Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-12-2015 Ran by ronni (administrator) on DELL-PRECISION7 (05-12-2015 10:27:45) Running from C:\Users\ronni\Desktop Loaded Profiles: ronni (Available Profiles: ronni) Platform: Windows 10 Pro Version 1511 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe () C:\Windows\System32\nvwmi64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\47.0.2526.18\remoting_host.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Dell Inc.) C:\Program Files\Dell\Command Monitor\dataeng\bin\dsm_sa_eventmgr64.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Dell Inc.) C:\Program Files\Dell\Command Monitor\dataeng\bin\dsm_sa_datamgr64.exe (Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe (Symantec Corporation) C:\Program Files\Symantec.cloud\EndpointProtectionAgent\Engine\22.5.2.15\NIS.exe (Dell Inc.) C:\Program Files\Dell\PPO\poaService.exe (Dell Inc.) C:\Program Files\Dell\PPO\poaSmSrv.exe (Dell Inc.) C:\Program Files\Dell\PPO\poaTaServ.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Microsoft Online Services\MSOIDSVC.EXE (Symantec Corporation) C:\Program Files\Symantec.cloud\PlatformAgent\ccSvcHst.exe () C:\Program Files\Synergy\synergyd.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe (Symantec Corporation) C:\Program Files\Symantec.cloud\AntiVirus\AVAgent.exe (Symantec Corporation) C:\Program Files\Symantec.cloud\PlatformAgent32\ccSvcHst.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\47.0.2526.18\remoting_host.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Microsoft Online Services\MSOIDSVCM.EXE (Symantec Corporation) C:\Program Files\Symantec.cloud\AntiVirus\ssDVAgent.exe () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe () C:\Windows\System32\nvwmi64.exe (Symantec Corporation) C:\Program Files\Symantec.cloud\EndpointProtectionAgent\Engine\22.5.2.15\NIS.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Symantec Corporation) C:\Program Files\Symantec.cloud\EndpointProtectionAgent\Engine\22.5.2.15\NIS.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe (Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe () C:\Program Files\Synergy\synergyc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Symantec Corporation) C:\Program Files\Symantec.cloud\PlatformAgent\PAUI.exe (Dell Inc.) C:\Program Files\Dell\PPO\DellPoaEvents.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Flux Software LLC) C:\Users\ronni\AppData\Local\FluxSoftware\Flux\flux.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe (AgileBits) C:\Program Files (x86)\1Password 4\Agile1pAgent.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Apple Inc.) C:\Program Files (x86)\AirPort\APAgent.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkypeHost.exe () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe (Joyent, Inc) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe (Joyent, Inc) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.23.23.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe () C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1201.10020.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe () C:\Program Files\WindowsApps\Microsoft.People_10.0.3350.0_x64__8wekyb3d8bbwe\PeopleApp.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office16\MSOSYNC.EXE ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8513784 2015-10-31] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-10-31] (Realtek Semiconductor) HKLM\...\Run: [SymantecPaui] => C:\Program Files\Symantec.cloud\PlatformAgent\PAUI.exe [3398512 2015-09-17] (Symantec Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-10-30] (Adobe Systems Incorporated) HKLM\...\Run: [DellPoaEvents] => C:\Program Files\Dell\PPO\DellPoaEvents.exe [6040264 2015-09-15] (Dell Inc.) HKLM\...\Run: [VX3000] => C:\WINDOWS\vVX3000.exe HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.) HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [531808 2015-11-26] (Acronis) HKLM-x32\...\Run: [Agile1pAgent] => C:\Program Files (x86)\1Password 4\Agile1pAgent.exe [4860688 2015-10-26] (AgileBits) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36713096 2015-11-04] (Dropbox, Inc.) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2304688 2015-11-25] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1856184 2015-09-30] (Adobe Systems Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [AirPort Base Station Agent] => C:\Program Files (x86)\AirPort\APAgent.exe [771360 2009-11-11] (Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [14688 2015-05-29] (Western Digital Technologies, Inc.) HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5564784 2015-09-11] (Western Digital Technologies, Inc.) HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104128 2015-10-18] (VMware, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation) HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [651560 2015-11-10] (Acronis International GmbH) HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7211112 2015-11-26] () HKU\S-1-5-21-2076635440-3871483252-621631334-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50137728 2015-11-17] (Skype Technologies S.A.) HKU\S-1-5-21-2076635440-3871483252-621631334-1001\...\Run: [f.lux] => C:\Users\ronni\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC) HKU\S-1-5-21-2076635440-3871483252-621631334-1001\...\Run: [AirServer64] => C:\Program Files\App Dynamic\AirServer\AirServer.exe [4593472 2015-10-27] (App Dynamic ehf) HKU\S-1-5-21-2076635440-3871483252-621631334-1001\...\Run: [Droplr] => C:\Program Files\Droplr\Droplr.exe [445952 2015-10-12] (Droplr) HKU\S-1-5-21-2076635440-3871483252-621631334-1001\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-2076635440-3871483252-621631334-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [876216 2015-09-30] (Adobe Systems Incorporated) HKU\S-1-5-21-2076635440-3871483252-621631334-1001\...\Run: [Zoom] => 0 HKU\S-1-5-21-2076635440-3871483252-621631334-1001\...\Run: [GoogleChromeAutoLaunch_223ED3D3CBA109DB2E19244C4385A7C9] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [741704 2015-11-24] (Google Inc.) ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Symantec.cloud\EndpointProtectionAgent\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Symantec.cloud\EndpointProtectionAgent\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Symantec.cloud\EndpointProtectionAgent\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] () ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-11-11] (Acronis) ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-11-11] (Acronis) ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-11-11] (Acronis) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-04] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 9.lnk [2015-10-23] ShortcutTarget: Snagit 9.lnk -> C:\Program Files (x86)\TechSmith\Snagit 9\Snagit32.exe (TechSmith Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\YubiKey PIV Manager PIN-check.lnk [2015-11-23] ShortcutTarget: YubiKey PIV Manager PIN-check.lnk -> C:\Program Files (x86)\Yubico\YubiKey PIV Manager\pivman.exe () Startup: C:\Users\ronni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneDrive for Business.lnk [2015-11-25] ShortcutTarget: OneDrive for Business.lnk -> C:\Program Files\Microsoft Office\Office16\GROOVE.EXE (Microsoft Corporation) Startup: C:\Users\ronni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Password Safe.lnk [2015-11-25] ShortcutTarget: Password Safe.lnk -> C:\Program Files (x86)\Password Safe\pwsafe.exe (SourceForge.net) Startup: C:\Users\ronni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Slack.lnk [2015-11-30] ShortcutTarget: Slack.lnk -> C:\Users\ronni\AppData\Local\slack\Update.exe (GitHub) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{8bbba290-653b-448d-86ef-2a3299113da0}: [NameServer] 192.168.1.1 Tcpip\..\Interfaces\{cf58447f-c5d7-42fe-a3c2-4ffbe886c7b3}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-2076635440-3871483252-621631334-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gogle.com/ SearchScopes: HKU\S-1-5-21-2076635440-3871483252-621631334-1001 -> {F0580FD6-8DB3-449E-A106-65197763BAE7} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 9\DLLx64\SnagitBHO64.dll [2009-10-15] (TechSmith Corporation) BHO: 1Password -> {037C06D5-3893-49E8-9AC0-41F7524AFBF5} -> C:\Program Files (x86)\1Password 4\x64\Agile1pIE4.dll [2015-10-26] (AgileBits) BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Symantec.cloud\EndpointProtectionAgent\Engine64\22.5.2.15\coIEPlg.dll [2015-07-09] (Symantec Corporation) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-10-28] (Microsoft Corporation) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated) BHO-x32: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 9\SnagitBHO.dll [2009-10-15] (TechSmith Corporation) BHO-x32: 1Password -> {037C06D5-3893-49E8-9AC0-41F7524AFBF5} -> C:\Program Files (x86)\1Password 4\x86\Agile1pIE4.dll [2015-10-26] (AgileBits) BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Symantec.cloud\EndpointProtectionAgent\Engine\22.5.2.15\coIEPlg.dll [2015-07-09] (Symantec Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-22] (Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-10-28] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-22] (Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Symantec.cloud\EndpointProtectionAgent\Engine64\22.5.2.15\coIEPlg.dll [2015-07-09] (Symantec Corporation) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Symantec.cloud\EndpointProtectionAgent\Engine\22.5.2.15\coIEPlg.dll [2015-07-09] (Symantec Corporation) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitIEAddin.dll [2009-10-15] (TechSmith Corporation) Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-10-27] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-10-27] (Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-10-27] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-10-27] (Microsoft Corporation) Edge: ====== Edge HomeButtonPage: HKU\S-1-5-21-2076635440-3871483252-621631334-1001 -> hxxp://www.google.com/ FireFox: ======== FF ProfilePath: C:\Users\ronni\AppData\Roaming\Mozilla\Firefox\Profiles\hx2n3gcw.default FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-11-25] (Adobe Systems) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] () FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-22] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-22] (Oracle Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-07-22] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-07-22] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2015-09-30] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-11-25] (Adobe Systems) FF Plugin HKU\S-1-5-21-2076635440-3871483252-621631334-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\ronni\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2015-09-22] (Zoom Video Communications, Inc.) FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.2.15\coFFPlgn FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.2.15\coFFPlgn [2015-12-01] [not signed] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2015-10-23] [not signed] Chrome: ======= CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "hxxps://www.google.com/" CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=orcl_default CHR DefaultSearchKeyword: Default -> Yahoo CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10 CHR Plugin: (Widevine Content Decryption Module) - C:\Users\ronni\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.824\_platform_specific\win_x86\widevinecdmadapter.dll (Google Inc.) CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.73\PepperFlash\pepflashplayer.dll () CHR Profile: C:\Users\ronni\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (TechSmith Snagit (Extension)) - C:\Users\ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\annopcfmbiofommjmcmcfmhklhgbhkce [2015-12-04] CHR Extension: (Google Docs) - C:\Users\ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-22] CHR Extension: (1Password: Password Manager and Secure Wallet) - C:\Users\ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aomjjhallfgjeglblehebfpbcfeobpgk [2015-10-22] CHR Extension: (Google Drive) - C:\Users\ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22] CHR Extension: (YouTube) - C:\Users\ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-22] CHR Extension: (No Name) - C:\Users\ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-12-04] CHR Extension: (TrafficLight) - C:\Users\ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfnpidifppmenkapgihekkeednfoenal [2015-11-06] CHR Extension: (Google Search) - C:\Users\ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2015-10-22] CHR Extension: (Dropbox for Gmail) - C:\Users\ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2015-12-04] CHR Extension: (Adobe Acrobat) - C:\Users\ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-11-20] CHR Extension: (Gmail Offline) - C:\Users\ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2015-10-22] CHR Extension: (User-Agent Switcher) - C:\Users\ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffhkkpnppgnfaobgihpdblnhmmbodake [2015-10-22] CHR Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2015-10-22] CHR Extension: (Chrome Remote Desktop) - C:\Users\ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2015-11-04] CHR Extension: (Google Docs Offline) - C:\Users\ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-20] CHR Extension: (Bitly Unleash the power of the link) - C:\Users\ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic [2015-10-22] CHR Extension: (Dropbox) - C:\Users\ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2015-10-22] CHR Extension: (WhatFont) - C:\Users\ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2015-10-22] CHR Extension: (Slack) - C:\Users\ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeogkiiogjbmhklcnbgkdcjoioegiknm [2015-10-22] CHR Extension: (Google Mail Checker) - C:\Users\ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2015-10-22] CHR Extension: (Ghostery) - C:\Users\ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-10-22] CHR Extension: (Asana) - C:\Users\ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafkcmbfnknnkmbdbdhflbidiigecfln [2015-10-22] CHR Extension: (Chrome Web Store Payments) - C:\Users\ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-22] CHR Extension: (Trello) - C:\Users\ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\oflhioojkbelepjlnafgmgkkjhojphcg [2015-10-22] CHR Extension: (Gmail) - C:\Users\ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-22] CHR Profile: C:\Users\ronni\AppData\Local\Google\Chrome\User Data\Profile 1 CHR Extension: (Google Slides) - C:\Users\ronni\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-26] CHR Extension: (Google Docs) - C:\Users\ronni\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-26] CHR Extension: (Google Drive) - C:\Users\ronni\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-26] CHR Extension: (YouTube) - C:\Users\ronni\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-26] CHR Extension: (Norton Security Toolbar) - C:\Users\ronni\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2015-10-26] CHR Extension: (Google Search) - C:\Users\ronni\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30] CHR Extension: (Google Sheets) - C:\Users\ronni\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-26] CHR Extension: (Google Docs Offline) - C:\Users\ronni\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-30] CHR Extension: (Chrome Web Store Payments) - C:\Users\ronni\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-26] CHR Extension: (Gmail) - C:\Users\ronni\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-26] CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Symantec.cloud\EndpointProtectionAgent\Engine\22.5.2.15\Exts\Chrome.crx [2015-10-22] CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [aaffhmecfaelkngcbnfdkcckmillnoki] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Symantec.cloud\EndpointProtectionAgent\Engine\22.5.2.15\Exts\Chrome.crx [2015-10-22] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [683696 2015-11-16] (Adobe Systems Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016448 2015-11-25] (Adobe Systems, Incorporated) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.) R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\47.0.2526.18\remoting_host.exe [69448 2015-10-14] (Google Inc.) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-22] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-22] (Dropbox, Inc.) R2 dcevt64; C:\Program Files\Dell\Command Monitor\dataeng\bin\dsm_sa_eventmgr64.exe [205640 2015-06-19] (Dell Inc.) R2 dcstor64; C:\Program Files\Dell\Command Monitor\dataeng\bin\dsm_sa_datamgr64.exe [287560 2015-06-19] (Dell Inc.) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company) R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4884064 2015-08-11] (Acronis) R2 msoidsvc; C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [2079520 2012-05-17] (Microsoft Corp.) R2 NIS; C:\Program Files\Symantec.cloud\EndpointProtectionAgent\Engine\22.5.2.15\NIS.exe [282016 2015-07-24] (Symantec Corporation) R2 NVWMI; C:\WINDOWS\system32\nvwmi64.exe [3163976 2015-06-17] () R2 poaService; C:\Program Files\Dell\PPO\poaService.exe [1188696 2015-09-15] (Dell Inc.) R2 PoaSMSrv; C:\Program Files\Dell\PPO\poaSmSrv.exe [313176 2015-09-15] (Dell Inc.) R2 poaTaServ; C:\Program Files\Dell\PPO\poaTaServ.exe [1028952 2015-09-15] (Dell Inc.) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [308472 2015-10-31] (Realtek Semiconductor) R2 SsPaAdm; C:\Program Files\Symantec.cloud\PlatformAgent\ccSvcHst.exe [191856 2015-09-17] (Symantec Corporation) R2 ssPaSetMgr; C:\Program Files\Symantec.cloud\PlatformAgent32\ccSvcHst.exe [138272 2015-09-17] (Symantec Corporation) R2 ssSpnAv; C:\Program Files\Symantec.cloud\AntiVirus\AVAgent.exe [448368 2015-08-28] (Symantec Corporation) R2 Synergy; C:\Program Files\Synergy\synergyd.exe [311488 2015-11-19] () S3 ThunderboltService; C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [1723048 2015-06-10] (Intel Corporation) R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [12465856 2015-10-18] () R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2015-09-11] (Western Digital Technologies, Inc.) R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [307064 2015-09-11] (Western Digital Technologies, Inc.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 BHDrvx64; C:\Program Files\Symantec.cloud\EndpointProtectionAgent\NortonData\22.5.2.15\Definitions\BASHDefs\20151113.001\BHDrvx64.sys [1665608 2015-10-22] (Symantec Corporation) R1 ccSet_Cloud; C:\WINDOWS\SysWOW64\Drivers\Symantec.cloud\ccSetx64.sys [167072 2015-09-17] (Symantec Corporation) R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1605020.00F\ccSetx64.sys [173808 2015-07-10] (Symantec Corporation) R3 dcdbas; C:\Windows\System32\drivers\dcdbas64.sys [48464 2015-06-19] (Dell Inc.) S3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation) S3 DellProf; C:\Windows\system32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation) R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d65x64.sys [547840 2015-10-22] (Intel Corporation) R3 e1rexpress; C:\Windows\system32\DRIVERS\e1r65x64.sys [486344 2015-07-06] (Intel Corporation) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-11-17] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [157520 2015-11-17] (Symantec Corporation) R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [339808 2015-12-03] (Acronis International GmbH) R1 IDSVia64; C:\Program Files\Symantec.cloud\EndpointProtectionAgent\NortonData\22.5.2.15\Definitions\IPSDefs\20151204.001\IDSvia64.sys [767224 2015-10-22] (Symantec Corporation) R3 IntcAzAudAddService; C:\Windows\system32\drivers\RTDVHD64.sys [2558208 2015-10-31] (Realtek Semiconductor Corp.) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-11-10] (Intel Corporation) R3 NAVENG; C:\Program Files\Symantec.cloud\EndpointProtectionAgent\NortonData\22.5.2.15\Definitions\VirusDefs\20151204.016\ENG64.SYS [138488 2015-11-01] (Symantec Corporation) R3 NAVEX15; C:\Program Files\Symantec.cloud\EndpointProtectionAgent\NortonData\22.5.2.15\Definitions\VirusDefs\20151204.016\EX64.SYS [2148080 2015-11-01] (Symantec Corporation) S3 nhi; C:\Windows\System32\drivers\twn81x.sys [62152 2014-09-04] (Intel Corporation) R3 POADrvr; C:\Windows\system32\drivers\POADrvr.sys [23216 2015-09-15] (Dell Computer Corporation) R3 SRTSP; C:\Windows\system32\drivers\NISx64\1605020.00F\SRTSP64.SYS [926448 2015-07-10] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1605020.00F\SRTSPX64.SYS [50936 2015-07-10] (Symantec Corporation) R0 SymEFASI; C:\Windows\System32\drivers\NISx64\1605020.00F\SYMEFASI64.SYS [1620720 2015-07-10] (Symantec Corporation) S0 SymELAM; C:\Windows\System32\drivers\NISx64\1605020.00F\SymELAM.sys [24192 2015-07-10] (Symantec Corporation) R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-10-22] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\NISx64\1605020.00F\Ironx64.SYS [297720 2015-07-10] (Symantec Corporation) R1 SymNetS; C:\Windows\system32\drivers\NISx64\1605020.00F\SYMNETS.SYS [576248 2015-07-10] (Symantec Corporation) R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1049432 2015-12-03] (Acronis International GmbH) R2 tib_mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [202592 2015-12-03] (Acronis International GmbH) S3 tnd; C:\Windows\system32\DRIVERS\tnd.sys [581464 2015-12-03] (Acronis International GmbH) R2 virtual_file; C:\Windows\System32\DRIVERS\virtual_file.sys [301408 2015-12-03] (Acronis International GmbH) R0 vsock; C:\Windows\System32\drivers\vsock.sys [75512 2015-10-18] (VMware, Inc.) R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [34520 2015-07-09] (VMware, Inc.) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-12-05 10:27 - 2015-12-05 10:28 - 00040651 _____ C:\Users\ronni\Desktop\FRST.txt 2015-12-05 09:31 - 2015-12-05 10:27 - 00000000 ____D C:\FRST 2015-12-05 09:30 - 2015-12-05 10:24 - 00000000 ____D C:\Users\ronni\Downloads\CleanPC-GoGeeks 2015-12-05 09:30 - 2015-12-05 09:30 - 02369024 _____ (Farbar) C:\Users\ronni\Desktop\FRST64.exe 2015-12-04 14:40 - 2015-12-04 16:27 - 04697808 _____ C:\Users\ronni\Desktop\Ronnies-QuestionTypes-MasterLockdownPerpetual.story 2015-12-04 12:31 - 2015-12-04 12:31 - 00002469 _____ C:\Users\Public\Desktop\Articulate Quizmaker.lnk 2015-12-04 12:31 - 2015-12-04 12:31 - 00002451 _____ C:\Users\Public\Desktop\Articulate Engage.lnk 2015-12-04 12:31 - 2015-12-04 12:31 - 00002445 _____ C:\Users\Public\Desktop\Articulate Presenter.lnk 2015-12-04 12:18 - 2015-12-04 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Articulate 2015-12-04 12:18 - 2015-12-04 12:18 - 00002411 _____ C:\Users\Public\Desktop\Articulate Storyline 3.lnk 2015-12-03 16:09 - 2015-12-04 12:28 - 00000000 ____D C:\Program Files (x86)\Articulate 2015-12-03 13:46 - 2015-12-03 13:51 - 00000000 ____D C:\Users\ronni\AppData\Roaming\Acronis 2015-12-03 13:44 - 2015-12-03 13:44 - 00581464 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tnd.sys 2015-12-03 13:44 - 2015-12-03 13:44 - 00339808 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\file_tracker.sys 2015-12-03 13:44 - 2015-12-03 13:44 - 00301408 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\virtual_file.sys 2015-12-03 13:43 - 2015-12-03 13:43 - 01049432 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib.sys 2015-12-03 13:43 - 2015-12-03 13:43 - 00339288 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\snapman.sys 2015-12-03 13:43 - 2015-12-03 13:43 - 00202592 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib_mounter.sys 2015-12-03 13:43 - 2015-12-03 13:43 - 00160600 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv.sys 2015-12-03 13:42 - 2015-12-03 13:42 - 00001288 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis True Image 2016.lnk 2015-12-03 13:42 - 2015-12-03 13:42 - 00001276 _____ C:\Users\Public\Desktop\Acronis True Image 2016.lnk 2015-12-03 13:42 - 2015-12-03 13:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis 2015-12-03 13:42 - 2015-12-03 13:42 - 00000000 ____D C:\Program Files (x86)\Acronis 2015-12-03 13:39 - 2015-12-03 14:27 - 00000000 ____D C:\ProgramData\Acronis 2015-12-03 11:10 - 2015-12-03 16:02 - 00000442 _____ C:\Users\ronni\Documents\Storyline.exe.config 2015-12-02 14:07 - 2015-12-02 14:07 - 00062158 _____ C:\Users\ronni\Downloads\dial_hoverState.story 2015-12-02 14:03 - 2015-12-02 14:03 - 01126555 _____ C:\Users\ronni\Downloads\mobile-player-props.story 2015-12-02 09:41 - 2015-12-02 09:32 - 00524591 _____ C:\Users\ronni\Downloads\Addt-QuizzingQuestions-HTML5-Rev1-automationcheck - SL2 Backup.story 2015-12-02 09:32 - 2015-12-02 09:41 - 00533162 _____ C:\Users\ronni\Downloads\Addt-QuizzingQuestions-HTML5-Rev1-automationcheck.story 2015-12-01 13:37 - 2015-12-01 13:37 - 00115116 _____ C:\Users\ronni\Downloads\slideTriggerBug.story 2015-12-01 13:34 - 2015-12-01 13:34 - 10755793 _____ C:\Users\ronni\Downloads\Natif_V5_v2 (1).story 2015-12-01 13:34 - 2015-12-01 13:34 - 10223034 _____ C:\Users\ronni\Downloads\CustomersExperience.story 2015-12-01 13:15 - 2015-12-01 12:30 - 00524591 _____ C:\Users\ronni\Downloads\Addt-QuizzingQuestions-HTML5-Rev1 - SL2 Backup.story 2015-12-01 12:30 - 2015-12-01 13:15 - 00533147 _____ C:\Users\ronni\Downloads\Addt-QuizzingQuestions-HTML5-Rev1.story 2015-12-01 09:05 - 2015-12-01 09:05 - 00000000 ____D C:\ProgramData\XHEO INC 2015-12-01 09:05 - 2015-12-01 09:05 - 00000000 ____D C:\ProgramData\Articulate 2015-11-30 12:53 - 2015-11-30 12:53 - 00001245 _____ C:\Users\ronni\Desktop\Articulate - Shortcut.lnk 2015-11-30 11:57 - 2015-11-30 11:57 - 00000523 _____ C:\Users\ronni\Desktop\Storyline.exe.config 2015-11-30 11:20 - 2015-11-30 11:20 - 00002261 _____ C:\Users\ronni\Desktop\Slack.lnk 2015-11-30 11:20 - 2015-11-30 11:20 - 00000000 ____D C:\Users\ronni\AppData\Local\slack 2015-11-30 11:13 - 2015-11-30 11:13 - 00000000 ____D C:\Users\ronni\AppData\Local\ElevatedDiagnostics 2015-11-30 09:24 - 2015-11-30 09:24 - 25018885 _____ C:\Users\ronni\Downloads\androidaudio-1.story 2015-11-29 21:11 - 2015-11-29 21:11 - 00000000 ____D C:\Users\ronni\AppData\Local\ActiveSync 2015-11-29 21:09 - 2015-11-29 21:09 - 00000020 ___SH C:\Users\ronni\ntuser.ini 2015-11-29 20:45 - 2015-11-29 20:45 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 22572632 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 22394880 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 21125408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 16984064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 13376512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 13017088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 12120064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 07476576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-11-29 20:45 - 2015-11-29 20:45 - 03670832 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2015-11-29 20:45 - 2015-11-29 20:45 - 02918808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2015-11-29 20:45 - 2015-11-29 20:45 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2015-11-29 20:45 - 2015-11-29 20:45 - 02587136 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 02064384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 01998848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 01707008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2015-11-29 20:45 - 2015-11-29 20:45 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 01212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00809312 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2015-11-29 20:45 - 2015-11-29 20:45 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2015-11-29 20:45 - 2015-11-29 20:45 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2015-11-29 20:45 - 2015-11-29 20:45 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys 2015-11-29 20:45 - 2015-11-29 20:45 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2015-11-29 20:45 - 2015-11-29 20:45 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe 2015-11-29 20:45 - 2015-11-29 20:45 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2015-11-29 20:45 - 2015-11-29 20:45 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2015-11-29 20:45 - 2015-11-29 20:45 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00408128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00405048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2015-11-29 20:45 - 2015-11-29 20:45 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2015-11-29 20:45 - 2015-11-29 20:45 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe 2015-11-29 20:45 - 2015-11-29 20:45 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00245848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2015-11-29 20:45 - 2015-11-29 20:45 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2015-11-29 20:45 - 2015-11-29 20:45 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2015-11-29 20:45 - 2015-11-29 20:45 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys 2015-11-29 20:45 - 2015-11-29 20:45 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2015-11-29 20:45 - 2015-11-29 20:45 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe 2015-11-29 20:45 - 2015-11-29 20:45 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2015-11-29 20:45 - 2015-11-29 20:45 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys 2015-11-29 20:45 - 2015-11-29 20:45 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe 2015-11-29 20:45 - 2015-11-29 20:45 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe 2015-11-29 20:45 - 2015-11-29 20:45 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2015-11-29 20:45 - 2015-11-29 20:45 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe 2015-11-29 20:45 - 2015-11-29 20:45 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll 2015-11-29 20:45 - 2015-11-29 20:45 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll 2015-11-29 20:43 - 2015-11-29 20:43 - 00008192 _____ C:\WINDOWS\system32\config\userdiff 2015-11-29 20:41 - 2015-11-29 20:41 - 00000000 ____D C:\Program Files\Reference Assemblies 2015-11-29 20:41 - 2015-11-29 20:41 - 00000000 ____D C:\Program Files\MSBuild 2015-11-29 20:41 - 2015-11-29 20:41 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2015-11-29 20:41 - 2015-11-29 20:41 - 00000000 ____D C:\Program Files (x86)\MSBuild 2015-11-29 20:41 - 2015-10-23 19:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2015-11-29 20:41 - 2015-10-23 19:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-11-29 20:41 - 2015-10-23 19:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2015-11-29 20:41 - 2015-10-23 19:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2015-11-29 20:41 - 2015-10-23 19:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2015-11-29 20:41 - 2015-10-23 19:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2015-11-29 19:44 - 2015-11-29 19:44 - 00000000 _SHDL C:\Users\Default\My Documents 2015-11-29 19:44 - 2015-11-29 19:44 - 00000000 _SHDL C:\Users\Default\Documents\My Videos 2015-11-29 19:44 - 2015-11-29 19:44 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures 2015-11-29 19:44 - 2015-11-29 19:44 - 00000000 _SHDL C:\Users\Default\Documents\My Music 2015-11-29 19:44 - 2015-11-29 19:44 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos 2015-11-29 19:44 - 2015-11-29 19:44 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures 2015-11-29 19:44 - 2015-11-29 19:44 - 00000000 _SHDL C:\Users\Default User\Documents\My Music 2015-11-29 19:39 - 2015-11-29 19:39 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat 2015-11-29 19:38 - 2015-12-01 17:43 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-11-29 19:16 - 2015-11-29 19:16 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-11-29 19:16 - 2015-11-29 19:16 - 00000000 ____D C:\Users\Default\AppData\Roaming\HPActiveHealth 2015-11-29 19:16 - 2015-11-29 19:16 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help 2015-11-29 19:16 - 2015-11-29 19:16 - 00000000 ____D C:\Users\Default User\AppData\Roaming\HPActiveHealth 2015-11-29 19:16 - 2015-11-29 19:16 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help 2015-11-29 19:10 - 2015-11-29 19:18 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate 2015-11-29 19:07 - 2015-12-01 17:40 - 00000000 ____D C:\Users\ronni 2015-11-29 19:07 - 2015-11-29 19:07 - 00000000 _SHDL C:\Users\ronni\My Documents 2015-11-29 19:07 - 2015-11-29 19:07 - 00000000 _SHDL C:\Users\ronni\Documents\My Videos 2015-11-29 19:07 - 2015-11-29 19:07 - 00000000 _SHDL C:\Users\ronni\Documents\My Pictures 2015-11-29 19:07 - 2015-11-29 19:07 - 00000000 _SHDL C:\Users\ronni\Documents\My Music 2015-11-29 19:03 - 2015-11-29 19:11 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2015-11-29 19:03 - 2015-11-29 19:11 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2015-11-29 19:03 - 2015-11-29 19:10 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2015-11-29 19:03 - 2015-11-29 19:03 - 00561169 _____ C:\WINDOWS\system32\Drivers\rtwavesskdy.dat 2015-11-29 19:03 - 2015-11-29 19:03 - 00113697 _____ C:\WINDOWS\system32\Drivers\rtwavesvolpro.dat 2015-11-29 19:03 - 2015-11-29 19:03 - 00031095 _____ C:\WINDOWS\system32\Drivers\rtwavesEFX.dat 2015-11-29 19:03 - 2015-11-29 19:03 - 00010945 _____ C:\WINDOWS\system32\Drivers\rtwavesMFX.dat 2015-11-29 19:03 - 2015-11-29 19:03 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WUDFUsbccidDriver_01_11_00.Wdf 2015-11-29 19:03 - 2015-11-29 19:03 - 00000000 ____D C:\Program Files (x86)\Realtek 2015-11-29 19:03 - 2015-07-22 19:10 - 06873928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2015-11-29 19:03 - 2015-07-22 19:10 - 03493008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2015-11-29 19:03 - 2015-07-22 19:10 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2015-11-29 19:03 - 2015-07-22 19:10 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2015-11-29 19:03 - 2015-07-22 19:10 - 00937800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe 2015-11-29 19:03 - 2015-07-22 19:10 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2015-11-29 19:03 - 2015-07-22 19:10 - 00074896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2015-11-29 19:03 - 2015-07-22 19:10 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2015-11-29 19:03 - 2015-07-21 22:29 - 05121613 _____ C:\WINDOWS\system32\nvcoproc.bin 2015-11-29 19:02 - 2015-11-29 19:02 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf 2015-11-29 19:02 - 2015-11-29 19:02 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2015-11-29 19:02 - 2015-11-29 19:02 - 00000000 ____D C:\Program Files\Realtek 2015-11-29 18:56 - 2015-10-30 01:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2015-11-29 18:53 - 2015-12-01 17:42 - 00384816 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-11-29 18:26 - 2015-11-29 19:44 - 00009528 _____ C:\WINDOWS\diagwrn.xml 2015-11-29 18:26 - 2015-11-29 19:44 - 00009528 _____ C:\WINDOWS\diagerr.xml 2015-11-27 02:16 - 2015-11-27 02:16 - 01567560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll 2015-11-27 02:16 - 2015-11-27 02:16 - 00206152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys 2015-11-27 02:16 - 2015-11-27 02:16 - 00040264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll 2015-11-26 19:00 - 2015-11-30 10:20 - 00344284 _____ C:\Users\ronni\Desktop\RJM_debt-reduction-calculator-DEC '15.xlsx 2015-11-25 10:44 - 2015-11-25 10:44 - 00000000 ____D C:\Users\ronni\Documents\My Safes 2015-11-25 10:43 - 2015-12-01 17:55 - 00000000 ____D C:\Users\ronni\AppData\Local\PasswordSafe 2015-11-25 10:43 - 2015-11-29 19:18 - 00000000 ____D C:\Users\ronni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Password Safe 2015-11-25 10:43 - 2015-11-25 10:43 - 00001061 _____ C:\Users\ronni\Desktop\Password Safe.lnk 2015-11-25 10:43 - 2015-11-25 10:43 - 00000000 ____D C:\Program Files (x86)\Password Safe 2015-11-25 08:55 - 2015-11-27 00:15 - 00000000 ____D C:\Users\ronni\Desktop\Dropbox (Articulate) 2015-11-25 08:55 - 2015-11-25 08:55 - 00000000 ____D C:\Users\ronni\Desktop\Dropbox (Personal) 2015-11-25 08:42 - 2015-11-25 08:42 - 00000000 ____D C:\Users\ronni\Desktop\SL360 Projects 2015-11-25 08:25 - 2015-11-25 08:25 - 00000000 ____D C:\Users\ronni\Documents\Custom Office Templates 2015-11-25 08:22 - 2015-11-25 08:22 - 00000000 ____D C:\Users\ronni\Documents\Outlook Files 2015-11-25 07:58 - 2015-11-25 13:56 - 00000000 ____D C:\Users\ronni\Documents\OneDrive-Business-Articulate 2015-11-25 07:45 - 2015-11-29 19:18 - 00000000 ____D C:\Users\ronni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Office 365 2015-11-25 07:13 - 2015-11-25 07:13 - 00000295 _____ C:\Users\ronni\Desktop\Serial Key for Studio.txt 2015-11-25 07:12 - 2015-11-25 07:12 - 00000120 _____ C:\Users\ronni\Desktop\test.url 2015-11-25 07:12 - 2015-11-25 07:12 - 00000120 _____ C:\Users\ronni\Desktop\Ronnie's Notebook.url 2015-11-25 07:11 - 2015-11-25 07:12 - 00000120 _____ C:\Users\ronni\Desktop\Storyline iOS9 Test Notes.url 2015-11-25 07:10 - 2015-11-25 07:10 - 00036593 _____ C:\Users\ronni\Desktop\HTML5 Feature Matrix-RJM-Nov 25 2015.xlsx 2015-11-25 06:53 - 2015-11-25 06:53 - 00000000 ____D C:\WINDOWS\{599D1F2E-B3A3-4AB8-8E1B-FC2AF6F00BB1} 2015-11-24 13:25 - 2015-11-24 13:25 - 00000000 ____D C:\Users\ronni\AppData\Roaming\Blueberry 2015-11-24 13:23 - 2015-11-24 13:23 - 00000000 ____D C:\Users\ronni\AppData\Local\Microsoft_Corporation 2015-11-24 11:55 - 2015-11-24 11:55 - 00231783 _____ C:\Users\ronni\Documents\Your Flight Receipt - RONALD JOSEPH MCGINNIS JR 31JAN16.pdf 2015-11-24 05:25 - 2015-11-24 05:25 - 00000000 ____D C:\Users\ronni\.pivman 2015-11-24 04:29 - 2015-11-24 04:29 - 00055456 _____ C:\Users\ronni\Downloads\Untitled2.story 2015-11-24 04:26 - 2015-11-24 04:26 - 00591717 _____ C:\Users\ronni\Downloads\Stopwatch_David-Charney.story 2015-11-24 04:10 - 2015-11-24 04:10 - 01832655 _____ C:\Users\ronni\Desktop\WSS.story 2015-11-24 04:10 - 2012-06-10 11:42 - 03420160 _____ C:\Users\ronni\Desktop\WSS - SL1 Backup.story 2015-11-24 04:04 - 2015-11-24 04:04 - 00000000 ____D C:\Users\ronni\Downloads\5. Studio13 Installer 2015-11-24 03:55 - 2015-11-24 03:55 - 01894458 _____ C:\Users\ronni\Downloads\WSS-Demo-SL360.story 2015-11-23 14:24 - 2015-11-25 11:32 - 00000613 _____ C:\Users\ronni\configuration_log.csv 2015-11-23 13:38 - 2015-11-23 13:38 - 00057643 _____ C:\Users\ronni\Downloads\Untitled1.story 2015-11-23 13:35 - 2015-11-23 13:35 - 05015714 _____ C:\Users\ronni\Downloads\Statesproject_cecil-rjm-rev3.story 2015-11-23 12:25 - 2015-11-23 14:00 - 00000297 _____ C:\Users\ronni\Documents\configuration_log.csv 2015-11-23 10:48 - 2015-11-29 19:09 - 00000000 ____D C:\Users\ronni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yubico 2015-11-23 10:48 - 2015-11-23 10:48 - 00000000 ____D C:\Program Files\Yubico 2015-11-23 07:40 - 2015-11-23 07:40 - 00002228 _____ C:\Users\ronni\Desktop\YubiKey Personalization Tool.lnk 2015-11-23 07:40 - 2015-11-23 07:40 - 00002077 _____ C:\Users\ronni\Desktop\Yubico Authenticator.lnk 2015-11-23 07:10 - 2015-11-23 07:10 - 00000000 ____D C:\Users\ronni\.neoman 2015-11-23 07:08 - 2015-11-29 19:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yubico 2015-11-20 16:21 - 2015-11-20 16:21 - 00524591 _____ C:\Users\ronni\Desktop\Addt-QuizzingQuestions-HTML5-Rev1 (1).story 2015-11-20 13:03 - 2015-03-03 11:02 - 31017965 _____ C:\Users\ronni\Downloads\Module-4-Mental-Health-Promotion.story 2015-11-18 10:10 - 2015-11-18 10:10 - 10755793 _____ C:\Users\ronni\Downloads\Natif_V5_v2 - SL2 Backup.story 2015-11-18 10:10 - 2015-11-18 10:10 - 09605330 _____ C:\Users\ronni\Downloads\Natif_V5_v2.story 2015-11-17 12:47 - 2015-11-17 12:49 - 25018885 _____ C:\Users\ronni\Downloads\androidaudio.story 2015-11-16 11:05 - 2015-11-16 11:04 - 12720934 _____ C:\Users\ronni\Downloads\test_long - SL2 Backup.story 2015-11-16 11:04 - 2015-11-16 11:05 - 12722774 _____ C:\Users\ronni\Downloads\test_long.story 2015-11-16 10:53 - 2015-11-16 10:52 - 21940459 _____ C:\Users\ronni\Downloads\test2 - SL2 Backup.story 2015-11-16 10:52 - 2015-11-16 10:53 - 21945266 _____ C:\Users\ronni\Downloads\test2.story 2015-11-12 12:27 - 2015-11-24 05:42 - 00000000 ____D C:\Users\ronni\Downloads\1. Guru projects - sl360 2015-11-12 10:38 - 2015-11-12 10:38 - 00531490 _____ C:\Users\ronni\Desktop\Addt-QuizzingQuestions-HTML5-Rev1.story 2015-11-09 13:02 - 2015-11-29 19:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-11-06 07:14 - 2015-10-18 18:33 - 00066752 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmx86.sys 2015-11-06 07:14 - 2015-10-18 17:53 - 00075512 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vsock.sys 2015-11-06 07:14 - 2015-10-18 17:53 - 00068288 _____ (VMware, Inc.) C:\WINDOWS\system32\vsocklib.dll 2015-11-06 07:14 - 2015-10-18 17:53 - 00064192 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vsocklib.dll 2015-11-06 07:05 - 2015-11-29 19:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware 2015-11-06 07:05 - 2015-11-06 07:05 - 00001238 _____ C:\Users\Public\Desktop\VMware Workstation Pro.lnk 2015-11-06 07:05 - 2015-11-06 07:05 - 00000000 ____D C:\Program Files\Common Files\VMware 2015-11-06 07:05 - 2015-10-18 18:33 - 00934080 _____ (VMware, Inc.) C:\WINDOWS\system32\vnetlib64.dll 2015-11-06 07:05 - 2015-10-18 18:33 - 00391872 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnat.exe 2015-11-06 07:05 - 2015-10-18 18:33 - 00358080 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnetdhcp.exe 2015-11-06 07:05 - 2015-10-18 18:11 - 00026816 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmnetuserif.sys 2015-11-06 07:05 - 2015-10-06 08:02 - 00057536 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\hcmon.sys 2015-11-05 12:28 - 2015-11-24 12:43 - 00000166 _____ C:\Users\ronni\AppData\Roaming\licecap.ini ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-12-05 10:26 - 2015-10-22 19:16 - 00000000 ____D C:\ProgramData\Symantec.cloud 2015-12-05 10:23 - 2015-10-22 19:13 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-12-05 09:40 - 2015-10-23 16:30 - 00004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5A3F96A8-B4CC-4E65-AEDA-C8E1BC7542DF} 2015-12-05 09:37 - 2015-10-22 19:32 - 00000938 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2015-12-05 09:31 - 2015-10-30 00:28 - 00000000 ____D C:\Windows 2015-12-05 09:19 - 2015-10-23 07:22 - 00000000 ____D C:\Users\ronni\AppData\Roaming\Skype 2015-12-05 09:19 - 2015-10-23 06:04 - 00000000 ____D C:\Users\ronni\AppData\Roaming\Slack 2015-12-05 07:08 - 2015-10-22 19:22 - 00000000 ____D C:\WINDOWS\System32\Tasks\Endpoint Protection.cloud 2015-12-05 03:23 - 2015-10-22 19:13 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-12-04 20:37 - 2015-10-22 19:32 - 00000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2015-12-04 18:59 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-12-04 18:02 - 2015-10-22 19:37 - 00000000 ____D C:\Users\ronni\AppData\Roaming\AgileBits 2015-12-04 14:50 - 2015-08-07 00:06 - 00000000 ___RD C:\Users\ronni\Dropbox (Personal) 2015-12-04 14:50 - 2015-08-07 00:06 - 00000000 ___RD C:\Users\ronni\Dropbox (Articulate) 2015-12-04 13:18 - 2015-10-23 14:37 - 00000000 ____D C:\Users\ronni\AppData\Local\Adobe 2015-12-04 12:55 - 2015-08-07 07:23 - 00000000 ___SD C:\Users\ronni\Documents\My Articulate Projects 2015-12-04 12:44 - 2015-10-26 10:11 - 00000000 ____D C:\Users\ronni\AppData\Local\Articulate 2015-12-04 12:37 - 2015-10-22 19:32 - 00000000 ____D C:\Users\ronni\AppData\Local\Dropbox 2015-12-04 12:27 - 2015-10-23 14:41 - 00000000 ____D C:\ProgramData\Package Cache 2015-12-04 11:28 - 2015-10-22 20:34 - 00000000 ____D C:\Users\ronni\AppData\Local\CrashDumps 2015-12-04 10:59 - 2015-10-26 10:25 - 00000000 ____D C:\Users\ronni\AppData\Roaming\FileZilla 2015-12-04 03:18 - 2015-10-22 19:13 - 00003996 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2015-12-04 03:18 - 2015-10-22 19:13 - 00003764 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2015-12-04 02:15 - 2015-10-22 21:12 - 00000000 ____D C:\WINDOWS\System32\Tasks\Dell 2015-12-03 18:41 - 2015-10-30 01:24 - 00000000 ___HD C:\Program Files\WindowsApps 2015-12-03 14:51 - 2015-10-30 01:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-12-03 09:42 - 2015-08-07 07:17 - 00000000 ___RD C:\Users\ronni\Downloads\3. SL360 Installers 2015-12-03 07:51 - 2015-10-24 22:37 - 00000000 ____D C:\Users\ronni\AppData\Roaming\VMware 2015-12-03 07:51 - 2015-10-24 22:37 - 00000000 ____D C:\Users\ronni\AppData\Local\VMware 2015-12-03 06:56 - 2015-10-23 21:36 - 00000000 ____D C:\ProgramData\VMware 2015-12-03 05:52 - 2015-10-26 09:42 - 00000000 ____D C:\Program Files\Droplr 2015-12-02 18:18 - 2015-10-28 17:13 - 00000000 ____D C:\Users\ronni\AppData\Roaming\HpUpdate 2015-12-02 13:20 - 2015-10-23 14:43 - 00000000 ___RD C:\Users\ronni\Creative Cloud Files 2015-12-02 10:53 - 2015-10-30 01:21 - 00000000 ____D C:\WINDOWS\INF 2015-12-02 09:22 - 2015-10-22 19:13 - 00002334 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-12-01 17:57 - 2015-10-23 14:42 - 00000000 ____D C:\ProgramData\boost_interprocess 2015-12-01 17:49 - 2015-10-22 18:02 - 00883432 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-12-01 17:44 - 2015-10-30 19:14 - 00008192 _____ C:\WINDOWS\SysWOW64\WDPABKP.dat 2015-12-01 17:43 - 2015-10-22 17:49 - 00000000 ____D C:\ProgramData\NVIDIA 2015-12-01 17:40 - 2015-10-30 00:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2015-12-01 17:39 - 2015-08-06 19:05 - 00000000 ___RD C:\Users\ronni\OneDrive 2015-12-01 12:19 - 2015-10-23 14:40 - 00000000 ____D C:\Program Files (x86)\Adobe 2015-12-01 09:00 - 2015-10-26 10:14 - 00000000 ____D C:\Users\ronni\AppData\Roaming\Articulate 2015-11-30 11:20 - 2015-10-23 06:04 - 00000000 ____D C:\Users\ronni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies 2015-11-30 11:20 - 2015-10-23 06:04 - 00000000 ____D C:\Users\ronni\AppData\Local\SquirrelTemp 2015-11-30 03:01 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\appcompat 2015-11-29 21:42 - 2015-10-22 18:39 - 00000000 ____D C:\Users\ronni\AppData\Local\Packages 2015-11-29 21:38 - 2015-10-22 18:43 - 00002336 _____ C:\Users\ronni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2015-11-29 21:35 - 2015-10-30 01:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow 2015-11-29 21:27 - 2015-10-22 18:39 - 00000000 ____D C:\Users\ronni\AppData\Roaming\Adobe 2015-11-29 21:26 - 2015-10-23 14:41 - 00001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk 2015-11-29 21:26 - 2015-10-23 14:41 - 00001216 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk 2015-11-29 21:11 - 2015-10-30 01:24 - 00000000 ___RD C:\WINDOWS\PrintDialog 2015-11-29 21:11 - 2015-10-30 01:24 - 00000000 ___RD C:\WINDOWS\MiracastView 2015-11-29 21:10 - 2015-10-30 01:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2015-11-29 21:09 - 2015-08-06 19:02 - 00000000 __RHD C:\Users\Public\AccountPictures 2015-11-29 20:51 - 2015-10-30 01:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template 2015-11-29 20:45 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2015-11-29 20:45 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\oobe 2015-11-29 20:45 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-11-29 20:45 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\Provisioning 2015-11-29 20:45 - 2015-10-30 00:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2015-11-29 20:45 - 2015-10-30 00:28 - 00000000 ____D C:\WINDOWS\system32\Dism 2015-11-29 19:44 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\rescache 2015-11-29 19:44 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\Registration 2015-11-29 19:41 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase 2015-11-29 19:39 - 2015-10-28 18:42 - 00002800 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForronni 2015-11-29 19:39 - 2015-10-23 07:18 - 00002268 _____ C:\WINDOWS\System32\Tasks\{C5D332FB-6D92-48CE-BFC9-5867A79EE00F} 2015-11-29 19:39 - 2015-10-22 19:32 - 00003452 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA 2015-11-29 19:39 - 2015-10-22 19:19 - 00002656 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration 2015-11-29 19:38 - 2015-10-31 19:50 - 00002304 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_PushButton 2015-11-29 19:38 - 2015-10-30 01:24 - 00000000 __RHD C:\Users\Public\Libraries 2015-11-29 19:38 - 2015-10-23 14:55 - 00002954 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2015-11-29 19:38 - 2015-10-22 19:32 - 00003228 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore 2015-11-29 19:18 - 2015-11-04 09:38 - 00000000 ____D C:\Users\ronni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LICEcap 2015-11-29 19:18 - 2015-11-04 08:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbolt(TM) Software 2015-11-29 19:18 - 2015-11-01 14:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2015-11-29 19:18 - 2015-10-31 19:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Audio 2015-11-29 19:18 - 2015-10-31 17:03 - 00000000 ____D C:\Users\ronni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paprika Recipe Manager 2015-11-29 19:18 - 2015-10-30 03:07 - 00000000 ____D C:\WINDOWS\ShellNew 2015-11-29 19:18 - 2015-10-30 01:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2015-11-29 19:18 - 2015-10-30 00:28 - 00008192 ___SH C:\WINDOWS\system32\config\ELAM 2015-11-29 19:18 - 2015-10-29 21:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2015-11-29 19:18 - 2015-10-29 20:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2015-11-29 19:18 - 2015-10-28 17:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2015-11-29 19:18 - 2015-10-28 00:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirServer Universal (x64) 2015-11-29 19:18 - 2015-10-26 12:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client 2015-11-29 19:18 - 2015-10-26 12:01 - 00000000 ____D C:\Users\ronni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom 2015-11-29 19:18 - 2015-10-26 09:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Droplr 2015-11-29 19:18 - 2015-10-26 07:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft LifeCam 2015-11-29 19:18 - 2015-10-25 11:57 - 00000000 ____D C:\Users\ronni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc 2015-11-29 19:18 - 2015-10-23 22:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snagit 9 2015-11-29 19:18 - 2015-10-23 21:53 - 00000000 ____D C:\Users\ronni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux 2015-11-29 19:18 - 2015-10-23 21:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-11-29 19:18 - 2015-10-23 14:55 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2015-11-29 19:18 - 2015-10-23 07:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Postbox 2015-11-29 19:18 - 2015-10-22 20:13 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools 2015-11-29 19:18 - 2015-10-22 19:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1Password 2015-11-29 19:18 - 2015-10-22 19:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Symantec.cloud 2015-11-29 19:18 - 2015-10-22 19:15 - 00000000 ____D C:\Users\ronni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps 2015-11-29 19:18 - 2015-10-22 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-11-29 19:18 - 2015-10-22 18:44 - 00000000 ____D C:\Users\ronni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Logitech 2015-11-29 19:16 - 2015-10-22 17:14 - 00000000 ____D C:\Users\Default.migrated 2015-11-29 19:12 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\spool 2015-11-29 19:12 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\NDF 2015-11-29 19:11 - 2015-11-04 08:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-11-29 19:11 - 2015-11-02 19:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits 2015-11-29 19:11 - 2015-11-01 00:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\L8 SmartLight 2015-11-29 19:11 - 2015-10-30 03:03 - 00000000 ____D C:\WINDOWS\OCR 2015-11-29 19:11 - 2015-10-30 01:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog 2015-11-29 19:11 - 2015-10-30 01:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP 2015-11-29 19:11 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2015-11-29 19:11 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2015-11-29 19:11 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\Help 2015-11-29 19:11 - 2015-10-30 01:24 - 00000000 ____D C:\ProgramData\USOPrivate 2015-11-29 19:11 - 2015-10-24 07:08 - 00000000 ____D C:\WINDOWS\system32\appmgmt 2015-11-29 19:11 - 2015-10-23 21:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital 2015-11-29 19:11 - 2015-10-23 07:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-11-29 19:11 - 2015-10-22 21:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell 2015-11-29 19:10 - 2015-10-30 01:24 - 00000000 ____D C:\Program Files\Common Files\System 2015-11-29 19:10 - 2015-10-30 01:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2015-11-29 19:06 - 2015-10-30 00:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2015-11-29 19:03 - 2015-08-07 08:43 - 00000000 ____D C:\Temp 2015-11-29 18:53 - 2015-10-30 03:14 - 00000000 ____D C:\WINDOWS\ServiceProfiles 2015-11-27 22:06 - 2015-10-23 14:54 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk 2015-11-27 01:54 - 2015-10-23 16:43 - 00000000 ____D C:\Program Files\Dell 2015-11-25 08:00 - 2015-09-19 15:25 - 00000000 ____D C:\Users\ronni\Documents\My Skype Files 2015-11-24 20:43 - 2015-10-23 21:58 - 00000000 ____D C:\ProgramData\Hewlett-Packard 2015-11-24 20:43 - 2015-10-23 21:57 - 00000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard 2015-11-24 20:43 - 2015-10-23 13:44 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard 2015-11-24 20:42 - 2015-10-23 06:39 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-11-24 20:20 - 2015-10-22 21:11 - 00000000 ____D C:\Users\ronni\AppData\Local\Dell 2015-11-24 04:04 - 2015-08-06 17:03 - 00000000 ___RD C:\Users\ronni\Downloads\2. SL2 Installer 2015-11-23 10:57 - 2015-10-28 15:13 - 00000000 ____D C:\Program Files (x86)\Yubico 2015-11-23 10:04 - 2015-10-22 19:28 - 00000000 ____D C:\Program Files\Synergy 2015-11-23 07:01 - 2015-10-23 15:01 - 00000000 ____D C:\Program Files\Common Files\Adobe 2015-11-22 15:00 - 2015-10-23 21:50 - 00000000 ____D C:\ProgramData\Oracle 2015-11-22 14:59 - 2015-10-23 21:50 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2015-11-22 14:59 - 2015-10-23 21:50 - 00000000 ____D C:\Program Files (x86)\Java 2015-11-22 14:59 - 2015-08-31 08:26 - 00000000 ____D C:\Users\ronni\.oracle_jre_usage 2015-11-22 10:08 - 2015-11-02 18:31 - 00000000 ____D C:\Program Files (x86)\NovaStor 2015-11-21 17:02 - 2015-10-23 07:22 - 00000000 ____D C:\ProgramData\Skype 2015-11-20 13:46 - 2015-10-22 19:28 - 00002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synergy.lnk 2015-11-20 06:19 - 2015-10-28 18:42 - 00000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleForronni.job 2015-11-19 19:51 - 2015-10-22 20:10 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-11-19 19:43 - 2015-10-22 18:51 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-11-19 19:38 - 2015-10-22 18:51 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-11-12 11:32 - 2015-10-23 07:18 - 00000000 ____D C:\Program Files (x86)\Postbox 2015-11-11 12:12 - 2015-08-06 17:12 - 00000000 ___RD C:\Users\ronni\Downloads\5. Storyline 360 Projects 2015-11-09 13:03 - 2015-10-22 19:32 - 00000000 ____D C:\Program Files (x86)\Dropbox 2015-11-09 08:44 - 2015-10-23 07:18 - 00000000 ____D C:\Users\ronni\AppData\Local\Postbox 2015-11-06 15:12 - 2015-08-10 15:54 - 00000000 ____D C:\Users\ronni\Documents\Virtual Machines 2015-11-06 07:05 - 2015-10-23 21:37 - 00891876 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI 2015-11-06 07:05 - 2015-10-23 21:36 - 00000000 ____D C:\Program Files (x86)\VMware 2015-11-05 12:28 - 2015-11-04 11:25 - 00000000 ____D C:\Users\ronni\Downloads\1. DarkSpider Mobile Audio Testing 2015-11-05 06:49 - 2015-10-22 17:13 - 00000000 ___HD C:\$SysReset ==================== Files in the root of some directories ======= 2015-11-05 12:28 - 2015-11-24 12:43 - 0000166 _____ () C:\Users\ronni\AppData\Roaming\licecap.ini 2015-10-31 17:06 - 2015-10-31 17:06 - 0000038 ___SH () C:\Users\ronni\AppData\Local\5678c43253f8bbb5ed82a9.59421958 2015-11-02 18:31 - 2015-11-02 18:49 - 0000106 __RSH () C:\ProgramData\1.17.1.lic 2015-10-28 17:13 - 2015-10-28 17:13 - 0000057 _____ () C:\ProgramData\Ament.ini 2015-11-02 18:30 - 2015-11-03 06:54 - 0004736 ____H () C:\ProgramData\nsActivation.act Some files in TEMP: ==================== C:\Users\ronni\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpi6g6mw.dll C:\Users\ronni\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppwsvyk.dll ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-11-29 18:53 ==================== End of FRST.txt ============================