Hello,
I have used this site before and have had great success! It has been a long time and I am having computer issues. This computer started out with Windows 7 and then was upgraded to windows 10. I have been having many issues lately with some items.
1. This has been happening for a while not sure if related. I can not get the computer out of sleep mode. I usually have to hold the on button down till it restarts. I have been over all my setting and have not been able to fix it.
2. I can not open up pictures it seems to lock up my computer however I am after a while able to close the window.
3. I can not shut down computer the normal way I have to hold down the on/off button
4. I have downloaded Farbar Scan tool and that starts and runs then eventually goes unresponsive. I have to x out and try again and does the same thing. Did this 3 times.
Now I did notice on my Desktop there is a file FRST and additions that in the properties was created 44 minutes ago and updated 22 minutes ago. My guess is the first scan I did created this files and the scans after that replaced them.
I would like to Thank you for your assistance on this matter! Any help is greatly appreciated!
Here are the two logs below:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-06-2017
Ran by bryan (administrator) on BRIAN-PC (04-06-2017 16:18:19)
Running from C:\Users\bryan\Desktop
Loaded Profiles: bryan (Available Profiles: bryan & Kristen & Kids & DefaultAppPool)
Platform: Microsoft Windows 10 Home Version 1607 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Sanford, L.P.) C:\Program Files\DYMO\DYMO Label Software\DymoPnpService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Hewlett-Packard Company) C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe
() C:\Windows\System32\SecUPDUtilSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\msoia.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Hewlett-Packard) C:\Program Files\Hp\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
(i-Funbox.com) C:\Program Files\i-Funbox DevTeam\iFunBox.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\bryan\Desktop\FRST (1).exe
(Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [748744 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707496 2014-06-10] (Cisco Systems, Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [164152 2016-07-26] (Apple Inc.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [483840 2017-04-27] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKU\S-1-5-21-191501728-1260249008-2198610037-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2014-12-17] (Google Inc.)
HKU\S-1-5-21-191501728-1260249008-2198610037-1000\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-191501728-1260249008-2198610037-1000\...\Run: [iCloudDrive] => C:\Program Files\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-191501728-1260249008-2198610037-1000\...\Run: [iCloudPhotos] => C:\Program Files\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-191501728-1260249008-2198610037-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [26424960 2016-06-29] (Skype Technologies S.A.)
HKU\S-1-5-21-191501728-1260249008-2198610037-1000\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-191501728-1260249008-2198610037-1000\...\Run: [iFunBox] => C:\Program Files\i-Funbox DevTeam\iFunBox.exe [2618368 2015-07-27] (i-Funbox.com)
HKU\S-1-5-21-191501728-1260249008-2198610037-1000\...\Run: [GoogleChromeAutoLaunch_4E0AE40DFBEFCF659ACC42CC2B081204] => C:\Program Files\Google\Chrome\Application\chrome.exe [941912 2017-03-28] (Google Inc.)
HKU\S-1-5-21-191501728-1260249008-2198610037-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7619288 2017-05-19] (Piriform Ltd)
HKU\S-1-5-21-191501728-1260249008-2198610037-1000\...\MountPoints2: {a28ee5ae-bfff-11e6-b4f9-68a3c4bfc53b} - "E:\VZW_Software_upgrade_assistant.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-12-18]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{882920fe-1602-4251-afb1-447ce56331f0}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{f276b8a1-b82c-4052-a79d-d962c00e9952}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Internet Explorer:
==================
HKU\S-1-5-21-191501728-1260249008-2198610037-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKU\S-1-5-21-191501728-1260249008-2198610037-1000 -> {EC4CCF5E-EDA2-4E46-ACA3-23F1D89DDAA1} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28] (Yahoo! Inc.)
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2017-05-05] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-05-01] (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-05-05] (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-01] (Oracle Corporation)
BHO: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28] (Yahoo! Inc)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28] (Yahoo! Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
Toolbar: HKU\S-1-5-21-191501728-1260249008-2198610037-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-05] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-05] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-05] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-05] (Microsoft Corporation)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [
[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-12-18] [not signed]
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin: @dymo.com/DymoLabelFramework -> C:\Program Files\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll [2014-03-20] ( Sanford L.P.)
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-01] (Oracle Corporation)
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-05-05] (Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-05] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.3\npGoogleUpdate3.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.3\npGoogleUpdate3.dll [No File]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> hxxp://www.google.com/
CHR StartupUrls: Profile 1 -> "hxxps://mail.google.com/mail/u/1/#inbox","hxxps://mail.google.com/mail/u/0/?tab=wm#inbox","hxxps://www.facebook.com/groups/849996355077511/","hxxps://www.google.com/"
CHR Profile: C:\Users\bryan\AppData\Local\Google\Chrome\User Data\Default [2017-06-04]
CHR Extension: (Google Slides) - C:\Users\bryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-09]
CHR Extension: (Google Docs) - C:\Users\bryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-09]
CHR Extension: (Google Drive) - C:\Users\bryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (YouTube) - C:\Users\bryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-24]
CHR Extension: () - C:\Users\bryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2017-01-30]
CHR Extension: (Google Search) - C:\Users\bryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2017-01-30]
CHR Extension: (Adobe Acrobat) - C:\Users\bryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-01-30]
CHR Extension: (Google Calendar) - C:\Users\bryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-01-30]
CHR Extension: (Google Sheets) - C:\Users\bryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-09]
CHR Extension: (Google Docs Offline) - C:\Users\bryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-30]
CHR Extension: (Pinterest Save Button) - C:\Users\bryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2017-01-30]
CHR Extension: (Skype) - C:\Users\bryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-01-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\bryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-30]
CHR Extension: (Gmail) - C:\Users\bryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-24]
CHR Extension: (Chrome Media Router) - C:\Users\bryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-30]
CHR Profile: C:\Users\bryan\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-06-04]
CHR Profile: C:\Users\bryan\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-06-04]
CHR Extension: (Google Drive) - C:\Users\bryan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-31]
CHR Extension: (Ebates Cash Back) - C:\Users\bryan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\chhjbpecpncaggjpdakmflnfcopglcmi [2017-05-31]
CHR Extension: (Adobe Acrobat) - C:\Users\bryan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-05-31]
CHR Extension: (Google Docs Offline) - C:\Users\bryan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-31]
CHR Extension: (Skype) - C:\Users\bryan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-05-31]
CHR Extension: (Chrome Web Store Payments) - C:\Users\bryan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-31]
CHR Extension: (Chrome Media Router) - C:\Users\bryan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-31]
CHR Profile: C:\Users\bryan\AppData\Local\Google\Chrome\User Data\System Profile [2017-06-04]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-191501728-1260249008-2198610037-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [276992 2015-08-21] (Advanced Micro Devices, Inc.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2290880 2017-05-05] (Microsoft Corporation)
R2 DymoPnpService; C:\Program Files\DYMO\DYMO Label Software\DymoPnpService.exe [33072 2014-03-20] (Sanford, L.P.)
S2 Garmin Device Interaction Service; C:\Program Files\Garmin\Device Interaction Service\GarminService.exe [708616 2015-04-08] (Garmin Ltd. or its subsidiaries)
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [3303888 2017-01-20] (Malwarebytes)
R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [45568 2012-07-31] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [55808 2012-07-31] (Hewlett-Packard) [File not signed]
R2 SamsungUPDUtilSvc; C:\WINDOWS\system32\SecUPDUtilSvc.exe [143664 2016-09-28] ()
R2 vpnagent; C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [561064 2014-06-10] (Cisco Systems, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [271488 2017-04-27] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [84920 2017-04-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 acsock; C:\WINDOWS\System32\DRIVERS\acsock.sys [92528 2014-06-10] (Cisco Systems, Inc.)
R0 amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [70464 2013-06-27] (Advanced Micro Devices)
R0 amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [34624 2013-06-27] (Advanced Micro Devices)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [50400 2014-02-11] (Advanced Micro Devices)
R3 athr; C:\WINDOWS\System32\drivers\athwn.sys [3228672 2016-07-16] (Qualcomm Atheros Communications, Inc.)
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [521248 2016-06-26] (Qualcomm Atheros)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [109184 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 L1C; C:\WINDOWS\System32\drivers\L1C62x86.sys [110280 2013-11-29] (Qualcomm Atheros Co., Ltd.)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [220088 2017-06-04] (Malwarebytes)
R1 MpKsl13511da7; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{976CD3E9-3F7A-4181-B8AB-8013C86204A4}\MpKsl13511da7.sys [39168 2017-05-28] (Microsoft Corporation)
R1 MpKsl3cff471b; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D06A65FC-D65C-4AD0-845E-D42BFCA7B7D5}\MpKsl3cff471b.sys [39168 2017-05-24] (Microsoft Corporation)
R1 MpKsl9c58d9b4; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D06A65FC-D65C-4AD0-845E-D42BFCA7B7D5}\MpKsl9c58d9b4.sys [39168 2017-05-23] (Microsoft Corporation)
R1 MpKsla8747fce; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{83C6A32D-B001-46BC-84AB-659165DFA0EC}\MpKsla8747fce.sys [39168 2017-05-31] (Microsoft Corporation)
R1 MpKslac114979; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D06A65FC-D65C-4AD0-845E-D42BFCA7B7D5}\MpKslac114979.sys [39168 2017-05-23] (Microsoft Corporation)
R1 MpKslaec2b23d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{728F8E49-AC86-4E3C-9BCF-C96692000A97}\MpKslaec2b23d.sys [39168 2017-06-04] (Microsoft Corporation)
R1 MpKslbcabb43c; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D06A65FC-D65C-4AD0-845E-D42BFCA7B7D5}\MpKslbcabb43c.sys [39168 2017-05-25] (Microsoft Corporation)
R1 MpKsle1f1f774; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D06A65FC-D65C-4AD0-845E-D42BFCA7B7D5}\MpKsle1f1f774.sys [39168 2017-05-21] (Microsoft Corporation)
R1 MpKsleb8fd604; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{83C6A32D-B001-46BC-84AB-659165DFA0EC}\MpKsleb8fd604.sys [39168 2017-06-02] (Microsoft Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [62976 2016-07-16] ()
R3 QIOMem; C:\WINDOWS\System32\drivers\QIOMem.sys [20664 2015-05-28] (TOSHIBA)
R2 SSPORT; C:\WINDOWS\system32\Drivers\SSPORT.sys [5120 2014-08-18] (Samsung Electronics) [File not signed]
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [147072 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [42088 2015-12-31] (Toshiba Corporation)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva-6.sys [43888 2014-06-10] (Cisco Systems, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [37912 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [244576 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [100192 2016-07-16] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [161280 2016-07-16] (Microsoft Corporation)
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-06-04 16:02 - 2017-06-04 16:03 - 00038112 _____ C:\Users\bryan\Desktop\Addition.txt
2017-06-04 16:00 - 2017-06-04 16:18 - 00022950 _____ C:\Users\bryan\Desktop\FRST.txt
2017-06-04 15:57 - 2017-06-04 15:59 - 01774080 _____ (Farbar) C:\Users\bryan\Desktop\FRST (1).exe
2017-06-03 22:29 - 2017-06-03 22:29 - 00001034 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-06-03 22:29 - 2017-06-03 22:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-06-03 22:29 - 2017-06-03 22:29 - 00000000 ____D C:\Program Files\CCleaner
2017-06-03 22:28 - 2017-06-03 22:28 - 09551280 _____ (Piriform Ltd) C:\Users\bryan\Downloads\ccsetup530.exe
2017-06-03 10:16 - 2017-06-03 10:16 - 05897641 _____ C:\Users\bryan\Downloads\NL 06-17 (2).pdf
2017-06-02 18:50 - 2017-06-02 18:50 - 05897648 _____ C:\Users\bryan\Downloads\NL 06-17 (1).pdf
2017-06-02 18:48 - 2017-06-02 18:48 - 05897648 _____ C:\Users\bryan\Downloads\NL 06-17.pdf
2017-06-02 11:30 - 2017-06-02 11:30 - 00000067 _____ C:\Users\bryan\Desktop\Convert your PDF file to JPG now - Free, Simple and Online.url
2017-06-02 11:24 - 2017-06-02 11:24 - 00040183 _____ C:\Users\bryan\Downloads\Report_from_Totem_Pole_Park.pdf
2017-05-31 11:27 - 2017-05-31 11:27 - 00000000 __SHD C:\found.000
2017-05-28 18:57 - 2017-05-28 18:57 - 00005679 _____ C:\Users\bryan\Downloads\Hunter invention.pdf
2017-05-18 15:20 - 2017-05-18 15:20 - 00150534 _____ C:\Users\bryan\Downloads\_rlg_att3939.pdf
2017-05-15 21:52 - 2017-05-15 21:52 - 03396205 _____ C:\Users\bryan\Downloads\tpppicturesoct_2015.zip
2017-05-15 13:06 - 2017-05-15 13:06 - 00081821 _____ C:\Users\bryan\Downloads\Store and Snack Bar survey.pdf
2017-05-14 10:44 - 2017-05-14 10:44 - 00115740 _____ C:\Users\bryan\Downloads\SurveyMonkey_84698392 (1).pdf
2017-05-14 10:43 - 2017-05-14 10:43 - 00071234 _____ C:\Users\bryan\Downloads\SurveyMonkey_84698392.pdf
2017-05-11 21:46 - 2017-05-11 21:46 - 00000017 _____ C:\Users\bryan\AppData\Local\resmon.resmoncfg
2017-05-11 14:48 - 2017-05-11 14:48 - 00021105 _____ C:\Users\bryan\Downloads\Book6.xlsx
2017-05-10 20:58 - 2017-04-27 21:00 - 05996896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-10 20:58 - 2017-04-27 21:00 - 01725136 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-10 20:58 - 2017-04-27 20:56 - 02048488 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-10 20:58 - 2017-04-27 20:55 - 00583128 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-10 20:58 - 2017-04-27 20:46 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-05-10 20:58 - 2017-04-27 20:46 - 01896288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-10 20:58 - 2017-04-27 20:46 - 00342880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-10 20:58 - 2017-04-27 20:45 - 02263832 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-10 20:58 - 2017-04-27 20:43 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-05-10 20:58 - 2017-04-27 20:43 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-05-10 20:58 - 2017-04-27 20:41 - 00080224 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-05-10 20:58 - 2017-04-27 20:40 - 06665952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-10 20:58 - 2017-04-27 20:39 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-10 20:58 - 2017-04-27 20:29 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-05-10 20:58 - 2017-04-27 20:22 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-10 20:58 - 2017-04-27 20:21 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2017-05-10 20:58 - 2017-04-27 20:19 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-10 20:58 - 2017-04-27 20:19 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-10 20:58 - 2017-04-27 20:18 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-05-10 20:58 - 2017-04-27 20:17 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-10 20:58 - 2017-04-27 20:14 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-10 20:58 - 2017-04-27 20:14 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-10 20:58 - 2017-04-27 20:13 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-05-10 20:58 - 2017-04-27 20:13 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-10 20:58 - 2017-04-27 20:12 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-10 20:58 - 2017-04-27 20:11 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-10 20:58 - 2017-04-27 20:08 - 18365440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-10 20:58 - 2017-04-27 20:06 - 01488384 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-05-10 20:58 - 2017-04-27 20:06 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-10 20:58 - 2017-04-27 20:06 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-05-10 20:58 - 2017-04-27 20:05 - 19414016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-10 20:58 - 2017-04-27 20:05 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-10 20:58 - 2017-04-27 20:04 - 01284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-05-10 20:58 - 2017-04-27 19:59 - 12187136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-10 20:58 - 2017-04-27 19:58 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-05-10 20:58 - 2017-04-27 19:57 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-05-10 20:58 - 2017-04-27 19:55 - 06042624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-10 20:58 - 2017-04-27 19:55 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-05-10 20:58 - 2017-04-27 19:54 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-05-10 20:58 - 2017-04-27 19:54 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-10 20:58 - 2017-04-27 19:54 - 02027008 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-10 20:58 - 2017-04-27 19:54 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-10 20:58 - 2017-04-27 19:53 - 01235456 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-10 20:58 - 2017-04-27 19:53 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-05-10 20:58 - 2017-04-27 19:52 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-05-10 20:58 - 2017-04-27 19:52 - 02994176 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-10 20:58 - 2017-04-27 19:52 - 01887232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-10 20:58 - 2017-04-27 19:52 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-10 20:58 - 2017-04-27 19:50 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-10 20:58 - 2017-03-04 02:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-05-10 20:57 - 2017-04-27 21:33 - 00448864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-05-10 20:57 - 2017-04-27 21:32 - 00685440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-10 20:57 - 2017-04-27 20:59 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-10 20:57 - 2017-04-27 20:58 - 01956704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-05-10 20:57 - 2017-04-27 20:48 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-05-10 20:57 - 2017-04-27 20:46 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-10 20:57 - 2017-04-27 20:46 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-05-10 20:57 - 2017-04-27 20:45 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-05-10 20:57 - 2017-04-27 20:45 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-05-10 20:57 - 2017-04-27 20:45 - 00781144 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-05-10 20:57 - 2017-04-27 20:43 - 02168288 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-10 20:57 - 2017-04-27 20:43 - 01557224 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-10 20:57 - 2017-04-27 20:43 - 00458592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-05-10 20:57 - 2017-04-27 20:43 - 00355168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-05-10 20:57 - 2017-04-27 20:42 - 00601952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-05-10 20:57 - 2017-04-27 20:40 - 04023008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-05-10 20:57 - 2017-04-27 20:40 - 01851696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-05-10 20:57 - 2017-04-27 20:40 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-05-10 20:57 - 2017-04-27 20:40 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-05-10 20:57 - 2017-04-27 20:40 - 01202936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-05-10 20:57 - 2017-04-27 20:40 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-05-10 20:57 - 2017-04-27 20:39 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-10 20:57 - 2017-04-27 20:39 - 00962760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-10 20:57 - 2017-04-27 20:38 - 01384704 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-05-10 20:57 - 2017-04-27 20:35 - 01411616 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-10 20:57 - 2017-04-27 20:33 - 00380184 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-05-10 20:57 - 2017-04-27 20:26 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-05-10 20:57 - 2017-04-27 20:23 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-10 20:57 - 2017-04-27 20:20 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-05-10 20:57 - 2017-04-27 20:19 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-05-10 20:57 - 2017-04-27 20:19 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-05-10 20:57 - 2017-04-27 20:17 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-05-10 20:57 - 2017-04-27 20:17 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-05-10 20:57 - 2017-04-27 20:17 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-05-10 20:57 - 2017-04-27 20:17 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-05-10 20:57 - 2017-04-27 20:16 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-05-10 20:57 - 2017-04-27 20:16 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-05-10 20:57 - 2017-04-27 20:16 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-05-10 20:57 - 2017-04-27 20:16 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-05-10 20:57 - 2017-04-27 20:16 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-10 20:57 - 2017-04-27 20:16 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2017-05-10 20:57 - 2017-04-27 20:16 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-05-10 20:57 - 2017-04-27 20:15 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-10 20:57 - 2017-04-27 20:15 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-05-10 20:57 - 2017-04-27 20:14 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-05-10 20:57 - 2017-04-27 20:14 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-05-10 20:57 - 2017-04-27 20:14 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-10 20:57 - 2017-04-27 20:13 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-05-10 20:57 - 2017-04-27 20:13 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-05-10 20:57 - 2017-04-27 20:13 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-05-10 20:57 - 2017-04-27 20:13 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-05-10 20:57 - 2017-04-27 20:13 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-05-10 20:57 - 2017-04-27 20:13 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-05-10 20:57 - 2017-04-27 20:13 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-05-10 20:57 - 2017-04-27 20:13 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-05-10 20:57 - 2017-04-27 20:13 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-05-10 20:57 - 2017-04-27 20:12 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-05-10 20:57 - 2017-04-27 20:12 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-05-10 20:57 - 2017-04-27 20:12 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-05-10 20:57 - 2017-04-27 20:12 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-05-10 20:57 - 2017-04-27 20:12 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-05-10 20:57 - 2017-04-27 20:11 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-05-10 20:57 - 2017-04-27 20:11 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-05-10 20:57 - 2017-04-27 20:11 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-05-10 20:57 - 2017-04-27 20:11 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-05-10 20:57 - 2017-04-27 20:10 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2017-05-10 20:57 - 2017-04-27 20:10 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-05-10 20:57 - 2017-04-27 20:10 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2017-05-10 20:57 - 2017-04-27 20:10 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-10 20:57 - 2017-04-27 20:10 - 00425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-10 20:57 - 2017-04-27 20:10 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-05-10 20:57 - 2017-04-27 20:10 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-05-10 20:57 - 2017-04-27 20:10 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-05-10 20:57 - 2017-04-27 20:09 - 01109504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-10 20:57 - 2017-04-27 20:09 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-05-10 20:57 - 2017-04-27 20:09 - 00561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-05-10 20:57 - 2017-04-27 20:08 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-10 20:57 - 2017-04-27 20:08 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-05-10 20:57 - 2017-04-27 20:08 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-05-10 20:57 - 2017-04-27 20:08 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-05-10 20:57 - 2017-04-27 20:07 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-05-10 20:57 - 2017-04-27 20:07 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-10 20:57 - 2017-04-27 20:06 - 04614656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-05-10 20:57 - 2017-04-27 20:06 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2017-05-10 20:57 - 2017-04-27 20:06 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-05-10 20:57 - 2017-04-27 20:06 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-05-10 20:57 - 2017-04-27 20:05 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-10 20:57 - 2017-04-27 20:05 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-05-10 20:57 - 2017-04-27 20:04 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-05-10 20:57 - 2017-04-27 20:04 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-10 20:57 - 2017-04-27 20:04 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-10 20:57 - 2017-04-27 20:03 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-05-10 20:57 - 2017-04-27 20:03 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-05-10 20:57 - 2017-04-27 20:03 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2017-05-10 20:57 - 2017-04-27 20:03 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-05-10 20:57 - 2017-04-27 20:01 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-05-10 20:57 - 2017-04-27 20:01 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-05-10 20:57 - 2017-04-27 20:01 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-05-10 20:57 - 2017-04-27 20:01 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-05-10 20:57 - 2017-04-27 20:00 - 12349440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-05-10 20:57 - 2017-04-27 20:00 - 03774464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-10 20:57 - 2017-04-27 20:00 - 02749440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-05-10 20:57 - 2017-04-27 20:00 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-10 20:57 - 2017-04-27 19:59 - 02154496 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-05-10 20:57 - 2017-04-27 19:58 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\olepro32.dll
2017-05-10 20:57 - 2017-04-27 19:57 - 01700864 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-05-10 20:57 - 2017-04-27 19:57 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-05-10 20:57 - 2017-04-27 19:57 - 01136128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-05-10 20:57 - 2017-04-27 19:57 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2017-05-10 20:57 - 2017-04-27 19:57 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-05-10 20:57 - 2017-04-27 19:56 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-05-10 20:57 - 2017-04-27 19:56 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-05-10 20:57 - 2017-04-27 19:55 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-10 20:57 - 2017-04-27 19:55 - 01987584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-05-10 20:57 - 2017-04-27 19:55 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-05-10 20:57 - 2017-04-27 19:55 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-05-10 20:57 - 2017-04-27 19:54 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-10 20:57 - 2017-04-27 19:54 - 02747904 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-05-10 20:57 - 2017-04-27 19:54 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-05-10 20:57 - 2017-04-27 19:54 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-05-10 20:57 - 2017-04-27 19:54 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-05-10 20:57 - 2017-04-27 19:54 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-05-10 20:57 - 2017-04-27 19:54 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-05-10 20:57 - 2017-04-27 19:54 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-05-10 20:57 - 2017-04-27 19:53 - 01525760 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-05-10 20:57 - 2017-04-27 19:53 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2017-05-10 20:57 - 2017-04-27 19:53 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-05-10 20:57 - 2017-04-27 19:53 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-10 20:57 - 2017-04-27 19:52 - 03596800 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-05-10 20:57 - 2017-04-27 19:52 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-05-10 20:57 - 2017-03-04 03:57 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-05-10 20:57 - 2017-03-04 03:09 - 00890984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-05-10 20:57 - 2017-03-04 02:46 - 00198496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-05-10 20:57 - 2017-03-04 02:23 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2017-05-10 20:57 - 2017-03-04 02:16 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-05-10 20:57 - 2017-03-04 02:00 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-10 20:56 - 2017-04-27 21:28 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-05-10 20:56 - 2017-04-27 21:01 - 00784064 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-05-10 20:56 - 2017-04-27 20:55 - 00628440 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-10 20:56 - 2017-04-27 20:51 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2017-05-10 20:56 - 2017-04-27 20:49 - 00053080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
2017-05-10 20:56 - 2017-04-27 20:45 - 00545120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-05-10 20:56 - 2017-04-27 20:45 - 00493920 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-10 20:56 - 2017-04-27 20:45 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-05-10 20:56 - 2017-04-27 20:45 - 00025440 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-10 20:56 - 2017-04-27 20:41 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2017-05-10 20:56 - 2017-04-27 20:40 - 00352760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-05-10 20:56 - 2017-04-27 20:23 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-05-10 20:56 - 2017-04-27 20:22 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2017-05-10 20:56 - 2017-04-27 20:22 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspppoe.sys
2017-05-10 20:56 - 2017-04-27 20:21 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-10 20:56 - 2017-04-27 20:21 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthTelemetry.dll
2017-05-10 20:56 - 2017-04-27 20:20 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\virtdisk.dll
2017-05-10 20:56 - 2017-04-27 20:20 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-05-10 20:56 - 2017-04-27 20:20 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe
2017-05-10 20:56 - 2017-04-27 20:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-05-10 20:56 - 2017-04-27 20:19 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2017-05-10 20:56 - 2017-04-27 20:19 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-05-10 20:56 - 2017-04-27 20:18 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-05-10 20:56 - 2017-04-27 20:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-05-10 20:56 - 2017-04-27 20:17 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-05-10 20:56 - 2017-04-27 20:16 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dxpserver.exe
2017-05-10 20:56 - 2017-04-27 20:16 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2017-05-10 20:56 - 2017-04-27 20:16 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2017-05-10 20:56 - 2017-04-27 20:16 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-05-10 20:56 - 2017-04-27 20:16 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2017-05-10 20:56 - 2017-04-27 20:16 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-10 20:56 - 2017-04-27 20:15 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-05-10 20:56 - 2017-04-27 20:15 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-10 20:56 - 2017-04-27 20:15 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-05-10 20:56 - 2017-04-27 20:15 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-05-10 20:56 - 2017-04-27 20:15 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-05-10 20:56 - 2017-04-27 20:15 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2017-05-10 20:56 - 2017-04-27 20:15 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-10 20:56 - 2017-04-27 20:15 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsentUX.dll
2017-05-10 20:56 - 2017-04-27 20:14 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-05-10 20:56 - 2017-04-27 20:13 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-05-10 20:56 - 2017-04-27 20:13 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-05-10 20:56 - 2017-04-27 20:13 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-05-10 20:56 - 2017-04-27 20:13 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-05-10 20:56 - 2017-04-27 20:13 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-05-10 20:56 - 2017-04-27 20:13 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-05-10 20:56 - 2017-04-27 20:13 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2017-05-10 20:56 - 2017-04-27 20:12 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-05-10 20:56 - 2017-04-27 20:12 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-10 20:56 - 2017-04-27 20:12 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-05-10 20:56 - 2017-04-27 20:11 - 01774080 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-05-10 20:56 - 2017-04-27 20:11 - 01378304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-10 20:56 - 2017-04-27 20:11 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-10 20:56 - 2017-04-27 20:11 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-05-10 20:56 - 2017-04-27 20:11 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2017-05-10 20:56 - 2017-04-27 20:11 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-05-10 20:56 - 2017-04-27 20:10 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-05-10 20:56 - 2017-04-27 20:10 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-05-10 20:56 - 2017-04-27 20:10 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2017-05-10 20:56 - 2017-04-27 20:10 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-05-10 20:56 - 2017-04-27 20:09 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-05-10 20:56 - 2017-04-27 20:09 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-10 20:56 - 2017-04-27 20:09 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-05-10 20:56 - 2017-04-27 20:09 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2017-05-10 20:56 - 2017-04-27 20:09 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-10 20:56 - 2017-04-27 20:08 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-05-10 20:56 - 2017-04-27 20:07 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2017-05-10 20:56 - 2017-04-27 20:07 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2017-05-10 20:56 - 2017-04-27 20:03 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-05-10 20:56 - 2017-04-27 20:03 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-05-10 20:56 - 2017-04-27 20:03 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2017-05-10 20:56 - 2017-04-27 20:03 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsnt.dll
2017-05-10 20:56 - 2017-04-27 20:03 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2017-05-10 20:56 - 2017-04-27 20:00 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2017-05-10 20:56 - 2017-04-27 20:00 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-10 20:56 - 2017-04-27 20:00 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2017-05-10 20:56 - 2017-04-27 19:59 - 01017856 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2017-05-10 20:56 - 2017-04-27 19:59 - 00786432 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-10 20:56 - 2017-04-27 19:59 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2017-05-10 20:56 - 2017-04-27 19:59 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-05-10 20:56 - 2017-04-27 19:58 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2017-05-10 20:56 - 2017-04-27 19:58 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2017-05-10 20:56 - 2017-04-27 19:57 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2017-05-10 20:56 - 2017-04-27 19:55 - 01413632 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-05-10 20:56 - 2017-04-27 19:54 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-10 20:56 - 2017-04-27 19:52 - 00846848 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2017-05-10 20:56 - 2017-04-27 19:50 - 01438720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-10 20:56 - 2017-04-27 19:50 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2017-05-09 13:51 - 2017-05-09 13:51 - 00161216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-05-09 13:50 - 2017-06-04 16:15 - 00220088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-09 13:50 - 2017-05-23 13:41 - 00073664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-05-09 13:50 - 2017-05-23 13:26 - 00096704 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-05-09 13:50 - 2017-05-23 13:26 - 00039360 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-05-09 13:50 - 2017-05-09 13:50 - 00002093 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-05-09 13:50 - 2017-05-09 13:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-09 13:50 - 2017-05-09 13:50 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-09 13:50 - 2017-05-09 13:50 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-09 13:50 - 2017-03-22 11:02 - 00059904 _____ C:\WINDOWS\system32\Drivers\mbae.sys
2017-05-09 13:49 - 2017-05-09 13:49 - 60107896 _____ (Malwarebytes ) C:\Users\bryan\Downloads\mb3-setup-consumer-3.0.6.1469-10103.exe
2017-05-07 19:23 - 2017-05-07 19:25 - 00038468 _____ C:\Users\bryan\Downloads\Addition.txt
2017-05-07 19:20 - 2017-05-07 19:23 - 00061198 _____ C:\Users\bryan\Downloads\FRST.txt
2017-05-07 19:19 - 2017-06-04 16:09 - 00000000 ____D C:\FRST
2017-05-07 19:19 - 2017-05-07 19:19 - 01769984 _____ (Farbar) C:\Users\bryan\Downloads\FRST.exe
2017-05-07 12:36 - 2017-05-07 12:37 - 00000000 ____D C:\Users\bryan\Desktop\kyle go pro
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-06-04 16:14 - 2016-12-05 10:09 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-04 16:14 - 2016-12-05 09:35 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-04 15:57 - 2016-05-22 22:00 - 00000000 ____D C:\Users\bryan\AppData\Local\Packages
2017-06-04 13:43 - 2016-12-05 23:42 - 00000000 ____D C:\WINDOWS\Minidump
2017-06-04 13:43 - 2016-12-05 09:34 - 00000000 ___DC C:\WINDOWS\Panther
2017-06-04 13:43 - 2016-07-16 04:28 - 00000000 ____D C:\WINDOWS\INF
2017-06-04 11:43 - 2015-08-25 16:34 - 00000000 ____D C:\Users\bryan\Documents\Outlook Files
2017-06-04 10:32 - 2016-07-16 04:29 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-03 10:00 - 2016-07-16 04:29 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-31 16:19 - 2016-07-16 04:29 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-31 16:19 - 2016-07-16 04:19 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-31 16:11 - 2015-08-25 16:34 - 00000000 ___RD C:\Users\bryan\iCloudDrive
2017-05-31 12:32 - 2016-12-05 09:42 - 02204390 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-31 11:28 - 2016-12-05 09:43 - 00000000 ____D C:\Users\bryan
2017-05-30 20:17 - 2014-10-25 11:55 - 00456360 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-05-26 13:50 - 2014-11-18 22:36 - 129479984 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-26 13:50 - 2014-11-18 22:36 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-20 02:21 - 2017-05-02 03:12 - 00000000 ____D C:\WINDOWS\Microsoft Antimalware
2017-05-19 22:09 - 2016-07-15 22:22 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-05-18 19:49 - 2016-07-16 09:08 - 00000000 ____D C:\Users\bryan\Desktop\TPP DOCS
2017-05-18 15:33 - 2016-07-16 04:29 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-18 15:31 - 2016-07-16 04:29 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-05-18 15:31 - 2014-10-26 15:49 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-05-18 15:27 - 2014-10-26 15:45 - 00000000 ____D C:\Program Files\Microsoft Office
2017-05-13 00:19 - 2015-04-12 18:50 - 00000000 ____D C:\ProgramData\Browser
2017-05-12 23:07 - 2016-07-16 04:29 - 00000000 ____D C:\WINDOWS\rescache
2017-05-12 22:13 - 2014-10-25 12:34 - 00002218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-12 22:13 - 2014-10-25 12:34 - 00002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-11 11:33 - 2016-02-13 08:21 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-11 11:30 - 2016-07-16 04:29 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-05-11 10:50 - 2016-12-05 09:34 - 00353016 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-11 10:47 - 2016-07-16 04:29 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-11 10:47 - 2016-07-16 04:29 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-11 10:47 - 2016-07-16 04:29 - 00000000 ___RD C:\Program Files\Windows Defender
2017-05-11 10:47 - 2016-07-16 04:29 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-05-11 10:47 - 2016-07-16 04:29 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-05-11 10:47 - 2016-07-16 04:29 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-11 10:47 - 2016-07-16 04:29 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-11 10:47 - 2016-07-16 04:29 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-11 10:47 - 2016-07-16 04:29 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-11 10:47 - 2016-07-15 22:22 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-07 20:04 - 2016-09-28 11:46 - 00000000 ____D C:\Users\bryan\AppData\Local\ElevatedDiagnostics
2017-05-06 21:44 - 2016-07-16 04:29 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-05-06 10:10 - 2017-05-02 18:54 - 00061035 _____ C:\Users\bryan\Desktop\HP Installation Error - Windows 8.hta
2017-05-06 09:59 - 2014-12-18 01:00 - 00673102 _____ C:\WINDOWS\hpoins40.dat
2017-05-06 09:56 - 2009-07-13 22:04 - 00000615 _____ C:\WINDOWS\win.ini
2017-05-06 09:02 - 2016-08-21 21:33 - 00673102 ____N C:\WINDOWS\hpoins40.dat.temp
==================== Files in the root of some directories =======
2015-04-11 17:46 - 2015-04-11 17:47 - 0039853 __RSH () C:\Program Files\DLS8Uninstall.log
2017-05-11 21:46 - 2017-05-11 21:46 - 0000017 _____ () C:\Users\bryan\AppData\Local\resmon.resmoncfg
2017-02-26 03:20 - 2017-02-26 03:20 - 0000000 _____ () C:\Users\bryan\AppData\Local\{52302042-43E6-4833-AC52-B770D68C40D8}
2015-09-02 15:02 - 2015-09-02 15:02 - 0000000 _____ () C:\Users\bryan\AppData\Local\{9BF062BA-FCBF-4822-ADFF-33E6B8F7A33F}
2014-12-18 01:00 - 2017-05-06 10:11 - 0010669 _____ () C:\ProgramData\hpzinstall.log
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 02-06-2017
Ran by bryan (04-06-2017 16:21:38)
Running from C:\Users\bryan\Desktop
Microsoft Windows 10 Home Version 1607 (X86) (2016-12-05 14:19:20)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-191501728-1260249008-2198610037-500 - Administrator - Disabled)
bryan (S-1-5-21-191501728-1260249008-2198610037-1000 - Administrator - Enabled) => C:\Users\bryan
DefaultAccount (S-1-5-21-191501728-1260249008-2198610037-503 - Limited - Disabled)
Guest (S-1-5-21-191501728-1260249008-2198610037-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-191501728-1260249008-2198610037-1002 - Limited - Enabled)
Kids (S-1-5-21-191501728-1260249008-2198610037-1004 - Limited - Enabled) => C:\Users\Kids
Kristen (S-1-5-21-191501728-1260249008-2198610037-1003 - Administrator - Enabled) => C:\Users\Kristen
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
32 Bit HP CIO Components Installer (Version: 13.1.2 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
AMD Catalyst Control Center (HKLM\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{430916C8-9522-61DB-4C65-354FF40982EA}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AmericasCardroom (HKLM\...\296836EA-EF3A-4C36-8C13-3A6C1DB2D4BE) (Version: 16.6 - IGSoft)
ANT Drivers Installer x86 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-bit) (HKLM\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{15A0A9A6-6CF0-4EEE-8E12-096B33F92CA7}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
B209a-m (Version: 140.0.690.000 - Hewlett-Packard) Hidden
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
BovadaPoker (HKLM\...\{D7CA2DF8-95CE-4C80-9296-98E21219A1E5}}_is1) (Version: - )
BufferChm (Version: 140.0.212.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.30 - Piriform)
Cisco AnyConnect Secure Mobility Client (HKLM\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05170 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (Version: 3.1.05170 - Cisco Systems, Inc.) Hidden
Coupon Printer for Windows (HKLM\...\Coupon Printer for Windows5.0.0.0) (Version: 5.0.0.0 - Coupons.com Incorporated)
Destinations (Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 140.0.212.000 - Hewlett-Packard) Hidden
DYMO Label v.8 (HKLM\...\DYMO Label v.8) (Version: 8.5.1.1816 - Sanford, L.P.)
Elevated Installer (Version: 4.0.15.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM\...\{50755d67-ae60-4e47-b3d6-ce44d01b5a95}) (Version: 4.0.15.0 - Garmin Ltd or its subsidiaries)
Garmin Express (Version: 4.0.15.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (Version: 4.0.15.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Earth (HKLM\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.33.3 - Google Inc.) Hidden
GPBaseService2 (Version: 140.0.211.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Photosmart Plus B209a-m All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{B2DAB009-8236-48A0-AD7F-E940F5AB1578}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Solutions Framework (HKLM\...\{E35601C0-BA8E-4F32-919A-C7EF4CA81F67}) (Version: 11.51.0048 - Hewlett-Packard Company)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 140.0.211.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{C3867553-D9F8-416E-8F14-EFF234A48577}) (Version: 5.1.0.34 - Apple Inc.)
iFunbox (v3.0.3109.1352) (HKLM\...\iFunbox_is1) (Version: v3.0.3109.1352 - iFunbox DevTeam)
Ignition Casino (HKLM\...\{D7CA2DF8-95CE-4C80-9296-98E21219A1E4}}_is1) (Version: - )
iTunes (HKLM\...\{558C7B3E-84D0-4215-96EA-29282037F69D}) (Version: 12.4.3.1 - Apple Inc.)
Java 8 Update 131 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
MarketResearch (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.7369.2130 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-191501728-1260249008-2198610037-1000\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Office 16 Click-to-Run Extensibility Component (Version: 16.0.7369.2130 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7369.2130 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.7369.2130 - Microsoft Corporation) Hidden
PS_AIO_06_B209a-m_SW_Min (Version: 140.0.690.000 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
QuickTransfer (Version: 140.0.98.000 - Hewlett-Packard) Hidden
Samsung Printer Center (HKLM\...\Samsung Printer Center) (Version: 1.0.0.21 - Samsung Electronics Co., Ltd.)
Scan (Version: 140.0.80.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype Click to Call (HKLM\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.25 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.106 - Skype Technologies S.A.)
SmartWebPrinting (Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 140.0.213.000 - Hewlett-Packard) Hidden
Spotify (HKU\S-1-5-21-191501728-1260249008-2198610037-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Status (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Toolbox (Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Uninstall Samsung Printer Software (HKLM\...\TotalUninstaller) (Version: 4.0.0.13 - Samsung Electronics CO., LTD.)
WebReg (Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinZip 18.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E2}) (Version: 18.5.11111 - WinZip Computing, S.L. )
Yahoo Search Set (HKLM\...\Yahoo! SearchSet) (Version: - Yahoo Inc.)
Yahoo! Toolbar (HKLM\...\Yahoo! Companion) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0075C212-33FC-4FC9-97AA-D42656D627C0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {012CA27D-4164-467F-840C-21DA946D65C1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {0827FDE6-1D39-4E79-BD7D-1A90101F2D3A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {1B345C7E-77CC-45C1-BA73-EF8990085C2A} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe
Task: {24E5D595-070D-46B6-A362-6A2F199C5FF2} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-05-06] (Microsoft Corporation)
Task: {28360A58-4AD2-456C-8802-DBA9AF885E8A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {29D2F626-0DD4-450B-A063-971468A60581} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {2A1D45D5-4CAE-4132-98B1-06F4701BFCDF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {2C49E6D5-2CB4-4F2C-BEB8-2229E942C93A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe
Task: {2EB8CF56-4C96-434F-B0D0-B991DE1ABE3C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {3A95063F-75AA-47E7-97ED-01E3413BCC8F} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe
Task: {3AB2B734-68B6-4D2C-9694-E9DF6DF2EFE2} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {3C01E2A5-AE15-46AD-9AA0-9ECC2F708DD4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {3C75E2C7-2B93-42F0-92A5-68176BFAFAB9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-05-06] (Microsoft Corporation)
Task: {3ED8D523-0AA5-4E00-B440-809231BFDCEE} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {4633EFE2-0CD8-49C6-B1CC-8EFB379E8132} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe
Task: {46396EAB-4109-4A48-BB2C-A6AC26556477} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {4F1D5844-28E4-4662-9343-C9A571F0498E} - System32\Tasks\GarminUpdaterTask => C:\Program Files\Garmin\Express Self Updater\ExpressSelfUpdater.exe
Task: {55F2E223-3445-4DCB-8C21-5FBB8CEE8CA1} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {5913EDAB-E5E4-4C0F-9A01-B23044934121} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {5AEAD1B7-D54B-4DE0-940D-A2ED26B535AE} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {5EC29C89-309A-4E0D-8A60-BE54263CE2C2} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe
Task: {66EDB7DA-FF0E-4A1A-85FB-41DF8ACC7D78} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {6708F655-9EA5-44D1-A75A-DE80BD608A69} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe
Task: {6DB5C4A0-CB37-4BB0-AB4B-8A8A583CAA48} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-05] (Microsoft Corporation)
Task: {6EBB3FD2-A124-4337-9A93-85339E414F8E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {7ED7FEF5-8EA0-445C-8747-7ED15FEA0A69} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {8223C3B5-3B3A-4007-AB44-3C4535300409} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-05] (Microsoft Corporation)
Task: {85B5AB01-3FFD-4049-A311-6AC710A86A21} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {88B9FE6D-654E-4107-8DB8-287ACBF11225} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {9C64321A-4D3B-47FF-9568-D9E7BD859A97} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {A1860285-9A8A-4E76-A855-70BE189FFB7A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {A60006B6-7987-48CF-B7AE-559D5A1AC479} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\bryan\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {A8A6C4AD-2BD7-4716-B803-7640D24D02B0} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {AC4C301D-BECE-4911-AE05-B320D6253F71} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {B8898115-C61E-4B39-886B-459D0A8571FC} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {C017034D-54B1-4660-8E8F-D670367DC792} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe
Task: {C4CDA869-EF12-4A96-8232-E02C50043FE4} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {C6AC1913-8819-4701-A53F-5F39555EFF69} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe
Task: {CEACD934-FB57-4D57-885D-9CCA3DE619B3} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe
Task: {D46706C3-1DB8-4C5B-A9B2-5E9436476184} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-05-06] (Microsoft Corporation)
Task: {DBFD3DB2-488B-4C24-A1CB-051155210E29} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {DD77FC03-E3EE-40DA-B3E1-B90CCE2B2904} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {E3C15440-CCFA-4C29-B2E5-1683782C1DD9} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe
Task: {EC16033C-1429-4CBE-9EA9-F2AC5CD624EE} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe
Task: {F09C5EDA-9009-4FAA-9BC6-221350C84736} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-05-19] (Piriform Ltd)
Task: {F0C79BEA-14C2-4B70-928D-637CF751E22B} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {F3AB1ED7-6745-4A59-A9AF-F59D53F85883} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {F4167EF9-9952-4E97-A09D-7C1DE4F9C742} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe
Task: {FB98395D-B9AF-4041-B9BA-FC9ECE19733F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\bryan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Brian - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) ==============
2016-07-16 04:25 - 2016-07-16 04:25 - 00190976 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-05-10 20:58 - 2017-04-27 20:56 - 02048488 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2014-06-10 23:34 - 2014-06-10 23:34 - 00063400 _____ () C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2010-03-11 03:35 - 2010-03-11 03:35 - 00026624 _____ () C:\WINDOWS\System32\sso4ml3.dll
2016-09-28 17:58 - 2015-03-11 22:43 - 00018432 _____ () C:\WINDOWS\System32\ux003lm.dll
2015-08-21 23:08 - 2015-08-21 23:08 - 00203776 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 08:10 - 2014-02-11 08:10 - 03854336 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2014-02-11 08:10 - 2014-02-11 08:10 - 00618496 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2015-08-21 23:08 - 2015-08-21 23:08 - 00114688 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2016-09-28 17:58 - 2016-09-28 17:58 - 00143664 _____ () C:\WINDOWS\system32\SecUPDUtilSvc.exe
2016-03-18 22:56 - 2016-03-18 22:56 - 00080184 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 16:23 - 2016-07-05 16:23 - 01041208 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-05-09 13:50 - 2017-03-22 10:24 - 01736992 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2016-07-18 18:54 - 2017-05-05 16:58 - 08923840 _____ () C:\Program Files\Microsoft Office\root\Office16\1033\GrooveIntlResource.dll
2016-07-16 04:25 - 2016-07-16 04:25 - 00108032 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 13:10 - 2017-03-04 02:24 - 00321536 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 13:08 - 2017-03-04 02:04 - 06726656 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 13:08 - 2017-03-04 01:58 - 01150464 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-12-04 02:02 - 2016-12-04 02:02 - 00526848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-05-10 20:57 - 2017-04-27 19:52 - 00779776 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-05-10 20:57 - 2017-04-27 19:52 - 01724928 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-05-10 20:57 - 2017-04-27 19:55 - 03158016 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-07-05 16:23 - 2016-07-05 16:23 - 00244536 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll
2016-09-06 10:12 - 2015-07-27 21:45 - 00497152 _____ () C:\Program Files\i-Funbox DevTeam\exifext.dll
2015-08-21 23:08 - 2015-08-21 23:08 - 00095744 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2017-04-07 15:46 - 2017-03-28 22:04 - 02187096 _____ () C:\Program Files\Google\Chrome\Application\57.0.2987.133\libglesv2.dll
2017-04-07 15:46 - 2017-03-28 22:04 - 00086360 _____ () C:\Program Files\Google\Chrome\Application\57.0.2987.133\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 22:04 - 2009-06-10 17:39 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-191501728-1260249008-2198610037-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKU\S-1-5-21-191501728-1260249008-2198610037-1000\...\StartupApproved\Run: => "Skype"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{7BDF983D-2708-4329-BAAD-956DEBDEC63A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{067D61F1-5F8F-4B4E-BFFF-DE0065DFBF00}] => (Allow) C:\Program Files\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe
FirewallRules: [{9454F0A1-B05D-4BD6-94FE-F689ABBF7BB0}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{E437411A-E2CA-4BD3-BA71-436AE48B383C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{7EAE30B6-DCB8-41D1-A12A-B8A22FBA9A41}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{1C307108-3589-47D4-AAD9-0376CD41694D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{95EF5E5A-3807-4787-8FD8-AE0B773464C0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{38410317-FE14-4C36-B86D-60D0624781C3}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{A1B4595C-1AC3-4185-8CFA-D491B679EBD8}C:\program files\connectify\connectify.exe] => (Allow) C:\program files\connectify\connectify.exe
FirewallRules: [UDP Query User{9D20BD4E-9636-4C90-A79C-391DB4C8BA0E}C:\program files\connectify\connectify.exe] => (Allow) C:\program files\connectify\connectify.exe
FirewallRules: [{743D185A-E096-44A9-BA4F-54D53F818269}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{E9236473-19B8-4751-B172-C02B6F660B6E}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{5B86BF6C-B715-427F-A4FA-04AC29B4C1BD}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{65D33ADB-E672-4A6C-86C3-101CE12EB90B}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{1D2BDD16-0DBD-4882-AB10-E1209A721CCC}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{24BF85F3-C533-4FFF-BFF1-FEC5DBB72BD4}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{CDB0E10D-C3D0-4D68-B765-1A649FA9CD5D}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{BB89A69E-110D-4248-BD1F-8D3093797B91}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{F61D125C-A506-4D44-9821-0EF16F122D80}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{B131CB23-7078-491E-A70F-3437FB624C11}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{4CA0672D-624B-4DA8-A3FF-B352A1049879}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{F5B5B2AA-5730-4721-B8C3-EBC6687F9588}] => (Allow) C:\Program Files\HP\hp software update\hpwucli.exe
FirewallRules: [{40257845-35A3-4905-BFA9-502B12DD7A82}] => (Allow) C:\Program Files\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{ED6BEB97-B13F-4FED-AEBB-593767D5D1C6}] => (Allow) C:\Program Files\File Type Assistant\TSAssist.exe
FirewallRules: [{FC1F1C40-9889-4B4E-8C8E-3B2717D55548}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{159B76CB-57CE-4968-BE75-E015EC645536}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{EDF99E1D-0D5F-41B4-A029-03C4B240389B}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{E409D590-2270-4FC3-BFD8-D2D2576E4BCD}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{ABEB77AB-052E-4AFA-AD5C-5BD08CA8EF84}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{60E9BB51-FC50-4421-B5A4-4289795A6F0C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/04/2017 04:20:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24
Error: (06/04/2017 04:20:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23
Error: (06/04/2017 04:20:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22
Error: (06/04/2017 04:20:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21
Error: (06/04/2017 04:20:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20
Error: (06/04/2017 04:20:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 19
Error: (06/04/2017 04:20:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 18
Error: (06/04/2017 04:20:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 17
Error: (06/04/2017 04:20:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 16
Error: (06/04/2017 04:20:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 15
System errors:
=============
Error: (06/04/2017 04:16:50 PM) (Source: DCOM) (EventID: 10000) (User: BRIAN-PC)
Description: Unable to start a DCOM Server: {ABC01078-F197-4B0B-ADBC-CFE684B39C82}. The error:
"2"
Happened while starting this command:
"C:\Program Files\Google\Update\1.3.33.3\GoogleUpdateOnDemand.exe" -Embedding
Error: (06/04/2017 04:16:31 PM) (Source: DCOM) (EventID: 10000) (User: BRIAN-PC)
Description: Unable to start a DCOM Server: {ABC01078-F197-4B0B-ADBC-CFE684B39C82}. The error:
"2"
Happened while starting this command:
"C:\Program Files\Google\Update\1.3.33.3\GoogleUpdateOnDemand.exe" -Embedding
Error: (06/04/2017 04:16:18 PM) (Source: DCOM) (EventID: 10000) (User: BRIAN-PC)
Description: Unable to start a DCOM Server: {ABC01078-F197-4B0B-ADBC-CFE684B39C82}. The error:
"2"
Happened while starting this command:
"C:\Program Files\Google\Update\1.3.33.3\GoogleUpdateOnDemand.exe" -Embedding
Error: (06/04/2017 04:14:54 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/04/2017 04:14:54 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/04/2017 04:14:51 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/04/2017 04:14:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Garmin Device Interaction Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (06/04/2017 04:14:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Garmin Device Interaction Service service to connect.
Error: (06/04/2017 04:14:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Error: (06/04/2017 04:13:43 PM) (Source: Microsoft-Windows-HAL) (EventID: 13) (User: NT AUTHORITY)
Description: The system watchdog timer was triggered.
CodeIntegrity:
===================================
Date: 2017-06-04 16:18:04.908
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-06-04 16:18:04.904
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-06-04 15:59:49.115
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-06-04 15:59:49.110
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-06-04 15:57:46.161
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-06-04 15:57:46.155
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-06-04 10:58:06.374
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-06-03 10:23:52.657
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-06-02 10:51:21.709
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-05-30 20:37:53.705
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: AMD A6-3400M APU with Radeon HD Graphics
Percentage of memory in use: 51%
Total physical RAM: 3062.86 MB
Available physical RAM: 1485.81 MB
Total Virtual: 6134.86 MB
Available Virtual: 4044.87 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:110.81 GB) (Free:45.07 GB) NTFS