Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Spyware redirects my search to a different site.

Started by TGMcCallie , May 11 2017 11:20 PM

  • This topic is locked This topic is locked

#31
TGMcCallie
Posted 14 May 2017 - 11:07 AM

TGMcCallie

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

Zep516:  Karspersky got back to me via e-mail and this is what they told me to do.  

 

I would like to have your opinion about this before I do anything...

 

1. Said to completely delete Malwarebytes anti virus software from my computer by running mbam-clean.exe.  He said you could not have 2 antivirus programs on the same

    computer as it would cause conflicts.  I have had both of them on this computer and until this redirect started happening, I had no problem.  What do you think.  I think they

    just don't want the competition.  That is my thought what about you?

 

2. Said to run window disk cleanup to remove any unnecessary hidden files and check to see what file types you want to get rid of. ????????  I don't understand this?

 

3. Said to reset browsers to default setting to get rid of unwanted changes caused by installing other programs .  Said it would not change or delete my saved passwords???

    

Now if I completely delete Malwarebytes and it does not eleviate the problem, I have a lifetime Pro license and can reinsall it...

 

What do you suggest that I do because this seems to me that it will not fix my problem but what do I know?

 

If you want me to do all this would you guide me?

 

Thanks

Tom


Edited by TGMcCallie, 14 May 2017 - 11:08 AM.

  • 0

Advertisements

#32
zep516
Posted 14 May 2017 - 03:46 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Hello,

We will not be doing any of that. I'd consider getting another Anti Virus ? It's clearly a Karspersky issue from what I see. You can actually uninstall Karspersky and Windows defender the Windows 10 built in Anti Virus will kick in.

So lets try that and see.
  • 0

#33
TGMcCallie
Posted 14 May 2017 - 08:53 PM

TGMcCallie

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

Kaspersky is furnished to me by my domain. I know it is a Kaspersky issue and they should solve it for me.  Do you think I should uninstall Malwarebytes as they suggested?  I can reinstall it with no problem.  Does having both of them cause problems?

I know that will not make any difference, or at least I think it will not.

 

Will the other things they asked me to do cause any problem?

 

I could follow their suggestion then demand that they fix the problem that Kaspersky is allowing to happen.  They have not even offered to remotely go into my system and try to fix.  You just don't know how demanding I can be on Kaspersky.

 

Waiting your reply before I do anything.


Edited by TGMcCallie, 14 May 2017 - 08:55 PM.

  • 0

#34
TGMcCallie
Posted 14 May 2017 - 09:00 PM

TGMcCallie

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

I will do as you suggested. 1. uninstall KAS, Windows Defender.  What about Malwarebytes.  Then that will just leave Windows 10 virus protection.  I will not do this until

you think about it and advise me for sure what to do.  I can always re-install all of these.  I had them all on my old computer for years and never caused this kind of issue.


  • 0

#35
zep516
Posted 14 May 2017 - 09:13 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Hello,

Keep Malwarebytes, keep Windows defender. Windows Denfender is the default Anti Virus for windows 10. Malwarebytes will run along fine with Windows defender. All you need to do is uninstall KAS.

Then let me know if the problem goes away on the search issue.
  • 0

#36
TGMcCallie
Posted 14 May 2017 - 09:22 PM

TGMcCallie

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

Will do

Will let you know if that corrected the issue.


  • 0

#37
zep516
Posted 14 May 2017 - 09:27 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Hello,

When you're done with uninstalling KAS I'm going to want to see a new set of log files from FRST.

To do that

Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Make sure you checkmark Addition.txt box.
  • Press Scan button.
  • Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.

  • 0

#38
TGMcCallie
Posted 14 May 2017 - 10:34 PM

TGMcCallie

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

I have uninstalled Kaspersky.    Checked Windows Defender to make sure all settings are good.   Scanned with Windows Defendeer with no threats.  Checked Windows

firewall for proper settings.  All these Windows programs are correctly configured.

 

Malwarebytes Pro with lifetime license remains on my computer.

 

After doing this, I have searched with ebay.com for approx 25 seperate searches and the problem has not happened a single time.

 

I will run FRST64 as requested and post it on my next post.

 

Looking extremely good at this point.

 

Thanks, for all your informational help you have given me.

 

Be back posting details shortly.

 

It definitely appears that it was a Kaspersky problem.  I might note also that I have been getting a data port display error everytime I started up and now I have restarted 2 times

and do not get that error.   Great

 

 

 

Tom


  • 0

#39
TGMcCallie
Posted 14 May 2017 - 10:43 PM

TGMcCallie

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

Here are my scans:

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-05-2017
Ran by Tom (administrator) on DESKTOP-Q1AN705 (15-05-2017 00:37:58)
Running from C:\Users\Tom\Desktop
Loaded Profiles: Tom (Available Profiles: defaultuser0 & Tom)
Platform: Windows 10 Home Version 1703 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki119560.inf_amd64_5a492b6b44b20fba\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Schneider Electric) C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki119560.inf_amd64_5a492b6b44b20fba\IntelCpHDCPSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Online Connect\iocHelperService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Ready Mode Technology\IRMTService.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(Intel® Corporation) C:\Program Files\Intel\Intel® Online Connect Access\LegacyCsLoaderService.exe
(Intel® Corporation) C:\Program Files\Intel\Intel® Online Connect Access\IntelTechnologyAccessService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Schneider Electric) C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki119560.inf_amd64_5a492b6b44b20fba\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.0_none_1a733a82001933cc\TiWorker.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki119560.inf_amd64_5a492b6b44b20fba\igfxEM.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\PlacesServer.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\PlacesServer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD15Agent.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
(Schneider Electric) C:\Program Files (x86)\APC\PowerChute Personal Edition\apcsystray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(DropboxOEM) C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9039880 2016-10-28] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [320584 2016-10-31] (Intel Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [567088 2016-10-14] ()
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [936368 2016-10-19] (Waves Audio Ltd.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8029576 2016-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [421768 2016-04-25] (Acronis International GmbH)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7382232 2016-10-14] ()
HKLM-x32\...\Run: [Display] => C:\Program Files (x86)\APC\PowerChute Personal Edition\DataCollectionLauncher.exe [284024 2012-01-24] (Schneider Electric)
HKLM-x32\...\Run: [PowerDVD15Agent] => C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD15Agent.exe [958504 2016-09-14] (CyberLink Corp.)
HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [RUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [115048 2011-09-20] (Renesas Electronics Corporation)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist Corporate\1165\G2AWinLogon_x64.dll (Citrix Systems, Inc.)
HKU\S-1-5-21-794965033-3937228011-3467878875-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9532120 2017-04-10] (Piriform Ltd)
HKU\S-1-5-21-794965033-3937228011-3467878875-1001\...\Run: [NETGEARGenie] => C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [611584 2016-03-09] (NETGEAR Inc.)
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILIE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILIE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-03-18] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-03-18] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-03-18] (Acronis)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\APC UPS Status.lnk [2017-04-16]
ShortcutTarget: APC UPS Status.lnk -> C:\Program Files (x86)\APC\PowerChute Personal Edition\Display.exe (Schneider Electric)
Startup: C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2017-04-21]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7328d964-b2ee-4657-a6b2-171879d6f9eb}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{810517e1-088c-49fc-becb-f260d5c5b8f1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8949fd6c-b07f-444a-ac82-4290aa263cd1}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-794965033-3937228011-3467878875-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.cbsnews.com/
HKU\S-1-5-21-794965033-3937228011-3467878875-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-794965033-3937228011-3467878875-1001 -> DefaultScope {D62C52C7-4408-4FF8-BF8B-440C6DF1968D} URL =
SearchScopes: HKU\S-1-5-21-794965033-3937228011-3467878875-1001 -> {D62C52C7-4408-4FF8-BF8B-440C6DF1968D} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-11] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-11] (Microsoft Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-05-11] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-05-11] (Microsoft Corporation)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Toolbar: HKU\S-1-5-21-794965033-3937228011-3467878875-1001 -> No Name - {093F479D-712E-46CD-9E06-62E734A05F68} -  No File
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2016-01-04] (Belarc, Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-11] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-11] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-11] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-11] (Microsoft Corporation)
Edge:
======
Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.9.0_neutral__d55gg7py3s0m0 [2017-04-14]
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2017-05-06] [not signed]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-04-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-04-26] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems Inc.)
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1244408 2016-10-14] ()
S2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2016-12-06] ()
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [4463592 2017-04-14] ()
R2 APC Data Service; C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe [21880 2012-01-24] (Schneider Electric)
R2 APC UPS Service; C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe [705912 2012-01-24] (Schneider Electric)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3801280 2017-05-04] (Microsoft Corporation)
R3 cphs; C:\WINDOWS\System32\DriverStore\FileRepository\ki119560.inf_amd64_5a492b6b44b20fba\IntelCpHeciSvc.exe [284144 2016-11-25] (Intel Corporation)
R2 cplspcon; C:\WINDOWS\System32\DriverStore\FileRepository\ki119560.inf_amd64_5a492b6b44b20fba\IntelCpHDCPSvc.exe [462832 2016-11-25] (Intel Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-13] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-13] (Dropbox, Inc.)
S2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2016-12-21] (Dell Inc.)
S2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [97616 2017-01-11] (Dell)
S2 Dell Help & Support; C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe [77648 2016-12-22] (Dell Inc.)
S2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [120872 2017-04-07] (Dell)
S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2017-04-11] (Dell Inc.)
S2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488 2017-04-11] (Dell Inc.)
S2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [230248 2016-09-22] (Dell Inc.)
R2 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [677376 2016-08-02] (SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
S3 GoToAssist; C:\Program Files (x86)\Citrix\GoToAssist Corporate\1165\G2AC_Service.exe [309720 2017-05-05] (Citrix Systems, Inc.)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2016-10-31] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\System32\DriverStore\FileRepository\ki119560.inf_amd64_5a492b6b44b20fba\igfxCUIService.exe [324592 2016-11-25] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel® Corporation)
S3 Intel® Online Connect; C:\Program Files\Intel\Intel® Online Connect\ioc.exe [25824 2016-10-04] (Intel Corporation)
R2 Intel® Online Connect Helper; C:\Program Files\Intel\Intel® Online Connect\iocHelperService.exe [22752 2016-10-04] (Intel Corporation)
S3 Intel® Online Connect Software Asset Manager; C:\Program Files (x86)\Intel\Intel® Online Connect Access\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-09-29] (Intel Corporation)
R2 Intel® TechnologyAccessLegacyCSLoader; C:\Program Files\Intel\Intel® Online Connect Access\LegacyCsLoaderService.exe [173288 2016-10-05] (Intel® Corporation)
R2 Intel® TechnologyAccessService; C:\Program Files\Intel\Intel® Online Connect Access\IntelTechnologyAccessService.exe [496872 2016-10-05] (Intel® Corporation)
R2 IRMTService; C:\Program Files\Intel\Intel® Ready Mode Technology\IRMTService.exe [182896 2016-10-13] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [177440 2016-10-20] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4884064 2015-08-11] (Acronis)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-08-04] ()
S3 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2016-03-09] (NETGEAR)
S2 Product Registration; C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [80208 2016-09-22] (Dell)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [321032 2016-10-28] (Realtek Semiconductor)
S2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [32728 2017-04-25] (Dell Inc.)
S2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [9698296 2016-04-16] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10888944 2017-04-25] (TeamViewer GmbH)
R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [410032 2016-10-19] (Waves Audio Ltd.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-08-04] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 A6100; C:\WINDOWS\System32\drivers\A6100.sys [5004560 2016-02-17] (Realtek Semiconductor Corporation                           )
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0311000.inf_amd64_7a628daad2b6c80c\atikmdag.sys [26574344 2017-02-08] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0311000.inf_amd64_7a628daad2b6c80c\atikmpag.sys [529304 2017-02-08] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110104 2016-09-28] (Advanced Micro Devices)
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [32960 2017-04-11] (Dell Inc.)
R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [32568 2017-04-11] (Dell Computer Corporation)
R3 ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [40872 2014-02-10] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40872 2014-02-10] (SlySoft, Inc.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-03-22] ()
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [366432 2017-04-14] (Acronis International GmbH)
S3 iaLPSS2_SPI; C:\WINDOWS\System32\drivers\iaLPSS2_SPI.sys [151352 2016-08-30] (Intel Corporation)
R3 iaLPSS2_UART2; C:\WINDOWS\System32\drivers\iaLPSS2_UART2.sys [282424 2016-08-30] (Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [249104 2016-10-06] (Intel Corporation)
R3 igfx; C:\WINDOWS\System32\DriverStore\FileRepository\ki119560.inf_amd64_5a492b6b44b20fba\igdkmd64.sys [11039704 2016-11-25] (Intel Corporation)
R3 IntelReadyModeDriver; C:\WINDOWS\System32\drivers\IntelReadyModeDriver.sys [34720 2016-10-13] (Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [186304 2017-05-11] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [111544 2017-05-15] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-05-15] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251832 2017-05-15] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92096 2017-05-15] (Malwarebytes)
R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrfl.sys [59792 2016-09-13] (Intel Corporation)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7308560 2016-09-13] (Intel Corporation)
R2 NPF; C:\Windows\system32\drivers\npf.sys [35344 2017-05-05] (CACE Technologies, Inc.)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1267552 2017-04-14] (Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [193376 2017-04-14] (Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [601432 2017-04-14] (Acronis International GmbH)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [279392 2017-04-14] (Acronis International GmbH)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-04-25] (Zemana Ltd.)
R2 {687703DE-DC6D-4649-892B-B8497854A6AB}; C:\Program Files (x86)\CyberLink\PowerDVD15\Common\NavFilter\000.fcl [29896 2016-09-14] (CyberLink Corp.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-15 00:37 - 2017-05-15 00:38 - 00023026 _____ C:\Users\Tom\Desktop\FRST.txt
2017-05-15 00:37 - 2017-05-15 00:37 - 00000000 ____D C:\Users\Tom\Desktop\FRST-OlderVersion
2017-05-13 22:39 - 2017-05-13 22:40 - 00000000 ____D C:\ProgramData\saag
2017-05-13 22:34 - 2017-05-13 22:34 - 00000000 ____D C:\ProgramData\s9to
2017-05-13 22:34 - 2017-05-13 22:34 - 00000000 ____D C:\ProgramData\s708
2017-05-13 22:31 - 2017-05-13 22:32 - 00000000 ____D C:\ProgramData\se5o
2017-05-13 22:26 - 2017-05-13 22:26 - 00000000 ____D C:\ProgramData\sbvk
2017-05-13 22:26 - 2017-05-13 22:26 - 00000000 ____D C:\ProgramData\s24g
2017-05-13 22:24 - 2017-05-13 22:24 - 00000000 ____D C:\ProgramData\sdfc
2017-05-13 22:24 - 2017-05-13 22:24 - 00000000 ____D C:\ProgramData\s6to
2017-05-13 22:24 - 2017-05-13 22:24 - 00000000 ____D C:\ProgramData\s1r8
2017-05-13 01:31 - 2017-05-13 01:31 - 00000000 ____D C:\Users\Tom\AppData\Roaming\17524
2017-05-12 23:18 - 2017-05-12 23:18 - 00000462 _____ C:\Users\Tom\Fixlist.txt
2017-05-12 23:10 - 2017-05-12 23:10 - 04102600 _____ C:\Users\Tom\Desktop\adwcleaner_6.046.exe
2017-05-11 19:07 - 2017-05-11 19:07 - 00000000 ____D C:\Users\Tom\Documents\DeWaynes Poperty Lines
2017-05-11 02:41 - 2017-05-11 02:41 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-11 02:41 - 2017-05-11 02:41 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-11 02:41 - 2017-05-11 02:41 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-11 02:41 - 2017-05-11 02:41 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-11 02:41 - 2017-05-11 02:41 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-11 02:41 - 2017-05-11 02:41 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-11 02:41 - 2017-05-11 02:41 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00980992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-05-11 02:41 - 2017-05-11 02:41 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-11 02:41 - 2017-05-11 02:41 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-05-11 02:41 - 2017-05-11 02:41 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-11 02:41 - 2017-05-11 02:41 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-05-11 02:41 - 2017-05-11 02:41 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-11 02:41 - 2017-05-11 02:41 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-11 02:41 - 2017-05-11 02:41 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-05-11 02:41 - 2017-05-11 02:41 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-05-11 02:41 - 2017-05-11 02:41 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-05-11 02:41 - 2017-05-11 02:41 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-11 02:41 - 2017-05-11 02:41 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-11 02:41 - 2017-05-11 02:41 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-05-11 02:41 - 2017-05-11 02:41 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-05-11 02:41 - 2017-05-11 02:41 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-11 02:41 - 2017-05-11 02:41 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-11 02:41 - 2017-05-11 02:41 - 00000000 ____D C:\Windows.old
2017-05-11 02:39 - 2017-05-11 02:39 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-05-11 02:39 - 2017-05-10 22:44 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-05-11 02:38 - 2017-05-11 02:38 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-05-11 02:38 - 2017-05-11 02:38 - 00000000 ____D C:\Program Files\MSBuild
2017-05-11 02:38 - 2017-05-11 02:38 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-05-11 02:38 - 2017-05-11 02:38 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-05-11 02:38 - 2017-02-10 15:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-05-11 02:38 - 2017-02-10 15:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-05-11 02:38 - 2017-02-10 15:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-05-11 02:38 - 2017-02-10 15:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-05-11 02:38 - 2017-02-10 15:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-05-11 02:38 - 2017-02-10 15:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-05-10 23:01 - 2017-05-10 23:01 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-05-10 23:00 - 2017-05-10 23:00 - 00000000 ____D C:\Users\Tom\AppData\Local\DBG
2017-05-10 23:00 - 2017-05-10 23:00 - 00000000 ____D C:\ProgramData\USOShared
2017-05-10 23:00 - 2017-05-10 23:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2017-05-10 23:00 - 2017-05-10 23:00 - 00000000 ____D C:\Program Files\ATI Technologies
2017-05-10 22:59 - 2017-05-10 22:59 - 00000020 ___SH C:\Users\Tom\ntuser.ini
2017-05-10 22:56 - 2017-05-10 22:56 - 00000000 _SHDL C:\Users\Default\My Documents
2017-05-10 22:54 - 2017-05-14 23:32 - 01104978 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-10 22:54 - 2017-05-10 22:54 - 00011433 _____ C:\WINDOWS\diagwrn.xml
2017-05-10 22:54 - 2017-05-10 22:54 - 00011433 _____ C:\WINDOWS\diagerr.xml
2017-05-10 22:52 - 2017-05-15 00:36 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-10 22:52 - 2017-05-10 23:01 - 00003286 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-05-10 22:52 - 2017-05-10 22:52 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-05-10 22:52 - 2017-05-10 22:52 - 00003508 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2017-05-10 22:52 - 2017-05-10 22:52 - 00003502 _____ C:\WINDOWS\System32\Tasks\EPSON XP-950 Series Update {E06463BA-A713-427D-BBE1-30D3247CD569}
2017-05-10 22:52 - 2017-05-10 22:52 - 00003502 _____ C:\WINDOWS\System32\Tasks\EPSON XP-950 Series Update {C3B7300D-3228-44E6-8A12-FB2D532D4FEB}
2017-05-10 22:52 - 2017-05-10 22:52 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-05-10 22:52 - 2017-05-10 22:52 - 00003324 _____ C:\WINDOWS\System32\Tasks\EPSON XP-950 Series Invitation {E06463BA-A713-427D-BBE1-30D3247CD569}
2017-05-10 22:52 - 2017-05-10 22:52 - 00003324 _____ C:\WINDOWS\System32\Tasks\EPSON XP-950 Series Invitation {C3B7300D-3228-44E6-8A12-FB2D532D4FEB}
2017-05-10 22:52 - 2017-05-10 22:52 - 00003284 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2017-05-10 22:52 - 2017-05-10 22:52 - 00003280 _____ C:\WINDOWS\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2017-05-10 22:52 - 2017-05-10 22:52 - 00003118 _____ C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification
2017-05-10 22:52 - 2017-05-10 22:52 - 00003096 _____ C:\WINDOWS\System32\Tasks\PCDDataUploadTask
2017-05-10 22:52 - 2017-05-10 22:52 - 00003074 _____ C:\WINDOWS\System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7
2017-05-10 22:52 - 2017-05-10 22:52 - 00003042 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2017-05-10 22:52 - 2017-05-10 22:52 - 00002982 _____ C:\WINDOWS\System32\Tasks\SystemToolsDailyTest
2017-05-10 22:52 - 2017-05-10 22:52 - 00002708 _____ C:\WINDOWS\System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon
2017-05-10 22:52 - 2017-05-10 22:52 - 00002318 _____ C:\WINDOWS\System32\Tasks\DropboxOEM
2017-05-10 22:52 - 2017-05-10 22:52 - 00002304 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_PushButton
2017-05-10 22:52 - 2017-05-10 22:52 - 00002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-05-10 22:52 - 2017-05-10 22:52 - 00002120 _____ C:\WINDOWS\System32\Tasks\Dell Cleanup
2017-05-10 22:51 - 2017-05-10 22:51 - 00000951 _____ C:\WINDOWS\Tasks\EPSON XP-950 Series Update {7D65C34F-A410-4193-8182-BC7218E50F2A}.job
2017-05-10 22:51 - 2017-05-10 22:51 - 00000765 _____ C:\WINDOWS\Tasks\EPSON XP-950 Series Invitation {7D65C34F-A410-4193-8182-BC7218E50F2A}.job
2017-05-10 22:49 - 2017-05-10 22:49 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-05-10 22:48 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-05-10 22:47 - 2017-05-12 23:25 - 00000000 ____D C:\Users\Tom
2017-05-10 22:47 - 2017-05-10 22:52 - 00000000 ____D C:\Users\defaultuser0
2017-05-10 22:47 - 2017-05-10 22:48 - 00000000 ____D C:\ProgramData\EPSON
2017-05-10 22:47 - 2017-05-10 22:47 - 00000951 _____ C:\WINDOWS\Tasks\EPSON XP-950 Series Update {9A7D9758-5208-4C2F-8116-77535233C04F}.job
2017-05-10 22:47 - 2017-05-10 22:47 - 00000765 _____ C:\WINDOWS\Tasks\EPSON XP-950 Series Invitation {9A7D9758-5208-4C2F-8116-77535233C04F}.job
2017-05-10 22:47 - 2017-05-10 22:47 - 00000000 _SHDL C:\Users\Tom\My Documents
2017-05-10 22:47 - 2017-05-10 22:47 - 00000000 _SHDL C:\Users\Tom\Documents\My Videos
2017-05-10 22:47 - 2017-05-10 22:47 - 00000000 _SHDL C:\Users\Tom\Documents\My Pictures
2017-05-10 22:47 - 2017-05-10 22:47 - 00000000 _SHDL C:\Users\Tom\Documents\My Music
2017-05-10 22:47 - 2017-05-10 22:47 - 00000000 _SHDL C:\Users\defaultuser0\My Documents
2017-05-10 22:47 - 2017-05-10 22:47 - 00000000 _SHDL C:\Users\defaultuser0\Documents\My Videos
2017-05-10 22:47 - 2017-05-10 22:47 - 00000000 _SHDL C:\Users\defaultuser0\Documents\My Pictures
2017-05-10 22:47 - 2017-05-10 22:47 - 00000000 _SHDL C:\Users\defaultuser0\Documents\My Music
2017-05-10 22:47 - 2017-05-10 22:47 - 00000000 ____D C:\Program Files\Common Files\EPSON
2017-05-10 22:46 - 2017-05-15 00:36 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-05-10 22:46 - 2017-05-10 23:00 - 00000000 ____D C:\Program Files\AMD
2017-05-10 22:46 - 2017-05-10 22:48 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-05-10 22:46 - 2017-05-10 22:48 - 00000000 ____D C:\ProgramData\Package Cache
2017-05-10 22:46 - 2017-05-10 22:48 - 00000000 ____D C:\Program Files\Intel
2017-05-10 22:46 - 2017-05-10 22:46 - 00000000 ____D C:\Program Files\Realtek
2017-05-10 22:46 - 2017-05-10 22:46 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2017-05-10 22:46 - 2017-05-10 22:46 - 00000000 ____D C:\Program Files (x86)\AMD
2017-05-10 22:46 - 2017-05-10 22:46 - 00000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2017-05-10 22:46 - 2017-03-18 16:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-05-10 22:44 - 2017-05-15 00:36 - 05005848 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-10 22:44 - 2017-05-14 22:47 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-10 22:44 - 2017-05-10 22:44 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2017-05-10 22:44 - 2017-05-10 22:44 - 00000000 ____D C:\WINDOWS\Firmware
2017-05-10 21:14 - 2017-05-12 03:10 - 00000000 ___DC C:\WINDOWS\Panther
2017-05-10 13:55 - 2017-05-10 13:55 - 00000960 _____ C:\Users\Tom\Desktop\My DVD Covers - Shortcut.lnk
2017-05-10 00:02 - 2017-05-10 00:02 - 00001254 _____ C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update and Privacy Settings.lnk
2017-05-10 00:02 - 2017-05-10 00:02 - 00000000 ____D C:\Users\Tom\AppData\Local\UNP
2017-05-09 23:38 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-05-09 23:38 - 2017-05-09 23:39 - 00000000 ____D C:\Program Files\UNP
2017-05-09 23:35 - 2017-03-04 02:26 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-05-09 16:42 - 2017-05-09 16:42 - 00027879 _____ C:\Users\Tom\Documents\ViewerX.alb
2017-05-06 22:39 - 2017-05-06 22:39 - 14725904 _____ (TeamViewer GmbH) C:\Users\Tom\Downloads\TeamViewer_Setup.exe
2017-05-06 22:39 - 2017-05-06 22:39 - 00001114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-05-06 21:55 - 2017-05-06 21:56 - 03590144 _____ C:\Users\Tom\Downloads\EpsonConnect140.exe
2017-05-06 18:46 - 2017-05-06 18:46 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Easeware
2017-05-06 18:45 - 2017-05-06 18:46 - 02211944 _____ (Easeware ) C:\Users\Tom\Downloads\DriverNavigator_Setup.exe
2017-05-06 18:06 - 2017-05-06 18:06 - 00000000 _____ C:\Users\Tom\Downloads\Setup_DriverDoc_2016.exe
2017-05-05 21:54 - 2017-05-06 10:05 - 00000000 ____D C:\Users\Tom\AppData\Local\NETGEARGenie
2017-05-05 21:54 - 2017-05-05 21:54 - 00369168 _____ (CACE Technologies, Inc.) C:\WINDOWS\system32\wpcap.dll
2017-05-05 21:54 - 2017-05-05 21:54 - 00281104 _____ (CACE Technologies, Inc.) C:\WINDOWS\SysWOW64\wpcap.dll
2017-05-05 21:54 - 2017-05-05 21:54 - 00106000 _____ (CACE Technologies, Inc.) C:\WINDOWS\system32\packet.dll
2017-05-05 21:54 - 2017-05-05 21:54 - 00096784 _____ (CACE Technologies, Inc.) C:\WINDOWS\SysWOW64\packet.dll
2017-05-05 21:54 - 2017-05-05 21:54 - 00035344 _____ (CACE Technologies, Inc.) C:\WINDOWS\system32\Drivers\npf.sys
2017-05-05 21:54 - 2017-05-05 21:54 - 00002137 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR Genie.lnk
2017-05-05 21:54 - 2017-05-05 21:54 - 00002125 _____ C:\Users\Public\Desktop\NETGEAR Genie.lnk
2017-05-05 21:53 - 2017-05-05 21:54 - 00000000 ____D C:\Program Files (x86)\NETGEAR Genie
2017-05-05 20:30 - 2017-05-05 21:47 - 00000951 _____ C:\WINDOWS\Tasks\EPSON XP-950 Series Update {E06463BA-A713-427D-BBE1-30D3247CD569}.job
2017-05-05 20:30 - 2017-05-05 21:47 - 00000765 _____ C:\WINDOWS\Tasks\EPSON XP-950 Series Invitation {E06463BA-A713-427D-BBE1-30D3247CD569}.job
2017-05-05 20:13 - 2017-05-05 20:13 - 00000000 ____D C:\ProgramData\NETGEAR
2017-05-05 20:12 - 2017-05-05 20:12 - 00000000 ____D C:\WINDOWS\Downloaded Installations
2017-05-05 20:08 - 2017-05-05 20:08 - 00000000 ____D C:\Users\Tom\Downloads\NETGEAR
2017-05-05 19:10 - 2017-05-12 12:48 - 00000000 ____D C:\ProgramData\AMD
2017-05-05 18:19 - 2017-05-05 18:19 - 00000000 ____D C:\ProgramData\Citrix
2017-05-05 18:18 - 2017-05-05 18:18 - 00000000 ____D C:\Users\Tom\AppData\Local\Citrix
2017-05-05 18:18 - 2017-05-05 18:18 - 00000000 ____D C:\Program Files (x86)\Citrix
2017-05-05 15:10 - 2017-05-10 22:46 - 00000000 ____D C:\AMD
2017-05-05 02:18 - 2017-05-05 02:18 - 00000000 ____D C:\Users\Tom\AppData\Local\Elaborate Bytes
2017-05-04 20:27 - 2017-05-10 22:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Profiler
2017-05-04 20:27 - 2017-05-04 20:27 - 00001180 _____ C:\Users\Tom\Desktop\DVD Profiler.lnk
2017-05-04 20:27 - 2017-05-04 20:27 - 00000000 ____D C:\Program Files (x86)\DVD Profiler
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\2C0A
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\0C0A
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\0C04
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\0816
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\0804
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\0424
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\041F
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\041E
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\041D
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\041B
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\0419
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\0416
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\0415
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\0414
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\0413
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\0412
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\0411
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\0410
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\040E
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\040D
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\040C
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\040B
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\040A
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\0408
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\0407
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\0406
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\0405
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\0404
2017-05-04 17:24 - 2017-05-10 22:50 - 00000000 ____D C:\WINDOWS\system32\0401
2017-05-04 17:24 - 2017-05-04 17:24 - 00000000 ____D C:\ProgramData\Downloaded Installations
2017-05-04 17:24 - 2017-05-04 17:24 - 00000000 ____D C:\Program Files (x86)\Renesas Electronics
2017-05-03 22:32 - 2017-05-10 22:48 - 00000000 ____D C:\WINDOWS\ShellNew
2017-05-03 18:03 - 2015-05-22 22:13 - 00036864 _____ C:\Users\Tom\Documents\DVDFAB BR Lifetime Key DFab BR copy.msg
2017-05-03 18:02 - 2017-03-29 17:04 - 503053408 _____ C:\Users\Tom\Documents\AcronisTrueImage2016_6581.exe
2017-05-03 18:02 - 2015-05-31 00:45 - 00026624 _____ C:\Users\Tom\Documents\AnyDVD-SlySoft - License Key(s) (Ref# 6117181).msg
2017-05-03 18:02 - 2010-12-16 13:11 - 00000281 _____ C:\Users\Tom\Documents\AnyDVD_Key_6117181.AnyDVD
2017-05-03 17:55 - 2016-02-17 20:21 - 00000417 _____ C:\Users\Tom\Documents\CloneCD_Key_13879133.CloneCD
2017-05-03 17:55 - 2013-08-04 10:24 - 00000542 _____ C:\Users\Tom\Documents\Kevin's Emergency Contact Information.txt
2017-05-03 17:54 - 2015-09-17 16:16 - 08012167 _____ C:\Users\Tom\Documents\Samsung 75 UHD TV E-Manual.pdf
2017-05-03 17:54 - 2015-07-04 19:28 - 00063488 _____ C:\Users\Tom\Documents\Q-See Remote Set Up  desktop & Cell and IPad.msg
2017-05-03 17:54 - 2015-07-02 14:03 - 00001411 _____ C:\Users\Tom\Documents\Q-See Mobile Setup.txt
2017-05-03 17:54 - 2013-11-09 16:12 - 11447609 _____ C:\Users\Tom\Documents\ON-Star Manual Gen. 9.pdf
2017-05-03 17:53 - 2015-06-08 23:27 - 00616830 _____ C:\Users\Tom\Documents\Total Training CS5 by Andy Anderson.ec4
2017-05-03 11:25 - 2017-05-03 11:25 - 00000000 __HDC C:\ProgramData\{6E35203C-6E98-4378-8362-112CFE55C2C1}
2017-05-03 11:24 - 2017-05-03 11:24 - 00000000 ____D C:\ProgramData\SupportAssistAgent
2017-05-02 22:39 - 2017-05-12 23:25 - 00000000 ____D C:\Users\Tom\AppData\LocalLow\Temp
2017-05-02 22:16 - 2017-05-02 22:20 - 00000951 _____ C:\WINDOWS\Tasks\EPSON XP-950 Series Update {C3B7300D-3228-44E6-8A12-FB2D532D4FEB}.job
2017-05-02 22:16 - 2017-05-02 22:20 - 00000765 _____ C:\WINDOWS\Tasks\EPSON XP-950 Series Invitation {C3B7300D-3228-44E6-8A12-FB2D532D4FEB}.job
2017-05-02 22:14 - 2017-05-02 22:14 - 00000164 _____ C:\Users\Public\Desktop\EPSON XP-950 User’s Guide.url
2017-05-02 22:13 - 2017-05-03 22:32 - 00000870 _____ C:\Users\Public\Desktop\Print CD.lnk
2017-05-02 22:12 - 2017-05-02 22:12 - 00000000 ____D C:\Program Files\EPSON
2017-05-02 22:11 - 2017-05-10 22:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2017-05-02 22:11 - 2017-05-06 21:57 - 00000000 ____D C:\Program Files (x86)\EPSON Software
2017-05-02 22:11 - 2017-05-02 22:11 - 00000000 ____D C:\Program Files\EpsonNet
2017-05-02 22:11 - 2012-11-12 20:41 - 00535552 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppui.dll
2017-05-02 22:11 - 2012-11-12 20:41 - 00535552 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppui.dll
2017-05-02 22:11 - 2012-11-12 15:15 - 00558592 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppmon.dll
2017-05-02 22:11 - 2012-11-12 15:15 - 00558592 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppmon.dll
2017-05-02 22:11 - 2012-10-22 17:19 - 00219648 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enspres.dll
2017-05-02 22:11 - 2012-10-22 17:19 - 00219648 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enpres.dll
2017-05-02 22:10 - 2017-05-10 22:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2017-05-02 22:10 - 2017-05-02 22:10 - 00001005 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2017-05-02 22:10 - 2013-10-22 04:04 - 00179712 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ILMBLIE.DLL
2017-05-02 22:10 - 2012-07-24 00:00 - 00466432 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\esxw2ud.dll
2017-05-02 22:10 - 2012-05-17 00:00 - 00144560 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\escsvc64.exe
2017-05-02 22:10 - 2011-03-15 03:03 - 00083968 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ID4BLIE.DLL
2017-05-02 22:10 - 2007-04-10 01:06 - 00010752 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\E_GCINST.DLL
2017-05-02 22:09 - 2017-05-02 22:09 - 00000036 _____ C:\WINDOWS\XP-950.ini
2017-05-01 02:33 - 2017-05-15 00:37 - 02429952 _____ (Farbar) C:\Users\Tom\Desktop\FRST64.exe
2017-04-30 22:10 - 2017-04-30 22:11 - 00000000 ____D C:\Users\Tom\Documents\Dell Recovery Image Files
2017-04-29 18:55 - 2017-04-29 23:04 - 157560416 _____ (Kaspersky Lab) C:\Users\Tom\Downloads\KIS18.0.0.405en-US_full.exe
2017-04-29 16:37 - 2017-04-29 16:37 - 00001115 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves MaxxAudioPro.lnk
2017-04-29 16:37 - 2017-04-29 16:37 - 00000000 ____D C:\Program Files\Waves
2017-04-29 03:02 - 2017-05-10 23:52 - 00000000 ____D C:\Users\Tom\Documents\DVDFabCommon
2017-04-29 02:43 - 2017-04-29 02:43 - 00000000 ____D C:\Users\Tom\AppData\Roaming\13681
2017-04-28 18:20 - 2017-04-28 18:21 - 00001225 _____ C:\Users\Tom\Desktop\XPS 8920 Service Manual - Shortcut.lnk
2017-04-27 12:59 - 2017-05-15 00:38 - 00029741 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2017-04-27 12:59 - 2017-04-27 13:31 - 00170759 _____ C:\WINDOWS\ZAM.krnl.trace
2017-04-26 20:44 - 2017-05-15 00:37 - 00000000 ____D C:\FRST
2017-04-26 18:59 - 2017-04-26 19:09 - 01489894 _____ C:\TDSSKiller.3.1.0.15_26.04.2017_18.59.26_log.txt
2017-04-25 13:22 - 2017-04-25 13:31 - 00000178 _____ C:\Users\Tom\Desktop\NetFlix.url
2017-04-25 00:06 - 2017-04-27 13:32 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2017-04-25 00:06 - 2017-04-25 00:06 - 00203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2017-04-25 00:05 - 2017-04-25 00:05 - 00000000 ____D C:\Users\Tom\AppData\Local\Zemana
2017-04-24 23:54 - 2017-05-14 13:15 - 00000000 ____D C:\AdwCleaner
2017-04-24 16:40 - 2017-04-24 16:40 - 00000087 _____ C:\Users\Tom\AppData\Roaming\1de0de73-de3e-46c6-81b0-f6455f081644
2017-04-24 16:37 - 2017-04-24 16:37 - 00000000 ____D C:\Users\Tom\AppData\Roaming\11515
2017-04-22 19:59 - 2017-04-22 19:59 - 00000000 ____D C:\ProgramData\PC-Doctor, Inc
2017-04-22 19:20 - 2017-04-22 19:20 - 00000000 ____D C:\Users\Tom\Documents\Reg Back Up 4-21-17
2017-04-21 19:30 - 2017-04-21 19:30 - 00000017 _____ C:\Users\Tom\AppData\Local\resmon.resmoncfg
2017-04-21 00:29 - 2017-04-21 00:29 - 00000000 ____D C:\Users\Tom\Documents\OneNote Notebooks
2017-04-21 00:27 - 2017-04-21 00:27 - 00002445 _____ C:\Users\Tom\Desktop\Publisher 2016.lnk
2017-04-21 00:22 - 2017-04-21 00:22 - 00002494 _____ C:\Users\Tom\Desktop\PowerPoint 2016.lnk
2017-04-21 00:22 - 2017-04-21 00:22 - 00002457 _____ C:\Users\Tom\Desktop\Excel 2016.lnk
2017-04-21 00:22 - 2017-04-21 00:22 - 00002437 _____ C:\Users\Tom\Desktop\OneNote 2016.lnk
2017-04-21 00:21 - 2017-04-21 00:21 - 00002495 _____ C:\Users\Tom\Desktop\Word 2016.lnk
2017-04-21 00:21 - 2017-04-21 00:21 - 00002451 _____ C:\Users\Tom\Desktop\Outlook 2016.lnk
2017-04-21 00:13 - 2017-04-21 00:13 - 00000000 ____D C:\Users\Tom\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2017-04-20 21:58 - 2017-04-20 22:06 - 00000244 _____ C:\Users\Tom\Desktop\Samsung Monitor Manual.url
2017-04-18 22:02 - 2017-04-22 22:18 - 00000000 ____D C:\Users\Tom\AppData\LocalLow\Adobe
2017-04-18 13:07 - 2017-05-10 22:48 - 00000000 ____D C:\WINDOWS\system32\1b8474904af9acf547e803cad7de00a9128c28081695a..bin
2017-04-16 21:55 - 2017-04-22 00:21 - 00000184 _____ C:\Users\Tom\Desktop\Customaniacs.org.url
2017-04-16 21:53 - 2017-04-22 00:19 - 00000183 _____ C:\Users\Tom\Desktop\HiresCovers.net.url
2017-04-16 21:52 - 2017-04-22 00:18 - 00000182 _____ C:\Users\Tom\Desktop\FreeCovers.net.url
2017-04-16 21:44 - 2017-05-13 01:31 - 00000000 ____D C:\Users\Tom\AppData\Roaming\DVDFab10
2017-04-16 21:44 - 2017-05-10 22:50 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDFab 10
2017-04-16 21:44 - 2017-05-10 22:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 10
2017-04-16 21:44 - 2017-04-29 02:44 - 00002035 _____ C:\Users\Tom\Desktop\DVDFab Mini.lnk
2017-04-16 21:44 - 2017-04-29 02:44 - 00001993 _____ C:\Users\Tom\Desktop\DVDFab 10.lnk
2017-04-16 21:44 - 2017-04-29 02:44 - 00000000 ____D C:\Program Files (x86)\DVDFab 10
2017-04-16 21:43 - 2017-04-16 21:44 - 00000000 ____D C:\Users\Tom\Documents\DVDFab10
2017-04-16 19:37 - 2017-05-14 23:25 - 00050987 _____ C:\WINDOWS\SysWOW64\PCPELog.txt
2017-04-16 19:36 - 2017-05-10 22:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlySoft
2017-04-16 19:36 - 2017-04-16 19:36 - 00001188 _____ C:\Users\Public\Desktop\CloneCD.lnk
2017-04-16 19:36 - 2017-04-16 19:36 - 00000000 ____D C:\ProgramData\SlySoft
2017-04-16 19:36 - 2017-04-16 19:36 - 00000000 ____D C:\Program Files (x86)\SlySoft
2017-04-16 19:34 - 2017-04-16 19:34 - 00000000 ____D C:\Users\Tom\Documents\UnderCover10
2017-04-16 19:33 - 2017-05-10 22:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnderCover10
2017-04-16 19:33 - 2017-04-16 19:33 - 00001126 _____ C:\Users\Tom\Desktop\UnderCover10.lnk
2017-04-16 19:33 - 2017-04-16 19:33 - 00000000 ____D C:\Program Files (x86)\UnderCover10
2017-04-16 19:28 - 2017-05-13 01:31 - 00000000 ____D C:\Users\Tom\AppData\Local\DVD Profiler
2017-04-16 19:28 - 2017-04-16 19:28 - 00000000 ____D C:\Users\Tom\Documents\DVD Profiler
2017-04-16 19:15 - 2017-04-16 19:15 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Elaborate Bytes
2017-04-16 19:14 - 2017-04-16 19:14 - 00001246 _____ C:\Users\Public\Desktop\CloneBD.lnk
2017-04-16 19:14 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2017-04-16 19:14 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2017-04-16 19:13 - 2017-05-10 22:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2017-04-16 19:13 - 2017-04-16 19:13 - 00000000 ____D C:\ProgramData\Elaborate Bytes
2017-04-16 19:13 - 2017-04-16 19:13 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2017-04-16 13:24 - 2017-04-16 13:25 - 00000000 ____D C:\ProgramData\install_backup
2017-04-16 13:23 - 2017-04-16 13:24 - 171890104 _____ C:\Users\Tom\Documents\PowerDVD_15.0.3305.58_test_Patch_DVD160726-05.exe
2017-04-16 13:22 - 2017-04-16 13:23 - 01089304 _____ (CyberLink) C:\Users\Tom\Documents\CyberLink_PowerDVD_Downloader.exe
2017-04-16 13:03 - 2017-04-16 13:03 - 00002371 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 15.lnk
2017-04-16 13:03 - 2017-04-16 13:03 - 00002359 _____ C:\Users\Public\Desktop\CyberLink PowerDVD 15.lnk
2017-04-16 13:03 - 2017-04-16 13:03 - 00000000 ____D C:\ProgramData\PDVD
2017-04-16 10:46 - 2017-04-16 10:47 - 00002009 _____ C:\Users\Tom\Desktop\This PC.lnk
2017-04-16 10:15 - 2017-04-16 10:15 - 14770199 _____ C:\Users\Tom\Documents\XPS 8920 Service Manual.pdf
2017-04-16 01:49 - 2017-04-16 01:49 - 00000000 ____D C:\Users\Tom\Documents\Custom Office Templates
2017-04-16 00:14 - 2017-05-10 22:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\APC
2017-04-16 00:14 - 2017-04-16 00:14 - 13338112 _____ C:\Users\Tom\PCPE_3.0.1.msi
2017-04-16 00:14 - 2017-04-16 00:14 - 00000550 _____ C:\Users\Tom\Microsoft.VC80.MFC.manifest
2017-04-16 00:14 - 2017-04-16 00:14 - 00000522 _____ C:\Users\Tom\Microsoft.VC80.CRT.manifest
2017-04-16 00:14 - 2017-04-16 00:14 - 00000022 _____ C:\Users\Tom\dotnetfolder.txt
2017-04-16 00:14 - 2017-04-16 00:14 - 00000000 ____D C:\Program Files (x86)\APC
2017-04-16 00:14 - 2017-04-16 00:14 - 00000000 ____D C:\APCPowerChuteConfig
2017-04-16 00:13 - 2017-04-16 00:14 - 15922552 _____ (Schneider Electric) C:\Users\Tom\Downloads\PCPEInstaller.exe
2017-04-15 19:30 - 2017-05-12 22:32 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-04-15 19:30 - 2017-04-15 20:26 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2017-04-15 19:30 - 2017-04-15 19:30 - 00002098 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2017-04-15 18:32 - 2017-04-15 18:32 - 00000000 ____D C:\Program Files (x86)\MonitorDriver
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-15 00:36 - 2017-04-14 03:55 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-15 00:36 - 2017-04-14 03:55 - 00111544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-05-15 00:36 - 2017-04-14 03:55 - 00092096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-05-15 00:36 - 2017-04-14 03:55 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-05-15 00:36 - 2017-04-13 21:18 - 00000000 __SHD C:\Users\Tom\IntelGraphicsProfiles
2017-05-15 00:36 - 2017-03-18 07:40 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-05-14 23:34 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-05-14 23:34 - 2017-03-18 17:01 - 00000000 ____D C:\WINDOWS\INF
2017-05-14 23:31 - 2017-03-18 07:40 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-05-14 23:24 - 2017-04-14 02:19 - 00000000 ____D C:\Program Files\Common Files\AV
2017-05-14 23:15 - 2017-03-03 15:25 - 00000000 ____D C:\ProgramData\McAfee
2017-05-14 15:44 - 2017-04-13 21:18 - 00000000 ____D C:\Users\Tom\AppData\Local\Packages
2017-05-14 02:35 - 2017-04-13 22:45 - 00000000 ____D C:\Users\Tom\AppData\Local\ElevatedDiagnostics
2017-05-13 19:46 - 2017-03-18 17:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-13 19:46 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-12 22:33 - 2017-04-14 19:14 - 00000000 ____D C:\ProgramData\Adobe
2017-05-12 22:33 - 2017-04-13 21:18 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Adobe
2017-05-12 03:10 - 2017-04-14 21:26 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-05-11 19:19 - 2017-03-18 17:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-11 19:18 - 2017-03-03 15:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-05-11 18:32 - 2017-04-14 03:55 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-05-11 03:09 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-05-11 02:43 - 2017-03-18 17:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-05-11 02:41 - 2017-03-18 17:06 - 00000000 ____D C:\WINDOWS\Setup
2017-05-11 02:41 - 2017-03-18 17:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-11 02:41 - 2017-03-18 17:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-11 02:41 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-11 02:41 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-05-11 02:41 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-11 02:41 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-11 02:41 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-11 02:41 - 2017-03-18 17:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-11 02:41 - 2017-03-18 17:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-11 02:41 - 2017-03-18 07:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-11 01:50 - 2017-03-18 16:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-10 23:48 - 2017-04-13 21:20 - 00000000 ___RD C:\Users\Tom\OneDrive
2017-05-10 23:09 - 2017-04-14 02:34 - 00002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2017-05-10 23:01 - 2017-04-13 21:20 - 00002359 _____ C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-05-10 23:00 - 2017-04-13 21:18 - 00000000 ____D C:\Users\Tom\AppData\Local\ConnectedDevicesPlatform
2017-05-10 23:00 - 2017-03-18 17:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-05-10 22:59 - 2017-03-18 17:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-10 22:59 - 2017-03-03 15:45 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-10 22:56 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-10 22:55 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-05-10 22:53 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\Registration
2017-05-10 22:53 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-05-10 22:52 - 2017-03-18 22:31 - 00000000 ____D C:\WINDOWS\HoloShell
2017-05-10 22:52 - 2017-03-18 17:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-05-10 22:50 - 2017-04-14 23:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-05-10 22:50 - 2017-04-14 18:11 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-10 22:50 - 2017-04-14 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-10 22:50 - 2017-04-14 03:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-10 22:50 - 2017-04-14 02:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2017-05-10 22:50 - 2017-04-13 22:38 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2017-05-10 22:50 - 2017-03-18 22:29 - 00000000 ____D C:\WINDOWS\system32\0409
2017-05-10 22:50 - 2017-03-03 15:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
2017-05-10 22:50 - 2017-03-03 15:16 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2017-05-10 22:50 - 2017-03-03 15:16 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-05-10 22:50 - 2017-03-03 15:16 - 00000000 ____D C:\WINDOWS\system32\RTCOM
2017-05-10 22:50 - 2017-03-03 15:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2017-05-10 22:48 - 2017-04-14 22:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2017-05-10 22:48 - 2017-04-13 22:02 - 00000000 ____D C:\WINDOWS\system32\4118affdd580c08855e819fd124442b3d24fb1fd1c622..bin
2017-05-10 22:48 - 2017-04-13 21:57 - 00000000 ____D C:\WINDOWS\SysWOW64\Dell
2017-05-10 22:48 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-05-10 22:48 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-05-10 22:48 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-05-10 22:48 - 2017-03-18 17:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-05-10 22:48 - 2017-03-03 15:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue
2017-05-10 22:48 - 2017-03-03 15:19 - 00000000 ____D C:\WINDOWS\system32\m32
2017-05-10 22:48 - 2017-03-03 15:17 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles
2017-05-10 22:48 - 2017-03-03 15:15 - 00000000 ____D C:\WINDOWS\SysWOW64\oem
2017-05-10 22:47 - 2017-04-13 21:12 - 00000000 ____D C:\Users\defaultuser0\AppData\Local\Packages
2017-05-10 22:47 - 2017-03-18 07:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-05-10 22:30 - 2017-03-18 23:20 - 00000000 ___HD C:\$WINDOWS.~BT
2017-05-09 23:38 - 2017-04-13 23:37 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-09 23:37 - 2017-04-13 23:37 - 156335152 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-09 16:39 - 2017-04-14 01:56 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Epson
2017-05-06 22:04 - 2017-03-03 15:16 - 02290452 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-05-05 18:31 - 2017-03-03 15:24 - 00000000 ____D C:\ProgramData\Dell
2017-05-04 20:51 - 2017-04-13 21:18 - 00000000 ____D C:\Users\Tom\AppData\Local\VirtualStore
2017-05-04 17:24 - 2017-03-03 15:16 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-05-03 22:31 - 2017-04-14 01:54 - 00000000 ____D C:\Program Files (x86)\epson
2017-04-29 23:07 - 2017-04-14 02:17 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2017-04-29 03:45 - 2017-03-03 15:22 - 00000000 ____D C:\ProgramData\CyberLink
2017-04-28 21:05 - 2017-03-18 17:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-28 21:05 - 2017-03-18 17:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-27 18:14 - 2017-03-03 15:21 - 00000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2017-04-27 18:14 - 2017-03-03 15:21 - 00000930 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2017-04-26 19:27 - 2017-04-13 21:35 - 00000000 ____D C:\Users\Tom\AppData\Local\Comms
2017-04-24 23:53 - 2017-04-14 23:35 - 00000000 ____D C:\Program Files\CCleaner
2017-04-22 22:18 - 2017-04-14 19:14 - 00000000 ____D C:\Users\Tom\AppData\Local\Adobe
2017-04-22 19:59 - 2017-04-13 22:38 - 00000000 ____D C:\Users\Tom\AppData\Roaming\PCDr
2017-04-22 19:58 - 2017-03-03 15:15 - 00000000 ____D C:\ProgramData\PCDr
2017-04-17 00:39 - 2017-04-14 00:00 - 00000000 ____D C:\Users\Public\Documents\CyberLink
2017-04-16 13:46 - 2017-03-03 15:23 - 00000000 ____D C:\ProgramData\SUPPORTDIR
2017-04-16 13:46 - 2017-03-03 15:22 - 00000000 ____D C:\ProgramData\Temp
2017-04-16 13:46 - 2017-03-03 15:22 - 00000000 ____D C:\ProgramData\CLSK
2017-04-16 13:46 - 2017-03-03 15:22 - 00000000 ____D C:\Program Files (x86)\CyberLink
2017-04-16 13:45 - 2017-04-13 23:56 - 00000000 ____D C:\Users\Tom\Documents\CyberLink
2017-04-16 13:45 - 2017-04-13 23:55 - 00000000 ____D C:\Users\Tom\AppData\Local\CyberLink
2017-04-16 13:12 - 2017-04-13 23:56 - 00000000 ____D C:\Users\Tom\AppData\Roaming\CyberLink
2017-04-16 13:02 - 2017-03-03 15:23 - 00000000 ____D C:\Program Files (x86)\NSIS Uninstall Information
2017-04-16 13:01 - 2017-03-03 15:22 - 00000000 ____D C:\ProgramData\install_clap
2017-04-15 20:17 - 2017-04-13 21:18 - 00000000 ____D C:\Users\Tom\AppData\Local\AMD
2017-04-15 19:26 - 2017-04-13 22:37 - 00000000 ____D C:\Users\Tom\AppData\Local\Apps\2.0
2017-04-15 00:40 - 2017-04-13 22:25 - 00000000 ____D C:\Users\Tom\AppData\Local\MicrosoftEdge
==================== Files in the root of some directories =======
2017-04-24 16:40 - 2017-04-24 16:40 - 0000087 _____ () C:\Users\Tom\AppData\Roaming\1de0de73-de3e-46c6-81b0-f6455f081644
2017-04-21 19:30 - 2017-04-21 19:30 - 0000017 _____ () C:\Users\Tom\AppData\Local\resmon.resmoncfg
2017-03-03 15:22 - 2017-03-03 15:23 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2017-03-03 15:24 - 2017-03-03 15:24 - 0000105 _____ () C:\ProgramData\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}.log
2017-03-03 15:24 - 2017-03-03 15:24 - 0000100 _____ () C:\ProgramData\{6BADCD73-E925-46F7-A295-FF2448632728}.log
2017-03-03 15:24 - 2017-03-03 15:24 - 0000098 _____ () C:\ProgramData\{CEF5334F-B91A-4327-ACAE-AA50DCE3F995}.log
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-05-10 22:44
==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-05-2017
Ran by Tom (15-05-2017 00:38:34)
Running from C:\Users\Tom\Desktop
Windows 10 Home Version 1703 (X64) (2017-05-11 02:56:15)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================
Administrator (S-1-5-21-794965033-3937228011-3467878875-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-794965033-3937228011-3467878875-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-794965033-3937228011-3467878875-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-794965033-3937228011-3467878875-501 - Limited - Disabled)
Tom (S-1-5-21-794965033-3937228011-3467878875-1001 - Administrator - Enabled) => C:\Users\Tom
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acronis True Image (HKLM-x32\...\{E5F28743-0DB5-42C1-8B70-5986D88C0BE0}Visible) (Version: 19.0.6581 - Acronis)
Acronis True Image (x32 Version: 19.0.6581 - Acronis) Hidden
Adobe Reader XI (11.0.20) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.20 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.)
Belarc Advisor 8.5c (HKLM-x32\...\Belarc Advisor) (Version: 8.5.3.0 - Belarc Inc.)
Catalyst Control Center Next Localization BR (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.29 - Piriform)
CloneBD (HKLM-x32\...\CloneBD) (Version: 1.0.6.8 - Elaborate Bytes)
CloneCD (HKLM-x32\...\CloneCD) (Version: 5.3.2.1 - SlySoft)
CyberLink PowerDVD 15 (HKLM-x32\...\{DE85B8F3-D088-4D6E-A970-EE0BC7883A66}) (Version: 15.0.3305.58 - CyberLink Corp.)
Dell Customer Connect (HKLM-x32\...\{4FA72FF9-DD64-43A8-8704-6380A11F11D5}) (Version: 1.4.15.0 - Dell Inc.)
Dell Data Vault (Version: 4.4.2.0 - Dell Inc.) Hidden
Dell Digital Delivery (HKLM-x32\...\{99B7C4B5-DC14-441D-A5B6-7340F682BC81}) (Version: 3.1.1117.0 - Dell Products, LP)
Dell Foundation Services (HKLM\...\{BDB50421-E961-42F3-B803-6DAC6F173834}) (Version: 3.4.16100.0 - Dell Inc.)
Dell Help & Support (HKLM-x32\...\InstallShield_{E8669F4E-F2BE-48A9-B5A5-0BC12CA4CB4F}) (Version: 2.4.18.0 - Dell Inc.)
Dell Help & Support (Version: 2.4.18.0 - Dell Inc.) Hidden
Dell Product Registration (HKLM-x32\...\InstallShield_{85B14AE3-1624-45BE-942B-A528DF6F1CCE}) (Version: 3.0.123.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6855.72 - Dell)
Dell SupportAssist Remediation (HKLM-x32\...\{8377b324-9a83-44c5-adde-87358607ddec}) (Version: 2.0.2.1840 - Dell Inc.)
Dell SupportAssist Remediation (Version: 2.0.2.1840 - Dell Inc.) Hidden
Dell SupportAssistAgent (HKLM-x32\...\{A10101BE-714B-42EE-B88B-5D3725B61425}) (Version: 1.4.2.2 - Dell)
Dell System Detect (HKU\S-1-5-21-794965033-3937228011-3467878875-1001\...\d24084d039586cae) (Version: 8.4.0.5 - Dell)
Dell Update - SupportAssist Update Plugin (HKLM\...\{5F641343-FA40-4084-855A-7FA3251783DC}) (Version: 2.0.2.1840 - Dell Inc.)
Dell Update (HKLM-x32\...\{49655877-33CF-4C8A-B07C-9694935431E4}) (Version: 1.9.7.0 - Dell Inc.)
Dropbox 20 GB (HKLM-x32\...\{84D8451D-2ED6-3A59-ABA5-2A447F7C6310}) (Version: 4.1.2.0 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
DVD Profiler Version 3.9.1 (HKLM-x32\...\InvelosDVDProfiler_is1) (Version:  - )
DVDFab 10.0.3.6 (26/04/2017) (HKLM-x32\...\DVDFab 10) (Version: 10.0.3.6 - Fengtao Software Inc.)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.4.0 - Seiko Epson Corporation)
EPSON Connect version 1.0 (HKLM-x32\...\EPSON Connect_is1) (Version: 1.0 - Epson America Inc.)
Epson Customer Research Participation (HKLM\...\{B26449A6-6007-4460-B4FE-C4776115BCEA}) (Version: 1.81.0000 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.44.00 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{7BAC3F7A-B963-468E-982E-B5608A87408D}) (Version: 4.4.4 - SEIKO EPSON CORPORATION)
EPSON XP-950 Series Printer Uninstall (HKLM\...\EPSON XP-950 Series) (Version:  - SEIKO EPSON Corporation)
EPSON XP-950 User’s Guide version 1.0 (HKLM-x32\...\UsersGuideEPSON XP-950 User’s Guide_is1) (Version: 1.0 - )
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
GoToAssist Corporate (HKLM-x32\...\GoToAssist) (Version: 11.5.0.1165 - Citrix Systems, Inc.)
Intel® Chipset Device Software (x32 Version: 10.1.1.38 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1036 - Intel Corporation)
Intel® Online Connect Software Asset Manager (x32 Version: 3.4.2072 - Intel Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4550 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.2.1030 - Intel Corporation)
Intel® Ready Mode Technology (HKLM\...\{CC3C017C-876D-4A31-A128-593FF92A1FE7}) (Version: 1.1.70.528 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1633.3 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{7FADF1ED-241A-4F82-B8FD-19BD0A82FFA0}) (Version: 19.11.1639.0649 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{638b58cc-a268-482a-b0b2-4f2e25993cc1}) (Version: 19.20.0 - Intel Corporation)
Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Maxx Audio Installer (x64) (Version: 2.7.8889.0 - Waves Audio Ltd.) Hidden
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.7967.2161 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-794965033-3937228011-3467878875-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.4.28.00 - NETGEAR Inc.)
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7967.2161 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7967.2161 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7967.2161 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
PowerChute Personal Edition 3.0.2 (HKLM-x32\...\{8ED262EE-FC73-47A9-BB86-D92223246881}) (Version: 3.0.2 - Schneider Electric)
proDAD Adorage 3.0 (HKLM-x32\...\proDAD-Adorage-3.0) (Version: 3.0.114.1 - proDAD GmbH)
Product Registration (Version: 3.0.123.0 - Dell Inc.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7968 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{17528CE4-C333-48FB-A9E4-D841E795CDCE}) (Version: 3.0.23.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 3.0.23.0 - Renesas Electronics Corporation) Hidden
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.77242 - TeamViewer)
UnderCover10 2.03 (HKLM-x32\...\UnderCover10_is1) (Version:  - Wicked & Wild Inc.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-794965033-3937228011-3467878875-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Audio Ltd)
CustomCLSID: HKU\S-1-5-21-794965033-3937228011-3467878875-1001_Classes\CLSID\{DAE467D6-5C66-404A-BD99-4AC8261A733A}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01349385-D2E5-4FAB-AF5A-99DC98C34C21} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7 => C:\Program Files (x86)\Intel\Intel® Online Connect Access\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-09-29] (Intel Corporation)
Task: {028ADB60-D02F-4A72-B46D-015BD41A9BA7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {08732268-3823-4F2A-8427-7B38C9AB8591} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-04] (Microsoft Corporation)
Task: {1D2748C6-8D31-4B3E-9E04-E57F8FB8E8AC} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
Task: {2077FF78-F16A-4430-88AC-71885EE95107} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2016-11-30] (DropboxOEM)
Task: {2F91D68D-3796-48B7-95FC-CE6E958A8190} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {301BFD23-0506-4E87-96F4-DA7F97722767} - System32\Tasks\Dell Cleanup => c:\windows\system32\oem\startmenufix.vbs [2016-09-14] ()
Task: {52448321-32FC-47FB-BB73-0811C476D35C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-04] (Microsoft Corporation)
Task: {754BAFE0-389A-47DA-B0B6-FCA622407BB5} - System32\Tasks\EPSON XP-950 Series Update {C3B7300D-3228-44E6-8A12-FB2D532D4FEB} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLIE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {89CD36B1-2878-4DBA-8EF2-2C2ED6B819B6} - System32\Tasks\EPSON XP-950 Series Invitation {C3B7300D-3228-44E6-8A12-FB2D532D4FEB} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLIE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {8A88C437-B10B-4440-BF82-A6E4B31E8BFF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-05-11] (Microsoft Corporation)
Task: {8C6C5875-3C6A-41F5-B410-477EF1A2DCDF} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-04-13] (Dropbox, Inc.)
Task: {8E97C628-0F4C-4041-89E3-CB5E6BFD9363} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-04-10] (Piriform Ltd)
Task: {AF370234-678C-4E46-B433-8B4A040F41AC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-05-11] (Microsoft Corporation)
Task: {C8C56EDA-68CE-45F5-858E-EC26430DEFC6} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-10-28] (Realtek Semiconductor)
Task: {CBB1DA34-0368-4343-BCCB-7EB584AD997B} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-07-26] (Intel® Corporation)
Task: {D321888F-648A-466B-823E-D3F9F1B905B4} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {DD058299-3D3E-4138-9C11-CD89828A9E3D} - System32\Tasks\EPSON XP-950 Series Update {E06463BA-A713-427D-BBE1-30D3247CD569} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLIE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {DEBCA1F3-62DD-4999-8AFF-C7DA0D9E751C} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2017-04-25] (Dell Inc.)
Task: {E2A5E4C8-BA6F-482B-AAB4-614406F7B305} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-04-13] (Dropbox, Inc.)
Task: {E5FDC5CD-DAB3-428E-A799-D12E0B24B3E3} - System32\Tasks\EPSON XP-950 Series Invitation {E06463BA-A713-427D-BBE1-30D3247CD569} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLIE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {F9C659FB-99C6-4377-83CA-880312832E09} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon => C:\Program Files (x86)\Intel\Intel® Online Connect Access\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-09-29] (Intel Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\EPSON XP-950 Series Invitation {7D65C34F-A410-4193-8182-BC7218E50F2A}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLIE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-950 Series Invitation {9A7D9758-5208-4C2F-8116-77535233C04F}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLIE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-950 Series Invitation {C3B7300D-3228-44E6-8A12-FB2D532D4FEB}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLIE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-950 Series Invitation {E06463BA-A713-427D-BBE1-30D3247CD569}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLIE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-950 Series Update {7D65C34F-A410-4193-8182-BC7218E50F2A}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLIE.EXE :/EXE:{7D65C34F-A410-4193-8182-BC7218E50F2A} /F:Update  WORKGROUP\DESKTOP-Q1AN705$ ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-950 Series Update {9A7D9758-5208-4C2F-8116-77535233C04F}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLIE.EXE :/EXE:{9A7D9758-5208-4C2F-8116-77535233C04F} /F:Update  WORKGROUP\DESKTOP-Q1AN705$ ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-950 Series Update {C3B7300D-3228-44E6-8A12-FB2D532D4FEB}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLIE.EXE :/EXE:{C3B7300D-3228-44E6-8A12-FB2D532D4FEB} /F:Update  WORKGROUP\DESKTOP-Q1AN705$ ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-950 Series Update {E06463BA-A713-427D-BBE1-30D3247CD569}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLIE.EXE :/EXE:{E06463BA-A713-427D-BBE1-30D3247CD569} /F:Update  WORKGROUP\DESKTOP-Q1AN705$ ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDFab 10\DVDFab Online.lnk -> hxxp://www.dvdfab.cn
==================== Loaded Modules (Whitelisted) ==============
2016-10-14 14:31 - 2016-10-14 14:31 - 01244408 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
2017-04-14 22:45 - 2017-04-14 22:45 - 04463592 _____ () C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
2016-10-05 16:15 - 2016-10-05 16:15 - 00107752 _____ () C:\Program Files\Intel\Intel® Online Connect Access\libglog.dll
2016-10-05 16:15 - 2016-10-05 16:15 - 00412904 _____ () C:\Program Files\Intel\Intel® Online Connect Access\JsonCpp.dll
2017-04-14 03:55 - 2017-03-22 10:24 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-04-14 03:55 - 2017-03-23 19:40 - 02267600 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-04-14 02:34 - 2017-05-11 18:49 - 08931008 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2017-03-18 16:58 - 2017-03-18 16:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 16:59 - 2017-03-18 22:31 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-05-09 12:33 - 2017-05-09 12:33 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-09 12:33 - 2017-05-09 12:33 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-09 12:33 - 2017-05-09 12:33 - 43195904 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-05-09 12:33 - 2017-05-09 12:33 - 02457088 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
2017-05-08 15:57 - 2017-05-08 15:57 - 00054272 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2016-10-14 14:28 - 2016-10-14 14:28 - 00567088 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
2017-04-07 03:41 - 2017-04-07 03:41 - 00054488 _____ () C:\Program Files\CCleaner\branding.dll
2016-10-14 14:48 - 2016-10-14 14:48 - 07382232 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
2015-08-11 15:36 - 2015-08-11 15:36 - 00024896 _____ () C:\Program Files (x86)\Common Files\Acronis\Infrastructure\core_workers_shared_context.dll
2016-10-14 14:25 - 2016-10-14 14:25 - 00037808 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2016-10-14 14:48 - 2016-10-14 14:48 - 04355264 _____ () C:\Program Files (x86)\Common Files\Acronis\Infrastructure\atih_mms_addon.dll
2015-08-23 15:59 - 2015-08-23 15:59 - 00606672 _____ () C:\Program Files (x86)\Common Files\Acronis\Infrastructure\sqlite3.dll
2016-10-14 14:47 - 2016-10-14 14:47 - 20605872 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll
2015-11-16 18:05 - 2015-11-16 18:05 - 00126928 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\afcdpapi.dll
2016-04-16 12:45 - 2016-04-16 12:45 - 00248240 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\sync_agent_api.dll
2016-10-14 14:27 - 2016-10-14 14:27 - 00333744 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\resource.dll
2016-10-14 14:25 - 2016-10-14 14:25 - 00050096 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\rpc_client.dll
2017-04-16 13:02 - 2016-09-14 01:07 - 00882456 _____ () C:\Program Files (x86)\CyberLink\PowerDVD15\common\UNO\UNO.dll
2017-04-16 13:02 - 2013-12-10 07:31 - 00074240 _____ () C:\Program Files (x86)\CyberLink\PowerDVD15\Common\Koan\_ctypes.pyd
2017-04-16 13:02 - 2013-12-10 07:31 - 00285184 _____ () C:\Program Files (x86)\CyberLink\PowerDVD15\Common\Koan\_hashlib.pyd
2017-04-16 13:02 - 2013-12-10 07:31 - 00040960 _____ () C:\Program Files (x86)\CyberLink\PowerDVD15\Common\Koan\_socket.pyd
2017-04-16 13:02 - 2013-12-10 07:31 - 00721920 _____ () C:\Program Files (x86)\CyberLink\PowerDVD15\Common\Koan\_ssl.pyd
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-04-27 20:49 - 2017-05-14 23:21 - 00000029 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-794965033-3937228011-3467878875-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tom\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img13.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "CloneCDTray"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "ZAM"
HKU\S-1-5-21-794965033-3937228011-3467878875-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-794965033-3937228011-3467878875-1001\...\StartupApproved\Run: => "AdobeBridge"
HKU\S-1-5-21-794965033-3937228011-3467878875-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-794965033-3937228011-3467878875-1001\...\StartupApproved\Run: => "NETGEARGenie"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B379FF25-7F53-4469-B40B-BE57C7550E97}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F0037CEE-AD69-42C9-9762-4744FD726D52}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{6BAA4CEF-49E5-4CEB-ABBA-7395D1EC2079}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{682AE271-658E-4A79-A4B1-B1519C24AEA2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{97973316-347E-4D0F-8E07-71DC70469039}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{D4C01B39-FD42-4BEB-BF5C-7F491D00CEDB}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{4A2BB745-90A0-4CCD-90D2-A947173CDA85}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{44CB1962-6D61-48EA-BA9A-2EA9E493AE02}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{4ABC1924-5031-4425-81AC-6B7D6A996ABA}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{BF8E0658-EA48-44BE-B239-1ECA84976E63}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{24B56F7B-22F5-4D54-99C2-8F12960C0DC7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{69CFD961-3892-4E23-BEB0-5E8885B5DB53}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{5E1B238F-17A8-4F2F-9EC8-6F19D48A0A22}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{F6BD9996-7435-4CB2-BA17-EBFCA1D77EB5}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{2F1D8C82-8CB5-47D3-AF68-7BA66E979F2B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\Movie\PowerDVDMovie.exe
FirewallRules: [{A537FFFE-1D7C-4696-B20B-45932F01E896}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD15Agent.exe
FirewallRules: [{4872B00B-C9D5-4A53-9A79-4E07252006BD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\Kernel\DMS\CLMSServerPDVD15.exe
FirewallRules: [{34916627-4425-4792-A65F-ECE885B119F8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD.exe
FirewallRules: [{752131B1-C276-4A79-A129-DA1DCEB22011}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
FirewallRules: [{25F99DA6-F952-4AC7-973D-D71F63A3EC3C}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{C790DCA4-D94A-4B57-B658-588656D4C2BB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{59681F14-4070-4B6F-B129-A81709DAD9F0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{C389CC0B-345F-4624-87C1-A761E4178C9E}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{5E48C3F5-6C81-43D7-8F0C-797216F2AEE9}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{0919E5F1-8E20-47C6-8696-92E9E8075903}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{18EAD3F3-490D-47E7-B5F3-E98777D75D7E}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{5B10059F-C271-4E88-A1E0-0F6D8F9D7A49}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
==================== Restore Points =========================
10-05-2017 22:59:47 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
10-05-2017 22:59:58 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================
Application errors:
==================
Error: (05/15/2017 12:38:51 AM) (Source: DellSupportAssistRemedationService.exe) (EventID: 0) (User: )
Description: [4] ERROR- ReadEpsaVersion() Exception: Path: C:\ProgramData\Dell\SARemediation\esp\EFI\Dell\logs\diags_current.xml #StackInfo#
Error: (05/15/2017 12:37:09 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" on line 1.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
Error: (05/15/2017 12:00:48 AM) (Source: DellSupportAssistRemedationService.exe) (EventID: 0) (User: )
Description: [5] ERROR- Exception on processing Diags log: Path: C:\ProgramData\Dell\SARemediation\esp\EFI\Dell\logs\diags_current.xml #StackInfo#
Error: (05/15/2017 12:00:48 AM) (Source: DellSupportAssistRemedationService.exe) (EventID: 0) (User: )
Description: [5] ERROR- FindPartObjects() Lable not matched! Target:WINRETOOLS, Current:DELLSUPPORT, Partition:PartitionPos {disk:2, part:6}, curGptTypeStr:{de94bba4-06d1-4d40-a16a-bfd50179d6ac} #StackInfo#
Error: (05/15/2017 12:00:48 AM) (Source: DellSupportAssistRemedationService.exe) (EventID: 0) (User: )
Description: [5] ERROR- FindPartObjects() Lable not matched! Target:WINRETOOLS, Current:Image, Partition:PartitionPos {disk:2, part:5}, curGptTypeStr:{de94bba4-06d1-4d40-a16a-bfd50179d6ac} #StackInfo#
Error: (05/14/2017 11:51:29 PM) (Source: DellUpService.exe) (EventID: 0) (User: )
Description: [5] ERROR- FindPartObjects() Lable not matched! Target:WINRETOOLS, Current:DELLSUPPORT, Partition:PartitionPos {disk:2, part:6}, curGptTypeStr:{de94bba4-06d1-4d40-a16a-bfd50179d6ac} #StackInfo#
Error: (05/14/2017 11:51:29 PM) (Source: DellUpService.exe) (EventID: 0) (User: )
Description: [5] ERROR- FindPartObjects() Lable not matched! Target:WINRETOOLS, Current:Image, Partition:PartitionPos {disk:2, part:5}, curGptTypeStr:{de94bba4-06d1-4d40-a16a-bfd50179d6ac} #StackInfo#
Error: (05/14/2017 11:50:54 PM) (Source: DellUpService.exe) (EventID: 0) (User: )
Description: [5] ERROR- FindPartObjects() Lable not matched! Target:DELLSUPPORT, Current:Image, Partition:PartitionPos {disk:2, part:5}, curGptTypeStr:{de94bba4-06d1-4d40-a16a-bfd50179d6ac} #StackInfo#
Error: (05/14/2017 11:50:53 PM) (Source: DellUpService.exe) (EventID: 0) (User: )
Description: [5] ERROR- FindPartObjects() Lable not matched! Target:DELLSUPPORT, Current:WINRETOOLS, Partition:PartitionPos {disk:2, part:4}, curGptTypeStr:{de94bba4-06d1-4d40-a16a-bfd50179d6ac} #StackInfo#
Error: (05/14/2017 11:30:47 PM) (Source: DellSupportAssistRemedationService.exe) (EventID: 0) (User: )
Description: [4] ERROR- ReadEpsaVersion() Exception: Path: C:\ProgramData\Dell\SARemediation\esp\EFI\Dell\logs\diags_current.xml #StackInfo#

System errors:
=============
Error: (05/15/2017 12:37:28 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Intel® Online Connect Helper service.
Error: (05/15/2017 12:36:58 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (05/15/2017 12:36:58 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (05/15/2017 12:36:43 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
Module Path: C:\WINDOWS\system32\Rtlihvs.dll
Error Code: 126
Error: (05/15/2017 12:36:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CldFlt service failed to start due to the following error:
The request is not supported.
Error: (05/15/2017 12:36:38 AM) (Source: Application Popup) (EventID: 56) (User: )
Description: USBMSFT30111122223333
Error: (05/14/2017 11:29:29 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Intel® Online Connect Helper service.
Error: (05/14/2017 11:28:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (05/14/2017 11:28:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (05/14/2017 11:28:43 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
Module Path: C:\WINDOWS\system32\Rtlihvs.dll
Error Code: 126

CodeIntegrity:
===================================
  Date: 2017-05-15 00:28:21.148
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
  Date: 2017-05-15 00:27:47.842
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
  Date: 2017-05-15 00:23:36.100
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
  Date: 2017-05-15 00:22:04.669
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
  Date: 2017-05-15 00:19:48.000
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
  Date: 2017-05-15 00:17:36.720
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
  Date: 2017-05-15 00:14:34.030
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
  Date: 2017-05-15 00:13:14.792
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
  Date: 2017-05-15 00:10:09.757
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
  Date: 2017-05-15 00:08:16.741
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

==================== Memory info ===========================
Processor: Intel® Core™ i7-7700 CPU @ 3.60GHz
Percentage of memory in use: 14%
Total physical RAM: 24474.48 MB
Available physical RAM: 20969.64 MB
Total Virtual: 26010.48 MB
Available Virtual: 22108.73 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:223.79 GB) (Free:147.97 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.39 GB) (Free:931.18 GB) NTFS
Drive g: (Back Up HD) (Fixed) (Total:931.51 GB) (Free:931.31 GB) NTFS
Drive h: (Left Exterior HD) (Fixed) (Total:596.17 GB) (Free:595.54 GB) NTFS
Drive j: (SandiskSSD) (Fixed) (Total:447.13 GB) (Free:446.98 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: DB24DB58)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 447.1 GB) (Disk ID: F2CF5AF3)
Partition 1: (Not Active) - (Size=447.1 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 238.5 GB) (Disk ID: DB24DB09)
Partition: GPT.
========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 9B9F914B)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 4 (Size: 596.2 GB) (Disk ID: 2F991634)
Partition 1: (Active) - (Size=596.2 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================

  • 0

#40
zep516
Posted 15 May 2017 - 01:54 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Hello,

Hows the computer doing now ?
  • 0

Advertisements

#41
TGMcCallie
Posted 15 May 2017 - 02:05 PM

TGMcCallie

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

Computer is working fine.  It is not re-directing me to the unwanted site.

 

How did the logs look?

 

Tom


  • 0

#42
zep516
Posted 15 May 2017 - 02:10 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Hello,

The logs look good, I just wanted to make sure KAS was uninstalled completely. I think you're well protected with Malwarebytes too, and I know you're a safe user with good browsing habits.
  • 0

#43
TGMcCallie
Posted 15 May 2017 - 03:08 PM

TGMcCallie

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

KS answered my e-mail and said I should have uninstalled Malwarebytes instead of Kaspersky and see if that corrected the problem and let them know.  I answered her that

MB was doing just fine and I would stick with them.  I told her that I never had a problem with the 2 before on my computer for years and the redirect was coming thru KS.

 

It is working fine now and I thank you ver much.

 

I will be donating thru Paypal.

 

Tom

 

Ps  I did not like the fact that every time I called them and gave them my case number I always got someone different.


Edited by TGMcCallie, 15 May 2017 - 03:10 PM.

  • 0

#44
zep516
Posted 15 May 2017 - 06:07 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Hello,

Thanks for donation !

That sounds like the normal with these companies, I don't think you ever get a tech to answer.

We have a lot of Malware removal tools and logs on your computer, I'd like to clean that up using Delfix..

The following procedures will implement some cleanup procedures to remove these tools. It will also reset your System Restore by flushing out previous restore points and create a new restore point. It will also remove all the backups our tools may have made.
Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually (right-click the file + delete).

Why we need to remove some of our tools:
Some of the tools we have used to clean your computer were made by fellow malware fighters and are very powerful and if used incorrectly or at the wronge time can make the computer an expensive paper weight. They are updated all the time and some of them more than once a day so by the time you are ready to use them again they will already be outdated.


Download DelFix by Xplode and save it to your desktop.
  • Run the tool by right click on the 51a5ce45263de-delfix.png icon and Run as administrator option.
  • Make sure that these ones are checked:
  • Remove disinfection tools
  • Purge system restore
  • Reset system settings
  • Push Run.
  • The program will run for a few seconds and display a notepad report.
    Paste it for my review.

  • 0

#45
TGMcCallie
Posted 15 May 2017 - 09:16 PM

TGMcCallie

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

You are quite welcome, Thank YOU.

 

I noticed that this removed my saved sign in and password for Geeks to Go.  Hope it did not remove my others.

 

Here is the log:

 

 

# DelFix v1.010 - Logfile created 15/05/2017 at 23:10:47
# Updated 26/04/2015 by Xplode
# Username : Tom - DESKTOP-Q1AN705
# Operating System : Windows 10 Home  (64 bits)
~ Removing disinfection tools ...
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\TDSSKiller.3.1.0.15_26.04.2017_18.59.26_log.txt
Deleted : C:\Users\Tom\Desktop\Addition.txt
Deleted : C:\Users\Tom\Desktop\adwcleaner_6.046.exe
Deleted : C:\Users\Tom\Desktop\FRST.txt
Deleted : C:\Users\Tom\Desktop\FRST64.exe
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
~ Cleaning system restore ...
Deleted : RP #1 [Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 | 05/11/2017 02:59:47]
Deleted : RP #2 [Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 | 05/11/2017 02:59:58]
New restore point created !
~ Resetting system settings ... OK
########## - EOF - ##########

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP