Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Astromenda PUP gone but not forgotten....still no internet
Message
<blockquote data-quote="skibumm100" data-source="post: 557413" data-attributes="member: 56338"><p>OK, I had my wife rerun the scans and here are the results. Sorry about the previous one....my bad.</p><p></p><p>Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-10-2016</p><p>Ran by Gregg (administrator) on DESKTOP (24-10-2016 19:12:27)</p><p>Running from C:\Users\Gregg\Desktop</p><p>Loaded Profiles: Gregg (Available Profiles: Gregg & Tracie & Sam & Danny)</p><p>Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)</p><p>Internet Explorer Version 11 (Default browser: FF)</p><p>Boot Mode: Normal</p><p>Tutorial for Farbar Recovery Scan Tool: <a href="http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/" target="_blank">FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials</a></p><p></p><p>==================== Processes (Whitelisted) =================</p><p></p><p>(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)</p><p></p><p>(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe</p><p>(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe</p><p>(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe</p><p>(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe</p><p>(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe</p><p>(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe</p><p>(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe</p><p>(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe</p><p>(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe</p><p>(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe</p><p>(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE</p><p>(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe</p><p>(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE</p><p>(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE</p><p>(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe</p><p>(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe</p><p>(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe</p><p>(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe</p><p>(Intel Corporation) C:\Windows\System32\igfxtray.exe</p><p>(Intel Corporation) C:\Windows\System32\hkcmd.exe</p><p>(Intel Corporation) C:\Windows\System32\igfxpers.exe</p><p>(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe</p><p>(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe</p><p>(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe</p><p>(Logitech Inc.) C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe</p><p>(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe</p><p>(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe</p><p>(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe</p><p>() C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe</p><p>(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe</p><p>() C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe</p><p>(Lenovo) C:\Program Files (x86)\Lenovo\PowerMgr\PWMDBSVC.exe</p><p>(Microsoft Corporation) C:\Windows\System32\dllhost.exe</p><p>(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe</p><p>(Microsoft Corporation) C:\Windows\System32\rundll32.exe</p><p>(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\PowerMgr\SCHTASK.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe</p><p>(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe</p><p>(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe</p><p>(Microsoft Corporation) C:\Windows\System32\rundll32.exe</p><p>(AVAST Software) C:\Program Files\AVAST Software\Avast\Setup\instup.exe</p><p>(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe</p><p></p><p></p><p>==================== Registry (Whitelisted) ====================</p><p></p><p>(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)</p><p></p><p>HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12459112 2012-03-27] (Realtek Semiconductor)</p><p>HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [289648 2012-05-24] (Lenovo Group Limited)</p><p>HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [518424 2013-07-18] (Acronis)</p><p>HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13823216 2016-10-04] (Zemana Ltd.)</p><p>HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)</p><p>HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)</p><p>HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot</p><p>HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7408312 2016-07-13] (AVAST Software)</p><p>HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7805936 2014-02-04] (Acronis)</p><p>HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1102192 2013-10-10] (Acronis International GmbH)</p><p>HKLM-x32\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()</p><p>HKLM-x32\...\Run: [Power Manager Startup Utility] => C:\Program Files (x86)\Lenovo\PowerMgr\DPMHost.exe [27392 2015-03-13] ()</p><p>HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)</p><p>Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)</p><p>HKU\S-1-5-21-1075821121-420814958-1993860820-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2015-03-07] (Google Inc.)</p><p>HKU\S-1-5-21-1075821121-420814958-1993860820-1000\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe [5458704 2009-07-16] (Logitech Inc.)</p><p>HKU\S-1-5-21-1075821121-420814958-1993860820-1000\...\Policies\system: [LogonHoursAction] 2</p><p>HKU\S-1-5-21-1075821121-420814958-1993860820-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1</p><p>HKU\S-1-5-21-1075821121-420814958-1993860820-1000\...\MountPoints2: {211a15c6-bc1c-11e2-9931-806e6f6e6963} - Q:\LenovoQDrive.exe</p><p>HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Windows\System32\Magnify.exe [652800 2009-07-13] (Microsoft Corporation)</p><p>ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-05-14] (AVAST Software)</p><p>ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()</p><p>ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()</p><p>ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()</p><p>Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk [2013-08-10]</p><p>ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)</p><p>GroupPolicy\User: Restriction <======= ATTENTION</p><p>GroupPolicyUsers\S-1-5-21-1075821121-420814958-1993860820-1008\User: Restriction <======= ATTENTION</p><p>GroupPolicyUsers\S-1-5-21-1075821121-420814958-1993860820-1007\User: Restriction <======= ATTENTION</p><p></p><p>==================== Internet (Whitelisted) ====================</p><p></p><p>(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)</p><p></p><p>Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 75.75.75.75 75.75.76.76</p><p>Tcpip\..\Interfaces\{04175B5E-002F-4C87-B1FF-8266814B0F32}: [DhcpNameServer] 192.168.1.1 75.75.75.75 75.75.76.76</p><p></p><p>Internet Explorer:</p><p>==================</p><p>HKU\S-1-5-21-1075821121-420814958-1993860820-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://<a href="http://www.msn.com/" target="_blank">www.msn.com/</a></p><p>HKU\S-1-5-21-1075821121-420814958-1993860820-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://<a href="http://www.lenovo.com/welcome/thinkcentre" target="_blank">www.lenovo.com/welcome/thinkcentre</a></p><p>BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-04-20] (AVAST Software)</p><p>BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)</p><p>BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc.)</p><p>BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)</p><p>BHO: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll [2012-04-19] (Symantec Corporation)</p><p>BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04-20] (AVAST Software)</p><p>BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)</p><p>BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc.)</p><p>BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)</p><p>BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll [2012-04-19] (Symantec Corporation)</p><p>Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File</p><p>Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File</p><p>Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc.)</p><p>Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc.)</p><p>Toolbar: HKU\S-1-5-21-1075821121-420814958-1993860820-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc.)</p><p>DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab</p><p>DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab</p><p>StartMenuInternet: IEXPLORE.EXE - iexplore.exe</p><p></p><p>FireFox:</p><p>========</p><p>FF ProfilePath: C:\Users\Gregg\AppData\Roaming\Mozilla\Firefox\Profiles\xtzj8u4d.default-1477166576127 [2016-10-23]</p><p>FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF</p><p>FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-14]</p><p>FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF</p><p>FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-05-14]</p><p>FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF</p><p>FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF</p><p>FF HKLM-x32\...\Firefox\Extensions: [VIP4X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client</p><p>FF Extension: (Symantec VIP Access Add-On) - C:\Program Files (x86)\Symantec\VIP Access Client [2013-05-13] [not signed]</p><p>FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-14] ()</p><p>FF Plugin: @microsoft.com/GENUINE -> disabled [No File]</p><p>FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)</p><p>FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)</p><p>FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-14] ()</p><p>FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel Corporation)</p><p>FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel Corporation)</p><p>FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]</p><p>FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)</p><p>FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)</p><p>FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)</p><p>FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)</p><p>FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)</p><p>FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll [2012-05-24] ( )</p><p>FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)</p><p>FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)</p><p>FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)</p><p></p><p>Chrome:</p><p>=======</p><p>CHR DefaultProfile: Default</p><p>CHR StartupUrls: Default -> "hxxp://<a href="http://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP" target="_blank">www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP</a>"</p><p>CHR Profile: C:\Users\Gregg\AppData\Local\Google\Chrome\User Data\Default [2016-10-22]</p><p>CHR Extension: (avast! Online Security) - C:\Users\Gregg\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-10-22]</p><p>CHR Extension: (Google Wallet) - C:\Users\Gregg\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-19]</p><p>CHR HKU\S-1-5-21-1075821121-420814958-1993860820-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fkkcgfbgohboipdhliafmacjnhjbhmim] - hxxps://clients2.google.com/service/update2/crx</p><p>CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-04-20]</p><p></p><p>==================== Services (Whitelisted) ====================</p><p></p><p>(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p>R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-14] (AVAST Software)</p><p>R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [5570272 2016-05-14] (Avast Software)</p><p>R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [5906088 2015-10-28] (Fitbit, Inc.)</p><p>S2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [109352 2016-10-22] (SurfRight B.V.)</p><p>R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)</p><p>S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-04-20] (Lenovo)</p><p>R2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-05-24] (Nitro PDF Software)</p><p>R3 Power Manager DBC Service; C:\Program Files (x86)\Lenovo\PowerMgr\PWMDBSVC.EXE [63744 2015-03-13] (Lenovo)</p><p>S3 PwmEWSvc; C:\Program Files (x86)\Lenovo\PowerMgr\PWMEWSVC.EXE [186624 2015-03-13] (Lenovo Group Limited)</p><p>S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [21536 2016-01-13] ()</p><p>R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [61440 2008-01-10] (Ulead Systems, Inc.) [File not signed]</p><p>R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2012-04-19] (Symantec Corporation)</p><p>R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)</p><p>R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13823216 2016-10-04] (Zemana Ltd.)</p><p></p><p>===================== Drivers (Whitelisted) ======================</p><p></p><p>(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p>R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-05-14] (AVAST Software)</p><p>R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-05-14] (AVAST Software)</p><p>R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-05-14] (AVAST Software)</p><p>R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-05-14] (AVAST Software)</p><p>R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-14] (AVAST Software)</p><p>R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-05-14] (AVAST Software)</p><p>R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-05-14] (AVAST Software)</p><p>R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-05-14] (AVAST Software)</p><p>R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-05] (AVAST Software)</p><p>S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)</p><p>R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()</p><p>S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()</p><p>R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [161760 2016-04-20] (AVAST Software)</p><p>R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-06-17] (Acronis International GmbH)</p><p>R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2014-06-17] (Acronis International GmbH)</p><p>R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-29] (Lenovo Information Product(ShenZhen China) Inc.)</p><p>R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [323392 2016-05-14] (Avast Software)</p><p>R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2014-06-17] (Acronis International GmbH)</p><p>R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2016-10-22] (Zemana Ltd.)</p><p>R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2016-10-22] (Zemana Ltd.)</p><p></p><p>==================== NetSvcs (Whitelisted) ===================</p><p></p><p>(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p></p><p>==================== One Month Created files and folders ========</p><p></p><p>(If an entry is included in the fixlist, the file/folder will be moved.)</p><p></p><p>2016-10-24 19:12 - 2016-10-24 19:12 - 00020250 _____ C:\Users\Gregg\Desktop\FRST.txt</p><p>2016-10-24 04:43 - 2016-10-24 04:43 - 00000102 _____ C:\Users\Gregg\Desktop\FRST2.txt</p><p>2016-10-24 04:41 - 2016-10-24 04:43 - 00039570 _____ C:\Users\Gregg\Desktop\Addition2.txt</p><p>2016-10-23 22:09 - 2016-10-23 22:09 - 00004418 _____ C:\Users\Gregg\Desktop\CheckDisk log.odt</p><p>2016-10-23 12:56 - 2016-10-23 12:56 - 00002346 _____ C:\Users\Gregg\Desktop\aswMBR.txt</p><p>2016-10-23 12:56 - 2016-10-23 12:56 - 00000512 _____ C:\Users\Gregg\Desktop\MBR.dat</p><p>2016-10-23 12:48 - 2016-10-23 12:44 - 05198336 _____ (AVAST Software) C:\Users\Gregg\Desktop\aswMBR.exe</p><p>2016-10-23 12:31 - 2016-10-24 04:41 - 00067827 _____ C:\Users\Gregg\Desktop\FRST1.txt</p><p>2016-10-23 12:31 - 2016-10-23 12:32 - 00038847 _____ C:\Users\Gregg\Desktop\Addition1.txt</p><p>2016-10-23 12:30 - 2016-10-24 19:12 - 00000000 ____D C:\FRST</p><p>2016-10-23 12:30 - 2016-10-23 12:28 - 02407424 _____ (Farbar) C:\Users\Gregg\Desktop\FRST64.exe</p><p>2016-10-22 21:03 - 2016-10-22 21:03 - 00000770 _____ C:\Users\Gregg\Desktop\MTB.txt</p><p>2016-10-22 19:23 - 2016-10-24 19:12 - 00078947 _____ C:\Windows\ZAM.krnl.trace</p><p>2016-10-22 19:23 - 2016-10-24 19:12 - 00038594 _____ C:\Windows\ZAM_Guard.krnl.trace</p><p>2016-10-22 19:22 - 2016-10-22 19:22 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys</p><p>2016-10-22 19:22 - 2016-10-22 19:22 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys</p><p>2016-10-22 19:22 - 2016-10-22 19:22 - 00001159 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk</p><p>2016-10-22 19:22 - 2016-10-22 19:22 - 00000000 ____D C:\Users\Gregg\AppData\Local\Zemana</p><p>2016-10-22 19:22 - 2016-10-22 19:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware</p><p>2016-10-22 19:22 - 2016-10-22 19:22 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware</p><p>2016-10-22 18:54 - 2016-10-22 18:56 - 00002050 _____ C:\Users\Gregg\Desktop\Rkill.txt</p><p>2016-10-22 18:54 - 2016-10-22 18:54 - 00002531 _____ C:\Users\Gregg\Desktop\JRT2.txt</p><p>2016-10-22 18:48 - 2016-10-22 17:05 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Gregg\Desktop\rkill.exe</p><p>2016-10-22 18:48 - 2016-10-22 17:04 - 00892416 _____ (Farbar) C:\Users\Gregg\Desktop\MiniToolBox.exe</p><p>2016-10-22 18:48 - 2016-10-22 16:50 - 05363600 _____ ( ) C:\Users\Gregg\Desktop\Zemana.AntiMalware.Setup.exe</p><p>2016-10-22 17:40 - 2016-10-22 17:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro</p><p>2016-10-22 15:11 - 2016-10-22 17:40 - 00000000 ____D C:\Program Files\HitmanPro</p><p>2016-10-22 15:07 - 2016-10-22 15:35 - 00000000 ____D C:\ProgramData\HitmanPro</p><p>2016-10-22 13:38 - 2016-10-22 18:59 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys</p><p>2016-10-22 13:37 - 2016-10-22 13:37 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk</p><p>2016-10-22 13:37 - 2016-10-22 13:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware</p><p>2016-10-22 13:37 - 2016-10-22 13:37 - 00000000 ____D C:\ProgramData\Malwarebytes</p><p>2016-10-22 13:37 - 2016-10-22 13:37 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware</p><p>2016-10-22 13:37 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys</p><p>2016-10-22 13:37 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys</p><p>2016-10-22 13:37 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys</p><p>2016-10-22 13:35 - 2016-10-22 18:54 - 00002531 _____ C:\Users\Gregg\Desktop\JRT.txt</p><p>2016-10-22 13:23 - 2016-10-22 13:28 - 00000000 ____D C:\AdwCleaner</p><p>2016-10-22 13:22 - 2016-10-22 13:17 - 09741664 _____ (SurfRight B.V.) C:\Users\Gregg\Desktop\HitmanPro_x64.exe</p><p>2016-10-22 13:22 - 2016-10-22 13:16 - 22851472 _____ (Malwarebytes ) C:\Users\Gregg\Desktop\mbam-setup-2.2.1.1043.exe</p><p>2016-10-22 13:22 - 2016-10-22 13:14 - 01631928 _____ (Malwarebytes) C:\Users\Gregg\Desktop\JRT.exe</p><p>2016-10-22 13:22 - 2016-10-22 13:11 - 03910208 _____ C:\Users\Gregg\Desktop\adwcleaner_6.030.exe</p><p>2016-10-20 10:16 - 2016-10-20 10:16 - 00000000 ____H C:\Users\Tracie\AppData\Local\BITC84D.tmp</p><p>2016-10-20 10:15 - 2016-10-20 10:15 - 00000000 _____ C:\Users\Tracie\AppData\Local\{3783B7E6-30B8-4310-94B2-9CA51388D5F4}</p><p>2016-10-11 20:46 - 2016-09-30 11:37 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe</p><p>2016-10-11 20:46 - 2016-09-30 11:20 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe</p><p>2016-10-11 20:46 - 2016-09-30 11:20 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe</p><p>2016-10-11 20:46 - 2016-09-30 03:55 - 25765376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll</p><p>2016-10-11 20:46 - 2016-09-30 02:25 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll</p><p>2016-10-11 20:46 - 2016-09-30 02:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll</p><p>2016-10-11 20:46 - 2016-09-30 02:09 - 06048256 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll</p><p>2016-10-11 20:46 - 2016-09-30 01:47 - 20306944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll</p><p>2016-10-11 20:46 - 2016-09-30 01:42 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll</p><p>2016-10-11 20:46 - 2016-09-30 01:38 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll</p><p>2016-10-11 20:46 - 2016-09-30 01:32 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll</p><p>2016-10-11 20:46 - 2016-09-30 01:31 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl</p><p>2016-10-11 20:46 - 2016-09-30 01:21 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll</p><p>2016-10-11 20:46 - 2016-09-30 01:17 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll</p><p>2016-10-11 20:46 - 2016-09-30 01:12 - 04608512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll</p><p>2016-10-11 20:46 - 2016-09-30 01:05 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll</p><p>2016-10-11 20:46 - 2016-09-30 01:05 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll</p><p>2016-10-11 20:46 - 2016-09-30 01:03 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll</p><p>2016-10-11 20:46 - 2016-09-30 00:46 - 02444288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll</p><p>2016-10-11 20:46 - 2016-09-30 00:43 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll</p><p>2016-10-11 20:46 - 2016-09-15 11:30 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll</p><p>2016-10-11 20:46 - 2016-09-12 17:08 - 01465344 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll</p><p>2016-10-11 20:46 - 2016-09-12 16:37 - 03218944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys</p><p>2016-10-11 20:46 - 2016-09-12 15:08 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll</p><p>2016-10-11 20:46 - 2016-09-12 14:43 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll</p><p>2016-10-11 20:46 - 2016-09-12 14:43 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll</p><p>2016-10-11 20:46 - 2016-09-10 12:19 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll</p><p>2016-10-11 20:46 - 2016-09-10 11:53 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll</p><p>2016-10-11 20:46 - 2016-09-08 10:55 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys</p><p>2016-10-11 20:46 - 2016-09-08 10:55 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys</p><p>2016-10-11 20:46 - 2016-08-16 14:47 - 00419640 _____ C:\Windows\SysWOW64\locale.nls</p><p>2016-10-11 20:46 - 2016-08-16 14:47 - 00419640 _____ C:\Windows\system32\locale.nls</p><p>2016-10-11 20:46 - 2016-08-12 13:02 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll</p><p>2016-10-11 20:46 - 2016-08-12 13:02 - 12574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL</p><p>2016-10-11 20:46 - 2016-08-12 12:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL</p><p>2016-10-11 20:46 - 2016-08-12 12:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll</p><p>2016-10-11 20:46 - 2016-08-12 12:26 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll</p><p>2016-10-11 20:46 - 2016-08-06 11:31 - 02023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll</p><p>2016-10-11 20:46 - 2016-08-06 11:31 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll</p><p>2016-10-11 20:46 - 2016-08-06 11:31 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll</p><p>2016-10-11 20:46 - 2016-08-06 11:31 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll</p><p>2016-10-11 20:46 - 2016-08-06 11:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll</p><p>2016-10-11 20:46 - 2016-08-06 11:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll</p><p>2016-10-11 20:46 - 2016-08-06 11:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll</p><p>2016-10-11 20:46 - 2016-08-06 11:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll</p><p>2016-10-11 20:46 - 2016-08-06 11:01 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe</p><p>2016-10-11 20:46 - 2016-08-06 10:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe</p><p>2016-10-11 20:46 - 2016-06-14 13:21 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys</p><p>2016-10-11 20:46 - 2016-06-14 13:16 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll</p><p>2016-10-11 20:46 - 2016-06-14 13:16 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll</p><p>2016-10-11 20:46 - 2016-06-14 13:16 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll</p><p>2016-10-11 20:46 - 2016-06-14 13:16 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll</p><p>2016-10-11 20:46 - 2016-06-14 13:16 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll</p><p>2016-10-11 20:46 - 2016-06-14 13:16 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll</p><p>2016-10-11 20:46 - 2016-06-14 13:16 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll</p><p>2016-10-11 20:46 - 2016-06-14 13:16 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll</p><p>2016-10-11 20:46 - 2016-06-14 13:16 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll</p><p>2016-10-11 20:46 - 2016-06-14 13:16 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll</p><p>2016-10-11 20:46 - 2016-06-14 13:16 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll</p><p>2016-10-11 20:46 - 2016-06-14 13:16 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll</p><p>2016-10-11 20:46 - 2016-06-14 13:16 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll</p><p>2016-10-11 20:46 - 2016-06-14 13:16 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll</p><p>2016-10-11 20:46 - 2016-06-14 13:16 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll</p><p>2016-10-11 20:46 - 2016-06-14 13:16 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll</p><p>2016-10-11 20:46 - 2016-06-14 13:16 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll</p><p>2016-10-11 20:46 - 2016-06-14 13:11 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys</p><p>2016-10-11 20:46 - 2016-06-14 11:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll</p><p>2016-10-11 20:46 - 2016-06-14 11:21 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll</p><p>2016-10-11 20:46 - 2016-06-14 11:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll</p><p>2016-10-11 20:46 - 2016-06-14 11:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll</p><p>2016-10-11 20:46 - 2016-06-14 11:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll</p><p>2016-10-11 20:46 - 2016-06-14 11:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll</p><p>2016-10-11 20:46 - 2016-06-14 11:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll</p><p>2016-10-11 20:46 - 2016-06-14 11:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll</p><p>2016-10-11 20:46 - 2016-06-14 11:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll</p><p>2016-10-11 20:46 - 2016-06-14 11:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll</p><p>2016-10-11 20:46 - 2016-06-14 11:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll</p><p>2016-10-11 20:46 - 2016-06-14 11:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll</p><p>2016-10-11 20:46 - 2016-06-14 11:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll</p><p>2016-10-11 20:46 - 2016-06-14 11:15 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe</p><p>2016-10-11 20:45 - 2016-09-30 16:13 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll</p><p>2016-10-11 20:45 - 2016-09-30 15:28 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll</p><p>2016-10-11 20:45 - 2016-09-30 02:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb</p><p>2016-10-11 20:45 - 2016-09-30 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll</p><p>2016-10-11 20:45 - 2016-09-30 02:26 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll</p><p>2016-10-11 20:45 - 2016-09-30 02:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec</p><p>2016-10-11 20:45 - 2016-09-30 02:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll</p><p>2016-10-11 20:45 - 2016-09-30 02:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll</p><p>2016-10-11 20:45 - 2016-09-30 02:18 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll</p><p>2016-10-11 20:45 - 2016-09-30 02:17 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll</p><p>2016-10-11 20:45 - 2016-09-30 02:14 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll</p><p>2016-10-11 20:45 - 2016-09-30 02:13 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe</p><p>2016-10-11 20:45 - 2016-09-30 02:13 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe</p><p>2016-10-11 20:45 - 2016-09-30 02:12 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll</p><p>2016-10-11 20:45 - 2016-09-30 02:12 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll</p><p>2016-10-11 20:45 - 2016-09-30 02:05 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe</p><p>2016-10-11 20:45 - 2016-09-30 02:02 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb</p><p>2016-10-11 20:45 - 2016-09-30 01:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:51 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:50 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:47 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:46 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec</p><p>2016-10-11 20:45 - 2016-09-30 01:42 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:42 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:36 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:35 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:33 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe</p><p>2016-10-11 20:45 - 2016-09-30 01:33 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:32 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:32 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe</p><p>2016-10-11 20:45 - 2016-09-30 01:31 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:24 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:19 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:17 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:15 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:14 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:13 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:07 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:05 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl</p><p>2016-10-11 20:45 - 2016-09-30 01:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll</p><p>2016-10-11 20:45 - 2016-09-30 00:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll</p><p>2016-10-11 20:45 - 2016-09-30 00:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll</p><p>2016-10-11 20:45 - 2016-09-15 11:30 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll</p><p>2016-10-11 20:45 - 2016-09-15 11:15 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll</p><p>2016-10-11 20:45 - 2016-09-15 11:15 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll</p><p>2016-10-11 20:45 - 2016-09-12 17:13 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys</p><p>2016-10-11 20:45 - 2016-09-12 17:13 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys</p><p>2016-10-11 20:45 - 2016-09-12 17:08 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll</p><p>2016-10-11 20:45 - 2016-09-12 17:08 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll</p><p>2016-10-11 20:45 - 2016-09-12 17:08 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll</p><p>2016-10-11 20:45 - 2016-09-12 17:08 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll</p><p>2016-10-11 20:45 - 2016-09-12 17:08 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll</p><p>2016-10-11 20:45 - 2016-09-12 17:08 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll</p><p>2016-10-11 20:45 - 2016-09-12 17:08 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll</p><p>2016-10-11 20:45 - 2016-09-12 17:08 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll</p><p>2016-10-11 20:45 - 2016-09-12 17:08 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll</p><p>2016-10-11 20:45 - 2016-09-12 17:08 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll</p><p>2016-10-11 20:45 - 2016-09-12 17:08 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll</p><p>2016-10-11 20:45 - 2016-09-12 17:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll</p><p>2016-10-11 20:45 - 2016-09-12 17:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll</p><p>2016-10-11 20:45 - 2016-09-12 17:08 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll</p><p>2016-10-11 20:45 - 2016-09-12 17:08 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll</p><p>2016-10-11 20:45 - 2016-09-12 17:08 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll</p><p>2016-10-11 20:45 - 2016-09-12 17:08 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll</p><p>2016-10-11 20:45 - 2016-09-12 17:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll</p><p>2016-10-11 20:45 - 2016-09-12 16:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll</p><p>2016-10-11 20:45 - 2016-09-12 16:49 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll</p><p>2016-10-11 20:45 - 2016-09-12 16:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll</p><p>2016-10-11 20:45 - 2016-09-12 16:49 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll</p><p>2016-10-11 20:45 - 2016-09-12 16:49 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll</p><p>2016-10-11 20:45 - 2016-09-12 16:49 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll</p><p>2016-10-11 20:45 - 2016-09-12 16:49 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll</p><p>2016-10-11 20:45 - 2016-09-12 16:49 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll</p><p>2016-10-11 20:45 - 2016-09-12 16:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll</p><p>2016-10-11 20:45 - 2016-09-12 16:49 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll</p><p>2016-10-11 20:45 - 2016-09-12 16:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll</p><p>2016-10-11 20:45 - 2016-09-12 16:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll</p><p>2016-10-11 20:45 - 2016-09-12 16:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll</p><p>2016-10-11 20:45 - 2016-09-12 16:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll</p><p>2016-10-11 20:45 - 2016-09-12 16:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll</p><p>2016-10-11 20:45 - 2016-09-12 16:49 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll</p><p>2016-10-11 20:45 - 2016-09-12 16:39 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe</p><p>2016-10-11 20:45 - 2016-09-12 16:32 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys</p><p>2016-10-11 20:45 - 2016-09-12 16:32 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys</p><p>2016-10-11 20:45 - 2016-09-12 16:32 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys</p><p>2016-10-11 20:45 - 2016-09-12 16:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe</p><p>2016-10-11 20:45 - 2016-09-12 16:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe</p><p>2016-10-11 20:45 - 2016-09-12 16:25 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:29 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi</p><p>2016-10-11 20:45 - 2016-09-09 14:26 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi</p><p>2016-10-11 20:45 - 2016-09-09 14:23 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:01 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:00 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:00 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:51 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe</p><p>2016-10-11 20:45 - 2016-09-09 13:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys</p><p>2016-10-11 20:45 - 2016-09-09 13:51 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe</p><p>2016-10-11 20:45 - 2016-09-09 13:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe</p><p>2016-10-11 20:45 - 2016-09-09 13:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe</p><p>2016-10-11 20:45 - 2016-09-09 13:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe</p><p>2016-10-11 20:45 - 2016-09-09 13:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe</p><p>2016-10-11 20:45 - 2016-09-09 13:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe</p><p>2016-10-11 20:45 - 2016-09-09 13:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe</p><p>2016-10-11 20:45 - 2016-09-09 13:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-08 16:34 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll</p><p>2016-10-11 20:45 - 2016-09-08 16:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll</p><p>2016-10-11 20:45 - 2016-09-08 16:34 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll</p><p>2016-10-11 20:45 - 2016-09-08 16:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll</p><p>2016-10-11 20:45 - 2016-08-12 13:02 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll</p><p>2016-10-11 20:45 - 2016-08-12 13:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx</p><p>2016-10-11 20:45 - 2016-08-12 13:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll</p><p>2016-10-11 20:45 - 2016-08-12 12:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll</p><p>2016-10-11 20:45 - 2016-08-12 12:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx</p><p>2016-10-11 20:45 - 2016-08-12 12:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll</p><p>2016-10-11 20:45 - 2016-08-06 11:31 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll</p><p>2016-10-11 20:45 - 2016-08-06 11:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll</p><p>2016-10-11 20:45 - 2016-08-06 11:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll</p><p>2016-10-11 20:45 - 2016-08-06 11:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe</p><p>2016-10-11 20:45 - 2016-08-06 10:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe</p><p>2016-10-11 20:45 - 2016-08-06 10:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll</p><p>2016-10-11 20:45 - 2016-06-14 13:16 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll</p><p>2016-10-11 20:45 - 2016-06-14 13:16 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll</p><p>2016-10-11 20:45 - 2016-06-14 13:16 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll</p><p>2016-10-11 20:45 - 2016-06-14 13:16 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll</p><p>2016-10-11 20:45 - 2016-06-14 13:16 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll</p><p>2016-10-11 20:45 - 2016-06-14 13:16 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll</p><p>2016-10-11 20:45 - 2016-06-14 13:16 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll</p><p>2016-10-11 20:45 - 2016-06-14 13:16 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll</p><p>2016-10-11 20:45 - 2016-06-14 13:16 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll</p><p>2016-10-11 20:45 - 2016-06-14 13:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll</p><p>2016-10-11 20:45 - 2016-06-14 13:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll</p><p>2016-10-11 20:45 - 2016-06-14 11:21 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll</p><p>2016-10-11 20:45 - 2016-06-14 11:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll</p><p>2016-10-11 20:45 - 2016-06-14 11:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll</p><p>2016-10-11 20:45 - 2016-06-14 11:21 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll</p><p>2016-10-11 20:45 - 2016-06-14 11:21 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll</p><p>2016-10-11 20:45 - 2016-06-14 11:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll</p><p>2016-10-11 20:45 - 2016-06-14 11:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll</p><p>2016-10-11 20:45 - 2016-06-14 11:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll</p><p>2016-10-11 20:45 - 2016-06-14 11:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll</p><p>2016-10-11 20:45 - 2016-06-14 11:15 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe</p><p>2016-10-11 20:45 - 2016-06-14 11:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe</p><p>2016-10-11 20:45 - 2016-06-14 11:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe</p><p>2016-10-11 20:45 - 2016-06-14 11:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe</p><p>2016-10-11 20:45 - 2016-06-14 11:00 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe</p><p>2016-10-11 20:45 - 2016-06-14 11:00 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe</p><p>2016-10-11 20:44 - 2016-09-12 17:17 - 00077032 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe</p><p>2016-10-11 20:44 - 2016-09-12 17:08 - 01226752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll</p><p>2016-10-11 20:44 - 2016-09-09 11:54 - 01629184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll</p><p>2016-10-11 20:44 - 2016-09-09 11:54 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll</p><p>2016-10-11 20:44 - 2016-09-09 11:54 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll</p><p>2016-10-11 20:44 - 2016-09-09 11:54 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll</p><p>2016-10-11 20:44 - 2016-09-09 11:54 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll</p><p>2016-10-11 20:44 - 2016-09-09 11:54 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll</p><p>2016-10-11 20:44 - 2016-09-09 11:54 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll</p><p>2016-10-11 20:44 - 2016-08-29 11:31 - 14183424 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll</p><p>2016-10-11 20:44 - 2016-08-29 11:31 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll</p><p>2016-10-11 20:44 - 2016-08-29 11:31 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll</p><p>2016-10-11 20:44 - 2016-08-29 11:12 - 12880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll</p><p>2016-10-11 20:44 - 2016-08-29 11:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll</p><p>2016-10-11 20:44 - 2016-08-29 11:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll</p><p>2016-10-11 20:44 - 2016-08-29 11:04 - 03229696 _____ (Microsoft Corporation) C:\Windows\explorer.exe</p><p>2016-10-11 20:44 - 2016-08-29 10:55 - 02972672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe</p><p>2016-10-11 20:44 - 2016-08-16 16:40 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys</p><p>2016-10-11 20:44 - 2016-08-16 16:40 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys</p><p>2016-10-11 20:44 - 2016-08-16 16:40 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys</p><p>2016-10-11 20:44 - 2016-08-16 16:40 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys</p><p>2016-10-11 20:44 - 2016-08-16 16:40 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys</p><p>2016-10-11 20:44 - 2016-08-16 16:40 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys</p><p>2016-10-11 20:44 - 2016-08-16 16:40 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys</p><p>2016-10-11 20:43 - 2016-07-22 10:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe</p><p>2016-10-11 20:43 - 2016-07-22 10:51 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe</p><p>2016-10-03 09:55 - 2016-10-03 09:55 - 00025356 _____ C:\Users\Tracie\Downloads\dancing-script-ot.zip</p><p></p><p>==================== One Month Modified files and folders ========</p><p></p><p>(If an entry is included in the fixlist, the file/folder will be moved.)</p><p></p><p>2016-10-24 19:09 - 2016-07-29 09:51 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1e9a04b0975c1.job</p><p>2016-10-24 19:09 - 2016-07-29 09:51 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1e9a04ad0d8bd.job</p><p>2016-10-24 05:03 - 2009-07-14 00:45 - 00034432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0</p><p>2016-10-24 05:03 - 2009-07-14 00:45 - 00034432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0</p><p>2016-10-24 04:37 - 2014-06-23 11:29 - 00000000 ___RD C:\Users\Gregg\Sync</p><p>2016-10-24 04:36 - 2013-08-10 11:48 - 00000000 ____D C:\Users\Gregg</p><p>2016-10-24 04:34 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT</p><p>2016-10-23 13:35 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache</p><p>2016-10-23 12:31 - 2009-07-14 01:13 - 00782010 _____ C:\Windows\system32\PerfStringBackup.INI</p><p>2016-10-23 12:31 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\inf</p><p>2016-10-22 18:26 - 2013-10-29 07:49 - 00037888 ___SH C:\Users\Tracie\Thumbs.db</p><p>2016-10-22 16:02 - 2016-04-18 13:14 - 00000000 ____D C:\Users\Gregg\Desktop\Old Firefox Data</p><p>2016-10-22 14:08 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system</p><p>2016-10-22 12:30 - 2013-08-10 13:48 - 00000000 ____D C:\Users\Gregg\AppData\Local\ElevatedDiagnostics</p><p>2016-10-22 12:30 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF</p><p>2016-10-21 09:28 - 2013-08-11 08:34 - 00000000 ____D C:\Users\Tracie\AppData\LocalLow\VeriSign</p><p>2016-10-17 13:34 - 2016-06-18 22:12 - 00000000 ____D C:\Users\Tracie\AppData\Roaming\Skype</p><p>2016-10-17 13:25 - 2014-03-18 17:00 - 00000000 ____D C:\Users\Tracie\AppData\Local\ElevatedDiagnostics</p><p>2016-10-17 13:10 - 2016-06-18 22:11 - 00000000 ___RD C:\Program Files (x86)\Skype</p><p>2016-10-17 13:10 - 2014-10-19 10:33 - 00000000 ____D C:\ProgramData\Skype</p><p>2016-10-17 13:06 - 2009-07-14 01:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD</p><p>2016-10-17 13:05 - 2013-09-13 08:15 - 00000000 ___RD C:\Users\Tracie\Virtual Machines</p><p>2016-10-17 13:05 - 2009-07-14 00:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk</p><p>2016-10-16 13:46 - 2013-08-18 13:54 - 00000000 ___RD C:\Users\Gregg\Virtual Machines</p><p>2016-10-16 13:46 - 2013-08-10 11:50 - 00106016 _____ C:\Users\Gregg\AppData\Local\GDIPFONTCACHEV1.DAT</p><p>2016-10-16 13:44 - 2009-07-14 00:45 - 00407440 _____ C:\Windows\system32\FNTCACHE.DAT</p><p>2016-10-16 13:42 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\Dism</p><p>2016-10-16 13:42 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\Dism</p><p>2016-10-16 13:41 - 2014-12-11 18:08 - 00000000 ____D C:\Windows\system32\appraiser</p><p>2016-10-16 13:41 - 2014-05-02 09:12 - 00000000 ___SD C:\Windows\system32\CompatTel</p><p>2016-10-16 13:40 - 2013-08-11 11:27 - 00000000 ____D C:\Program Files\Microsoft Silverlight</p><p>2016-10-16 13:40 - 2013-08-11 11:27 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight</p><p>2016-10-11 20:58 - 2013-11-21 20:41 - 00000000 ____D C:\Windows\system32\MRT</p><p>2016-10-11 20:51 - 2013-11-21 20:41 - 143495576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe</p><p>2016-10-11 20:50 - 2013-08-11 11:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight</p><p>2016-10-11 20:32 - 2013-10-07 18:39 - 00000000 ____D C:\Users\Tracie\AppData\Roaming\Nitro PDF</p><p>2016-10-06 12:40 - 2013-08-11 08:32 - 00106016 _____ C:\Users\Tracie\AppData\Local\GDIPFONTCACHEV1.DAT</p><p>2016-10-04 10:57 - 2013-05-13 18:48 - 00002206 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk</p><p></p><p>==================== Files in the root of some directories =======</p><p></p><p>2014-12-26 13:23 - 2016-05-26 00:26 - 0000291 _____ () C:\Users\Gregg\AppData\Roaming\WB.CFG</p><p>2015-03-21 11:23 - 2015-03-21 11:23 - 0274045 _____ () C:\Users\Gregg\AppData\Local\dsi1.dat</p><p>2015-03-21 11:23 - 2015-03-21 11:23 - 0161916 _____ () C:\Users\Gregg\AppData\Local\dsi2.dat</p><p></p><p>==================== Bamital & volsnap ======================</p><p></p><p>(There is no automatic fix for files that do not pass verification.)</p><p></p><p>C:\Windows\system32\winlogon.exe => File is digitally signed</p><p>C:\Windows\system32\wininit.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\wininit.exe => File is digitally signed</p><p>C:\Windows\explorer.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\explorer.exe => File is digitally signed</p><p>C:\Windows\system32\svchost.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\svchost.exe => File is digitally signed</p><p>C:\Windows\system32\services.exe => File is digitally signed</p><p>C:\Windows\system32\User32.dll => File is digitally signed</p><p>C:\Windows\SysWOW64\User32.dll => File is digitally signed</p><p>C:\Windows\system32\userinit.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\userinit.exe => File is digitally signed</p><p>C:\Windows\system32\rpcss.dll => File is digitally signed</p><p>C:\Windows\system32\dnsapi.dll => File is digitally signed</p><p>C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed</p><p>C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed</p><p></p><p></p><p>LastRegBack: 2016-10-23 11:34</p><p></p><p>==================== End of FRST.txt ============================</p><p></p><p></p><p></p><p></p><p></p><p></p><p>Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-10-2016</p><p>Ran by Gregg (24-10-2016 19:13:20)</p><p>Running from C:\Users\Gregg\Desktop</p><p>Windows 7 Professional Service Pack 1 (X64) (2013-08-10 15:48:41)</p><p>Boot Mode: Normal</p><p>==========================================================</p><p></p><p></p><p>==================== Accounts: =============================</p><p></p><p>Administrator (S-1-5-21-1075821121-420814958-1993860820-500 - Administrator - Disabled)</p><p>Danny (S-1-5-21-1075821121-420814958-1993860820-1008 - Limited - Enabled) => C:\Users\Danny</p><p>Gregg (S-1-5-21-1075821121-420814958-1993860820-1000 - Administrator - Enabled) => C:\Users\Gregg</p><p>Guest (S-1-5-21-1075821121-420814958-1993860820-501 - Limited - Disabled)</p><p>HomeGroupUser$ (S-1-5-21-1075821121-420814958-1993860820-1002 - Limited - Enabled)</p><p>Sam (S-1-5-21-1075821121-420814958-1993860820-1007 - Limited - Enabled) => C:\Users\Sam</p><p>Tracie (S-1-5-21-1075821121-420814958-1993860820-1006 - Administrator - Enabled) => C:\Users\Tracie</p><p></p><p>==================== Security Center ========================</p><p></p><p>(If an entry is included in the fixlist, it will be removed.)</p><p></p><p>AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}</p><p>AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}</p><p>AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}</p><p></p><p>==================== Installed Programs ======================</p><p></p><p>(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)</p><p></p><p>Acronis True Image 2014 (HKLM-x32\...\{6B38A7DF-F641-45D5-BBCA-3E676ABCF5C8}Visible) (Version: 17.0.6673 - Acronis)</p><p>Acronis True Image 2014 (x32 Version: 17.0.6673 - Acronis) Hidden</p><p>Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.198 - Adobe Systems Incorporated)</p><p>Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.242 - Adobe Systems Incorporated)</p><p>Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)</p><p>Adobe Photoshop 6.0 (HKLM-x32\...\Adobe Photoshop 6.0) (Version: 6.0 - Adobe Systems, Inc.)</p><p>Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)</p><p>Adobe SVG Viewer (HKLM-x32\...\Adobe SVG Viewer) (Version: 1.0 - Adobe Systems, Inc.)</p><p>Avast Free Antivirus (HKLM-x32\...\avast) (Version: 11.2.2262 - AVAST Software)</p><p>Burn.Now 4.5 (x32 Version: 4.5.0 - Corel Corporation) Hidden</p><p>Corel Burn.Now Lenovo Edition (HKLM-x32\...\InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation)</p><p>Corel DVD MovieFactory 7 (x32 Version: 7.0.0 - Corel Corporation) Hidden</p><p>Corel DVD MovieFactory Lenovo Edition (HKLM-x32\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation)</p><p>Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)</p><p>D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden</p><p>Direct DiscRecorder (x32 Version: 1.00.0000 - Corel Corporation) Hidden</p><p>EPSON NX430 Series Printer Uninstall (HKLM\...\EPSON NX430 Series) (Version: - SEIKO EPSON Corporation)</p><p>Evernote v. 4.2.3 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.3.15 - Evernote Corp.)</p><p>Fitbit Connect (HKLM-x32\...\{6EB73D9D-645E-415B-8008-83C3CB865968}) (Version: 2.0.1.6742 - Fitbit Inc.)</p><p>Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.143 - Google Inc.)</p><p>Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)</p><p>Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden</p><p>Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden</p><p>Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden</p><p>HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.3.193 - SurfRight B.V.)</p><p>Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)</p><p>Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)</p><p>Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)</p><p>Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)</p><p>Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2696 - Intel Corporation)</p><p>Intel(R) Processor ID Utility (HKLM-x32\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 4.70.0000 - Intel(R) Corporation)</p><p>Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)</p><p>Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)</p><p>Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden</p><p>Lenovo Patch Utility 64 bit (HKLM\...\{0369F866-2CE0-4EB9-B426-88FA122C6E82}) (Version: 1.3.0.9 - Lenovo Group Limited)</p><p>Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.4 - Lenovo Inc.)</p><p>Lenovo SimpleTap (HKLM\...\{BF601122-9F0A-41A9-BA06-3158D9FB4B80}) (Version: 3.2.0004.00 - Lenovo Group Limited)</p><p>Lenovo Solution Center (HKLM\...\{AB46AC6D-3E9A-4484-8061-64FF10301B41}) (Version: 3.3.002.00 - Lenovo)</p><p>Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0022 - Lenovo)</p><p>Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0008.00 - Lenovo)</p><p>Lenovo Welcome (HKLM-x32\...\{2DC26D10-CC6A-494F-BEA3-B5BC21126D5E}) (Version: 3.1.0020.00 - Lenovo Group Limited)</p><p>Logitech Vid (HKLM-x32\...\{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}) (Version: 1.10.1009 - Logitech Inc.)</p><p>Logitech Webcam Software (HKLM\...\{987FE247-4E69-4A2E-A961-D14F901FDBF6}) (Version: 12.10.1113 - Logitech Inc.)</p><p>Logitech Webcam Software Driver Package (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)</p><p>Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)</p><p>Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden</p><p>Message Center Plus (HKLM\...\{3849486C-FF09-4F5D-B491-3E179D58EE15}) (Version: 3.1.0004.00 - Lenovo Group Limited)</p><p>Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden</p><p>Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)</p><p>Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)</p><p>Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)</p><p>Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)</p><p>Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)</p><p>Mozilla Firefox 46.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 en-US)) (Version: 46.0.1 - Mozilla)</p><p>Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)</p><p>Nalpeiron License Management (x32 Version: 6.3.9.1 - Nalpeiron) Hidden</p><p>Nitro Pro 7 (HKLM\...\{8E0790DA-185E-4DC1-8A88-750B2A6218FD}) (Version: 7.4.1.4 - Nitro PDF Software)</p><p>Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}_is1) (Version: 3.40.0001 - Lenovo Group Limited)</p><p>Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 1.12.0016 - Realtek)</p><p>Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6602 - Realtek Semiconductor Corp.)</p><p>SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden</p><p>Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)</p><p>Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.101 - Skype Technologies S.A.)</p><p>Sure Cuts A Lot Pro 3.059 (HKLM-x32\...\Sure Cuts A Lot 3 Pro_is1) (Version: - Craft Edge)</p><p>Sure Cuts A Lot Pro 4.018 (HKLM-x32\...\Sure Cuts A Lot 4 Pro_is1) (Version: - Craft Edge)</p><p>ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 3.0.30.0 - Lenovo)</p><p>View Management Utility (HKLM-x32\...\InstallShield_{C6254514-DD94-45E5-87C0-B9CB90A34C89}) (Version: 3.0.12.0329 - Lenovo)</p><p>View Management Utility (Version: 3.0.12.0329 - Lenovo) Hidden</p><p>VIP Access (HKLM-x32\...\{E8D46836-CD55-453C-A107-A59EC51CB8DC}) (Version: 2.0.5.13 - VeriSign)</p><p>Windows Driver Package - Intel Corporation (igfx) Display (03/19/2012 8.15.10.2696) (HKLM\...\6AF882A8E50505CE490495746E271C3F586F9110) (Version: 03/19/2012 8.15.10.2696 - Intel Corporation)</p><p>Windows Driver Package - Intel hdc (09/10/2010 9.2.0.1011) (HKLM\...\171901D8B4D5484C362A709BF264A50F065A14FB) (Version: 09/10/2010 9.2.0.1011 - Intel)</p><p>Windows Driver Package - Intel System (08/26/2011 9.3.0.1011) (HKLM\...\D8EF6CACF49BD33CC1FACD124C8CC2B1A8E8AE35) (Version: 08/26/2011 9.3.0.1011 - Intel)</p><p>Windows Driver Package - Intel System (09/10/2010 9.2.0.1011) (HKLM\...\0CDBDD444A1F5FFEA227B4E7DCE195F11F08240A) (Version: 09/10/2010 9.2.0.1011 - Intel)</p><p>Windows Driver Package - Intel System (11/20/2010 9.2.0.1016) (HKLM\...\43B5066463CEBC83E99586A67037B6F9FC4193FE) (Version: 11/20/2010 9.2.0.1016 - Intel)</p><p>Windows Driver Package - Intel USB (12/21/2010 9.2.0.1021) (HKLM\...\0DD5528A211904214F70A66DE6ADBD378B21566D) (Version: 12/21/2010 9.2.0.1021 - Intel)</p><p>Windows Driver Package - Realtek (RTL8167) Net (11/23/2011 7.050.1123.2011) (HKLM\...\93D0B653D730EB57C01C763D1BE4E63ABC9204F0) (Version: 11/23/2011 7.050.1123.2011 - Realtek)</p><p>Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (03/27/2012 6.0.1.6602) (HKLM\...\88CB7AA478955801F99FBF6D2BCF739BEB87A7F3) (Version: 03/27/2012 6.0.1.6602 - Realtek Semiconductor Corp.)</p><p>Windows Driver Package - USCutter Printer (06/05/2013 6.10.00.00) (HKLM\...\BFB0583D91751D3AE3269361E5E5640FD085A8BD) (Version: 06/05/2013 6.10.00.00 - USCutter)</p><p>Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)</p><p>Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)</p><p>Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16423 - Microsoft Corporation)</p><p>Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.50.133 - Zemana Ltd.)</p><p></p><p>==================== Custom CLSID (Whitelisted): ==========================</p><p></p><p>(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p></p><p>==================== Scheduled Tasks (Whitelisted) =============</p><p></p><p>(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p>Task: {018ABB0D-1399-47B9-90A5-3A2821BC415B} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-04-20] (Lenovo)</p><p>Task: {0643C391-21B5-463D-A812-7361B7AAFF96} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-05-14] (AVAST Software)</p><p>Task: {21F25E3C-3CF6-473D-AD00-668B533E23F7} - System32\Tasks\GoogleUpdateTaskMachineCore1d1e9a04ad0d8bd => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)</p><p>Task: {28C17811-A1D3-4EBE-A623-4296AB34898E} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-04] (AVAST Software)</p><p>Task: {2969E9CB-3EFB-4840-9973-EBD3391A39CF} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2016-01-13] ()</p><p>Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION</p><p>Task: {42BCC1E4-E859-407E-A85E-3A2545A583FC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-14] (Adobe Systems Incorporated)</p><p>Task: {5C74CD5B-9CC0-4F20-9613-A9EAA16801BB} - System32\Tasks\Lenovo\SimpleTap\Start SimpleTap for Desktop.Tracie => C:\Program Files\Lenovo\SimpleTap\SimpleTap.exe [2012-05-15] (Lenovo)</p><p>Task: {5DD8BA87-AB26-4CCF-91D7-FF0BDB63C2DD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)</p><p>Task: {6B4E0CEF-F8E3-49EE-B180-013723CC5439} - System32\Tasks\GoogleUpdateTaskMachineUA1d1e9a04b0975c1 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)</p><p>Task: {79AFF3E0-A380-4D61-B0AF-818373518F34} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [2016-04-20] ()</p><p>Task: {7BE2E53B-E28D-4E6C-B477-90F782EA2EEA} - System32\Tasks\PMTask => C:\Program Files (x86)\Lenovo\PowerMgr\PwmIdTsv.exe [2015-03-13] (Lenovo Group Limited)</p><p>Task: {7F7AD088-DAEE-4B59-B976-4E0CE2F6EF94} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2013-08-08] (Lenovo)</p><p>Task: {7FBADBDC-DA0D-43A1-BEB3-ED34417A18C4} - System32\Tasks\Lenovo\SimpleTap\Start SimpleTap for Desktop.Gregg => C:\Program Files\Lenovo\SimpleTap\SimpleTap.exe [2012-05-15] (Lenovo)</p><p>Task: {8938C1B5-8F71-4E02-82B1-0AAF392FCA1A} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-04-20] (Lenovo)</p><p>Task: {8E45E960-9322-4E0A-862F-C435DAC5EE12} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)</p><p>Task: {96EE4EF5-9FF6-4943-A210-FAD03A96E6AF} - System32\Tasks\SafeZone scheduled Autoupdate 1461164679 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software)</p><p>Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION</p><p>Task: {B58D5023-57C7-4125-B0E3-31A02B41A40F} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION</p><p>Task: {B7501F25-9238-4B99-8672-60AD59D5A88E} - System32\Tasks\Lenovo\Message Center Plus Launcher => C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe [2012-05-15] (Lenovo)</p><p>Task: {B7A8AB88-25DA-4964-A100-223C1B865CC7} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION</p><p>Task: {C3D91A5E-F5BB-4AF4-BC8D-3DC2FC7D687B} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-04-20] (Lenovo)</p><p>Task: {C4A052DC-0560-4DEE-9745-A3FD7989F48E} - System32\Tasks\{936CADE8-B331-4107-92E2-1CAD683B5F8F} => C:\Program Files (x86)\Adobe\Photoshop 6.0\Photoshp.exe [2013-08-10] (Adobe Systems, Incorporated)</p><p>Task: {CA3BF145-5A51-47D6-AC8D-66B74AD303D5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)</p><p>Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION</p><p>Task: {D5450CD3-E085-472A-9F22-9DBE53B71C07} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"</p><p>Task: {DC824F79-BC91-4E40-A6E5-04361D8736DE} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2016-04-20] (Lenovo)</p><p>Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION</p><p></p><p>(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)</p><p></p><p>Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe</p><p>Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe</p><p>Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1e9a04ad0d8bd.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe</p><p>Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe</p><p>Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1e9a04b0975c1.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe</p><p></p><p>==================== Shortcuts =============================</p><p></p><p>(The entries could be listed to be restored or removed.)</p><p></p><p>Shortcut: C:\Users\Gregg\Documents\WD 1TB Hard Disc Instructions\Extras\Adobe Reader Download.lnk -> hxxp://get.adobe.com/reader/</p><p></p><p>==================== Loaded Modules (Whitelisted) ==============</p><p></p><p>2013-10-01 10:26 - 2013-10-01 10:26 - 02810968 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll</p><p>2012-05-24 02:04 - 2012-05-24 02:04 - 00108040 _____ () C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NPShellExtension64.dll</p><p>2016-10-22 19:22 - 2016-10-22 19:22 - 00152944 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll</p><p>2013-05-13 18:21 - 2012-03-19 03:09 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll</p><p>2009-10-14 13:36 - 2009-10-14 13:36 - 02793304 _____ () C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe</p><p>2009-10-14 13:34 - 2009-10-14 13:34 - 00560472 _____ () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe</p><p>2015-05-24 15:40 - 2015-03-13 13:59 - 00035584 _____ () C:\Program Files (x86)\Lenovo\PowerMgr\US\PWMRT64V.DLL</p><p>2016-05-14 11:16 - 2016-05-14 11:16 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll</p><p>2016-05-14 11:16 - 2016-05-14 11:16 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll</p><p>2016-10-20 10:38 - 2016-10-20 10:38 - 03121496 _____ () C:\Program Files\AVAST Software\Avast\defs\16102000\algo.dll</p><p>2016-05-14 11:16 - 2016-05-14 11:16 - 00309912 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll</p><p>2016-05-14 11:16 - 2016-05-14 11:16 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll</p><p>2009-07-16 15:34 - 2009-07-16 15:34 - 02140944 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\QtCore4.dll</p><p>2009-07-16 15:34 - 2009-07-16 15:34 - 07704336 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\QtGui4.dll</p><p>2009-07-16 15:34 - 2009-07-16 15:34 - 00968976 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\QtNetwork4.dll</p><p>2009-07-16 15:34 - 2009-07-16 15:34 - 00475408 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\QtOpenGL4.dll</p><p>2009-07-16 15:35 - 2009-07-16 15:35 - 00363792 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\QtXml4.dll</p><p>2009-07-16 15:34 - 2009-07-16 15:34 - 00199952 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\QtSql4.dll</p><p>2009-07-16 15:35 - 2009-07-16 15:35 - 00027408 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\SDL.dll</p><p>2009-07-16 15:35 - 2009-07-16 15:35 - 11311888 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\QtWebKit4.dll</p><p>2009-07-16 15:34 - 2009-07-16 15:34 - 00291600 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\phonon4.dll</p><p>2009-07-16 15:36 - 2009-07-16 15:36 - 00028944 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\plugins\imageformats\qgif4.dll</p><p>2009-07-16 15:36 - 2009-07-16 15:36 - 00035088 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\plugins\imageformats\qico4.dll</p><p>2009-07-16 15:36 - 2009-07-16 15:36 - 00138000 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\plugins\imageformats\qjpeg4.dll</p><p>2013-05-13 18:48 - 2012-07-12 08:59 - 00891392 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll</p><p>2013-05-13 18:48 - 2012-07-12 08:59 - 02281984 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll</p><p>2013-05-13 18:48 - 2012-07-12 08:59 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll</p><p>2013-05-13 18:48 - 2012-07-12 08:59 - 00339456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll</p><p>2013-05-13 18:48 - 2012-07-12 08:59 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll</p><p>2013-05-13 18:48 - 2012-07-12 08:59 - 00016896 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll</p><p>2013-05-13 18:48 - 2012-07-12 08:59 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll</p><p>2013-05-13 18:48 - 2012-07-12 08:59 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll</p><p>2013-05-13 18:48 - 2012-07-12 08:59 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll</p><p>2013-05-13 18:48 - 2012-07-12 08:59 - 00446976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll</p><p>2013-05-13 18:48 - 2012-07-12 08:59 - 00019456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll</p><p>2013-05-13 18:48 - 2012-07-12 08:59 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll</p><p>2016-04-20 10:52 - 2016-04-20 10:52 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll</p><p>2014-02-04 18:25 - 2014-02-04 18:25 - 00036672 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_icontray_ex.dll</p><p>2014-02-04 18:25 - 2014-02-04 18:25 - 00028992 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll</p><p>2014-12-11 18:40 - 2014-12-11 18:40 - 40622592 ____R () C:\Program Files (x86)\Fitbit Connect\libcef.dll</p><p>2016-05-12 03:52 - 2016-05-12 03:52 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\9494e643d25019b25b5cf70f2ffc0778\IsdiInterop.ni.dll</p><p>2013-05-13 18:35 - 2012-02-01 19:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll</p><p>2014-02-04 18:28 - 2014-02-04 18:28 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll</p><p>2013-05-13 18:33 - 2011-12-15 22:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll</p><p></p><p>==================== Alternate Data Streams (Whitelisted) =========</p><p></p><p>(If an entry is included in the fixlist, only the ADS will be removed.)</p><p></p><p>AlternateDataStreams: C:\Windows:nlsPreferences [386]</p><p></p><p>==================== Safe Mode (Whitelisted) ===================</p><p></p><p>(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)</p><p></p><p></p><p>==================== Association (Whitelisted) ===============</p><p></p><p>(If an entry is included in the fixlist, the registry item will be restored to default or removed.)</p><p></p><p></p><p>==================== Internet Explorer trusted/restricted ===============</p><p></p><p>(If an entry is included in the fixlist, it will be removed from the registry.)</p><p></p><p></p><p>==================== Hosts content: ===============================</p><p></p><p>(If needed Hosts: directive could be included in the fixlist to reset Hosts.)</p><p></p><p>2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts</p><p></p><p></p><p>==================== Other Areas ============================</p><p></p><p>(Currently there is no automatic fix for this section.)</p><p></p><p>HKU\S-1-5-21-1075821121-420814958-1993860820-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Gregg\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg</p><p>DNS Servers: 192.168.1.1 - 75.75.75.75</p><p>HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)</p><p>Windows Firewall is enabled.</p><p></p><p>==================== MSCONFIG/TASK MANAGER disabled items ==</p><p></p><p></p><p>==================== FirewallRules (Whitelisted) ===============</p><p></p><p>(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p>FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe</p><p>FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe</p><p>FirewallRules: [{CC66B248-AB88-4E33-9BA2-7982C8B00370}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe</p><p>FirewallRules: [{48B3AD3E-0951-4565-BB1F-E89D65BB154A}] => (Allow) LPort=2869</p><p>FirewallRules: [{2A5CC059-E2B7-4A3C-B897-49516F478909}] => (Allow) LPort=1900</p><p>FirewallRules: [{03B568EE-4C24-4134-869E-9DCE3AFF2CC2}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe</p><p>FirewallRules: [{B7156865-9D74-4732-9E97-706F7BC3FC24}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe</p><p>FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe</p><p>FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe</p><p>FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe</p><p>FirewallRules: [TCP Query User{FBF16CEF-BE24-4798-A928-1632243FDD98}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => (Block) C:\program files (x86)\intel\intelappstore\bin\ismagent.exe</p><p>FirewallRules: [UDP Query User{E87A58D8-8DC4-4528-8B6C-AC1CE2AB7574}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => (Block) C:\program files (x86)\intel\intelappstore\bin\ismagent.exe</p><p>FirewallRules: [TCP Query User{B4684E96-524A-497B-8FFC-ACFCDC93393D}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => (Block) C:\program files (x86)\intel\intelappstore\bin\ismagent.exe</p><p>FirewallRules: [UDP Query User{DC6D32BD-5FA8-4864-B0FD-2C86B808B7E7}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => (Block) C:\program files (x86)\intel\intelappstore\bin\ismagent.exe</p><p>FirewallRules: [{F85FC0BC-677B-428C-B570-B9D7AB9F8F52}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe</p><p>FirewallRules: [{C8E0F64C-E97A-44D2-BD89-DF71979F2EE0}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe</p><p>FirewallRules: [{0C72DF24-765E-431D-8A0B-4E7F22DAB263}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe</p><p>FirewallRules: [{C92A1C3E-7A57-49B2-AF7A-24149AAD37C2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe</p><p>FirewallRules: [{6893775C-A4B3-4CED-98B7-3230F2CFF8BC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe</p><p>FirewallRules: [{263CB1DB-5BF9-4548-B478-16768AC3D705}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe</p><p>FirewallRules: [{29AA7F43-0374-4050-955C-5204AAD4DA88}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe</p><p>FirewallRules: [{72B69494-5864-4F06-991C-474FD3D224A2}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe</p><p>FirewallRules: [{F5D3A7F7-9766-4022-8A03-4EC700F3F421}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe</p><p>FirewallRules: [{E36C4329-578C-4A7B-ACA2-78F864CBEC2C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe</p><p>FirewallRules: [{D19DA5F0-90E2-4B7F-9075-DBA29636F9EB}] => (Allow) C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe</p><p>FirewallRules: [{CC1895BB-1539-4022-9106-11F864684D5A}] => (Allow) C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe</p><p>FirewallRules: [{9B320C43-AA48-4D68-A7DF-656FC817EAA7}] => (Allow) C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe</p><p>FirewallRules: [{835DE8D0-C4E6-47F8-8F76-8F664B95691E}] => (Allow) C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe</p><p></p><p>==================== Restore Points =========================</p><p></p><p>16-09-2016 03:00:40 Windows Update</p><p>20-09-2016 08:38:31 Windows Update</p><p>22-09-2016 03:00:23 Windows Update</p><p>27-09-2016 10:40:37 Windows Update</p><p>30-09-2016 12:35:27 Windows Update</p><p>04-10-2016 10:39:52 Windows Update</p><p>10-10-2016 13:59:10 Windows Update</p><p>11-10-2016 20:47:19 Windows Update</p><p>16-10-2016 13:49:19 Windows Update</p><p>22-10-2016 13:31:24 JRT Pre-Junkware Removal</p><p>22-10-2016 18:52:04 JRT Pre-Junkware Removal</p><p></p><p>==================== Faulty Device Manager Devices =============</p><p></p><p></p><p>==================== Event log errors: =========================</p><p></p><p>Application errors:</p><p>==================</p><p>Error: (10/24/2016 04:34:58 AM) (Source: WinMgmt) (EventID: 10) (User: )</p><p>Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.</p><p></p><p>Error: (10/23/2016 09:56:54 PM) (Source: WinMgmt) (EventID: 10) (User: )</p><p>Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.</p><p></p><p>Error: (10/23/2016 08:14:06 PM) (Source: WinMgmt) (EventID: 10) (User: )</p><p>Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.</p><p></p><p>Error: (10/23/2016 10:43:04 AM) (Source: WinMgmt) (EventID: 10) (User: )</p><p>Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.</p><p></p><p>Error: (10/22/2016 09:07:24 PM) (Source: WinMgmt) (EventID: 10) (User: )</p><p>Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.</p><p></p><p>Error: (10/22/2016 06:53:26 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application name: LVPrcSrv.exe, version: 12.10.1110.0, time stamp: 0x4acc50c4</p><p>Faulting module name: LVPrcSrv.exe, version: 12.10.1110.0, time stamp: 0x4acc50c4</p><p>Exception code: 0xc0000005</p><p>Fault offset: 0x0000000000007af2</p><p>Faulting process id: 0x418</p><p>Faulting application start time: 0x01d22c9d3ce4e9cc</p><p>Faulting application path: C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe</p><p>Faulting module path: C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe</p><p>Report Id: 56f68d37-98aa-11e6-bcf7-7427ea65c8b8</p><p></p><p>Error: (10/22/2016 03:48:38 PM) (Source: WinMgmt) (EventID: 10) (User: )</p><p>Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.</p><p></p><p>Error: (10/22/2016 02:09:06 PM) (Source: WinMgmt) (EventID: 10) (User: )</p><p>Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.</p><p></p><p>Error: (10/22/2016 01:33:56 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application name: LVPrcSrv.exe, version: 12.10.1110.0, time stamp: 0x4acc50c4</p><p>Faulting module name: LVPrcSrv.exe, version: 12.10.1110.0, time stamp: 0x4acc50c4</p><p>Exception code: 0xc0000005</p><p>Fault offset: 0x0000000000007af2</p><p>Faulting process id: 0x4c8</p><p>Faulting application start time: 0x01d22c89e2b444ea</p><p>Faulting application path: C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe</p><p>Faulting module path: C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe</p><p>Report Id: b4bf65e6-987d-11e6-9f2e-7427ea65c8b8</p><p></p><p>Error: (10/22/2016 01:30:05 PM) (Source: WinMgmt) (EventID: 10) (User: )</p><p>Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.</p><p></p><p></p><p>System errors:</p><p>=============</p><p>Error: (10/24/2016 06:16:59 AM) (Source: Service Control Manager) (EventID: 7011) (User: )</p><p>Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the afcdpsrv service.</p><p></p><p>Error: (10/24/2016 04:35:42 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)</p><p>Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID</p><p>{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}</p><p> and APPID</p><p>{344ED43D-D086-4961-86A6-1106F4ACAD9B}</p><p>to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.</p><p></p><p>Error: (10/23/2016 09:57:38 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)</p><p>Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID</p><p>{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}</p><p>and APPID</p><p>{344ED43D-D086-4961-86A6-1106F4ACAD9B}</p><p>to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.</p><p></p><p>Error: (10/23/2016 08:14:50 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)</p><p>Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID</p><p>{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}</p><p>and APPID</p><p>{344ED43D-D086-4961-86A6-1106F4ACAD9B}</p><p>to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.</p><p></p><p>Error: (10/23/2016 12:48:07 PM) (Source: Disk) (EventID: 11) (User: )</p><p>Description: The driver detected a controller error on \Device\Harddisk1\DR2.</p><p></p><p>Error: (10/23/2016 12:48:06 PM) (Source: Disk) (EventID: 11) (User: )</p><p>Description: The driver detected a controller error on \Device\Harddisk1\DR2.</p><p></p><p>Error: (10/23/2016 12:48:06 PM) (Source: Disk) (EventID: 11) (User: )</p><p>Description: The driver detected a controller error on \Device\Harddisk1\DR2.</p><p></p><p>Error: (10/23/2016 12:48:05 PM) (Source: Disk) (EventID: 11) (User: )</p><p>Description: The driver detected a controller error on \Device\Harddisk1\DR2.</p><p></p><p>Error: (10/23/2016 12:48:05 PM) (Source: Disk) (EventID: 11) (User: )</p><p>Description: The driver detected a controller error on \Device\Harddisk1\DR2.</p><p></p><p>Error: (10/23/2016 10:49:18 AM) (Source: Service Control Manager) (EventID: 7022) (User: )</p><p>Description: The Windows Update service hung on starting.</p><p></p><p></p><p>==================== Memory info ===========================</p><p></p><p>Processor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz</p><p>Percentage of memory in use: 43%</p><p>Total physical RAM: 3917.78 MB</p><p>Available physical RAM: 2210.89 MB</p><p>Total Virtual: 7833.75 MB</p><p>Available Virtual: 5809.3 MB</p><p></p><p>==================== Drives ================================</p><p></p><p>Drive c: (Windows7_OS) (Fixed) (Total:450.62 GB) (Free:353.97 GB) NTFS ==>[system with boot components (obtained from drive)]</p><p>Drive q: (Lenovo_Recovery) (Fixed) (Total:13.67 GB) (Free:3.59 GB) NTFS</p><p></p><p>==================== MBR & Partition Table ==================</p><p></p><p>========================================================</p><p>Disk: 0 (Size: 465.8 GB) (Disk ID: 30385182)</p><p>Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)</p><p>Partition 2: (Not Active) - (Size=450.6 GB) - (Type=07 NTFS)</p><p>Partition 3: (Not Active) - (Size=13.7 GB) - (Type=07 NTFS)</p><p></p><p>==================== End of Addition.txt ============================</p></blockquote><p></p>
[QUOTE="skibumm100, post: 557413, member: 56338"] OK, I had my wife rerun the scans and here are the results. Sorry about the previous one....my bad. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-10-2016 Ran by Gregg (administrator) on DESKTOP (24-10-2016 19:12:27) Running from C:\Users\Gregg\Desktop Loaded Profiles: Gregg (Available Profiles: Gregg & Tracie & Sam & Danny) Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: [URL="http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/"]FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials[/URL] ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe (Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe (Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe (Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE (Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (Logitech Inc.) C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe (Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe () C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe (Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe () C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe (Lenovo) C:\Program Files (x86)\Lenovo\PowerMgr\PWMDBSVC.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Lenovo Group Limited) C:\Program Files (x86)\Lenovo\PowerMgr\SCHTASK.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\Setup\instup.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12459112 2012-03-27] (Realtek Semiconductor) HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [289648 2012-05-24] (Lenovo Group Limited) HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [518424 2013-07-18] (Acronis) HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13823216 2016-10-04] (Zemana Ltd.) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation) HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation) HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7408312 2016-07-13] (AVAST Software) HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7805936 2014-02-04] (Acronis) HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1102192 2013-10-10] (Acronis International GmbH) HKLM-x32\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] () HKLM-x32\...\Run: [Power Manager Startup Utility] => C:\Program Files (x86)\Lenovo\PowerMgr\DPMHost.exe [27392 2015-03-13] () HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-1075821121-420814958-1993860820-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2015-03-07] (Google Inc.) HKU\S-1-5-21-1075821121-420814958-1993860820-1000\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe [5458704 2009-07-16] (Logitech Inc.) HKU\S-1-5-21-1075821121-420814958-1993860820-1000\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-1075821121-420814958-1993860820-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-1075821121-420814958-1993860820-1000\...\MountPoints2: {211a15c6-bc1c-11e2-9931-806e6f6e6963} - Q:\LenovoQDrive.exe HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Windows\System32\Magnify.exe [652800 2009-07-13] (Microsoft Corporation) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-05-14] (AVAST Software) ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] () ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] () ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk [2013-08-10] ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) GroupPolicy\User: Restriction <======= ATTENTION GroupPolicyUsers\S-1-5-21-1075821121-420814958-1993860820-1008\User: Restriction <======= ATTENTION GroupPolicyUsers\S-1-5-21-1075821121-420814958-1993860820-1007\User: Restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 75.75.75.75 75.75.76.76 Tcpip\..\Interfaces\{04175B5E-002F-4C87-B1FF-8266814B0F32}: [DhcpNameServer] 192.168.1.1 75.75.75.75 75.75.76.76 Internet Explorer: ================== HKU\S-1-5-21-1075821121-420814958-1993860820-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://[URL="http://www.msn.com/"]www.msn.com/[/URL] HKU\S-1-5-21-1075821121-420814958-1993860820-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://[URL="http://www.lenovo.com/welcome/thinkcentre"]www.lenovo.com/welcome/thinkcentre[/URL] BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-04-20] (AVAST Software) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll [2012-04-19] (Symantec Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04-20] (AVAST Software) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll [2012-04-19] (Symantec Corporation) Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc.) Toolbar: HKU\S-1-5-21-1075821121-420814958-1993860820-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc.) DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\Gregg\AppData\Roaming\Mozilla\Firefox\Profiles\xtzj8u4d.default-1477166576127 [2016-10-23] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-14] FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-05-14] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF HKLM-x32\...\Firefox\Extensions: [VIP4X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client FF Extension: (Symantec VIP Access Add-On) - C:\Program Files (x86)\Symantec\VIP Access Client [2013-05-13] [not signed] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-14] () FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-14] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll [2012-05-24] ( ) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR StartupUrls: Default -> "hxxp://[URL="http://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP"]www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP[/URL]" CHR Profile: C:\Users\Gregg\AppData\Local\Google\Chrome\User Data\Default [2016-10-22] CHR Extension: (avast! Online Security) - C:\Users\Gregg\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-10-22] CHR Extension: (Google Wallet) - C:\Users\Gregg\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-19] CHR HKU\S-1-5-21-1075821121-420814958-1993860820-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fkkcgfbgohboipdhliafmacjnhjbhmim] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-04-20] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-14] (AVAST Software) R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [5570272 2016-05-14] (Avast Software) R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [5906088 2015-10-28] (Fitbit, Inc.) S2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [109352 2016-10-22] (SurfRight B.V.) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation) S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-04-20] (Lenovo) R2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-05-24] (Nitro PDF Software) R3 Power Manager DBC Service; C:\Program Files (x86)\Lenovo\PowerMgr\PWMDBSVC.EXE [63744 2015-03-13] (Lenovo) S3 PwmEWSvc; C:\Program Files (x86)\Lenovo\PowerMgr\PWMEWSVC.EXE [186624 2015-03-13] (Lenovo Group Limited) S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [21536 2016-01-13] () R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [61440 2008-01-10] (Ulead Systems, Inc.) [File not signed] R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2012-04-19] (Symantec Corporation) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13823216 2016-10-04] (Zemana Ltd.) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-05-14] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-05-14] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-05-14] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-05-14] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-14] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-05-14] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-05-14] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-05-14] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-05] (AVAST Software) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] () S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] () R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [161760 2016-04-20] (AVAST Software) R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-06-17] (Acronis International GmbH) R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2014-06-17] (Acronis International GmbH) R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-29] (Lenovo Information Product(ShenZhen China) Inc.) R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [323392 2016-05-14] (Avast Software) R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2014-06-17] (Acronis International GmbH) R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2016-10-22] (Zemana Ltd.) R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2016-10-22] (Zemana Ltd.) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-10-24 19:12 - 2016-10-24 19:12 - 00020250 _____ C:\Users\Gregg\Desktop\FRST.txt 2016-10-24 04:43 - 2016-10-24 04:43 - 00000102 _____ C:\Users\Gregg\Desktop\FRST2.txt 2016-10-24 04:41 - 2016-10-24 04:43 - 00039570 _____ C:\Users\Gregg\Desktop\Addition2.txt 2016-10-23 22:09 - 2016-10-23 22:09 - 00004418 _____ C:\Users\Gregg\Desktop\CheckDisk log.odt 2016-10-23 12:56 - 2016-10-23 12:56 - 00002346 _____ C:\Users\Gregg\Desktop\aswMBR.txt 2016-10-23 12:56 - 2016-10-23 12:56 - 00000512 _____ C:\Users\Gregg\Desktop\MBR.dat 2016-10-23 12:48 - 2016-10-23 12:44 - 05198336 _____ (AVAST Software) C:\Users\Gregg\Desktop\aswMBR.exe 2016-10-23 12:31 - 2016-10-24 04:41 - 00067827 _____ C:\Users\Gregg\Desktop\FRST1.txt 2016-10-23 12:31 - 2016-10-23 12:32 - 00038847 _____ C:\Users\Gregg\Desktop\Addition1.txt 2016-10-23 12:30 - 2016-10-24 19:12 - 00000000 ____D C:\FRST 2016-10-23 12:30 - 2016-10-23 12:28 - 02407424 _____ (Farbar) C:\Users\Gregg\Desktop\FRST64.exe 2016-10-22 21:03 - 2016-10-22 21:03 - 00000770 _____ C:\Users\Gregg\Desktop\MTB.txt 2016-10-22 19:23 - 2016-10-24 19:12 - 00078947 _____ C:\Windows\ZAM.krnl.trace 2016-10-22 19:23 - 2016-10-24 19:12 - 00038594 _____ C:\Windows\ZAM_Guard.krnl.trace 2016-10-22 19:22 - 2016-10-22 19:22 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys 2016-10-22 19:22 - 2016-10-22 19:22 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys 2016-10-22 19:22 - 2016-10-22 19:22 - 00001159 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk 2016-10-22 19:22 - 2016-10-22 19:22 - 00000000 ____D C:\Users\Gregg\AppData\Local\Zemana 2016-10-22 19:22 - 2016-10-22 19:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware 2016-10-22 19:22 - 2016-10-22 19:22 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware 2016-10-22 18:54 - 2016-10-22 18:56 - 00002050 _____ C:\Users\Gregg\Desktop\Rkill.txt 2016-10-22 18:54 - 2016-10-22 18:54 - 00002531 _____ C:\Users\Gregg\Desktop\JRT2.txt 2016-10-22 18:48 - 2016-10-22 17:05 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Gregg\Desktop\rkill.exe 2016-10-22 18:48 - 2016-10-22 17:04 - 00892416 _____ (Farbar) C:\Users\Gregg\Desktop\MiniToolBox.exe 2016-10-22 18:48 - 2016-10-22 16:50 - 05363600 _____ ( ) C:\Users\Gregg\Desktop\Zemana.AntiMalware.Setup.exe 2016-10-22 17:40 - 2016-10-22 17:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro 2016-10-22 15:11 - 2016-10-22 17:40 - 00000000 ____D C:\Program Files\HitmanPro 2016-10-22 15:07 - 2016-10-22 15:35 - 00000000 ____D C:\ProgramData\HitmanPro 2016-10-22 13:38 - 2016-10-22 18:59 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-10-22 13:37 - 2016-10-22 13:37 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2016-10-22 13:37 - 2016-10-22 13:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2016-10-22 13:37 - 2016-10-22 13:37 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-10-22 13:37 - 2016-10-22 13:37 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2016-10-22 13:37 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-10-22 13:37 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-10-22 13:37 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-10-22 13:35 - 2016-10-22 18:54 - 00002531 _____ C:\Users\Gregg\Desktop\JRT.txt 2016-10-22 13:23 - 2016-10-22 13:28 - 00000000 ____D C:\AdwCleaner 2016-10-22 13:22 - 2016-10-22 13:17 - 09741664 _____ (SurfRight B.V.) C:\Users\Gregg\Desktop\HitmanPro_x64.exe 2016-10-22 13:22 - 2016-10-22 13:16 - 22851472 _____ (Malwarebytes ) C:\Users\Gregg\Desktop\mbam-setup-2.2.1.1043.exe 2016-10-22 13:22 - 2016-10-22 13:14 - 01631928 _____ (Malwarebytes) C:\Users\Gregg\Desktop\JRT.exe 2016-10-22 13:22 - 2016-10-22 13:11 - 03910208 _____ C:\Users\Gregg\Desktop\adwcleaner_6.030.exe 2016-10-20 10:16 - 2016-10-20 10:16 - 00000000 ____H C:\Users\Tracie\AppData\Local\BITC84D.tmp 2016-10-20 10:15 - 2016-10-20 10:15 - 00000000 _____ C:\Users\Tracie\AppData\Local\{3783B7E6-30B8-4310-94B2-9CA51388D5F4} 2016-10-11 20:46 - 2016-09-30 11:37 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-10-11 20:46 - 2016-09-30 11:20 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2016-10-11 20:46 - 2016-09-30 11:20 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2016-10-11 20:46 - 2016-09-30 03:55 - 25765376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-10-11 20:46 - 2016-09-30 02:25 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-10-11 20:46 - 2016-09-30 02:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-10-11 20:46 - 2016-09-30 02:09 - 06048256 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-10-11 20:46 - 2016-09-30 01:47 - 20306944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-10-11 20:46 - 2016-09-30 01:42 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-10-11 20:46 - 2016-09-30 01:38 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-10-11 20:46 - 2016-09-30 01:32 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-10-11 20:46 - 2016-09-30 01:31 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-10-11 20:46 - 2016-09-30 01:21 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-10-11 20:46 - 2016-09-30 01:17 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-10-11 20:46 - 2016-09-30 01:12 - 04608512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-10-11 20:46 - 2016-09-30 01:05 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-10-11 20:46 - 2016-09-30 01:05 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-10-11 20:46 - 2016-09-30 01:03 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-10-11 20:46 - 2016-09-30 00:46 - 02444288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-10-11 20:46 - 2016-09-30 00:43 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-10-11 20:46 - 2016-09-15 11:30 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2016-10-11 20:46 - 2016-09-12 17:08 - 01465344 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-10-11 20:46 - 2016-09-12 16:37 - 03218944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-10-11 20:46 - 2016-09-12 15:08 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2016-10-11 20:46 - 2016-09-12 14:43 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2016-10-11 20:46 - 2016-09-12 14:43 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2016-10-11 20:46 - 2016-09-10 12:19 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll 2016-10-11 20:46 - 2016-09-10 11:53 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll 2016-10-11 20:46 - 2016-09-08 10:55 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2016-10-11 20:46 - 2016-09-08 10:55 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys 2016-10-11 20:46 - 2016-08-16 14:47 - 00419640 _____ C:\Windows\SysWOW64\locale.nls 2016-10-11 20:46 - 2016-08-16 14:47 - 00419640 _____ C:\Windows\system32\locale.nls 2016-10-11 20:46 - 2016-08-12 13:02 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2016-10-11 20:46 - 2016-08-12 13:02 - 12574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2016-10-11 20:46 - 2016-08-12 12:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2016-10-11 20:46 - 2016-08-12 12:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2016-10-11 20:46 - 2016-08-12 12:26 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll 2016-10-11 20:46 - 2016-08-06 11:31 - 02023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll 2016-10-11 20:46 - 2016-08-06 11:31 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll 2016-10-11 20:46 - 2016-08-06 11:31 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll 2016-10-11 20:46 - 2016-08-06 11:31 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll 2016-10-11 20:46 - 2016-08-06 11:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll 2016-10-11 20:46 - 2016-08-06 11:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll 2016-10-11 20:46 - 2016-08-06 11:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll 2016-10-11 20:46 - 2016-08-06 11:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll 2016-10-11 20:46 - 2016-08-06 11:01 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe 2016-10-11 20:46 - 2016-08-06 10:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe 2016-10-11 20:46 - 2016-06-14 13:21 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2016-10-11 20:46 - 2016-06-14 13:16 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2016-10-11 20:46 - 2016-06-14 13:16 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2016-10-11 20:46 - 2016-06-14 13:16 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll 2016-10-11 20:46 - 2016-06-14 13:16 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2016-10-11 20:46 - 2016-06-14 13:16 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2016-10-11 20:46 - 2016-06-14 13:16 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2016-10-11 20:46 - 2016-06-14 13:16 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2016-10-11 20:46 - 2016-06-14 13:16 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2016-10-11 20:46 - 2016-06-14 13:16 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2016-10-11 20:46 - 2016-06-14 13:16 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2016-10-11 20:46 - 2016-06-14 13:16 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2016-10-11 20:46 - 2016-06-14 13:16 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2016-10-11 20:46 - 2016-06-14 13:16 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2016-10-11 20:46 - 2016-06-14 13:16 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2016-10-11 20:46 - 2016-06-14 13:16 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2016-10-11 20:46 - 2016-06-14 13:16 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2016-10-11 20:46 - 2016-06-14 13:16 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2016-10-11 20:46 - 2016-06-14 13:11 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys 2016-10-11 20:46 - 2016-06-14 11:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2016-10-11 20:46 - 2016-06-14 11:21 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2016-10-11 20:46 - 2016-06-14 11:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll 2016-10-11 20:46 - 2016-06-14 11:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll 2016-10-11 20:46 - 2016-06-14 11:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll 2016-10-11 20:46 - 2016-06-14 11:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll 2016-10-11 20:46 - 2016-06-14 11:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2016-10-11 20:46 - 2016-06-14 11:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2016-10-11 20:46 - 2016-06-14 11:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2016-10-11 20:46 - 2016-06-14 11:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll 2016-10-11 20:46 - 2016-06-14 11:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2016-10-11 20:46 - 2016-06-14 11:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2016-10-11 20:46 - 2016-06-14 11:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2016-10-11 20:46 - 2016-06-14 11:15 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2016-10-11 20:45 - 2016-09-30 16:13 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-10-11 20:45 - 2016-09-30 15:28 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2016-10-11 20:45 - 2016-09-30 02:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2016-10-11 20:45 - 2016-09-30 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2016-10-11 20:45 - 2016-09-30 02:26 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2016-10-11 20:45 - 2016-09-30 02:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2016-10-11 20:45 - 2016-09-30 02:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2016-10-11 20:45 - 2016-09-30 02:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2016-10-11 20:45 - 2016-09-30 02:18 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-10-11 20:45 - 2016-09-30 02:17 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2016-10-11 20:45 - 2016-09-30 02:14 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-10-11 20:45 - 2016-09-30 02:13 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2016-10-11 20:45 - 2016-09-30 02:13 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2016-10-11 20:45 - 2016-09-30 02:12 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-10-11 20:45 - 2016-09-30 02:12 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2016-10-11 20:45 - 2016-09-30 02:05 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2016-10-11 20:45 - 2016-09-30 02:02 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2016-10-11 20:45 - 2016-09-30 01:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2016-10-11 20:45 - 2016-09-30 01:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2016-10-11 20:45 - 2016-09-30 01:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2016-10-11 20:45 - 2016-09-30 01:51 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2016-10-11 20:45 - 2016-09-30 01:50 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-10-11 20:45 - 2016-09-30 01:47 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-10-11 20:45 - 2016-09-30 01:46 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2016-10-11 20:45 - 2016-09-30 01:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2016-10-11 20:45 - 2016-09-30 01:42 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2016-10-11 20:45 - 2016-09-30 01:42 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2016-10-11 20:45 - 2016-09-30 01:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2016-10-11 20:45 - 2016-09-30 01:36 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2016-10-11 20:45 - 2016-09-30 01:35 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-10-11 20:45 - 2016-09-30 01:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2016-10-11 20:45 - 2016-09-30 01:33 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-10-11 20:45 - 2016-09-30 01:33 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2016-10-11 20:45 - 2016-09-30 01:32 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2016-10-11 20:45 - 2016-09-30 01:32 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2016-10-11 20:45 - 2016-09-30 01:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2016-10-11 20:45 - 2016-09-30 01:31 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2016-10-11 20:45 - 2016-09-30 01:24 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2016-10-11 20:45 - 2016-09-30 01:19 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2016-10-11 20:45 - 2016-09-30 01:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2016-10-11 20:45 - 2016-09-30 01:17 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2016-10-11 20:45 - 2016-09-30 01:15 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2016-10-11 20:45 - 2016-09-30 01:14 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2016-10-11 20:45 - 2016-09-30 01:13 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2016-10-11 20:45 - 2016-09-30 01:07 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2016-10-11 20:45 - 2016-09-30 01:05 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2016-10-11 20:45 - 2016-09-30 01:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2016-10-11 20:45 - 2016-09-30 00:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-10-11 20:45 - 2016-09-30 00:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2016-10-11 20:45 - 2016-09-15 11:30 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll 2016-10-11 20:45 - 2016-09-15 11:15 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2016-10-11 20:45 - 2016-09-15 11:15 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll 2016-10-11 20:45 - 2016-09-12 17:13 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-10-11 20:45 - 2016-09-12 17:13 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2016-10-11 20:45 - 2016-09-12 17:08 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-10-11 20:45 - 2016-09-12 17:08 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-10-11 20:45 - 2016-09-12 17:08 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2016-10-11 20:45 - 2016-09-12 17:08 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2016-10-11 20:45 - 2016-09-12 17:08 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-10-11 20:45 - 2016-09-12 17:08 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-10-11 20:45 - 2016-09-12 17:08 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-10-11 20:45 - 2016-09-12 17:08 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2016-10-11 20:45 - 2016-09-12 17:08 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2016-10-11 20:45 - 2016-09-12 17:08 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2016-10-11 20:45 - 2016-09-12 17:08 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2016-10-11 20:45 - 2016-09-12 17:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll 2016-10-11 20:45 - 2016-09-12 17:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2016-10-11 20:45 - 2016-09-12 17:08 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2016-10-11 20:45 - 2016-09-12 17:08 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2016-10-11 20:45 - 2016-09-12 17:08 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2016-10-11 20:45 - 2016-09-12 17:08 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2016-10-11 20:45 - 2016-09-12 17:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2016-10-11 20:45 - 2016-09-12 16:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2016-10-11 20:45 - 2016-09-12 16:49 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2016-10-11 20:45 - 2016-09-12 16:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2016-10-11 20:45 - 2016-09-12 16:49 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2016-10-11 20:45 - 2016-09-12 16:49 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2016-10-11 20:45 - 2016-09-12 16:49 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2016-10-11 20:45 - 2016-09-12 16:49 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2016-10-11 20:45 - 2016-09-12 16:49 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2016-10-11 20:45 - 2016-09-12 16:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2016-10-11 20:45 - 2016-09-12 16:49 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2016-10-11 20:45 - 2016-09-12 16:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2016-10-11 20:45 - 2016-09-12 16:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll 2016-10-11 20:45 - 2016-09-12 16:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2016-10-11 20:45 - 2016-09-12 16:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2016-10-11 20:45 - 2016-09-12 16:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2016-10-11 20:45 - 2016-09-12 16:49 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2016-10-11 20:45 - 2016-09-12 16:39 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2016-10-11 20:45 - 2016-09-12 16:32 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-10-11 20:45 - 2016-09-12 16:32 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-10-11 20:45 - 2016-09-12 16:32 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-10-11 20:45 - 2016-09-12 16:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2016-10-11 20:45 - 2016-09-12 16:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2016-10-11 20:45 - 2016-09-12 16:25 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2016-10-11 20:45 - 2016-09-09 14:29 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2016-10-11 20:45 - 2016-09-09 14:26 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2016-10-11 20:45 - 2016-09-09 14:23 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:01 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2016-10-11 20:45 - 2016-09-09 14:00 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2016-10-11 20:45 - 2016-09-09 14:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2016-10-11 20:45 - 2016-09-09 14:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2016-10-11 20:45 - 2016-09-09 14:00 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:51 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2016-10-11 20:45 - 2016-09-09 13:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2016-10-11 20:45 - 2016-09-09 13:51 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2016-10-11 20:45 - 2016-09-09 13:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2016-10-11 20:45 - 2016-09-09 13:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2016-10-11 20:45 - 2016-09-09 13:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2016-10-11 20:45 - 2016-09-09 13:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2016-10-11 20:45 - 2016-09-09 13:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2016-10-11 20:45 - 2016-09-09 13:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2016-10-11 20:45 - 2016-09-09 13:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2016-10-11 20:45 - 2016-09-09 13:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2016-10-11 20:45 - 2016-09-08 16:34 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2016-10-11 20:45 - 2016-09-08 16:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll 2016-10-11 20:45 - 2016-09-08 16:34 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2016-10-11 20:45 - 2016-09-08 16:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll 2016-10-11 20:45 - 2016-08-12 13:02 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2016-10-11 20:45 - 2016-08-12 13:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2016-10-11 20:45 - 2016-08-12 13:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2016-10-11 20:45 - 2016-08-12 12:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2016-10-11 20:45 - 2016-08-12 12:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2016-10-11 20:45 - 2016-08-12 12:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2016-10-11 20:45 - 2016-08-06 11:31 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll 2016-10-11 20:45 - 2016-08-06 11:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll 2016-10-11 20:45 - 2016-08-06 11:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll 2016-10-11 20:45 - 2016-08-06 11:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe 2016-10-11 20:45 - 2016-08-06 10:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe 2016-10-11 20:45 - 2016-08-06 10:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll 2016-10-11 20:45 - 2016-06-14 13:16 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2016-10-11 20:45 - 2016-06-14 13:16 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll 2016-10-11 20:45 - 2016-06-14 13:16 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll 2016-10-11 20:45 - 2016-06-14 13:16 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2016-10-11 20:45 - 2016-06-14 13:16 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2016-10-11 20:45 - 2016-06-14 13:16 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2016-10-11 20:45 - 2016-06-14 13:16 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll 2016-10-11 20:45 - 2016-06-14 13:16 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll 2016-10-11 20:45 - 2016-06-14 13:16 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll 2016-10-11 20:45 - 2016-06-14 13:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll 2016-10-11 20:45 - 2016-06-14 13:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2016-10-11 20:45 - 2016-06-14 11:21 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2016-10-11 20:45 - 2016-06-14 11:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll 2016-10-11 20:45 - 2016-06-14 11:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll 2016-10-11 20:45 - 2016-06-14 11:21 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2016-10-11 20:45 - 2016-06-14 11:21 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2016-10-11 20:45 - 2016-06-14 11:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2016-10-11 20:45 - 2016-06-14 11:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2016-10-11 20:45 - 2016-06-14 11:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll 2016-10-11 20:45 - 2016-06-14 11:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2016-10-11 20:45 - 2016-06-14 11:15 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2016-10-11 20:45 - 2016-06-14 11:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2016-10-11 20:45 - 2016-06-14 11:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2016-10-11 20:45 - 2016-06-14 11:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2016-10-11 20:45 - 2016-06-14 11:00 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe 2016-10-11 20:45 - 2016-06-14 11:00 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe 2016-10-11 20:44 - 2016-09-12 17:17 - 00077032 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2016-10-11 20:44 - 2016-09-12 17:08 - 01226752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2016-10-11 20:44 - 2016-09-09 11:54 - 01629184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2016-10-11 20:44 - 2016-09-09 11:54 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2016-10-11 20:44 - 2016-09-09 11:54 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2016-10-11 20:44 - 2016-09-09 11:54 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2016-10-11 20:44 - 2016-09-09 11:54 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll 2016-10-11 20:44 - 2016-09-09 11:54 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2016-10-11 20:44 - 2016-09-09 11:54 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2016-10-11 20:44 - 2016-08-29 11:31 - 14183424 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2016-10-11 20:44 - 2016-08-29 11:31 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2016-10-11 20:44 - 2016-08-29 11:31 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2016-10-11 20:44 - 2016-08-29 11:12 - 12880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2016-10-11 20:44 - 2016-08-29 11:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2016-10-11 20:44 - 2016-08-29 11:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll 2016-10-11 20:44 - 2016-08-29 11:04 - 03229696 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2016-10-11 20:44 - 2016-08-29 10:55 - 02972672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2016-10-11 20:44 - 2016-08-16 16:40 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2016-10-11 20:44 - 2016-08-16 16:40 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2016-10-11 20:44 - 2016-08-16 16:40 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2016-10-11 20:44 - 2016-08-16 16:40 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2016-10-11 20:44 - 2016-08-16 16:40 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2016-10-11 20:44 - 2016-08-16 16:40 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2016-10-11 20:44 - 2016-08-16 16:40 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2016-10-11 20:43 - 2016-07-22 10:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2016-10-11 20:43 - 2016-07-22 10:51 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2016-10-03 09:55 - 2016-10-03 09:55 - 00025356 _____ C:\Users\Tracie\Downloads\dancing-script-ot.zip ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-10-24 19:09 - 2016-07-29 09:51 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1e9a04b0975c1.job 2016-10-24 19:09 - 2016-07-29 09:51 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1e9a04ad0d8bd.job 2016-10-24 05:03 - 2009-07-14 00:45 - 00034432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-10-24 05:03 - 2009-07-14 00:45 - 00034432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-10-24 04:37 - 2014-06-23 11:29 - 00000000 ___RD C:\Users\Gregg\Sync 2016-10-24 04:36 - 2013-08-10 11:48 - 00000000 ____D C:\Users\Gregg 2016-10-24 04:34 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-10-23 13:35 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache 2016-10-23 12:31 - 2009-07-14 01:13 - 00782010 _____ C:\Windows\system32\PerfStringBackup.INI 2016-10-23 12:31 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\inf 2016-10-22 18:26 - 2013-10-29 07:49 - 00037888 ___SH C:\Users\Tracie\Thumbs.db 2016-10-22 16:02 - 2016-04-18 13:14 - 00000000 ____D C:\Users\Gregg\Desktop\Old Firefox Data 2016-10-22 14:08 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system 2016-10-22 12:30 - 2013-08-10 13:48 - 00000000 ____D C:\Users\Gregg\AppData\Local\ElevatedDiagnostics 2016-10-22 12:30 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF 2016-10-21 09:28 - 2013-08-11 08:34 - 00000000 ____D C:\Users\Tracie\AppData\LocalLow\VeriSign 2016-10-17 13:34 - 2016-06-18 22:12 - 00000000 ____D C:\Users\Tracie\AppData\Roaming\Skype 2016-10-17 13:25 - 2014-03-18 17:00 - 00000000 ____D C:\Users\Tracie\AppData\Local\ElevatedDiagnostics 2016-10-17 13:10 - 2016-06-18 22:11 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-10-17 13:10 - 2014-10-19 10:33 - 00000000 ____D C:\ProgramData\Skype 2016-10-17 13:06 - 2009-07-14 01:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD 2016-10-17 13:05 - 2013-09-13 08:15 - 00000000 ___RD C:\Users\Tracie\Virtual Machines 2016-10-17 13:05 - 2009-07-14 00:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2016-10-16 13:46 - 2013-08-18 13:54 - 00000000 ___RD C:\Users\Gregg\Virtual Machines 2016-10-16 13:46 - 2013-08-10 11:50 - 00106016 _____ C:\Users\Gregg\AppData\Local\GDIPFONTCACHEV1.DAT 2016-10-16 13:44 - 2009-07-14 00:45 - 00407440 _____ C:\Windows\system32\FNTCACHE.DAT 2016-10-16 13:42 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\Dism 2016-10-16 13:42 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\Dism 2016-10-16 13:41 - 2014-12-11 18:08 - 00000000 ____D C:\Windows\system32\appraiser 2016-10-16 13:41 - 2014-05-02 09:12 - 00000000 ___SD C:\Windows\system32\CompatTel 2016-10-16 13:40 - 2013-08-11 11:27 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2016-10-16 13:40 - 2013-08-11 11:27 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2016-10-11 20:58 - 2013-11-21 20:41 - 00000000 ____D C:\Windows\system32\MRT 2016-10-11 20:51 - 2013-11-21 20:41 - 143495576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-10-11 20:50 - 2013-08-11 11:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-10-11 20:32 - 2013-10-07 18:39 - 00000000 ____D C:\Users\Tracie\AppData\Roaming\Nitro PDF 2016-10-06 12:40 - 2013-08-11 08:32 - 00106016 _____ C:\Users\Tracie\AppData\Local\GDIPFONTCACHEV1.DAT 2016-10-04 10:57 - 2013-05-13 18:48 - 00002206 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk ==================== Files in the root of some directories ======= 2014-12-26 13:23 - 2016-05-26 00:26 - 0000291 _____ () C:\Users\Gregg\AppData\Roaming\WB.CFG 2015-03-21 11:23 - 2015-03-21 11:23 - 0274045 _____ () C:\Users\Gregg\AppData\Local\dsi1.dat 2015-03-21 11:23 - 2015-03-21 11:23 - 0161916 _____ () C:\Users\Gregg\AppData\Local\dsi2.dat ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-10-23 11:34 ==================== End of FRST.txt ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-10-2016 Ran by Gregg (24-10-2016 19:13:20) Running from C:\Users\Gregg\Desktop Windows 7 Professional Service Pack 1 (X64) (2013-08-10 15:48:41) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1075821121-420814958-1993860820-500 - Administrator - Disabled) Danny (S-1-5-21-1075821121-420814958-1993860820-1008 - Limited - Enabled) => C:\Users\Danny Gregg (S-1-5-21-1075821121-420814958-1993860820-1000 - Administrator - Enabled) => C:\Users\Gregg Guest (S-1-5-21-1075821121-420814958-1993860820-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1075821121-420814958-1993860820-1002 - Limited - Enabled) Sam (S-1-5-21-1075821121-420814958-1993860820-1007 - Limited - Enabled) => C:\Users\Sam Tracie (S-1-5-21-1075821121-420814958-1993860820-1006 - Administrator - Enabled) => C:\Users\Tracie ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Acronis True Image 2014 (HKLM-x32\...\{6B38A7DF-F641-45D5-BBCA-3E676ABCF5C8}Visible) (Version: 17.0.6673 - Acronis) Acronis True Image 2014 (x32 Version: 17.0.6673 - Acronis) Hidden Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.198 - Adobe Systems Incorporated) Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.242 - Adobe Systems Incorporated) Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated) Adobe Photoshop 6.0 (HKLM-x32\...\Adobe Photoshop 6.0) (Version: 6.0 - Adobe Systems, Inc.) Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated) Adobe SVG Viewer (HKLM-x32\...\Adobe SVG Viewer) (Version: 1.0 - Adobe Systems, Inc.) Avast Free Antivirus (HKLM-x32\...\avast) (Version: 11.2.2262 - AVAST Software) Burn.Now 4.5 (x32 Version: 4.5.0 - Corel Corporation) Hidden Corel Burn.Now Lenovo Edition (HKLM-x32\...\InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation) Corel DVD MovieFactory 7 (x32 Version: 7.0.0 - Corel Corporation) Hidden Corel DVD MovieFactory Lenovo Edition (HKLM-x32\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation) Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Direct DiscRecorder (x32 Version: 1.00.0000 - Corel Corporation) Hidden EPSON NX430 Series Printer Uninstall (HKLM\...\EPSON NX430 Series) (Version: - SEIKO EPSON Corporation) Evernote v. 4.2.3 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.3.15 - Evernote Corp.) Fitbit Connect (HKLM-x32\...\{6EB73D9D-645E-415B-8008-83C3CB865968}) (Version: 2.0.1.6742 - Fitbit Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.143 - Google Inc.) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.3.193 - SurfRight B.V.) Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation) Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2696 - Intel Corporation) Intel(R) Processor ID Utility (HKLM-x32\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 4.70.0000 - Intel(R) Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Lenovo Patch Utility 64 bit (HKLM\...\{0369F866-2CE0-4EB9-B426-88FA122C6E82}) (Version: 1.3.0.9 - Lenovo Group Limited) Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.4 - Lenovo Inc.) Lenovo SimpleTap (HKLM\...\{BF601122-9F0A-41A9-BA06-3158D9FB4B80}) (Version: 3.2.0004.00 - Lenovo Group Limited) Lenovo Solution Center (HKLM\...\{AB46AC6D-3E9A-4484-8061-64FF10301B41}) (Version: 3.3.002.00 - Lenovo) Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0022 - Lenovo) Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0008.00 - Lenovo) Lenovo Welcome (HKLM-x32\...\{2DC26D10-CC6A-494F-BEA3-B5BC21126D5E}) (Version: 3.1.0020.00 - Lenovo Group Limited) Logitech Vid (HKLM-x32\...\{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}) (Version: 1.10.1009 - Logitech Inc.) Logitech Webcam Software (HKLM\...\{987FE247-4E69-4A2E-A961-D14F901FDBF6}) (Version: 12.10.1113 - Logitech Inc.) Logitech Webcam Software Driver Package (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.) Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Message Center Plus (HKLM\...\{3849486C-FF09-4F5D-B491-3E179D58EE15}) (Version: 3.1.0004.00 - Lenovo Group Limited) Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation) Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 46.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 en-US)) (Version: 46.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla) Nalpeiron License Management (x32 Version: 6.3.9.1 - Nalpeiron) Hidden Nitro Pro 7 (HKLM\...\{8E0790DA-185E-4DC1-8A88-750B2A6218FD}) (Version: 7.4.1.4 - Nitro PDF Software) Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}_is1) (Version: 3.40.0001 - Lenovo Group Limited) Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 1.12.0016 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6602 - Realtek Semiconductor Corp.) SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.101 - Skype Technologies S.A.) Sure Cuts A Lot Pro 3.059 (HKLM-x32\...\Sure Cuts A Lot 3 Pro_is1) (Version: - Craft Edge) Sure Cuts A Lot Pro 4.018 (HKLM-x32\...\Sure Cuts A Lot 4 Pro_is1) (Version: - Craft Edge) ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 3.0.30.0 - Lenovo) View Management Utility (HKLM-x32\...\InstallShield_{C6254514-DD94-45E5-87C0-B9CB90A34C89}) (Version: 3.0.12.0329 - Lenovo) View Management Utility (Version: 3.0.12.0329 - Lenovo) Hidden VIP Access (HKLM-x32\...\{E8D46836-CD55-453C-A107-A59EC51CB8DC}) (Version: 2.0.5.13 - VeriSign) Windows Driver Package - Intel Corporation (igfx) Display (03/19/2012 8.15.10.2696) (HKLM\...\6AF882A8E50505CE490495746E271C3F586F9110) (Version: 03/19/2012 8.15.10.2696 - Intel Corporation) Windows Driver Package - Intel hdc (09/10/2010 9.2.0.1011) (HKLM\...\171901D8B4D5484C362A709BF264A50F065A14FB) (Version: 09/10/2010 9.2.0.1011 - Intel) Windows Driver Package - Intel System (08/26/2011 9.3.0.1011) (HKLM\...\D8EF6CACF49BD33CC1FACD124C8CC2B1A8E8AE35) (Version: 08/26/2011 9.3.0.1011 - Intel) Windows Driver Package - Intel System (09/10/2010 9.2.0.1011) (HKLM\...\0CDBDD444A1F5FFEA227B4E7DCE195F11F08240A) (Version: 09/10/2010 9.2.0.1011 - Intel) Windows Driver Package - Intel System (11/20/2010 9.2.0.1016) (HKLM\...\43B5066463CEBC83E99586A67037B6F9FC4193FE) (Version: 11/20/2010 9.2.0.1016 - Intel) Windows Driver Package - Intel USB (12/21/2010 9.2.0.1021) (HKLM\...\0DD5528A211904214F70A66DE6ADBD378B21566D) (Version: 12/21/2010 9.2.0.1021 - Intel) Windows Driver Package - Realtek (RTL8167) Net (11/23/2011 7.050.1123.2011) (HKLM\...\93D0B653D730EB57C01C763D1BE4E63ABC9204F0) (Version: 11/23/2011 7.050.1123.2011 - Realtek) Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (03/27/2012 6.0.1.6602) (HKLM\...\88CB7AA478955801F99FBF6D2BCF739BEB87A7F3) (Version: 03/27/2012 6.0.1.6602 - Realtek Semiconductor Corp.) Windows Driver Package - USCutter Printer (06/05/2013 6.10.00.00) (HKLM\...\BFB0583D91751D3AE3269361E5E5640FD085A8BD) (Version: 06/05/2013 6.10.00.00 - USCutter) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16423 - Microsoft Corporation) Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.50.133 - Zemana Ltd.) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {018ABB0D-1399-47B9-90A5-3A2821BC415B} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-04-20] (Lenovo) Task: {0643C391-21B5-463D-A812-7361B7AAFF96} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-05-14] (AVAST Software) Task: {21F25E3C-3CF6-473D-AD00-668B533E23F7} - System32\Tasks\GoogleUpdateTaskMachineCore1d1e9a04ad0d8bd => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {28C17811-A1D3-4EBE-A623-4296AB34898E} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-04] (AVAST Software) Task: {2969E9CB-3EFB-4840-9973-EBD3391A39CF} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2016-01-13] () Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION Task: {42BCC1E4-E859-407E-A85E-3A2545A583FC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-14] (Adobe Systems Incorporated) Task: {5C74CD5B-9CC0-4F20-9613-A9EAA16801BB} - System32\Tasks\Lenovo\SimpleTap\Start SimpleTap for Desktop.Tracie => C:\Program Files\Lenovo\SimpleTap\SimpleTap.exe [2012-05-15] (Lenovo) Task: {5DD8BA87-AB26-4CCF-91D7-FF0BDB63C2DD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated) Task: {6B4E0CEF-F8E3-49EE-B180-013723CC5439} - System32\Tasks\GoogleUpdateTaskMachineUA1d1e9a04b0975c1 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {79AFF3E0-A380-4D61-B0AF-818373518F34} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [2016-04-20] () Task: {7BE2E53B-E28D-4E6C-B477-90F782EA2EEA} - System32\Tasks\PMTask => C:\Program Files (x86)\Lenovo\PowerMgr\PwmIdTsv.exe [2015-03-13] (Lenovo Group Limited) Task: {7F7AD088-DAEE-4B59-B976-4E0CE2F6EF94} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2013-08-08] (Lenovo) Task: {7FBADBDC-DA0D-43A1-BEB3-ED34417A18C4} - System32\Tasks\Lenovo\SimpleTap\Start SimpleTap for Desktop.Gregg => C:\Program Files\Lenovo\SimpleTap\SimpleTap.exe [2012-05-15] (Lenovo) Task: {8938C1B5-8F71-4E02-82B1-0AAF392FCA1A} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-04-20] (Lenovo) Task: {8E45E960-9322-4E0A-862F-C435DAC5EE12} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {96EE4EF5-9FF6-4943-A210-FAD03A96E6AF} - System32\Tasks\SafeZone scheduled Autoupdate 1461164679 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software) Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION Task: {B58D5023-57C7-4125-B0E3-31A02B41A40F} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION Task: {B7501F25-9238-4B99-8672-60AD59D5A88E} - System32\Tasks\Lenovo\Message Center Plus Launcher => C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe [2012-05-15] (Lenovo) Task: {B7A8AB88-25DA-4964-A100-223C1B865CC7} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION Task: {C3D91A5E-F5BB-4AF4-BC8D-3DC2FC7D687B} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-04-20] (Lenovo) Task: {C4A052DC-0560-4DEE-9745-A3FD7989F48E} - System32\Tasks\{936CADE8-B331-4107-92E2-1CAD683B5F8F} => C:\Program Files (x86)\Adobe\Photoshop 6.0\Photoshp.exe [2013-08-10] (Adobe Systems, Incorporated) Task: {CA3BF145-5A51-47D6-AC8D-66B74AD303D5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION Task: {D5450CD3-E085-472A-9F22-9DBE53B71C07} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)" Task: {DC824F79-BC91-4E40-A6E5-04361D8736DE} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2016-04-20] (Lenovo) Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1e9a04ad0d8bd.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1e9a04b0975c1.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) Shortcut: C:\Users\Gregg\Documents\WD 1TB Hard Disc Instructions\Extras\Adobe Reader Download.lnk -> hxxp://get.adobe.com/reader/ ==================== Loaded Modules (Whitelisted) ============== 2013-10-01 10:26 - 2013-10-01 10:26 - 02810968 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll 2012-05-24 02:04 - 2012-05-24 02:04 - 00108040 _____ () C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NPShellExtension64.dll 2016-10-22 19:22 - 2016-10-22 19:22 - 00152944 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll 2013-05-13 18:21 - 2012-03-19 03:09 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2009-10-14 13:36 - 2009-10-14 13:36 - 02793304 _____ () C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe 2009-10-14 13:34 - 2009-10-14 13:34 - 00560472 _____ () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe 2015-05-24 15:40 - 2015-03-13 13:59 - 00035584 _____ () C:\Program Files (x86)\Lenovo\PowerMgr\US\PWMRT64V.DLL 2016-05-14 11:16 - 2016-05-14 11:16 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2016-05-14 11:16 - 2016-05-14 11:16 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-10-20 10:38 - 2016-10-20 10:38 - 03121496 _____ () C:\Program Files\AVAST Software\Avast\defs\16102000\algo.dll 2016-05-14 11:16 - 2016-05-14 11:16 - 00309912 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll 2016-05-14 11:16 - 2016-05-14 11:16 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2009-07-16 15:34 - 2009-07-16 15:34 - 02140944 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\QtCore4.dll 2009-07-16 15:34 - 2009-07-16 15:34 - 07704336 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\QtGui4.dll 2009-07-16 15:34 - 2009-07-16 15:34 - 00968976 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\QtNetwork4.dll 2009-07-16 15:34 - 2009-07-16 15:34 - 00475408 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\QtOpenGL4.dll 2009-07-16 15:35 - 2009-07-16 15:35 - 00363792 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\QtXml4.dll 2009-07-16 15:34 - 2009-07-16 15:34 - 00199952 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\QtSql4.dll 2009-07-16 15:35 - 2009-07-16 15:35 - 00027408 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\SDL.dll 2009-07-16 15:35 - 2009-07-16 15:35 - 11311888 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\QtWebKit4.dll 2009-07-16 15:34 - 2009-07-16 15:34 - 00291600 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\phonon4.dll 2009-07-16 15:36 - 2009-07-16 15:36 - 00028944 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\plugins\imageformats\qgif4.dll 2009-07-16 15:36 - 2009-07-16 15:36 - 00035088 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\plugins\imageformats\qico4.dll 2009-07-16 15:36 - 2009-07-16 15:36 - 00138000 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\plugins\imageformats\qjpeg4.dll 2013-05-13 18:48 - 2012-07-12 08:59 - 00891392 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll 2013-05-13 18:48 - 2012-07-12 08:59 - 02281984 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll 2013-05-13 18:48 - 2012-07-12 08:59 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll 2013-05-13 18:48 - 2012-07-12 08:59 - 00339456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll 2013-05-13 18:48 - 2012-07-12 08:59 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll 2013-05-13 18:48 - 2012-07-12 08:59 - 00016896 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll 2013-05-13 18:48 - 2012-07-12 08:59 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll 2013-05-13 18:48 - 2012-07-12 08:59 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll 2013-05-13 18:48 - 2012-07-12 08:59 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll 2013-05-13 18:48 - 2012-07-12 08:59 - 00446976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll 2013-05-13 18:48 - 2012-07-12 08:59 - 00019456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll 2013-05-13 18:48 - 2012-07-12 08:59 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll 2016-04-20 10:52 - 2016-04-20 10:52 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-02-04 18:25 - 2014-02-04 18:25 - 00036672 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_icontray_ex.dll 2014-02-04 18:25 - 2014-02-04 18:25 - 00028992 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll 2014-12-11 18:40 - 2014-12-11 18:40 - 40622592 ____R () C:\Program Files (x86)\Fitbit Connect\libcef.dll 2016-05-12 03:52 - 2016-05-12 03:52 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\9494e643d25019b25b5cf70f2ffc0778\IsdiInterop.ni.dll 2013-05-13 18:35 - 2012-02-01 19:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2014-02-04 18:28 - 2014-02-04 18:28 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll 2013-05-13 18:33 - 2011-12-15 22:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Windows:nlsPreferences [386] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1075821121-420814958-1993860820-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Gregg\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 - 75.75.75.75 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{CC66B248-AB88-4E33-9BA2-7982C8B00370}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{48B3AD3E-0951-4565-BB1F-E89D65BB154A}] => (Allow) LPort=2869 FirewallRules: [{2A5CC059-E2B7-4A3C-B897-49516F478909}] => (Allow) LPort=1900 FirewallRules: [{03B568EE-4C24-4134-869E-9DCE3AFF2CC2}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{B7156865-9D74-4732-9E97-706F7BC3FC24}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe FirewallRules: [TCP Query User{FBF16CEF-BE24-4798-A928-1632243FDD98}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => (Block) C:\program files (x86)\intel\intelappstore\bin\ismagent.exe FirewallRules: [UDP Query User{E87A58D8-8DC4-4528-8B6C-AC1CE2AB7574}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => (Block) C:\program files (x86)\intel\intelappstore\bin\ismagent.exe FirewallRules: [TCP Query User{B4684E96-524A-497B-8FFC-ACFCDC93393D}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => (Block) C:\program files (x86)\intel\intelappstore\bin\ismagent.exe FirewallRules: [UDP Query User{DC6D32BD-5FA8-4864-B0FD-2C86B808B7E7}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => (Block) C:\program files (x86)\intel\intelappstore\bin\ismagent.exe FirewallRules: [{F85FC0BC-677B-428C-B570-B9D7AB9F8F52}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe FirewallRules: [{C8E0F64C-E97A-44D2-BD89-DF71979F2EE0}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe FirewallRules: [{0C72DF24-765E-431D-8A0B-4E7F22DAB263}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{C92A1C3E-7A57-49B2-AF7A-24149AAD37C2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{6893775C-A4B3-4CED-98B7-3230F2CFF8BC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{263CB1DB-5BF9-4548-B478-16768AC3D705}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe FirewallRules: [{29AA7F43-0374-4050-955C-5204AAD4DA88}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe FirewallRules: [{72B69494-5864-4F06-991C-474FD3D224A2}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{F5D3A7F7-9766-4022-8A03-4EC700F3F421}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{E36C4329-578C-4A7B-ACA2-78F864CBEC2C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{D19DA5F0-90E2-4B7F-9075-DBA29636F9EB}] => (Allow) C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe FirewallRules: [{CC1895BB-1539-4022-9106-11F864684D5A}] => (Allow) C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe FirewallRules: [{9B320C43-AA48-4D68-A7DF-656FC817EAA7}] => (Allow) C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe FirewallRules: [{835DE8D0-C4E6-47F8-8F76-8F664B95691E}] => (Allow) C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe ==================== Restore Points ========================= 16-09-2016 03:00:40 Windows Update 20-09-2016 08:38:31 Windows Update 22-09-2016 03:00:23 Windows Update 27-09-2016 10:40:37 Windows Update 30-09-2016 12:35:27 Windows Update 04-10-2016 10:39:52 Windows Update 10-10-2016 13:59:10 Windows Update 11-10-2016 20:47:19 Windows Update 16-10-2016 13:49:19 Windows Update 22-10-2016 13:31:24 JRT Pre-Junkware Removal 22-10-2016 18:52:04 JRT Pre-Junkware Removal ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (10/24/2016 04:34:58 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (10/23/2016 09:56:54 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (10/23/2016 08:14:06 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (10/23/2016 10:43:04 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (10/22/2016 09:07:24 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (10/22/2016 06:53:26 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: LVPrcSrv.exe, version: 12.10.1110.0, time stamp: 0x4acc50c4 Faulting module name: LVPrcSrv.exe, version: 12.10.1110.0, time stamp: 0x4acc50c4 Exception code: 0xc0000005 Fault offset: 0x0000000000007af2 Faulting process id: 0x418 Faulting application start time: 0x01d22c9d3ce4e9cc Faulting application path: C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe Faulting module path: C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe Report Id: 56f68d37-98aa-11e6-bcf7-7427ea65c8b8 Error: (10/22/2016 03:48:38 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (10/22/2016 02:09:06 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (10/22/2016 01:33:56 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: LVPrcSrv.exe, version: 12.10.1110.0, time stamp: 0x4acc50c4 Faulting module name: LVPrcSrv.exe, version: 12.10.1110.0, time stamp: 0x4acc50c4 Exception code: 0xc0000005 Fault offset: 0x0000000000007af2 Faulting process id: 0x4c8 Faulting application start time: 0x01d22c89e2b444ea Faulting application path: C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe Faulting module path: C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe Report Id: b4bf65e6-987d-11e6-9f2e-7427ea65c8b8 Error: (10/22/2016 01:30:05 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. System errors: ============= Error: (10/24/2016 06:16:59 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the afcdpsrv service. Error: (10/24/2016 04:35:42 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. Error: (10/23/2016 09:57:38 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. Error: (10/23/2016 08:14:50 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. Error: (10/23/2016 12:48:07 PM) (Source: Disk) (EventID: 11) (User: ) Description: The driver detected a controller error on \Device\Harddisk1\DR2. Error: (10/23/2016 12:48:06 PM) (Source: Disk) (EventID: 11) (User: ) Description: The driver detected a controller error on \Device\Harddisk1\DR2. Error: (10/23/2016 12:48:06 PM) (Source: Disk) (EventID: 11) (User: ) Description: The driver detected a controller error on \Device\Harddisk1\DR2. Error: (10/23/2016 12:48:05 PM) (Source: Disk) (EventID: 11) (User: ) Description: The driver detected a controller error on \Device\Harddisk1\DR2. Error: (10/23/2016 12:48:05 PM) (Source: Disk) (EventID: 11) (User: ) Description: The driver detected a controller error on \Device\Harddisk1\DR2. Error: (10/23/2016 10:49:18 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: The Windows Update service hung on starting. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz Percentage of memory in use: 43% Total physical RAM: 3917.78 MB Available physical RAM: 2210.89 MB Total Virtual: 7833.75 MB Available Virtual: 5809.3 MB ==================== Drives ================================ Drive c: (Windows7_OS) (Fixed) (Total:450.62 GB) (Free:353.97 GB) NTFS ==>[system with boot components (obtained from drive)] Drive q: (Lenovo_Recovery) (Fixed) (Total:13.67 GB) (Free:3.59 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 30385182) Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=450.6 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=13.7 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================ [/QUOTE]
Insert quotes…
Verification
Post reply
Top