16 13:03 - 2017-04-16 13:03 - 00002371 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 15.lnk
2017-04-16 13:03 - 2017-04-16 13:03 - 00002359 _____ C:\Users\Public\Desktop\CyberLink PowerDVD 15.lnk
2017-04-16 13:03 - 2017-04-16 13:03 - 00000000 ____D C:\ProgramData\PDVD
2017-04-16 10:46 - 2017-04-16 10:47 - 00002009 _____ C:\Users\Tom\Desktop\This PC.lnk
2017-04-16 10:15 - 2017-04-16 10:15 - 14770199 _____ C:\Users\Tom\Documents\XPS 8920 Service Manual.pdf
2017-04-16 01:49 - 2017-04-16 01:49 - 00000000 ____D C:\Users\Tom\Documents\Custom Office Templates
2017-04-16 00:14 - 2017-05-10 22:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\APC
2017-04-16 00:14 - 2017-04-16 00:14 - 13923704 _____ (Schneider Electric) C:\Users\Tom\PCPE Setup.exe
2017-04-16 00:14 - 2017-04-16 00:14 - 13338112 _____ C:\Users\Tom\PCPE_3.0.1.msi
2017-04-16 00:14 - 2017-04-16 00:14 - 01079808 _____ (Microsoft Corporation) C:\Users\Tom\mfc80u.dll
2017-04-16 00:14 - 2017-04-16 00:14 - 00626688 _____ (Microsoft Corporation) C:\Users\Tom\msvcr80.dll
2017-04-16 00:14 - 2017-04-16 00:14 - 00021880 _____ (Schneider Electric) C:\Users\Tom\grm_res.dll
2017-04-16 00:14 - 2017-04-16 00:14 - 00021880 _____ (Schneider Electric) C:\Users\Tom\fr_res.dll
2017-04-16 00:14 - 2017-04-16 00:14 - 00021368 _____ (Schneider Electric) C:\Users\Tom\pt_res.dll
2017-04-16 00:14 - 2017-04-16 00:14 - 00021368 _____ (Schneider Electric) C:\Users\Tom\it_res.dll
2017-04-16 00:14 - 2017-04-16 00:14 - 00021368 _____ (Schneider Electric) C:\Users\Tom\es_res.dll
2017-04-16 00:14 - 2017-04-16 00:14 - 00021368 _____ (Schneider Electric) C:\Users\Tom\en_res.dll
2017-04-16 00:14 - 2017-04-16 00:14 - 00020856 _____ (Schneider Electric) C:\Users\Tom\ru_res.dll
2017-04-16 00:14 - 2017-04-16 00:14 - 00020344 _____ (Schneider Electric) C:\Users\Tom\jp_res.dll
2017-04-16 00:14 - 2017-04-16 00:14 - 00019832 _____ (Schneider Electric) C:\Users\Tom\zh_res.dll
2017-04-16 00:14 - 2017-04-16 00:14 - 00018808 _____ C:\Users\Tom\ResourceReader.dll
2017-04-16 00:14 - 2017-04-16 00:14 - 00000550 _____ C:\Users\Tom\Microsoft.VC80.MFC.manifest
2017-04-16 00:14 - 2017-04-16 00:14 - 00000522 _____ C:\Users\Tom\Microsoft.VC80.CRT.manifest
2017-04-16 00:14 - 2017-04-16 00:14 - 00000022 _____ C:\Users\Tom\dotnetfolder.txt
2017-04-16 00:14 - 2017-04-16 00:14 - 00000000 ____D C:\Program Files (x86)\APC
2017-04-16 00:14 - 2017-04-16 00:14 - 00000000 ____D C:\APCPowerChuteConfig
2017-04-16 00:13 - 2017-04-16 00:14 - 15922552 _____ (Schneider Electric) C:\Users\Tom\Downloads\PCPEInstaller.exe
2017-04-15 20:15 - 2017-04-15 20:15 - 00001428 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2017-04-15 20:15 - 2017-04-15 20:15 - 00001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2017-04-15 20:15 - 2017-04-15 20:15 - 00001084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2017-04-15 20:15 - 2017-04-15 20:15 - 00000000 ____D C:\Program Files\Adobe
2017-04-15 20:14 - 2017-04-15 20:14 - 00001598 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2017-04-15 20:13 - 2017-04-15 20:15 - 00000000 ____D C:\Program Files\Common Files\Adobe
2017-04-15 19:30 - 2017-04-15 20:26 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2017-04-15 19:30 - 2017-04-15 20:15 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-04-15 19:30 - 2017-04-15 19:30 - 00002098 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2017-04-15 18:32 - 2017-04-15 18:32 - 00000000 ____D C:\Program Files (x86)\MonitorDriver
2017-04-14 23:46 - 2017-04-14 23:47 - 00039260 _____ C:\Users\Tom\Documents\cc_20170414_234640.reg
2017-04-14 23:35 - 2017-05-10 22:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-04-14 23:35 - 2017-04-24 23:53 - 00000000 ____D C:\Program Files\CCleaner
2017-04-14 23:35 - 2017-04-14 23:35 - 00000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-04-14 23:25 - 2017-04-14 03:54 - 60107896 _____ (Malwarebytes ) C:\Users\Tom\Downloads\mb3-setup-consumer-3.0.6.1469-10103.exe
2017-04-14 23:24 - 2017-04-14 18:08 - 1207595878 _____ C:\Users\Tom\Downloads\Photoshop_13_LS16.7z
2017-04-14 22:46 - 2017-04-14 22:48 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Acronis
2017-04-14 22:45 - 2017-05-10 22:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2017-04-14 22:45 - 2017-04-14 22:48 - 00000000 ____D C:\ProgramData\Acronis
2017-04-14 22:45 - 2017-04-14 22:45 - 01267552 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib.sys
2017-04-14 22:45 - 2017-04-14 22:45 - 00601432 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tnd.sys
2017-04-14 22:45 - 2017-04-14 22:45 - 00366432 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\file_tracker.sys
2017-04-14 22:45 - 2017-04-14 22:45 - 00340312 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\snapman.sys
2017-04-14 22:45 - 2017-04-14 22:45 - 00279392 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\virtual_file.sys
2017-04-14 22:45 - 2017-04-14 22:45 - 00193376 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib_mounter.sys
2017-04-14 22:45 - 2017-04-14 22:45 - 00163160 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv.sys
2017-04-14 22:45 - 2017-04-14 22:45 - 00001288 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis True Image.lnk
2017-04-14 22:45 - 2017-04-14 22:45 - 00001276 _____ C:\Users\Public\Desktop\Acronis True Image.lnk
2017-04-14 22:45 - 2017-04-14 22:45 - 00000000 ____D C:\Program Files (x86)\Acronis
2017-04-14 21:26 - 2017-05-06 22:40 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-04-14 21:26 - 2017-04-14 23:29 - 00000000 ____D C:\Users\Tom\AppData\Roaming\TeamViewer
2017-04-14 19:14 - 2017-04-22 22:21 - 00000000 ____D C:\ProgramData\Adobe
2017-04-14 19:14 - 2017-04-22 22:18 - 00000000 ____D C:\Users\Tom\AppData\Local\Adobe
2017-04-14 18:11 - 2017-05-10 22:50 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-04-14 18:11 - 2017-05-10 22:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-04-14 18:11 - 2017-04-14 18:11 - 00000000 ____D C:\Users\Tom\AppData\Roaming\WinRAR
2017-04-14 18:11 - 2017-04-14 18:11 - 00000000 ____D C:\Program Files\WinRAR
2017-04-14 17:45 - 2017-04-14 17:46 - 00000182 _____ C:\Users\Tom\Desktop\Regions Bank.url
2017-04-14 15:04 - 2017-04-14 15:04 - 00087584 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys
2017-04-14 04:24 - 2017-04-14 04:24 - 00000000 ____D C:\Users\Tom\AppData\LocalLow\AMD
2017-04-14 03:55 - 2017-05-12 01:06 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-04-14 03:55 - 2017-05-12 01:06 - 00111544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-04-14 03:55 - 2017-05-12 01:06 - 00092096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-04-14 03:55 - 2017-05-12 01:06 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-04-14 03:55 - 2017-05-11 18:32 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-04-14 03:55 - 2017-05-10 22:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-04-14 03:55 - 2017-04-14 03:55 - 00001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-04-14 03:55 - 2017-04-14 03:55 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-04-14 03:55 - 2017-04-14 03:55 - 00000000 ____D C:\Program Files\Malwarebytes
2017-04-14 03:55 - 2017-03-22 11:02 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-04-14 03:45 - 2017-04-14 03:45 - 00000405 _____ C:\Users\Tom\Desktop\Control Panel.lnk
2017-04-14 02:34 - 2017-05-10 23:09 - 00002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2017-04-14 02:34 - 2017-05-10 22:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2017-04-14 02:34 - 2017-04-14 02:34 - 00002536 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2017-04-14 02:34 - 2017-04-14 02:34 - 00002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2017-04-14 02:34 - 2017-04-14 02:34 - 00002495 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2017-04-14 02:34 - 2017-04-14 02:34 - 00002494 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2017-04-14 02:34 - 2017-04-14 02:34 - 00002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2017-04-14 02:34 - 2017-04-14 02:34 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2017-04-14 02:34 - 2017-04-14 02:34 - 00002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2017-04-14 02:34 - 2017-04-14 02:34 - 00002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2017-04-14 02:32 - 2017-04-14 02:32 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-04-14 02:22 - 2017-04-14 02:22 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Waves Audio
2017-04-14 02:19 - 2017-05-12 01:07 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-04-14 02:19 - 2017-04-30 21:32 - 00000000 ____D C:\Program Files\Common Files\AV
2017-04-14 02:19 - 2017-04-29 23:06 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2017-04-14 02:19 - 2017-04-29 23:05 - 01051360 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2017-04-14 02:19 - 2017-04-29 23:05 - 00206552 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2017-04-14 02:19 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll
2017-04-14 02:18 - 2017-04-14 02:17 - 00532136 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-04-14 02:17 - 2017-04-29 23:07 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2017-04-14 02:06 - 2017-04-14 02:06 - 00000000 _____ C:\WINDOWS\eeventmanager.INI
2017-04-14 01:56 - 2017-05-09 16:39 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Epson
2017-04-14 01:54 - 2017-05-03 22:31 - 00000000 ____D C:\Program Files (x86)\epson
2017-04-14 00:58 - 2017-04-14 00:58 - 00002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belarc Advisor.lnk
2017-04-14 00:58 - 2017-04-14 00:58 - 00002195 _____ C:\Users\Public\Desktop\Belarc Advisor.lnk
2017-04-14 00:58 - 2017-04-14 00:58 - 00000000 ____D C:\Program Files (x86)\Belarc
2017-04-14 00:00 - 2017-04-17 00:39 - 00000000 ____D C:\Users\Public\Documents\CyberLink
2017-04-14 00:00 - 2017-04-14 00:00 - 00000000 ____D C:\Users\Public\CyberLink
2017-04-13 23:56 - 2017-04-16 13:45 - 00000000 ____D C:\Users\Tom\Documents\CyberLink
2017-04-13 23:56 - 2017-04-16 13:12 - 00000000 ____D C:\Users\Tom\AppData\Roaming\CyberLink
2017-04-13 23:56 - 2017-04-13 23:56 - 00000000 ____D C:\Users\Tom\AppData\Local\NetworkTiles
2017-04-13 23:55 - 2017-04-16 13:45 - 00000000 ____D C:\Users\Tom\AppData\Local\CyberLink
2017-04-13 23:37 - 2017-05-09 23:38 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-04-13 23:37 - 2017-05-09 23:37 - 156335152 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-04-13 23:35 - 2017-03-28 01:37 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll
2017-04-13 23:35 - 2017-03-04 02:18 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-04-13 23:25 - 2017-04-13 23:25 - 00000084 _____ C:\WINDOWS\SysWOW64\DLC_Debug_log.txt
2017-04-13 23:10 - 2017-04-13 23:10 - 00000000 _SHDL C:\Users\Public\Documents\My Videos
2017-04-13 23:10 - 2017-04-13 23:10 - 00000000 _SHDL C:\Users\Public\Documents\My Pictures
2017-04-13 23:10 - 2017-04-13 23:10 - 00000000 _SHDL C:\Users\Public\Documents\My Music
2017-04-13 23:10 - 2017-04-13 23:10 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2017-04-13 23:10 - 2017-04-13 23:10 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2017-04-13 23:10 - 2017-04-13 23:10 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2017-04-13 23:10 - 2017-04-13 23:10 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2017-04-13 23:10 - 2017-04-13 23:10 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2017-04-13 23:10 - 2017-04-13 23:10 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2017-04-13 23:10 - 2017-04-13 23:10 - 00000000 _SHDL C:\Documents and Settings
2017-04-13 22:45 - 2017-04-16 22:50 - 00000000 ____D C:\Users\Tom\AppData\Local\ElevatedDiagnostics
2017-04-13 22:39 - 2017-04-13 22:39 - 00000000 ____D C:\Users\Tom\AppData\LocalLow\PCDr
2017-04-13 22:39 - 2017-04-13 22:39 - 00000000 ____D C:\ProgramData\PC-Doctor for Windows
2017-04-13 22:39 - 2017-04-13 22:39 - 00000000 ____D C:\Program Files\Dell Support Center
2017-04-13 22:38 - 2017-05-10 22:50 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2017-04-13 22:38 - 2017-04-22 19:59 - 00000000 ____D C:\Users\Tom\AppData\Roaming\PCDr
2017-04-13 22:38 - 2017-04-13 22:50 - 00000000 ____D C:\temp
2017-04-13 22:37 - 2017-04-15 19:26 - 00000000 ____D C:\Users\Tom\AppData\Local\Apps\2.0
2017-04-13 22:25 - 2017-04-15 00:40 - 00000000 ____D C:\Users\Tom\AppData\Local\MicrosoftEdge
2017-04-13 22:02 - 2017-05-10 22:48 - 00000000 ____D C:\WINDOWS\system32\4118affdd580c08855e819fd124442b3d24fb1fd1c622..bin
2017-04-13 21:57 - 2017-05-10 22:48 - 00000000 ____D C:\WINDOWS\SysWOW64\Dell
2017-04-13 21:57 - 2017-04-13 21:57 - 00000000 ____D C:\Program Files (x86)\Dell Customer Connect
2017-04-13 21:35 - 2017-04-26 19:27 - 00000000 ____D C:\Users\Tom\AppData\Local\Comms
2017-04-13 21:22 - 2017-04-13 21:22 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Macromedia
2017-04-13 21:21 - 2017-04-13 21:21 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Intel Corporation
2017-04-13 21:20 - 2017-05-10 23:48 - 00000000 ___RD C:\Users\Tom\OneDrive
2017-04-13 21:20 - 2017-05-10 23:01 - 00002359 _____ C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-04-13 21:20 - 2017-04-13 21:20 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Skype
2017-04-13 21:19 - 2017-04-13 21:19 - 00000000 ____D C:\Users\Tom\AppData\Local\Power2Go8
2017-04-13 21:19 - 2017-04-13 21:19 - 00000000 ____D C:\Users\Tom\AppData\Local\Dell
2017-04-13 21:18 - 2017-05-12 01:06 - 00000000 __SHD C:\Users\Tom\IntelGraphicsProfiles
2017-04-13 21:18 - 2017-05-11 00:10 - 00000000 ____D C:\Users\Tom\AppData\Local\Packages
2017-04-13 21:18 - 2017-05-10 23:00 - 00000000 ____D C:\Users\Tom\AppData\Local\ConnectedDevicesPlatform
2017-04-13 21:18 - 2017-05-04 20:51 - 00000000 ____D C:\Users\Tom\AppData\Local\VirtualStore
2017-04-13 21:18 - 2017-04-27 22:37 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Adobe
2017-04-13 21:18 - 2017-04-15 20:17 - 00000000 ____D C:\Users\Tom\AppData\Local\AMD
2017-04-13 21:18 - 2017-04-13 21:18 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Intel
2017-04-13 21:18 - 2017-04-13 21:18 - 00000000 ____D C:\Users\Tom\AppData\Roaming\DropboxOEM
2017-04-13 21:18 - 2017-04-13 21:18 - 00000000 ____D C:\Users\Tom\AppData\Local\TileDataLayer
2017-04-13 21:18 - 2017-04-13 21:18 - 00000000 ____D C:\Users\Tom\AppData\Local\Publishers
2017-04-13 21:18 - 2017-04-13 21:18 - 00000000 ____D C:\Users\Tom\AppData\Local\DropboxOEM
2017-04-13 21:15 - 2017-04-13 21:15 - 00000000 ____D C:\Users\defaultuser0\AppData\Local\Power2Go8
2017-04-13 21:14 - 2017-04-13 21:14 - 00000000 ____D C:\Users\defaultuser0\AppData\Roaming\DropboxOEM
2017-04-13 21:14 - 2017-04-13 21:14 - 00000000 ____D C:\Users\defaultuser0\AppData\Local\DropboxOEM
2017-04-13 21:13 - 2017-04-13 21:13 - 00000000 __SHD C:\Users\defaultuser0\IntelGraphicsProfiles
2017-04-13 21:13 - 2017-04-13 21:13 - 00000000 ____D C:\Users\defaultuser0\AppData\Local\VirtualStore
2017-04-13 21:12 - 2017-05-10 22:47 - 00000000 ____D C:\Users\defaultuser0\AppData\Local\Packages
2017-04-13 21:12 - 2017-04-13 21:12 - 00000000 ____D C:\Users\defaultuser0\AppData\Roaming\Intel
2017-04-13 21:12 - 2017-04-13 21:12 - 00000000 ____D C:\Users\defaultuser0\AppData\Local\TileDataLayer
2017-04-13 21:12 - 2017-04-13 21:12 - 00000000 ____D C:\Users\defaultuser0\AppData\Local\ConnectedDevicesPlatform
2017-04-13 21:12 - 2017-04-13 21:12 - 00000000 ____D C:\Users\defaultuser0\AppData\Local\AMD
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-12 01:05 - 2017-03-18 07:40 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-05-12 00:21 - 2017-03-18 17:01 - 00000000 ____D C:\WINDOWS\INF
2017-05-11 23:03 - 2017-03-18 17:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-11 23:03 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-11 19:19 - 2017-03-18 17:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-11 19:18 - 2017-03-03 15:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-05-11 03:09 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-05-11 02:43 - 2017-03-18 17:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-05-11 02:41 - 2017-03-18 17:06 - 00000000 ____D C:\WINDOWS\Setup
2017-05-11 02:41 - 2017-03-18 17:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-11 02:41 - 2017-03-18 17:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-11 02:41 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-11 02:41 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-05-11 02:41 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-11 02:41 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-11 02:41 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-11 02:41 - 2017-03-18 17:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-11 02:41 - 2017-03-18 17:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-11 02:41 - 2017-03-18 07:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-11 01:50 - 2017-03-18 16:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-10 23:02 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-05-10 23:00 - 2017-03-18 17:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-05-10 22:59 - 2017-03-18 17:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-10 22:59 - 2017-03-03 15:45 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-10 22:56 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-10 22:55 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-05-10 22:53 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\Registration
2017-05-10 22:53 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-05-10 22:52 - 2017-03-18 22:31 - 00000000 ____D C:\WINDOWS\HoloShell
2017-05-10 22:52 - 2017-03-18 17:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-05-10 22:50 - 2017-03-18 22:29 - 00000000 ____D C:\WINDOWS\system32\0409
2017-05-10 22:50 - 2017-03-18 07:40 - 00008192 _____ C:\WINDOWS\system32\config\ELAM
2017-05-10 22:50 - 2017-03-03 15:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
2017-05-10 22:50 - 2017-03-03 15:16 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2017-05-10 22:50 - 2017-03-03 15:16 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-05-10 22:50 - 2017-03-03 15:16 - 00000000 ____D C:\WINDOWS\system32\RTCOM
2017-05-10 22:50 - 2017-03-03 15:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2017-05-10 22:48 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-05-10 22:48 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-05-10 22:48 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-05-10 22:48 - 2017-03-18 17:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-05-10 22:48 - 2017-03-03 15:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue
2017-05-10 22:48 - 2017-03-03 15:19 - 00000000 ____D C:\WINDOWS\system32\m32
2017-05-10 22:48 - 2017-03-03 15:17 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles
2017-05-10 22:48 - 2017-03-03 15:15 - 00000000 ____D C:\WINDOWS\SysWOW64\oem
2017-05-10 22:47 - 2017-03-18 07:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-05-10 22:30 - 2017-03-18 23:20 - 00000000 ___HD C:\$WINDOWS.~BT
2017-05-06 22:04 - 2017-03-03 15:16 - 02290452 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-05-05 18:31 - 2017-03-03 15:24 - 00000000 ____D C:\ProgramData\Dell
2017-05-04 17:24 - 2017-03-03 15:16 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-04-29 03:45 - 2017-03-03 15:22 - 00000000 ____D C:\ProgramData\CyberLink
2017-04-28 21:05 - 2017-03-18 17:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-28 21:05 - 2017-03-18 17:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-27 18:14 - 2017-03-03 15:21 - 00000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2017-04-27 18:14 - 2017-03-03 15:21 - 00000930 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2017-04-22 19:58 - 2017-03-03 15:15 - 00000000 ____D C:\ProgramData\PCDr
2017-04-18 13:01 - 2017-03-30 10:15 - 00136176 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwtp.sys
2017-04-18 13:01 - 2016-05-31 23:31 - 00050672 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klpd.sys
2017-04-16 13:46 - 2017-03-03 15:23 - 00000000 ____D C:\ProgramData\SUPPORTDIR
2017-04-16 13:46 - 2017-03-03 15:22 - 00000000 ____D C:\ProgramData\Temp
2017-04-16 13:46 - 2017-03-03 15:22 - 00000000 ____D C:\ProgramData\CLSK
2017-04-16 13:46 - 2017-03-03 15:22 - 00000000 ____D C:\Program Files (x86)\CyberLink
2017-04-16 13:02 - 2017-03-03 15:23 - 00000000 ____D C:\Program Files (x86)\NSIS Uninstall Information
2017-04-16 13:01 - 2017-03-03 15:22 - 00000000 ____D C:\ProgramData\install_clap
2017-04-14 02:07 - 2017-03-03 15:25 - 00000000 ____D C:\ProgramData\McAfee
2017-04-13 23:25 - 2017-03-03 15:15 - 00000000 ____D C:\Program Files\Dell
2017-04-13 21:18 - 2017-03-03 15:21 - 00002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 20 GB.lnk
2017-04-13 21:18 - 2017-03-03 15:21 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-04-13 21:18 - 2017-03-03 15:16 - 00000000 ____D C:\ProgramData\Intel
==================== Files in the root of some directories =======
2017-04-24 16:40 - 2017-04-24 16:40 - 0000087 _____ () C:\Users\Tom\AppData\Roaming\1de0de73-de3e-46c6-81b0-f6455f081644
2017-04-21 19:30 - 2017-04-21 19:30 - 0000017 _____ () C:\Users\Tom\AppData\Local\resmon.resmoncfg
2017-03-03 15:22 - 2017-03-03 15:23 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2017-03-03 15:24 - 2017-03-03 15:24 - 0000105 _____ () C:\ProgramData\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}.log
2017-03-03 15:24 - 2017-03-03 15:24 - 0000100 _____ () C:\ProgramData\{6BADCD73-E925-46F7-A295-FF2448632728}.log
2017-03-03 15:24 - 2017-03-03 15:24 - 0000098 _____ () C:\ProgramData\{CEF5334F-B91A-4327-ACAE-AA50DCE3F995}.log
Files to move or delete:
====================
C:\Users\Tom\en_res.dll
C:\Users\Tom\es_res.dll
C:\Users\Tom\fr_res.dll
C:\Users\Tom\grm_res.dll
C:\Users\Tom\it_res.dll
C:\Users\Tom\jp_res.dll
C:\Users\Tom\mfc80u.dll
C:\Users\Tom\msvcr80.dll
C:\Users\Tom\PCPE Setup.exe
C:\Users\Tom\pt_res.dll
C:\Users\Tom\ResourceReader.dll
C:\Users\Tom\ru_res.dll
C:\Users\Tom\zh_res.dll

==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-05-10 22:44
==================== End of FRST.txt ============================

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-05-2017
Ran by Tom (12-05-2017 01:08:43)
Running from C:\Users\Tom\Desktop
Windows 10 Home Version 1703 (X64) (2017-05-11 02:56:15)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================
Administrator (S-1-5-21-794965033-3937228011-3467878875-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-794965033-3937228011-3467878875-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-794965033-3937228011-3467878875-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-794965033-3937228011-3467878875-501 - Limited - Disabled)
Tom (S-1-5-21-794965033-3937228011-3467878875-1001 - Administrator - Enabled) => C:\Users\Tom
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acronis True Image (HKLM-x32\...\{E5F28743-0DB5-42C1-8B70-5986D88C0BE0}Visible) (Version: 19.0.6581 - Acronis)
Acronis True Image (x32 Version: 19.0.6581 - Acronis) Hidden
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.20) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.20 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.)
Belarc Advisor 8.5c (HKLM-x32\...\Belarc Advisor) (Version: 8.5.3.0 - Belarc Inc.)
Catalyst Control Center Next Localization BR (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.29 - Piriform)
CloneBD (HKLM-x32\...\CloneBD) (Version: 1.0.6.8 - Elaborate Bytes)
CloneCD (HKLM-x32\...\CloneCD) (Version: 5.3.2.1 - SlySoft)
CyberLink PowerDVD 15 (HKLM-x32\...\{DE85B8F3-D088-4D6E-A970-EE0BC7883A66}) (Version: 15.0.3305.58 - CyberLink Corp.)
Dell Customer Connect (HKLM-x32\...\{4FA72FF9-DD64-43A8-8704-6380A11F11D5}) (Version: 1.4.15.0 - Dell Inc.)
Dell Data Vault (Version: 4.4.2.0 - Dell Inc.) Hidden
Dell Digital Delivery (HKLM-x32\...\{99B7C4B5-DC14-441D-A5B6-7340F682BC81}) (Version: 3.1.1117.0 - Dell Products, LP)
Dell Foundation Services (HKLM\...\{BDB50421-E961-42F3-B803-6DAC6F173834}) (Version: 3.4.16100.0 - Dell Inc.)
Dell Help & Support (HKLM-x32\...\InstallShield_{E8669F4E-F2BE-48A9-B5A5-0BC12CA4CB4F}) (Version: 2.4.18.0 - Dell Inc.)
Dell Help & Support (Version: 2.4.18.0 - Dell Inc.) Hidden
Dell Product Registration (HKLM-x32\...\InstallShield_{85B14AE3-1624-45BE-942B-A528DF6F1CCE}) (Version: 3.0.123.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6855.72 - Dell)
Dell SupportAssist Remediation (HKLM-x32\...\{8377b324-9a83-44c5-adde-87358607ddec}) (Version: 2.0.2.1840 - Dell Inc.)
Dell SupportAssist Remediation (Version: 2.0.2.1840 - Dell Inc.) Hidden
Dell SupportAssistAgent (HKLM-x32\...\{A10101BE-714B-42EE-B88B-5D3725B61425}) (Version: 1.4.2.2 - Dell)
Dell System Detect (HKU\S-1-5-21-794965033-3937228011-3467878875-1001\...\d24084d039586cae) (Version: 8.4.0.5 - Dell)
Dell Update - SupportAssist Update Plugin (HKLM\...\{5F641343-FA40-4084-855A-7FA3251783DC}) (Version: 2.0.2.1840 - Dell Inc.)
Dell Update (HKLM-x32\...\{49655877-33CF-4C8A-B07C-9694935431E4}) (Version: 1.9.7.0 - Dell Inc.)
Dropbox 20 GB (HKLM-x32\...\{84D8451D-2ED6-3A59-ABA5-2A447F7C6310}) (Version: 4.1.2.0 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
DVD Profiler Version 3.9.1 (HKLM-x32\...\InvelosDVDProfiler_is1) (Version:  - )
DVDFab 10.0.3.6 (26/04/2017) (HKLM-x32\...\DVDFab 10) (Version: 10.0.3.6 - Fengtao Software Inc.)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.4.0 - Seiko Epson Corporation)
EPSON Connect version 1.0 (HKLM-x32\...\EPSON Connect_is1) (Version: 1.0 - Epson America Inc.)
Epson Customer Research Participation (HKLM\...\{B26449A6-6007-4460-B4FE-C4776115BCEA}) (Version: 1.81.0000 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.44.00 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{7BAC3F7A-B963-468E-982E-B5608A87408D}) (Version: 4.4.4 - SEIKO EPSON CORPORATION)
EPSON XP-950 Series Printer Uninstall (HKLM\...\EPSON XP-950 Series) (Version:  - SEIKO EPSON Corporation)
EPSON XP-950 User’s Guide version 1.0 (HKLM-x32\...\UsersGuideEPSON XP-950 User’s Guide_is1) (Version: 1.0 - )
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
GoToAssist Corporate (HKLM-x32\...\GoToAssist) (Version: 11.5.0.1165 - Citrix Systems, Inc.)
Intel® Chipset Device Software (x32 Version: 10.1.1.38 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1036 - Intel Corporation)
Intel® Online Connect Software Asset Manager (x32 Version: 3.4.2072 - Intel Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4550 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.2.1030 - Intel Corporation)
Intel® Ready Mode Technology (HKLM\...\{CC3C017C-876D-4A31-A128-593FF92A1FE7}) (Version: 1.1.70.528 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1633.3 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{7FADF1ED-241A-4F82-B8FD-19BD0A82FFA0}) (Version: 19.11.1639.0649 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{638b58cc-a268-482a-b0b2-4f2e25993cc1}) (Version: 19.20.0 - Intel Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 18.0.0.405 - Kaspersky Lab) Hidden
Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Maxx Audio Installer (x64) (Version: 2.7.8889.0 - Waves Audio Ltd.) Hidden
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.7967.2161 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-794965033-3937228011-3467878875-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.4.28.00 - NETGEAR Inc.)
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7967.2161 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7967.2161 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7967.2161 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PowerChute Personal Edition 3.0.2 (HKLM-x32\...\{8ED262EE-FC73-47A9-BB86-D92223246881}) (Version: 3.0.2 - Schneider Electric)
proDAD Adorage 3.0 (HKLM-x32\...\proDAD-Adorage-3.0) (Version: 3.0.114.1 - proDAD GmbH)
Product Registration (Version: 3.0.123.0 - Dell Inc.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7968 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{17528CE4-C333-48FB-A9E4-D841E795CDCE}) (Version: 3.0.23.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 3.0.23.0 - Renesas Electronics Corporation) Hidden
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.77242 - TeamViewer)
UnderCover10 2.03 (HKLM-x32\...\UnderCover10_is1) (Version:  - Wicked & Wild Inc.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-794965033-3937228011-3467878875-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Audio Ltd)
CustomCLSID: HKU\S-1-5-21-794965033-3937228011-3467878875-1001_Classes\CLSID\{DAE467D6-5C66-404A-BD99-4AC8261A733A}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01349385-D2E5-4FAB-AF5A-99DC98C34C21} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7 => C:\Program Files (x86)\Intel\Intel® Online Connect Access\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-09-29] (Intel Corporation)
Task: {028ADB60-D02F-4A72-B46D-015BD41A9BA7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {08732268-3823-4F2A-8427-7B38C9AB8591} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-04] (Microsoft Corporation)
Task: {1D2748C6-8D31-4B3E-9E04-E57F8FB8E8AC} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
Task: {2077FF78-F16A-4430-88AC-71885EE95107} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2016-11-30] (DropboxOEM)
Task: {2F91D68D-3796-48B7-95FC-CE6E958A8190} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {301BFD23-0506-4E87-96F4-DA7F97722767} - System32\Tasks\Dell Cleanup => c:\windows\system32\oem\startmenufix.vbs [2016-09-14] ()
Task: {52448321-32FC-47FB-BB73-0811C476D35C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-04] (Microsoft Corporation)
Task: {754BAFE0-389A-47DA-B0B6-FCA622407BB5} - System32\Tasks\EPSON XP-950 Series Update {C3B7300D-3228-44E6-8A12-FB2D532D4FEB} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLIE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {89CD36B1-2878-4DBA-8EF2-2C2ED6B819B6} - System32\Tasks\EPSON XP-950 Series Invitation {C3B7300D-3228-44E6-8A12-FB2D532D4FEB} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLIE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {8A88C437-B10B-4440-BF82-A6E4B31E8BFF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-05-11] (Microsoft Corporation)
Task: {8C6C5875-3C6A-41F5-B410-477EF1A2DCDF} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-04-13] (Dropbox, Inc.)
Task: {8E97C628-0F4C-4041-89E3-CB5E6BFD9363} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-04-10] (Piriform Ltd)
Task: {AF370234-678C-4E46-B433-8B4A040F41AC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-05-11] (Microsoft Corporation)
Task: {C8C56EDA-68CE-45F5-858E-EC26430DEFC6} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-10-28] (Realtek Semiconductor)
Task: {CBB1DA34-0368-4343-BCCB-7EB584AD997B} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-07-26] (Intel® Corporation)
Task: {D321888F-648A-466B-823E-D3F9F1B905B4} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {DD058299-3D3E-4138-9C11-CD89828A9E3D} - System32\Tasks\EPSON XP-950 Series Update {E06463BA-A713-427D-BBE1-30D3247CD569} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLIE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {DEBCA1F3-62DD-4999-8AFF-C7DA0D9E751C} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2017-04-25] (Dell Inc.)
Task: {E2A5E4C8-BA6F-482B-AAB4-614406F7B305} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-04-13] (Dropbox, Inc.)
Task: {E5FDC5CD-DAB3-428E-A799-D12E0B24B3E3} - System32\Tasks\EPSON XP-950 Series Invitation {E06463BA-A713-427D-BBE1-30D3247CD569} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLIE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {F9C659FB-99C6-4377-83CA-880312832E09} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon => C:\Program Files (x86)\Intel\Intel® Online Connect Access\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-09-29] (Intel Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\EPSON XP-950 Series Invitation {7D65C34F-A410-4193-8182-BC7218E50F2A}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLIE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-950 Series Invitation {9A7D9758-5208-4C2F-8116-77535233C04F}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLIE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-950 Series Invitation {C3B7300D-3228-44E6-8A12-FB2D532D4FEB}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLIE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-950 Series Invitation {E06463BA-A713-427D-BBE1-30D3247CD569}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLIE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-950 Series Update {7D65C34F-A410-4193-8182-BC7218E50F2A}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLIE.EXE :/EXE:{7D65C34F-A410-4193-8182-BC7218E50F2A} /F:Update  WORKGROUP\DESKTOP-Q1AN705$ ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-950 Series Update {9A7D9758-5208-4C2F-8116-77535233C04F}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLIE.EXE :/EXE:{9A7D9758-5208-4C2F-8116-77535233C04F} /F:Update  WORKGROUP\DESKTOP-Q1AN705$ ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-950 Series Update {C3B7300D-3228-44E6-8A12-FB2D532D4FEB}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLIE.EXE :/EXE:{C3B7300D-3228-44E6-8A12-FB2D532D4FEB} /F:Update  WORKGROUP\DESKTOP-Q1AN705$ ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-950 Series Update {E06463BA-A713-427D-BBE1-30D3247CD569}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLIE.EXE :/EXE:{E06463BA-A713-427D-BBE1-30D3247CD569} /F:Update  WORKGROUP\DESKTOP-Q1AN705$ ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDFab 10\DVDFab Online.lnk -> hxxp://www.dvdfab.cn
==================== Loaded Modules (Whitelisted) ==============
2016-10-14 14:31 - 2016-10-14 14:31 - 01244408 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
2017-04-14 22:45 - 2017-04-14 22:45 - 04463592 _____ () C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
2016-10-05 16:15 - 2016-10-05 16:15 - 00107752 _____ () C:\Program Files\Intel\Intel® Online Connect Access\libglog.dll
2016-10-05 16:15 - 2016-10-05 16:15 - 00412904 _____ () C:\Program Files\Intel\Intel® Online Connect Access\JsonCpp.dll
2017-04-14 03:55 - 2017-03-22 10:24 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-04-14 03:55 - 2017-03-23 19:40 - 02267600 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-04-14 02:34 - 2017-05-11 18:49 - 08931008 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2017-03-18 16:58 - 2017-03-18 16:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 16:59 - 2017-03-18 22:31 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-18 16:58 - 2017-03-18 16:58 - 03826176 _____ () C:\Windows\System32\Windows.UI.Input.Inking.Analysis.dll
2017-04-14 20:44 - 2017-04-14 20:44 - 00381440 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_1.8.0.0_x64__8wekyb3d8bbwe\Microsoft.Notes.Upgrade.dll
2017-05-09 12:33 - 2017-05-09 12:33 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-09 12:33 - 2017-05-09 12:33 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-09 12:33 - 2017-05-09 12:33 - 43195904 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-05-09 12:33 - 2017-05-09 12:33 - 02457088 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
2017-05-08 15:57 - 2017-05-08 15:57 - 00054272 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2016-10-14 14:28 - 2016-10-14 14:28 - 00567088 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
2016-10-14 14:48 - 2016-10-14 14:48 - 07382232 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
2017-04-29 23:05 - 2017-04-29 23:05 - 00836968 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\kpcengine.2.3.dll
2015-08-11 15:36 - 2015-08-11 15:36 - 00024896 _____ () C:\Program Files (x86)\Common Files\Acronis\Infrastructure\core_workers_shared_context.dll
2016-10-14 14:25 - 2016-10-14 14:25 - 00037808 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2016-10-14 14:48 - 2016-10-14 14:48 - 04355264 _____ () C:\Program Files (x86)\Common Files\Acronis\Infrastructure\atih_mms_addon.dll
2015-08-23 15:59 - 2015-08-23 15:59 - 00606672 _____ () C:\Program Files (x86)\Common Files\Acronis\Infrastructure\sqlite3.dll
2016-10-14 14:47 - 2016-10-14 14:47 - 20605872 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll
2015-11-16 18:05 - 2015-11-16 18:05 - 00126928 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\afcdpapi.dll
2016-04-16 12:45 - 2016-04-16 12:45 - 00248240 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\sync_agent_api.dll
2016-10-14 14:27 - 2016-10-14 14:27 - 00333744 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\resource.dll
2016-10-14 14:25 - 2016-10-14 14:25 - 00050096 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\rpc_client.dll
2017-04-16 13:02 - 2016-09-14 01:07 - 00882456 _____ () C:\Program Files (x86)\CyberLink\PowerDVD15\common\UNO\UNO.dll
2017-04-16 13:02 - 2013-12-10 07:31 - 00074240 _____ () C:\Program Files (x86)\CyberLink\PowerDVD15\Common\Koan\_ctypes.pyd
2017-04-16 13:02 - 2013-12-10 07:31 - 00285184 _____ () C:\Program Files (x86)\CyberLink\PowerDVD15\Common\Koan\_hashlib.pyd
2017-04-16 13:02 - 2013-12-10 07:31 - 00040960 _____ () C:\Program Files (x86)\CyberLink\PowerDVD15\Common\Koan\_socket.pyd
2017-04-16 13:02 - 2013-12-10 07:31 - 00721920 _____ () C:\Program Files (x86)\CyberLink\PowerDVD15\Common\Koan\_ssl.pyd
2016-12-21 10:24 - 2016-12-21 10:24 - 00134008 _____ () C:\Program Files (x86)\Dell Customer Connect\ServiceTagPlusPlus.dll
2016-05-02 18:46 - 2016-05-02 18:46 - 00134008 _____ () c:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2016-09-22 12:56 - 2016-09-22 12:56 - 00133992 _____ () C:\Program Files (x86)\Dell Update\ServiceTagPlusPlus.dll
2016-10-20 05:28 - 2016-10-20 05:28 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2016-04-16 12:56 - 2016-04-16 12:56 - 09698296 _____ () C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
2016-10-14 14:25 - 2016-10-14 14:25 - 00445872 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2016-10-14 14:23 - 2016-10-14 14:23 - 00115632 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\EXPAT.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-04-27 20:49 - 2016-10-06 21:50 - 00003062 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 lm.licenses.adobe.com
127.0.0.1       ereg.adobe.com
127.0.0.1       na2m-pr.licenses.adobe.com
127.0.0.1       activate.adobe.com
127.0.0.1       wip.adobe.com
127.0.0.1       practivate.adobe.com
127.0.0.1       lmlicenses.wip4.adobe.com
127.0.0.1       practivate.adobe.com
127.0.0.1       192.150.14.69
127.0.0.1       192.150.18.101
127.0.0.1       192.150.18.108
127.0.0.1       192.150.22.40
127.0.0.1       192.150.8.100
127.0.0.1       192.150.8.118
127.0.0.1       209-34-83-73.ood.opsource.net
127.0.0.1       3dns-1.adobe.com
127.0.0.1       3dns-2.adobe.com
127.0.0.1       3dns-3.adobe.com
127.0.0.1       3dns-4.adobe.com
127.0.0.1       3dns.adobe.com
127.0.0.1       3dns.adobe.com
127.0.0.1       activate-sea.adobe.com
127.0.0.1       activate-sjc0.adobe.com
127.0.0.1       activate.wip.adobe.com
127.0.0.1       activate.wip1.adobe.com
127.0.0.1       activate.wip2.adobe.com
127.0.0.1       activate.wip3.adobe.com
127.0.0.1       activate.wip4.adobe.com
127.0.0.1       adobe-dns-1.adobe.com
127.0.0.1       adobe-dns-2.adobe.com
There are 27 more lines.

==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-794965033-3937228011-3467878875-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tom\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img13.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "CloneCDTray"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "ZAM"
HKU\S-1-5-21-794965033-3937228011-3467878875-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-794965033-3937228011-3467878875-1001\...\StartupApproved\Run: => "AdobeBridge"
HKU\S-1-5-21-794965033-3937228011-3467878875-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-794965033-3937228011-3467878875-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B379FF25-7F53-4469-B40B-BE57C7550E97}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F0037CEE-AD69-42C9-9762-4744FD726D52}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{6BAA4CEF-49E5-4CEB-ABBA-7395D1EC2079}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{682AE271-658E-4A79-A4B1-B1519C24AEA2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{97973316-347E-4D0F-8E07-71DC70469039}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{D4C01B39-FD42-4BEB-BF5C-7F491D00CEDB}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{4A2BB745-90A0-4CCD-90D2-A947173CDA85}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{44CB1962-6D61-48EA-BA9A-2EA9E493AE02}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{4ABC1924-5031-4425-81AC-6B7D6A996ABA}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{BF8E0658-EA48-44BE-B239-1ECA84976E63}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{24B56F7B-22F5-4D54-99C2-8F12960C0DC7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{69CFD961-3892-4E23-BEB0-5E8885B5DB53}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{5E1B238F-17A8-4F2F-9EC8-6F19D48A0A22}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{F6BD9996-7435-4CB2-BA17-EBFCA1D77EB5}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{2F1D8C82-8CB5-47D3-AF68-7BA66E979F2B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\Movie\PowerDVDMovie.exe
FirewallRules: [{A537FFFE-1D7C-4696-B20B-45932F01E896}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD15Agent.exe
FirewallRules: [{4872B00B-C9D5-4A53-9A79-4E07252006BD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\Kernel\DMS\CLMSServerPDVD15.exe
FirewallRules: [{34916627-4425-4792-A65F-ECE885B119F8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD.exe
FirewallRules: [{752131B1-C276-4A79-A129-DA1DCEB22011}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
FirewallRules: [{25F99DA6-F952-4AC7-973D-D71F63A3EC3C}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{C790DCA4-D94A-4B57-B658-588656D4C2BB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{59681F14-4070-4B6F-B129-A81709DAD9F0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{C389CC0B-345F-4624-87C1-A761E4178C9E}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{5E48C3F5-6C81-43D7-8F0C-797216F2AEE9}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{0919E5F1-8E20-47C6-8696-92E9E8075903}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{18EAD3F3-490D-47E7-B5F3-E98777D75D7E}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{5B10059F-C271-4E88-A1E0-0F6D8F9D7A49}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
==================== Restore Points =========================
10-05-2017 22:59:47 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
10-05-2017 22:59:58 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================
Application errors:
==================
Error: (05/12/2017 01:08:33 AM) (Source: DellSupportAssistRemedationService.exe) (EventID: 0) (User: )
Description: [4] ERROR- ReadEpsaVersion() Exception: Path: C:\ProgramData\Dell\SARemediation\esp\EFI\Dell\logs\diags_current.xml #StackInfo#
Error: (05/11/2017 11:22:09 PM) (Source: DellSupportAssistRemedationService.exe) (EventID: 0) (User: )
Description: [10] ERROR- Failed to find the label for volume whose serial number is E2DD129A System.NullReferenceException: Object reference not set to an instance of an object.
   at utilities.Drive_Utilities.VolumeSNtoVolumeLabel(String volumeSN) #StackInfo#
Error: (05/11/2017 11:22:09 PM) (Source: DellSupportAssistRemedationService.exe) (EventID: 0) (User: )
Description: [10] ERROR- Failed to find the label for volume whose serial number is E2DD129A System.NullReferenceException: Object reference not set to an instance of an object.
   at utilities.Drive_Utilities.VolumeSNtoVolumeLabel(String volumeSN) #StackInfo#
Error: (05/11/2017 08:17:33 PM) (Source: IntelDalJhi) (EventID: 4) (User: )
Description: Intel® Dynamic Application Loader Host Interface Service initialization failure - the spooler applet is invalid.
Error: (05/11/2017 08:17:33 PM) (Source: IntelDalJhi) (EventID: 4) (User: )
Description: Intel® Dynamic Application Loader Host Interface Service initialization failure - the spooler applet is invalid.
Error: (05/11/2017 07:04:20 PM) (Source: DellSupportAssistRemedationService.exe) (EventID: 0) (User: )
Description: [4] ERROR- Exception on processing Diags log: Path: C:\ProgramData\Dell\SARemediation\esp\EFI\Dell\logs\diags_current.xml #StackInfo#
Error: (05/11/2017 07:04:20 PM) (Source: DellSupportAssistRemedationService.exe) (EventID: 0) (User: )
Description: [4] ERROR- FindPartObjects() Lable not matched! Target:WINRETOOLS, Current:DELLSUPPORT, Partition:PartitionPos {disk:1, part:6}, curGptTypeStr:{de94bba4-06d1-4d40-a16a-bfd50179d6ac} #StackInfo#
Error: (05/11/2017 07:04:20 PM) (Source: DellSupportAssistRemedationService.exe) (EventID: 0) (User: )
Description: [4] ERROR- FindPartObjects() Lable not matched! Target:WINRETOOLS, Current:Image, Partition:PartitionPos {disk:1, part:5}, curGptTypeStr:{de94bba4-06d1-4d40-a16a-bfd50179d6ac} #StackInfo#
Error: (05/11/2017 06:39:26 PM) (Source: DellSupportAssistRemedationService.exe) (EventID: 0) (User: )
Description: [10] ERROR- Failed to find the label for volume whose serial number is E2DD129A System.NullReferenceException: Object reference not set to an instance of an object.
   at utilities.Drive_Utilities.VolumeSNtoVolumeLabel(String volumeSN) #StackInfo#
Error: (05/11/2017 06:39:26 PM) (Source: DellSupportAssistRemedationService.exe) (EventID: 0) (User: )
Description: [10] ERROR- Failed to find the label for volume whose serial number is E2DD129A System.NullReferenceException: Object reference not set to an instance of an object.
   at utilities.Drive_Utilities.VolumeSNtoVolumeLabel(String volumeSN) #StackInfo#

System errors:
=============
Error: (05/12/2017 01:07:16 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Intel® Online Connect Helper service.
Error: (05/12/2017 01:06:47 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (05/12/2017 01:06:47 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (05/12/2017 01:06:28 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
Module Path: C:\WINDOWS\system32\Rtlihvs.dll
Error Code: 126
Error: (05/12/2017 01:06:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CldFlt service failed to start due to the following error:
The request is not supported.
Error: (05/12/2017 01:06:08 AM) (Source: Application Popup) (EventID: 56) (User: )
Description: USBMSFT30111122223333
Error: (05/11/2017 11:00:37 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (05/11/2017 06:33:05 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Intel® Online Connect Helper service.
Error: (05/11/2017 06:32:35 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (05/11/2017 06:32:35 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

CodeIntegrity:
===================================
  Date: 2017-05-12 01:07:26.852
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
  Date: 2017-05-12 01:07:26.309
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
  Date: 2017-05-12 01:07:26.147
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
  Date: 2017-05-12 01:07:26.022
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
  Date: 2017-05-12 00:51:46.387
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
  Date: 2017-05-12 00:51:46.244
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
  Date: 2017-05-12 00:51:46.064
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
  Date: 2017-05-12 00:49:08.875
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
  Date: 2017-05-12 00:48:31.516
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
  Date: 2017-05-12 00:48:04.011
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

==================== Memory info ===========================
Processor: Intel® Core™ i7-7700 CPU @ 3.60GHz
Percentage of memory in use: 15%
Total physical RAM: 24474.48 MB
Available physical RAM: 20579.55 MB
Total Virtual: 26010.48 MB
Available Virtual: 21608.5 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:223.79 GB) (Free:148.99 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.39 GB) (Free:931.18 GB) NTFS
Drive g: (Back Up HD) (Fixed) (Total:931.51 GB) (Free:931.31 GB) NTFS
Drive h: (Left Exterior HD) (Fixed) (Total:596.17 GB) (Free:595.54 GB) NTFS
Drive i: (HP Pocket Drive) (Fixed) (Total:149.04 GB) (Free:122.78 GB) NTFS
Drive j: (SandiskSSD) (Fixed) (Total:447.13 GB) (Free:420.97 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: DB24DB58)
Partition: GPT.
========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: DB24DB09)
Partition: GPT.
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 9B9F914B)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (Size: 596.2 GB) (Disk ID: 2F991634)
Partition 1: (Active) - (Size=596.2 GB) - (Type=07 NTFS)
========================================================
Disk: 5 (MBR Code: Windows XP) (Size: 149.1 GB) (Disk ID: 1D2157F3)
Partition 1: (Not Active) - (Size=149 GB) - (Type=OF Extended)
========================================================
Disk: 6 (MBR Code: Windows 7 or 8) (Size: 447.1 GB) (Disk ID: F2CF5AF3)
Partition 1: (Not Active) - (Size=447.1 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================

 


  • 0

Advertisements

#2
zep516
Posted 12 May 2017 - 06:24 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Hello,

There's evidence of illegal software on your system.
The software is Adobe and the crack is your host file, it allows you to by-pass Adobe activation.

127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 3dns.adobe.com
127.0.0.1 3dns.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com
127.0.0.1 activate.wip2.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip4.adobe.com
127.0.0.1 adobe-dns-1.adobe.com
127.0.0.1 adobe-dns-2.adobe.com


Are you aware of this ?
It's against forum policy to assist with illegal software.
  • 0

#3
TGMcCallie
Posted 12 May 2017 - 08:50 PM

TGMcCallie

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

Thanks for that.  Photoshop has been removed from my computer through control panel.  I was unable to run adobe cleaner.  I got message that it could not be run on my

computer.  Do you have a link to a vs. of the cleaner that will run.


  • 0

#4
zep516
Posted 12 May 2017 - 08:56 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Hello,

Perhaps we can clean it up as we go along here.

Next
A few items to fix
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
Open notepad (Start =>All Programs => Accessories => Notepad).
Copy/Paste the contents of the code box below into Notepad.
start
CloseProcesses:
CreateRestorePoint:
C:\Users\Tom\en_res.dll
C:\Users\Tom\es_res.dll
C:\Users\Tom\fr_res.dll
C:\Users\Tom\grm_res.dll
C:\Users\Tom\it_res.dll
C:\Users\Tom\jp_res.dll
C:\Users\Tom\mfc80u.dll
C:\Users\Tom\msvcr80.dll
C:\Users\Tom\PCPE Setup.exe
C:\Users\Tom\pt_res.dll
C:\Users\Tom\ResourceReader.dll
C:\Users\Tom\ru_res.dll
C:\Users\Tom\zh_res.dll
CMD: bitsadmin /reset /allusers
CMD: ipconfig /flushdns
hosts:
Emptytemp:
  • Click Format and ensure Wordwrap is unchecked.
  • Save as Fixlist.txt to your Desktop (Must be in this location)
  • Run FRST/FRST64 and press the Fix button just once and wait.
  • If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
  • The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
  • Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

    Next

    Download AdwCleaner from here. Save the file to the desktop.
    NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.
    Close all open windows and browsers.
    • XP users: Double click the AdwCleaner icon to start the program.
    • Vista/7/8 users: Right click the AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.
      You will see the following console:
    iO5EZayK.png
    • Click the Scan button and wait for the scan to finish.
    • After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Pending. Please uncheck elements you don't want to remove.
    • Click the Clean button.
    • Everything checked will be moved to Quarantine.
    • When the program has finished cleaning a report appears.Once done it will ask to reboot, allow this
    adwcleaner_delete_restart.jpg
    • On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[C0].txt

  • 0

#5
TGMcCallie
Posted 12 May 2017 - 09:09 PM

TGMcCallie

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

OK, it will take me a little while as I am not as swift as I once was.  That's ok for 80 years old I guess.

 

I have Malwarebytes professional lifetime license and I run it all the time.

I will download adwCleaner as instructed.

 

Do I need to delete the 2 logs since I have deleted PS?

 

I will go ahead and download adwCleaner to give you time to answer me as to delete the 2 log files and rerun FRST64.


  • 0

#6
zep516
Posted 12 May 2017 - 09:12 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
You can delete the 2 logs yes.
  • 0

#7
TGMcCallie
Posted 12 May 2017 - 09:50 PM

TGMcCallie

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
Fix result of Farbar Recovery Scan Tool (x64) Version: 08-05-2017
Ran by Tom (12-05-2017 23:24:49) Run:3
Running from C:\Users\Tom\Desktop
Loaded Profiles: Tom (Available Profiles: defaultuser0 & Tom)
Boot Mode: Normal
==============================================
fixlist content:
*****************
start
CloseProcesses:
CreateRestorePoint:
C:\Users\Tom\en_res.dll
C:\Users\Tom\es_res.dll
C:\Users\Tom\fr_res.dll
C:\Users\Tom\grm_res.dll
C:\Users\Tom\it_res.dll
C:\Users\Tom\jp_res.dll
C:\Users\Tom\mfc80u.dll
C:\Users\Tom\msvcr80.dll
C:\Users\Tom\PCPE Setup.exe
C:\Users\Tom\pt_res.dll
C:\Users\Tom\ResourceReader.dll
C:\Users\Tom\ru_res.dll
C:\Users\Tom\zh_res.dll
CMD: bitsadmin /reset /allusers
CMD: ipconfig /flushdns
hosts:
Emptytemp:
*****************
Processes closed successfully.
Restore point was successfully created.
C:\Users\Tom\en_res.dll => moved successfully
C:\Users\Tom\es_res.dll => moved successfully
C:\Users\Tom\fr_res.dll => moved successfully
C:\Users\Tom\grm_res.dll => moved successfully
C:\Users\Tom\it_res.dll => moved successfully
C:\Users\Tom\jp_res.dll => moved successfully
C:\Users\Tom\mfc80u.dll => moved successfully
C:\Users\Tom\msvcr80.dll => moved successfully
C:\Users\Tom\PCPE Setup.exe => moved successfully
C:\Users\Tom\pt_res.dll => moved successfully
C:\Users\Tom\ResourceReader.dll => moved successfully
C:\Users\Tom\ru_res.dll => moved successfully
C:\Users\Tom\zh_res.dll => moved successfully
========= bitsadmin /reset /allusers =========

BITSADMIN version 3.0
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
0 out of 0 jobs canceled.
========= End of CMD: =========

========= ipconfig /flushdns =========

Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========= End of CMD: =========
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 6053888 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 18177445 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 446998 B
Edge => 7950124 B
Chrome => 0 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
defaultuser0 => 0 B
Tom => 13295579 B
RecycleBin => 0 B
EmptyTemp: => 43.8 MB temporary data Removed.
================================

The system needed a reboot.
==== End of Fixlog 23:25:10 ====

 

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 08-05-2017
Ran by Tom (12-05-2017 23:24:49) Run:3
Running from C:\Users\Tom\Desktop
Loaded Profiles: Tom (Available Profiles: defaultuser0 & Tom)
Boot Mode: Normal
==============================================
fixlist content:
*****************
start
CloseProcesses:
CreateRestorePoint:
C:\Users\Tom\en_res.dll
C:\Users\Tom\es_res.dll
C:\Users\Tom\fr_res.dll
C:\Users\Tom\grm_res.dll
C:\Users\Tom\it_res.dll
C:\Users\Tom\jp_res.dll
C:\Users\Tom\mfc80u.dll
C:\Users\Tom\msvcr80.dll
C:\Users\Tom\PCPE Setup.exe
C:\Users\Tom\pt_res.dll
C:\Users\Tom\ResourceReader.dll
C:\Users\Tom\ru_res.dll
C:\Users\Tom\zh_res.dll
CMD: bitsadmin /reset /allusers
CMD: ipconfig /flushdns
hosts:
Emptytemp:
*****************
Processes closed successfully.
Restore point was successfully created.
C:\Users\Tom\en_res.dll => moved successfully
C:\Users\Tom\es_res.dll => moved successfully
C:\Users\Tom\fr_res.dll => moved successfully
C:\Users\Tom\grm_res.dll => moved successfully
C:\Users\Tom\it_res.dll => moved successfully
C:\Users\Tom\jp_res.dll => moved successfully
C:\Users\Tom\mfc80u.dll => moved successfully
C:\Users\Tom\msvcr80.dll => moved successfully
C:\Users\Tom\PCPE Setup.exe => moved successfully
C:\Users\Tom\pt_res.dll => moved successfully
C:\Users\Tom\ResourceReader.dll => moved successfully
C:\Users\Tom\ru_res.dll => moved successfully
C:\Users\Tom\zh_res.dll => moved successfully
========= bitsadmin /reset /allusers =========

BITSADMIN version 3.0
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
0 out of 0 jobs canceled.
========= End of CMD: =========

========= ipconfig /flushdns =========

Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========= End of CMD: =========
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 6053888 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 18177445 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 446998 B
Edge => 7950124 B
Chrome => 0 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
defaultuser0 => 0 B
Tom => 13295579 B
RecycleBin => 0 B
EmptyTemp: => 43.8 MB temporary data Removed.
================================

The system needed a reboot.
==== End of Fixlog 23:25:10 ====

  • 0

#8
zep516
Posted 12 May 2017 - 09:51 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Thank you, looks good.
  • 0

#9
TGMcCallie
Posted 12 May 2017 - 09:52 PM

TGMcCallie

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

I think I posted the 2 logs out of order.  If so I apologize.


  • 0

#10
TGMcCallie
Posted 12 May 2017 - 09:54 PM

TGMcCallie

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

What next?
 


  • 0

Advertisements

#11
zep516
Posted 12 May 2017 - 09:55 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
I didn't see the adwcleaner log file ?
  • 0

#12
TGMcCallie
Posted 12 May 2017 - 09:59 PM

TGMcCallie

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

Sorry, let me check.   It said it cleaned  3 keys  and 2 files that had a bunch of numbers and letters.  Could not recognize any of the keys or files.  I did not uncheck

anything because if it deleted any keys, I have all my key files listed in a book.

 

Be right back


  • 0

#13
TGMcCallie
Posted 12 May 2017 - 10:05 PM

TGMcCallie

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

It did not go to my desktop.  How can I locate it?  If I have to run something be sure and show it so I can copy and paste it in Run.

I checked in program and programs 86 and don't see a adwcleaner folder.


  • 0

#14
TGMcCallie
Posted 12 May 2017 - 10:09 PM

TGMcCallie

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

ADWCleaner did not say what the 3 keys were but I figured if any of my software would not load I can reload the keys.

The 2 program data files were just a bunch of numbers and letters so I could not recognize them.

 

I have 2 Other Devices that show up in computer management that I don't know what they are.  I think they are a old head phone and microphone that are so old that windows

does not have drivers for them.  I don't use them anyway.

 

Advise and I will copy and paste the adwcleaner log if I can find it.


  • 0

#15
zep516
Posted 12 May 2017 - 10:10 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Hello,

As long as it cleaned a few keys then I'm not so worried about the log file.

Do we still have the e-bay Issue ?

Use the computer and let me know
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP