Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Astromenda PUP gone but not forgotten....still no internet
Message
<blockquote data-quote="skibumm100" data-source="post: 559368" data-attributes="member: 56338"><p>I'm baaaack, putting on my best Jack Nicholson crazy face. I can't explain it, and I won't try to, but I sat down at he computer, pushed the power button and it started up just like old times. It sounded a little crunchy when it first started so I may have a hard drive on it's way out. They just don't make them like they used to. </p><p></p><p>Any way, the FRST.txt and fixlog.txt files are pasted below. I'm pretty sure this is the correct FRST log based on the file date. Something odd I noticed on the desktop.....the file fixlog.txt was there but I could not find fixlist.txt. I asked my son if he dragged adropped from the flash drive to the desktop and he said he did. I gotta think it was there or it wouldn't have created fixlog.txt, correct? Should I rerun them?</p><p></p><p>EDIT: TOO MANY CHARACTERS TO POST BOTH LOGS TOGETHER. SECOND POST TO FOLLOW</p><p></p><p>FRST first:</p><p></p><p>Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-10-2016</p><p>Ran by Gregg (administrator) on DESKTOP (25-10-2016 17:08:34)</p><p>Running from C:\Users\Gregg\Desktop</p><p>Loaded Profiles: Gregg (Available Profiles: Gregg & Tracie & Sam & Danny)</p><p>Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)</p><p>Internet Explorer Version 11 (Default browser: FF)</p><p>Boot Mode: Normal</p><p>Tutorial for Farbar Recovery Scan Tool: <a href="http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/" target="_blank">FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials</a></p><p></p><p>==================== Processes (Whitelisted) =================</p><p></p><p>(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)</p><p></p><p>(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe</p><p>(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe</p><p>(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe</p><p>(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe</p><p>(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe</p><p>(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe</p><p>(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe</p><p>(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe</p><p>(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe</p><p>(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe</p><p>(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE</p><p>(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe</p><p>(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE</p><p>(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE</p><p>(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe</p><p>(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe</p><p>(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe</p><p>(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe</p><p>(Intel Corporation) C:\Windows\System32\igfxtray.exe</p><p>(Intel Corporation) C:\Windows\System32\hkcmd.exe</p><p>(Intel Corporation) C:\Windows\System32\igfxpers.exe</p><p>(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe</p><p>(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe</p><p>(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe</p><p>(Logitech Inc.) C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe</p><p>(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe</p><p>(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe</p><p>(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe</p><p>() C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe</p><p>(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe</p><p>() C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe</p><p>(Lenovo) C:\Program Files (x86)\Lenovo\PowerMgr\PWMDBSVC.exe</p><p>(Microsoft Corporation) C:\Windows\System32\dllhost.exe</p><p>(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe</p><p>(Microsoft Corporation) C:\Windows\System32\rundll32.exe</p><p>(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\PowerMgr\SCHTASK.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe</p><p>(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe</p><p>(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe</p><p>(Acronis) C:\Program Files (x86)\Common Files\Acronis\Home\as_stat_report.exe</p><p>(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe</p><p></p><p></p><p>==================== Registry (Whitelisted) ====================</p><p></p><p>(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)</p><p></p><p>HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12459112 2012-03-27] (Realtek Semiconductor)</p><p>HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [289648 2012-05-24] (Lenovo Group Limited)</p><p>HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [518424 2013-07-18] (Acronis)</p><p>HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13823216 2016-10-04] (Zemana Ltd.)</p><p>HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)</p><p>HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)</p><p>HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot</p><p>HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7408312 2016-07-13] (AVAST Software)</p><p>HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7805936 2014-02-04] (Acronis)</p><p>HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1102192 2013-10-10] (Acronis International GmbH)</p><p>HKLM-x32\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()</p><p>HKLM-x32\...\Run: [Power Manager Startup Utility] => C:\Program Files (x86)\Lenovo\PowerMgr\DPMHost.exe [27392 2015-03-13] ()</p><p>HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)</p><p>Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)</p><p>HKU\S-1-5-21-1075821121-420814958-1993860820-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2015-03-07] (Google Inc.)</p><p>HKU\S-1-5-21-1075821121-420814958-1993860820-1000\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe [5458704 2009-07-16] (Logitech Inc.)</p><p>HKU\S-1-5-21-1075821121-420814958-1993860820-1000\...\Policies\system: [LogonHoursAction] 2</p><p>HKU\S-1-5-21-1075821121-420814958-1993860820-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1</p><p>HKU\S-1-5-21-1075821121-420814958-1993860820-1000\...\MountPoints2: {211a15c6-bc1c-11e2-9931-806e6f6e6963} - Q:\LenovoQDrive.exe</p><p>HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Windows\System32\Magnify.exe [652800 2009-07-13] (Microsoft Corporation)</p><p>ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-05-14] (AVAST Software)</p><p>ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()</p><p>ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()</p><p>ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()</p><p>Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk [2013-08-10]</p><p>ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)</p><p>GroupPolicy\User: Restriction <======= ATTENTION</p><p>GroupPolicyUsers\S-1-5-21-1075821121-420814958-1993860820-1008\User: Restriction <======= ATTENTION</p><p>GroupPolicyUsers\S-1-5-21-1075821121-420814958-1993860820-1007\User: Restriction <======= ATTENTION</p><p></p><p>==================== Internet (Whitelisted) ====================</p><p></p><p>(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)</p><p></p><p>Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 75.75.75.75 75.75.76.76</p><p>Tcpip\..\Interfaces\{04175B5E-002F-4C87-B1FF-8266814B0F32}: [DhcpNameServer] 192.168.1.1 75.75.75.75 75.75.76.76</p><p></p><p>Internet Explorer:</p><p>==================</p><p>HKU\S-1-5-21-1075821121-420814958-1993860820-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://<a href="http://www.msn.com/" target="_blank">www.msn.com/</a></p><p>HKU\S-1-5-21-1075821121-420814958-1993860820-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://<a href="http://www.lenovo.com/welcome/thinkcentre" target="_blank">www.lenovo.com/welcome/thinkcentre</a></p><p>BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-04-20] (AVAST Software)</p><p>BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)</p><p>BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc.)</p><p>BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)</p><p>BHO: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll [2012-04-19] (Symantec Corporation)</p><p>BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04-20] (AVAST Software)</p><p>BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)</p><p>BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc.)</p><p>BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)</p><p>BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll [2012-04-19] (Symantec Corporation)</p><p>Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File</p><p>Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File</p><p>Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc.)</p><p>Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc.)</p><p>Toolbar: HKU\S-1-5-21-1075821121-420814958-1993860820-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc.)</p><p>DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab</p><p>DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab</p><p>StartMenuInternet: IEXPLORE.EXE - iexplore.exe</p><p></p><p>FireFox:</p><p>========</p><p>FF ProfilePath: C:\Users\Gregg\AppData\Roaming\Mozilla\Firefox\Profiles\xtzj8u4d.default-1477166576127 [2016-10-23]</p><p>FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF</p><p>FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-14]</p><p>FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF</p><p>FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-05-14]</p><p>FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF</p><p>FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF</p><p>FF HKLM-x32\...\Firefox\Extensions: [VIP4X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client</p><p>FF Extension: (Symantec VIP Access Add-On) - C:\Program Files (x86)\Symantec\VIP Access Client [2013-05-13] [not signed]</p><p>FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-14] ()</p><p>FF Plugin: @microsoft.com/GENUINE -> disabled [No File]</p><p>FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)</p><p>FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)</p><p>FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-14] ()</p><p>FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel Corporation)</p><p>FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel Corporation)</p><p>FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]</p><p>FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)</p><p>FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)</p><p>FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)</p><p>FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)</p><p>FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)</p><p>FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll [2012-05-24] ( )</p><p>FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)</p><p>FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)</p><p>FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)</p><p></p><p>Chrome:</p><p>=======</p><p>CHR DefaultProfile: Default</p><p>CHR StartupUrls: Default -> "hxxp://<a href="http://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP" target="_blank">www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP</a>"</p><p>CHR Profile: C:\Users\Gregg\AppData\Local\Google\Chrome\User Data\Default [2016-10-22]</p><p>CHR Extension: (avast! Online Security) - C:\Users\Gregg\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-10-22]</p><p>CHR Extension: (Google Wallet) - C:\Users\Gregg\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-19]</p><p>CHR HKU\S-1-5-21-1075821121-420814958-1993860820-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fkkcgfbgohboipdhliafmacjnhjbhmim] - hxxps://clients2.google.com/service/update2/crx</p><p>CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-04-20]</p><p></p><p>==================== Services (Whitelisted) ====================</p><p></p><p>(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p>R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-14] (AVAST Software)</p><p>R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [5570272 2016-05-14] (Avast Software)</p><p>R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [5906088 2015-10-28] (Fitbit, Inc.)</p><p>S2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [109352 2016-10-22] (SurfRight B.V.)</p><p>R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)</p><p>S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-04-20] (Lenovo)</p><p>R2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-05-24] (Nitro PDF Software)</p><p>R3 Power Manager DBC Service; C:\Program Files (x86)\Lenovo\PowerMgr\PWMDBSVC.EXE [63744 2015-03-13] (Lenovo)</p><p>S3 PwmEWSvc; C:\Program Files (x86)\Lenovo\PowerMgr\PWMEWSVC.EXE [186624 2015-03-13] (Lenovo Group Limited)</p><p>S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [21536 2016-01-13] ()</p><p>R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [61440 2008-01-10] (Ulead Systems, Inc.) [File not signed]</p><p>R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2012-04-19] (Symantec Corporation)</p><p>R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)</p><p>R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13823216 2016-10-04] (Zemana Ltd.)</p><p></p><p>===================== Drivers (Whitelisted) ======================</p><p></p><p>(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p>R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-05-14] (AVAST Software)</p><p>R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-05-14] (AVAST Software)</p><p>R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-05-14] (AVAST Software)</p><p>R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-05-14] (AVAST Software)</p><p>R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-14] (AVAST Software)</p><p>R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-05-14] (AVAST Software)</p><p>R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-05-14] (AVAST Software)</p><p>R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-05-14] (AVAST Software)</p><p>R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-05] (AVAST Software)</p><p>S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)</p><p>R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()</p><p>S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()</p><p>R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [161760 2016-04-20] (AVAST Software)</p><p>R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-06-17] (Acronis International GmbH)</p><p>R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2014-06-17] (Acronis International GmbH)</p><p>R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-29] (Lenovo Information Product(ShenZhen China) Inc.)</p><p>R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [323392 2016-05-14] (Avast Software)</p><p>R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2014-06-17] (Acronis International GmbH)</p><p>R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2016-10-22] (Zemana Ltd.)</p><p>R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2016-10-22] (Zemana Ltd.)</p><p></p><p>==================== NetSvcs (Whitelisted) ===================</p><p></p><p>(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p></p><p>==================== One Month Created files and folders ========</p><p></p><p>(If an entry is included in the fixlist, the file/folder will be moved.)</p><p></p><p>2016-10-25 17:08 - 2016-10-25 17:07 - 00071677 _____ C:\Users\Gregg\Desktop\fixlist.txt</p><p>2016-10-24 19:13 - 2016-10-24 19:13 - 00039030 _____ C:\Users\Gregg\Desktop\Addition.txt</p><p>2016-10-24 19:12 - 2016-10-25 17:08 - 00020198 _____ C:\Users\Gregg\Desktop\FRST.txt</p><p>2016-10-24 04:43 - 2016-10-24 04:43 - 00000102 _____ C:\Users\Gregg\Desktop\FRST2.txt</p><p>2016-10-24 04:41 - 2016-10-24 04:43 - 00039570 _____ C:\Users\Gregg\Desktop\Addition2.txt</p><p>2016-10-23 22:09 - 2016-10-23 22:09 - 00004418 _____ C:\Users\Gregg\Desktop\CheckDisk log.odt</p><p>2016-10-23 12:56 - 2016-10-23 12:56 - 00002346 _____ C:\Users\Gregg\Desktop\aswMBR.txt</p><p>2016-10-23 12:56 - 2016-10-23 12:56 - 00000512 _____ C:\Users\Gregg\Desktop\MBR.dat</p><p>2016-10-23 12:48 - 2016-10-23 12:44 - 05198336 _____ (AVAST Software) C:\Users\Gregg\Desktop\aswMBR.exe</p><p>2016-10-23 12:31 - 2016-10-24 04:41 - 00067827 _____ C:\Users\Gregg\Desktop\FRST1.txt</p><p>2016-10-23 12:31 - 2016-10-23 12:32 - 00038847 _____ C:\Users\Gregg\Desktop\Addition1.txt</p><p>2016-10-23 12:30 - 2016-10-25 17:08 - 00000000 ____D C:\FRST</p><p>2016-10-23 12:30 - 2016-10-23 12:28 - 02407424 _____ (Farbar) C:\Users\Gregg\Desktop\FRST64.exe</p><p>2016-10-22 21:03 - 2016-10-22 21:03 - 00000770 _____ C:\Users\Gregg\Desktop\MTB.txt</p><p>2016-10-22 19:23 - 2016-10-25 17:08 - 00137709 _____ C:\Windows\ZAM.krnl.trace</p><p>2016-10-22 19:23 - 2016-10-25 17:08 - 00097154 _____ C:\Windows\ZAM_Guard.krnl.trace</p><p>2016-10-22 19:22 - 2016-10-22 19:22 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys</p><p>2016-10-22 19:22 - 2016-10-22 19:22 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys</p><p>2016-10-22 19:22 - 2016-10-22 19:22 - 00001159 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk</p><p>2016-10-22 19:22 - 2016-10-22 19:22 - 00000000 ____D C:\Users\Gregg\AppData\Local\Zemana</p><p>2016-10-22 19:22 - 2016-10-22 19:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware</p><p>2016-10-22 19:22 - 2016-10-22 19:22 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware</p><p>2016-10-22 18:54 - 2016-10-22 18:56 - 00002050 _____ C:\Users\Gregg\Desktop\Rkill.txt</p><p>2016-10-22 18:54 - 2016-10-22 18:54 - 00002531 _____ C:\Users\Gregg\Desktop\JRT2.txt</p><p>2016-10-22 18:48 - 2016-10-22 17:05 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Gregg\Desktop\rkill.exe</p><p>2016-10-22 18:48 - 2016-10-22 17:04 - 00892416 _____ (Farbar) C:\Users\Gregg\Desktop\MiniToolBox.exe</p><p>2016-10-22 18:48 - 2016-10-22 16:50 - 05363600 _____ ( ) C:\Users\Gregg\Desktop\Zemana.AntiMalware.Setup.exe</p><p>2016-10-22 17:40 - 2016-10-22 17:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro</p><p>2016-10-22 15:11 - 2016-10-22 17:40 - 00000000 ____D C:\Program Files\HitmanPro</p><p>2016-10-22 15:07 - 2016-10-22 15:35 - 00000000 ____D C:\ProgramData\HitmanPro</p><p>2016-10-22 13:38 - 2016-10-22 18:59 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys</p><p>2016-10-22 13:37 - 2016-10-22 13:37 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk</p><p>2016-10-22 13:37 - 2016-10-22 13:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware</p><p>2016-10-22 13:37 - 2016-10-22 13:37 - 00000000 ____D C:\ProgramData\Malwarebytes</p><p>2016-10-22 13:37 - 2016-10-22 13:37 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware</p><p>2016-10-22 13:37 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys</p><p>2016-10-22 13:37 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys</p><p>2016-10-22 13:37 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys</p><p>2016-10-22 13:35 - 2016-10-22 18:54 - 00002531 _____ C:\Users\Gregg\Desktop\JRT.txt</p><p>2016-10-22 13:23 - 2016-10-22 13:28 - 00000000 ____D C:\AdwCleaner</p><p>2016-10-22 13:22 - 2016-10-22 13:17 - 09741664 _____ (SurfRight B.V.) C:\Users\Gregg\Desktop\HitmanPro_x64.exe</p><p>2016-10-22 13:22 - 2016-10-22 13:16 - 22851472 _____ (Malwarebytes ) C:\Users\Gregg\Desktop\mbam-setup-2.2.1.1043.exe</p><p>2016-10-22 13:22 - 2016-10-22 13:14 - 01631928 _____ (Malwarebytes) C:\Users\Gregg\Desktop\JRT.exe</p><p>2016-10-22 13:22 - 2016-10-22 13:11 - 03910208 _____ C:\Users\Gregg\Desktop\adwcleaner_6.030.exe</p><p>2016-10-20 10:16 - 2016-10-20 10:16 - 00000000 ____H C:\Users\Tracie\AppData\Local\BITC84D.tmp</p><p>2016-10-20 10:15 - 2016-10-20 10:15 - 00000000 _____ C:\Users\Tracie\AppData\Local\{3783B7E6-30B8-4310-94B2-9CA51388D5F4}</p><p>2016-10-11 20:46 - 2016-09-30 11:37 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe</p><p>2016-10-11 20:46 - 2016-09-30 11:20 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe</p><p>2016-10-11 20:46 - 2016-09-30 11:20 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe</p><p>2016-10-11 20:46 - 2016-09-30 03:55 - 25765376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll</p><p>2016-10-11 20:46 - 2016-09-30 02:25 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll</p><p>2016-10-11 20:46 - 2016-09-30 02:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll</p><p>2016-10-11 20:46 - 2016-09-30 02:09 - 06048256 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll</p><p>2016-10-11 20:46 - 2016-09-30 01:47 - 20306944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll</p><p>2016-10-11 20:46 - 2016-09-30 01:42 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll</p><p>2016-10-11 20:46 - 2016-09-30 01:38 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll</p><p>2016-10-11 20:46 - 2016-09-30 01:32 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll</p><p>2016-10-11 20:46 - 2016-09-30 01:31 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl</p><p>2016-10-11 20:46 - 2016-09-30 01:21 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll</p><p>2016-10-11 20:46 - 2016-09-30 01:17 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll</p><p>2016-10-11 20:46 - 2016-09-30 01:12 - 04608512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll</p><p>2016-10-11 20:46 - 2016-09-30 01:05 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll</p><p>2016-10-11 20:46 - 2016-09-30 01:05 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll</p><p>2016-10-11 20:46 - 2016-09-30 01:03 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll</p><p>2016-10-11 20:46 - 2016-09-30 00:46 - 02444288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll</p><p>2016-10-11 20:46 - 2016-09-30 00:43 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll</p><p>2016-10-11 20:46 - 2016-09-15 11:30 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll</p><p>2016-10-11 20:46 - 2016-09-12 17:08 - 01465344 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll</p><p>2016-10-11 20:46 - 2016-09-12 16:37 - 03218944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys</p><p>2016-10-11 20:46 - 2016-09-12 15:08 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll</p><p>2016-10-11 20:46 - 2016-09-12 14:43 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll</p><p>2016-10-11 20:46 - 2016-09-12 14:43 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll</p><p>2016-10-11 20:46 - 2016-09-10 12:19 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll</p><p>2016-10-11 20:46 - 2016-09-10 11:53 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll</p><p>2016-10-11 20:46 - 2016-09-08 10:55 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys</p><p>2016-10-11 20:46 - 2016-09-08 10:55 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys</p><p>2016-10-11 20:46 - 2016-08-16 14:47 - 00419640 _____ C:\Windows\SysWOW64\locale.nls</p><p>2016-10-11 20:46 - 2016-08-16 14:47 - 00419640 _____ C:\Windows\system32\locale.nls</p><p>2016-10-11 20:46 - 2016-08-12 13:02 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll</p><p>2016-10-11 20:46 - 2016-08-12 13:02 - 12574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL</p><p>2016-10-11 20:46 - 2016-08-12 12:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL</p><p>2016-10-11 20:46 - 2016-08-12 12:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll</p><p>2016-10-11 20:46 - 2016-08-12 12:26 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll</p><p>2016-10-11 20:46 - 2016-08-06 11:31 - 02023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll</p><p>2016-10-11 20:46 - 2016-08-06 11:31 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll</p><p>2016-10-11 20:46 - 2016-08-06 11:31 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll</p><p>2016-10-11 20:46 - 2016-08-06 11:31 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll</p><p>2016-10-11 20:46 - 2016-08-06 11:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll</p><p>2016-10-11 20:46 - 2016-08-06 11:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll</p><p>2016-10-11 20:46 - 2016-08-06 11:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll</p><p>2016-10-11 20:46 - 2016-08-06 11:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll</p><p>2016-10-11 20:46 - 2016-08-06 11:01 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe</p><p>2016-10-11 20:46 - 2016-08-06 10:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe</p><p>2016-10-11 20:46 - 2016-06-14 13:21 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys</p><p>2016-10-11 20:46 - 2016-06-14 13:16 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll</p><p>2016-10-11 20:46 - 2016-06-14 13:16 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll</p><p>2016-10-11 20:46 - 2016-06-14 13:16 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll</p><p>2016-10-11 20:46 - 2016-06-14 13:16 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll</p><p>2016-10-11 20:46 - 2016-06-14 13:16 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll</p><p>2016-10-11 20:46 - 2016-06-14 13:16 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll</p><p>2016-10-11 20:46 - 2016-06-14 13:16 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll</p><p>2016-10-11 20:46 - 2016-06-14 13:16 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll</p><p>2016-10-11 20:46 - 2016-06-14 13:16 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll</p><p>2016-10-11 20:46 - 2016-06-14 13:16 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll</p><p>2016-10-11 20:46 - 2016-06-14 13:16 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll</p><p>2016-10-11 20:46 - 2016-06-14 13:16 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll</p><p>2016-10-11 20:46 - 2016-06-14 13:16 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll</p><p>2016-10-11 20:46 - 2016-06-14 13:16 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll</p><p>2016-10-11 20:46 - 2016-06-14 13:16 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll</p><p>2016-10-11 20:46 - 2016-06-14 13:16 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll</p><p>2016-10-11 20:46 - 2016-06-14 13:16 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll</p><p>2016-10-11 20:46 - 2016-06-14 13:11 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys</p><p>2016-10-11 20:46 - 2016-06-14 11:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll</p><p>2016-10-11 20:46 - 2016-06-14 11:21 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll</p><p>2016-10-11 20:46 - 2016-06-14 11:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll</p><p>2016-10-11 20:46 - 2016-06-14 11:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll</p><p>2016-10-11 20:46 - 2016-06-14 11:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll</p><p>2016-10-11 20:46 - 2016-06-14 11:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll</p><p>2016-10-11 20:46 - 2016-06-14 11:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll</p><p>2016-10-11 20:46 - 2016-06-14 11:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll</p><p>2016-10-11 20:46 - 2016-06-14 11:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll</p><p>2016-10-11 20:46 - 2016-06-14 11:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll</p><p>2016-10-11 20:46 - 2016-06-14 11:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll</p><p>2016-10-11 20:46 - 2016-06-14 11:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll</p><p>2016-10-11 20:46 - 2016-06-14 11:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll</p><p>2016-10-11 20:46 - 2016-06-14 11:15 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe</p><p>2016-10-11 20:45 - 2016-09-30 16:13 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll</p><p>2016-10-11 20:45 - 2016-09-30 15:28 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll</p><p>2016-10-11 20:45 - 2016-09-30 02:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb</p><p>2016-10-11 20:45 - 2016-09-30 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll</p><p>2016-10-11 20:45 - 2016-09-30 02:26 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll</p><p>2016-10-11 20:45 - 2016-09-30 02:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec</p><p>2016-10-11 20:45 - 2016-09-30 02:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll</p><p>2016-10-11 20:45 - 2016-09-30 02:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll</p><p>2016-10-11 20:45 - 2016-09-30 02:18 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll</p><p>2016-10-11 20:45 - 2016-09-30 02:17 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll</p><p>2016-10-11 20:45 - 2016-09-30 02:14 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll</p><p>2016-10-11 20:45 - 2016-09-30 02:13 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe</p><p>2016-10-11 20:45 - 2016-09-30 02:13 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe</p><p>2016-10-11 20:45 - 2016-09-30 02:12 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll</p><p>2016-10-11 20:45 - 2016-09-30 02:12 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll</p><p>2016-10-11 20:45 - 2016-09-30 02:05 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe</p><p>2016-10-11 20:45 - 2016-09-30 02:02 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb</p><p>2016-10-11 20:45 - 2016-09-30 01:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:51 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:50 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:47 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:46 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec</p><p>2016-10-11 20:45 - 2016-09-30 01:42 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:42 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:36 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:35 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:33 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe</p><p>2016-10-11 20:45 - 2016-09-30 01:33 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:32 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:32 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe</p><p>2016-10-11 20:45 - 2016-09-30 01:31 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:24 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:19 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:17 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:15 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:14 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:13 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:07 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll</p><p>2016-10-11 20:45 - 2016-09-30 01:05 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl</p><p>2016-10-11 20:45 - 2016-09-30 01:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll</p><p>2016-10-11 20:45 - 2016-09-30 00:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll</p><p>2016-10-11 20:45 - 2016-09-30 00:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll</p><p>2016-10-11 20:45 - 2016-09-15 11:30 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll</p><p>2016-10-11 20:45 - 2016-09-15 11:15 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll</p><p>2016-10-11 20:45 - 2016-09-15 11:15 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll</p><p>2016-10-11 20:45 - 2016-09-12 17:13 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys</p><p>2016-10-11 20:45 - 2016-09-12 17:13 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys</p><p>2016-10-11 20:45 - 2016-09-12 17:08 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll</p><p>2016-10-11 20:45 - 2016-09-12 17:08 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll</p><p>2016-10-11 20:45 - 2016-09-12 17:08 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll</p><p>2016-10-11 20:45 - 2016-09-12 17:08 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll</p><p>2016-10-11 20:45 - 2016-09-12 17:08 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll</p><p>2016-10-11 20:45 - 2016-09-12 17:08 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll</p><p>2016-10-11 20:45 - 2016-09-12 17:08 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll</p><p>2016-10-11 20:45 - 2016-09-12 17:08 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll</p><p>2016-10-11 20:45 - 2016-09-12 17:08 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll</p><p>2016-10-11 20:45 - 2016-09-12 17:08 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll</p><p>2016-10-11 20:45 - 2016-09-12 17:08 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll</p><p>2016-10-11 20:45 - 2016-09-12 17:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll</p><p>2016-10-11 20:45 - 2016-09-12 17:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll</p><p>2016-10-11 20:45 - 2016-09-12 17:08 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll</p><p>2016-10-11 20:45 - 2016-09-12 17:08 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll</p><p>2016-10-11 20:45 - 2016-09-12 17:08 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll</p><p>2016-10-11 20:45 - 2016-09-12 17:08 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll</p><p>2016-10-11 20:45 - 2016-09-12 17:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll</p><p>2016-10-11 20:45 - 2016-09-12 16:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll</p><p>2016-10-11 20:45 - 2016-09-12 16:49 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll</p><p>2016-10-11 20:45 - 2016-09-12 16:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll</p><p>2016-10-11 20:45 - 2016-09-12 16:49 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll</p><p>2016-10-11 20:45 - 2016-09-12 16:49 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll</p><p>2016-10-11 20:45 - 2016-09-12 16:49 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll</p><p>2016-10-11 20:45 - 2016-09-12 16:49 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll</p><p>2016-10-11 20:45 - 2016-09-12 16:49 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll</p><p>2016-10-11 20:45 - 2016-09-12 16:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll</p><p>2016-10-11 20:45 - 2016-09-12 16:49 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll</p><p>2016-10-11 20:45 - 2016-09-12 16:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll</p><p>2016-10-11 20:45 - 2016-09-12 16:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll</p><p>2016-10-11 20:45 - 2016-09-12 16:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll</p><p>2016-10-11 20:45 - 2016-09-12 16:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll</p><p>2016-10-11 20:45 - 2016-09-12 16:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll</p><p>2016-10-11 20:45 - 2016-09-12 16:49 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll</p><p>2016-10-11 20:45 - 2016-09-12 16:39 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe</p><p>2016-10-11 20:45 - 2016-09-12 16:32 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys</p><p>2016-10-11 20:45 - 2016-09-12 16:32 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys</p><p>2016-10-11 20:45 - 2016-09-12 16:32 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys</p><p>2016-10-11 20:45 - 2016-09-12 16:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe</p><p>2016-10-11 20:45 - 2016-09-12 16:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe</p><p>2016-10-11 20:45 - 2016-09-12 16:25 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:29 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi</p><p>2016-10-11 20:45 - 2016-09-09 14:26 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi</p><p>2016-10-11 20:45 - 2016-09-09 14:23 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:01 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:00 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll</p><p>2016-10-11 20:45 - 2016-09-09 14:00 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:51 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe</p><p>2016-10-11 20:45 - 2016-09-09 13:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys</p><p>2016-10-11 20:45 - 2016-09-09 13:51 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe</p><p>2016-10-11 20:45 - 2016-09-09 13:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe</p><p>2016-10-11 20:45 - 2016-09-09 13:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe</p><p>2016-10-11 20:45 - 2016-09-09 13:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe</p><p>2016-10-11 20:45 - 2016-09-09 13:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe</p><p>2016-10-11 20:45 - 2016-09-09 13:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe</p><p>2016-10-11 20:45 - 2016-09-09 13:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe</p><p>2016-10-11 20:45 - 2016-09-09 13:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-09 13:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll</p><p>2016-10-11 20:45 - 2016-09-08 16:34 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll</p><p>2016-10-11 20:45 - 2016-09-08 16:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll</p><p>2016-10-11 20:45 - 2016-09-08 16:34 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll</p><p>2016-10-11 20:45 - 2016-09-08 16:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll</p><p>2016-10-11 20:45 - 2016-08-12 13:02 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll</p><p>2016-10-11 20:45 - 2016-08-12 13:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx</p><p>2016-10-11 20:45 - 2016-08-12 13:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll</p><p>2016-10-11 20:45 - 2016-08-12 12:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll</p><p>2016-10-11 20:45 - 2016-08-12 12:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx</p><p>2016-10-11 20:45 - 2016-08-12 12:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll</p><p>2016-10-11 20:45 - 2016-08-06 11:31 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll</p><p>2016-10-11 20:45 - 2016-08-06 11:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll</p><p>2016-10-11 20:45 - 2016-08-06 11:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll</p><p>2016-10-11 20:45 - 2016-08-06 11:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe</p><p>2016-10-11 20:45 - 2016-08-06 10:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe</p><p>2016-10-11 20:45 - 2016-08-06 10:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll</p><p>2016-10-11 20:45 - 2016-06-14 13:16 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll</p><p>2016-10-11 20:45 - 2016-06-14 13:16 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll</p><p>2016-10-11 20:45 - 2016-06-14 13:16 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll</p><p>2016-10-11 20:45 - 2016-06-14 13:16 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll</p><p>2016-10-11 20:45 - 2016-06-14 13:16 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll</p><p>2016-10-11 20:45 - 2016-06-14 13:16 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll</p><p>2016-10-11 20:45 - 2016-06-14 13:16 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll</p><p>2016-10-11 20:45 - 2016-06-14 13:16 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll</p><p>2016-10-11 20:45 - 2016-06-14 13:16 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll</p><p>2016-10-11 20:45 - 2016-06-14 13:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll</p><p>2016-10-11 20:45 - 2016-06-14 13:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll</p><p>2016-10-11 20:45 - 2016-06-14 11:21 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll</p><p>2016-10-11 20:45 - 2016-06-14 11:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll</p><p>2016-10-11 20:45 - 2016-06-14 11:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll</p><p>2016-10-11 20:45 - 2016-06-14 11:21 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll</p><p>2016-10-11 20:45 - 2016-06-14 11:21 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll</p><p>2016-10-11 20:45 - 2016-06-14 11:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll</p><p>2016-10-11 20:45 - 2016-06-14 11:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll</p><p>2016-10-11 20:45 - 2016-06-14 11:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll</p><p>2016-10-11 20:45 - 2016-06-14 11:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll</p><p>2016-10-11 20:45 - 2016-06-14 11:15 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe</p><p>2016-10-11 20:45 - 2016-06-14 11:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe</p><p>2016-10-11 20:45 - 2016-06-14 11:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe</p><p>2016-10-11 20:45 - 2016-06-14 11:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe</p><p>2016-10-11 20:45 - 2016-06-14 11:00 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe</p><p>2016-10-11 20:45 - 2016-06-14 11:00 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe</p><p>2016-10-11 20:44 - 2016-09-12 17:17 - 00077032 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe</p><p>2016-10-11 20:44 - 2016-09-12 17:08 - 01226752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll</p><p>2016-10-11 20:44 - 2016-09-09 11:54 - 01629184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll</p><p>2016-10-11 20:44 - 2016-09-09 11:54 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll</p><p>2016-10-11 20:44 - 2016-09-09 11:54 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll</p><p>2016-10-11 20:44 - 2016-09-09 11:54 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll</p><p>2016-10-11 20:44 - 2016-09-09 11:54 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll</p><p>2016-10-11 20:44 - 2016-09-09 11:54 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll</p><p>2016-10-11 20:44 - 2016-09-09 11:54 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll</p><p>2016-10-11 20:44 - 2016-08-29 11:31 - 14183424 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll</p><p>2016-10-11 20:44 - 2016-08-29 11:31 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll</p><p>2016-10-11 20:44 - 2016-08-29 11:31 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll</p><p>2016-10-11 20:44 - 2016-08-29 11:12 - 12880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll</p><p>2016-10-11 20:44 - 2016-08-29 11:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll</p><p>2016-10-11 20:44 - 2016-08-29 11:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll</p><p>2016-10-11 20:44 - 2016-08-29 11:04 - 03229696 _____ (Microsoft Corporation) C:\Windows\explorer.exe</p><p>2016-10-11 20:44 - 2016-08-29 10:55 - 02972672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe</p><p>2016-10-11 20:44 - 2016-08-16 16:40 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys</p><p>2016-10-11 20:44 - 2016-08-16 16:40 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys</p><p>2016-10-11 20:44 - 2016-08-16 16:40 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys</p><p>2016-10-11 20:44 - 2016-08-16 16:40 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys</p><p>2016-10-11 20:44 - 2016-08-16 16:40 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys</p><p>2016-10-11 20:44 - 2016-08-16 16:40 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys</p><p>2016-10-11 20:44 - 2016-08-16 16:40 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys</p><p>2016-10-11 20:43 - 2016-07-22 10:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe</p><p>2016-10-11 20:43 - 2016-07-22 10:51 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe</p><p>2016-10-03 09:55 - 2016-10-03 09:55 - 00025356 _____ C:\Users\Tracie\Downloads\dancing-script-ot.zip</p><p></p><p>==================== One Month Modified files and folders ========</p><p></p><p>(If an entry is included in the fixlist, the file/folder will be moved.)</p><p></p><p>2016-10-25 16:56 - 2016-07-29 09:51 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1e9a04b0975c1.job</p><p>2016-10-25 15:56 - 2016-07-29 09:51 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1e9a04ad0d8bd.job</p><p>2016-10-24 19:18 - 2009-07-14 01:13 - 00782010 _____ C:\Windows\system32\PerfStringBackup.INI</p><p>2016-10-24 19:18 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\inf</p><p>2016-10-24 05:03 - 2009-07-14 00:45 - 00034432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0</p><p>2016-10-24 05:03 - 2009-07-14 00:45 - 00034432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0</p><p>2016-10-24 04:37 - 2014-06-23 11:29 - 00000000 ___RD C:\Users\Gregg\Sync</p><p>2016-10-24 04:36 - 2013-08-10 11:48 - 00000000 ____D C:\Users\Gregg</p><p>2016-10-24 04:34 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT</p><p>2016-10-23 13:35 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache</p><p>2016-10-22 18:26 - 2013-10-29 07:49 - 00037888 ___SH C:\Users\Tracie\Thumbs.db</p><p>2016-10-22 16:02 - 2016-04-18 13:14 - 00000000 ____D C:\Users\Gregg\Desktop\Old Firefox Data</p><p>2016-10-22 14:08 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system</p><p>2016-10-22 12:30 - 2013-08-10 13:48 - 00000000 ____D C:\Users\Gregg\AppData\Local\ElevatedDiagnostics</p><p>2016-10-22 12:30 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF</p><p>2016-10-21 09:28 - 2013-08-11 08:34 - 00000000 ____D C:\Users\Tracie\AppData\LocalLow\VeriSign</p><p>2016-10-17 13:34 - 2016-06-18 22:12 - 00000000 ____D C:\Users\Tracie\AppData\Roaming\Skype</p><p>2016-10-17 13:25 - 2014-03-18 17:00 - 00000000 ____D C:\Users\Tracie\AppData\Local\ElevatedDiagnostics</p><p>2016-10-17 13:10 - 2016-06-18 22:11 - 00000000 ___RD C:\Program Files (x86)\Skype</p><p>2016-10-17 13:10 - 2014-10-19 10:33 - 00000000 ____D C:\ProgramData\Skype</p><p>2016-10-17 13:06 - 2009-07-14 01:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD</p><p>2016-10-17 13:05 - 2013-09-13 08:15 - 00000000 ___RD C:\Users\Tracie\Virtual Machines</p><p>2016-10-17 13:05 - 2009-07-14 00:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk</p><p>2016-10-16 13:46 - 2013-08-18 13:54 - 00000000 ___RD C:\Users\Gregg\Virtual Machines</p><p>2016-10-16 13:46 - 2013-08-10 11:50 - 00106016 _____ C:\Users\Gregg\AppData\Local\GDIPFONTCACHEV1.DAT</p><p>2016-10-16 13:44 - 2009-07-14 00:45 - 00407440 _____ C:\Windows\system32\FNTCACHE.DAT</p><p>2016-10-16 13:42 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\Dism</p><p>2016-10-16 13:42 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\Dism</p><p>2016-10-16 13:41 - 2014-12-11 18:08 - 00000000 ____D C:\Windows\system32\appraiser</p><p>2016-10-16 13:41 - 2014-05-02 09:12 - 00000000 ___SD C:\Windows\system32\CompatTel</p><p>2016-10-16 13:40 - 2013-08-11 11:27 - 00000000 ____D C:\Program Files\Microsoft Silverlight</p><p>2016-10-16 13:40 - 2013-08-11 11:27 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight</p><p>2016-10-11 20:58 - 2013-11-21 20:41 - 00000000 ____D C:\Windows\system32\MRT</p><p>2016-10-11 20:51 - 2013-11-21 20:41 - 143495576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe</p><p>2016-10-11 20:50 - 2013-08-11 11:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight</p><p>2016-10-11 20:32 - 2013-10-07 18:39 - 00000000 ____D C:\Users\Tracie\AppData\Roaming\Nitro PDF</p><p>2016-10-06 12:40 - 2013-08-11 08:32 - 00106016 _____ C:\Users\Tracie\AppData\Local\GDIPFONTCACHEV1.DAT</p><p>2016-10-04 10:57 - 2013-05-13 18:48 - 00002206 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk</p><p></p><p>==================== Files in the root of some directories =======</p><p></p><p>2014-12-26 13:23 - 2016-05-26 00:26 - 0000291 _____ () C:\Users\Gregg\AppData\Roaming\WB.CFG</p><p>2015-03-21 11:23 - 2015-03-21 11:23 - 0274045 _____ () C:\Users\Gregg\AppData\Local\dsi1.dat</p><p>2015-03-21 11:23 - 2015-03-21 11:23 - 0161916 _____ () C:\Users\Gregg\AppData\Local\dsi2.dat</p><p></p><p>==================== Bamital & volsnap ======================</p><p></p><p>(There is no automatic fix for files that do not pass verification.)</p><p></p><p>C:\Windows\system32\winlogon.exe => File is digitally signed</p><p>C:\Windows\system32\wininit.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\wininit.exe => File is digitally signed</p><p>C:\Windows\explorer.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\explorer.exe => File is digitally signed</p><p>C:\Windows\system32\svchost.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\svchost.exe => File is digitally signed</p><p>C:\Windows\system32\services.exe => File is digitally signed</p><p>C:\Windows\system32\User32.dll => File is digitally signed</p><p>C:\Windows\SysWOW64\User32.dll => File is digitally signed</p><p>C:\Windows\system32\userinit.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\userinit.exe => File is digitally signed</p><p>C:\Windows\system32\rpcss.dll => File is digitally signed</p><p>C:\Windows\system32\dnsapi.dll => File is digitally signed</p><p>C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed</p><p>C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed</p><p></p><p></p><p>LastRegBack: 2016-10-25 10:29</p><p></p><p>==================== End of FRST.txt ============================</p><p></p><p></p><p></p><p></p><p>***************************************************************************************************************************************************************************</p><p></p><p></p><p></p><p></p><p>FIXLOG.TXT TO FOLLOW IN NEXT POST</p></blockquote><p></p>
[QUOTE="skibumm100, post: 559368, member: 56338"] I'm baaaack, putting on my best Jack Nicholson crazy face. I can't explain it, and I won't try to, but I sat down at he computer, pushed the power button and it started up just like old times. It sounded a little crunchy when it first started so I may have a hard drive on it's way out. They just don't make them like they used to. Any way, the FRST.txt and fixlog.txt files are pasted below. I'm pretty sure this is the correct FRST log based on the file date. Something odd I noticed on the desktop.....the file fixlog.txt was there but I could not find fixlist.txt. I asked my son if he dragged adropped from the flash drive to the desktop and he said he did. I gotta think it was there or it wouldn't have created fixlog.txt, correct? Should I rerun them? EDIT: TOO MANY CHARACTERS TO POST BOTH LOGS TOGETHER. SECOND POST TO FOLLOW FRST first: Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-10-2016 Ran by Gregg (administrator) on DESKTOP (25-10-2016 17:08:34) Running from C:\Users\Gregg\Desktop Loaded Profiles: Gregg (Available Profiles: Gregg & Tracie & Sam & Danny) Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: [URL="http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/"]FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials[/URL] ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe (Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe (Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe (Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE (Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (Logitech Inc.) C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe (Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe () C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe (Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe () C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe (Lenovo) C:\Program Files (x86)\Lenovo\PowerMgr\PWMDBSVC.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Lenovo Group Limited) C:\Program Files (x86)\Lenovo\PowerMgr\SCHTASK.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\Home\as_stat_report.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12459112 2012-03-27] (Realtek Semiconductor) HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [289648 2012-05-24] (Lenovo Group Limited) HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [518424 2013-07-18] (Acronis) HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13823216 2016-10-04] (Zemana Ltd.) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation) HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation) HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7408312 2016-07-13] (AVAST Software) HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7805936 2014-02-04] (Acronis) HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1102192 2013-10-10] (Acronis International GmbH) HKLM-x32\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] () HKLM-x32\...\Run: [Power Manager Startup Utility] => C:\Program Files (x86)\Lenovo\PowerMgr\DPMHost.exe [27392 2015-03-13] () HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-1075821121-420814958-1993860820-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2015-03-07] (Google Inc.) HKU\S-1-5-21-1075821121-420814958-1993860820-1000\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe [5458704 2009-07-16] (Logitech Inc.) HKU\S-1-5-21-1075821121-420814958-1993860820-1000\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-1075821121-420814958-1993860820-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-1075821121-420814958-1993860820-1000\...\MountPoints2: {211a15c6-bc1c-11e2-9931-806e6f6e6963} - Q:\LenovoQDrive.exe HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Windows\System32\Magnify.exe [652800 2009-07-13] (Microsoft Corporation) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-05-14] (AVAST Software) ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] () ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] () ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk [2013-08-10] ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) GroupPolicy\User: Restriction <======= ATTENTION GroupPolicyUsers\S-1-5-21-1075821121-420814958-1993860820-1008\User: Restriction <======= ATTENTION GroupPolicyUsers\S-1-5-21-1075821121-420814958-1993860820-1007\User: Restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 75.75.75.75 75.75.76.76 Tcpip\..\Interfaces\{04175B5E-002F-4C87-B1FF-8266814B0F32}: [DhcpNameServer] 192.168.1.1 75.75.75.75 75.75.76.76 Internet Explorer: ================== HKU\S-1-5-21-1075821121-420814958-1993860820-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://[URL="http://www.msn.com/"]www.msn.com/[/URL] HKU\S-1-5-21-1075821121-420814958-1993860820-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://[URL="http://www.lenovo.com/welcome/thinkcentre"]www.lenovo.com/welcome/thinkcentre[/URL] BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-04-20] (AVAST Software) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll [2012-04-19] (Symantec Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04-20] (AVAST Software) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll [2012-04-19] (Symantec Corporation) Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc.) Toolbar: HKU\S-1-5-21-1075821121-420814958-1993860820-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc.) DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\Gregg\AppData\Roaming\Mozilla\Firefox\Profiles\xtzj8u4d.default-1477166576127 [2016-10-23] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-14] FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-05-14] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF HKLM-x32\...\Firefox\Extensions: [VIP4X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client FF Extension: (Symantec VIP Access Add-On) - C:\Program Files (x86)\Symantec\VIP Access Client [2013-05-13] [not signed] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-14] () FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-14] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll [2012-05-24] ( ) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR StartupUrls: Default -> "hxxp://[URL="http://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP"]www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP[/URL]" CHR Profile: C:\Users\Gregg\AppData\Local\Google\Chrome\User Data\Default [2016-10-22] CHR Extension: (avast! Online Security) - C:\Users\Gregg\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-10-22] CHR Extension: (Google Wallet) - C:\Users\Gregg\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-19] CHR HKU\S-1-5-21-1075821121-420814958-1993860820-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fkkcgfbgohboipdhliafmacjnhjbhmim] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-04-20] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-14] (AVAST Software) R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [5570272 2016-05-14] (Avast Software) R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [5906088 2015-10-28] (Fitbit, Inc.) S2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [109352 2016-10-22] (SurfRight B.V.) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation) S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-04-20] (Lenovo) R2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-05-24] (Nitro PDF Software) R3 Power Manager DBC Service; C:\Program Files (x86)\Lenovo\PowerMgr\PWMDBSVC.EXE [63744 2015-03-13] (Lenovo) S3 PwmEWSvc; C:\Program Files (x86)\Lenovo\PowerMgr\PWMEWSVC.EXE [186624 2015-03-13] (Lenovo Group Limited) S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [21536 2016-01-13] () R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [61440 2008-01-10] (Ulead Systems, Inc.) [File not signed] R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2012-04-19] (Symantec Corporation) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13823216 2016-10-04] (Zemana Ltd.) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-05-14] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-05-14] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-05-14] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-05-14] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-14] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-05-14] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-05-14] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-05-14] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-05] (AVAST Software) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] () S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] () R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [161760 2016-04-20] (AVAST Software) R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-06-17] (Acronis International GmbH) R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2014-06-17] (Acronis International GmbH) R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-29] (Lenovo Information Product(ShenZhen China) Inc.) R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [323392 2016-05-14] (Avast Software) R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2014-06-17] (Acronis International GmbH) R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2016-10-22] (Zemana Ltd.) R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2016-10-22] (Zemana Ltd.) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-10-25 17:08 - 2016-10-25 17:07 - 00071677 _____ C:\Users\Gregg\Desktop\fixlist.txt 2016-10-24 19:13 - 2016-10-24 19:13 - 00039030 _____ C:\Users\Gregg\Desktop\Addition.txt 2016-10-24 19:12 - 2016-10-25 17:08 - 00020198 _____ C:\Users\Gregg\Desktop\FRST.txt 2016-10-24 04:43 - 2016-10-24 04:43 - 00000102 _____ C:\Users\Gregg\Desktop\FRST2.txt 2016-10-24 04:41 - 2016-10-24 04:43 - 00039570 _____ C:\Users\Gregg\Desktop\Addition2.txt 2016-10-23 22:09 - 2016-10-23 22:09 - 00004418 _____ C:\Users\Gregg\Desktop\CheckDisk log.odt 2016-10-23 12:56 - 2016-10-23 12:56 - 00002346 _____ C:\Users\Gregg\Desktop\aswMBR.txt 2016-10-23 12:56 - 2016-10-23 12:56 - 00000512 _____ C:\Users\Gregg\Desktop\MBR.dat 2016-10-23 12:48 - 2016-10-23 12:44 - 05198336 _____ (AVAST Software) C:\Users\Gregg\Desktop\aswMBR.exe 2016-10-23 12:31 - 2016-10-24 04:41 - 00067827 _____ C:\Users\Gregg\Desktop\FRST1.txt 2016-10-23 12:31 - 2016-10-23 12:32 - 00038847 _____ C:\Users\Gregg\Desktop\Addition1.txt 2016-10-23 12:30 - 2016-10-25 17:08 - 00000000 ____D C:\FRST 2016-10-23 12:30 - 2016-10-23 12:28 - 02407424 _____ (Farbar) C:\Users\Gregg\Desktop\FRST64.exe 2016-10-22 21:03 - 2016-10-22 21:03 - 00000770 _____ C:\Users\Gregg\Desktop\MTB.txt 2016-10-22 19:23 - 2016-10-25 17:08 - 00137709 _____ C:\Windows\ZAM.krnl.trace 2016-10-22 19:23 - 2016-10-25 17:08 - 00097154 _____ C:\Windows\ZAM_Guard.krnl.trace 2016-10-22 19:22 - 2016-10-22 19:22 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys 2016-10-22 19:22 - 2016-10-22 19:22 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys 2016-10-22 19:22 - 2016-10-22 19:22 - 00001159 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk 2016-10-22 19:22 - 2016-10-22 19:22 - 00000000 ____D C:\Users\Gregg\AppData\Local\Zemana 2016-10-22 19:22 - 2016-10-22 19:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware 2016-10-22 19:22 - 2016-10-22 19:22 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware 2016-10-22 18:54 - 2016-10-22 18:56 - 00002050 _____ C:\Users\Gregg\Desktop\Rkill.txt 2016-10-22 18:54 - 2016-10-22 18:54 - 00002531 _____ C:\Users\Gregg\Desktop\JRT2.txt 2016-10-22 18:48 - 2016-10-22 17:05 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Gregg\Desktop\rkill.exe 2016-10-22 18:48 - 2016-10-22 17:04 - 00892416 _____ (Farbar) C:\Users\Gregg\Desktop\MiniToolBox.exe 2016-10-22 18:48 - 2016-10-22 16:50 - 05363600 _____ ( ) C:\Users\Gregg\Desktop\Zemana.AntiMalware.Setup.exe 2016-10-22 17:40 - 2016-10-22 17:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro 2016-10-22 15:11 - 2016-10-22 17:40 - 00000000 ____D C:\Program Files\HitmanPro 2016-10-22 15:07 - 2016-10-22 15:35 - 00000000 ____D C:\ProgramData\HitmanPro 2016-10-22 13:38 - 2016-10-22 18:59 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-10-22 13:37 - 2016-10-22 13:37 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2016-10-22 13:37 - 2016-10-22 13:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2016-10-22 13:37 - 2016-10-22 13:37 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-10-22 13:37 - 2016-10-22 13:37 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2016-10-22 13:37 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-10-22 13:37 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-10-22 13:37 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-10-22 13:35 - 2016-10-22 18:54 - 00002531 _____ C:\Users\Gregg\Desktop\JRT.txt 2016-10-22 13:23 - 2016-10-22 13:28 - 00000000 ____D C:\AdwCleaner 2016-10-22 13:22 - 2016-10-22 13:17 - 09741664 _____ (SurfRight B.V.) C:\Users\Gregg\Desktop\HitmanPro_x64.exe 2016-10-22 13:22 - 2016-10-22 13:16 - 22851472 _____ (Malwarebytes ) C:\Users\Gregg\Desktop\mbam-setup-2.2.1.1043.exe 2016-10-22 13:22 - 2016-10-22 13:14 - 01631928 _____ (Malwarebytes) C:\Users\Gregg\Desktop\JRT.exe 2016-10-22 13:22 - 2016-10-22 13:11 - 03910208 _____ C:\Users\Gregg\Desktop\adwcleaner_6.030.exe 2016-10-20 10:16 - 2016-10-20 10:16 - 00000000 ____H C:\Users\Tracie\AppData\Local\BITC84D.tmp 2016-10-20 10:15 - 2016-10-20 10:15 - 00000000 _____ C:\Users\Tracie\AppData\Local\{3783B7E6-30B8-4310-94B2-9CA51388D5F4} 2016-10-11 20:46 - 2016-09-30 11:37 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-10-11 20:46 - 2016-09-30 11:20 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2016-10-11 20:46 - 2016-09-30 11:20 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2016-10-11 20:46 - 2016-09-30 03:55 - 25765376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-10-11 20:46 - 2016-09-30 02:25 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-10-11 20:46 - 2016-09-30 02:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-10-11 20:46 - 2016-09-30 02:09 - 06048256 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-10-11 20:46 - 2016-09-30 01:47 - 20306944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-10-11 20:46 - 2016-09-30 01:42 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-10-11 20:46 - 2016-09-30 01:38 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-10-11 20:46 - 2016-09-30 01:32 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-10-11 20:46 - 2016-09-30 01:31 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-10-11 20:46 - 2016-09-30 01:21 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-10-11 20:46 - 2016-09-30 01:17 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-10-11 20:46 - 2016-09-30 01:12 - 04608512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-10-11 20:46 - 2016-09-30 01:05 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-10-11 20:46 - 2016-09-30 01:05 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-10-11 20:46 - 2016-09-30 01:03 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-10-11 20:46 - 2016-09-30 00:46 - 02444288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-10-11 20:46 - 2016-09-30 00:43 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-10-11 20:46 - 2016-09-15 11:30 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2016-10-11 20:46 - 2016-09-12 17:08 - 01465344 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-10-11 20:46 - 2016-09-12 16:37 - 03218944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-10-11 20:46 - 2016-09-12 15:08 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2016-10-11 20:46 - 2016-09-12 14:43 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2016-10-11 20:46 - 2016-09-12 14:43 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2016-10-11 20:46 - 2016-09-10 12:19 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll 2016-10-11 20:46 - 2016-09-10 11:53 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll 2016-10-11 20:46 - 2016-09-08 10:55 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2016-10-11 20:46 - 2016-09-08 10:55 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys 2016-10-11 20:46 - 2016-08-16 14:47 - 00419640 _____ C:\Windows\SysWOW64\locale.nls 2016-10-11 20:46 - 2016-08-16 14:47 - 00419640 _____ C:\Windows\system32\locale.nls 2016-10-11 20:46 - 2016-08-12 13:02 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2016-10-11 20:46 - 2016-08-12 13:02 - 12574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2016-10-11 20:46 - 2016-08-12 12:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2016-10-11 20:46 - 2016-08-12 12:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2016-10-11 20:46 - 2016-08-12 12:26 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll 2016-10-11 20:46 - 2016-08-06 11:31 - 02023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll 2016-10-11 20:46 - 2016-08-06 11:31 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll 2016-10-11 20:46 - 2016-08-06 11:31 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll 2016-10-11 20:46 - 2016-08-06 11:31 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll 2016-10-11 20:46 - 2016-08-06 11:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll 2016-10-11 20:46 - 2016-08-06 11:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll 2016-10-11 20:46 - 2016-08-06 11:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll 2016-10-11 20:46 - 2016-08-06 11:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll 2016-10-11 20:46 - 2016-08-06 11:01 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe 2016-10-11 20:46 - 2016-08-06 10:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe 2016-10-11 20:46 - 2016-06-14 13:21 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2016-10-11 20:46 - 2016-06-14 13:16 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2016-10-11 20:46 - 2016-06-14 13:16 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2016-10-11 20:46 - 2016-06-14 13:16 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll 2016-10-11 20:46 - 2016-06-14 13:16 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2016-10-11 20:46 - 2016-06-14 13:16 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2016-10-11 20:46 - 2016-06-14 13:16 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2016-10-11 20:46 - 2016-06-14 13:16 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2016-10-11 20:46 - 2016-06-14 13:16 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2016-10-11 20:46 - 2016-06-14 13:16 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2016-10-11 20:46 - 2016-06-14 13:16 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2016-10-11 20:46 - 2016-06-14 13:16 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2016-10-11 20:46 - 2016-06-14 13:16 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2016-10-11 20:46 - 2016-06-14 13:16 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2016-10-11 20:46 - 2016-06-14 13:16 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2016-10-11 20:46 - 2016-06-14 13:16 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2016-10-11 20:46 - 2016-06-14 13:16 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2016-10-11 20:46 - 2016-06-14 13:16 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2016-10-11 20:46 - 2016-06-14 13:11 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys 2016-10-11 20:46 - 2016-06-14 11:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2016-10-11 20:46 - 2016-06-14 11:21 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2016-10-11 20:46 - 2016-06-14 11:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll 2016-10-11 20:46 - 2016-06-14 11:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll 2016-10-11 20:46 - 2016-06-14 11:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll 2016-10-11 20:46 - 2016-06-14 11:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll 2016-10-11 20:46 - 2016-06-14 11:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2016-10-11 20:46 - 2016-06-14 11:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2016-10-11 20:46 - 2016-06-14 11:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2016-10-11 20:46 - 2016-06-14 11:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll 2016-10-11 20:46 - 2016-06-14 11:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2016-10-11 20:46 - 2016-06-14 11:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2016-10-11 20:46 - 2016-06-14 11:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2016-10-11 20:46 - 2016-06-14 11:15 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2016-10-11 20:45 - 2016-09-30 16:13 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-10-11 20:45 - 2016-09-30 15:28 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2016-10-11 20:45 - 2016-09-30 02:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2016-10-11 20:45 - 2016-09-30 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2016-10-11 20:45 - 2016-09-30 02:26 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2016-10-11 20:45 - 2016-09-30 02:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2016-10-11 20:45 - 2016-09-30 02:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2016-10-11 20:45 - 2016-09-30 02:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2016-10-11 20:45 - 2016-09-30 02:18 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-10-11 20:45 - 2016-09-30 02:17 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2016-10-11 20:45 - 2016-09-30 02:14 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-10-11 20:45 - 2016-09-30 02:13 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2016-10-11 20:45 - 2016-09-30 02:13 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2016-10-11 20:45 - 2016-09-30 02:12 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-10-11 20:45 - 2016-09-30 02:12 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2016-10-11 20:45 - 2016-09-30 02:05 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2016-10-11 20:45 - 2016-09-30 02:02 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2016-10-11 20:45 - 2016-09-30 01:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2016-10-11 20:45 - 2016-09-30 01:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2016-10-11 20:45 - 2016-09-30 01:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2016-10-11 20:45 - 2016-09-30 01:51 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2016-10-11 20:45 - 2016-09-30 01:50 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-10-11 20:45 - 2016-09-30 01:47 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-10-11 20:45 - 2016-09-30 01:46 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2016-10-11 20:45 - 2016-09-30 01:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2016-10-11 20:45 - 2016-09-30 01:42 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2016-10-11 20:45 - 2016-09-30 01:42 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2016-10-11 20:45 - 2016-09-30 01:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2016-10-11 20:45 - 2016-09-30 01:36 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2016-10-11 20:45 - 2016-09-30 01:35 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-10-11 20:45 - 2016-09-30 01:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2016-10-11 20:45 - 2016-09-30 01:33 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-10-11 20:45 - 2016-09-30 01:33 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2016-10-11 20:45 - 2016-09-30 01:32 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2016-10-11 20:45 - 2016-09-30 01:32 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2016-10-11 20:45 - 2016-09-30 01:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2016-10-11 20:45 - 2016-09-30 01:31 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2016-10-11 20:45 - 2016-09-30 01:24 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2016-10-11 20:45 - 2016-09-30 01:19 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2016-10-11 20:45 - 2016-09-30 01:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2016-10-11 20:45 - 2016-09-30 01:17 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2016-10-11 20:45 - 2016-09-30 01:15 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2016-10-11 20:45 - 2016-09-30 01:14 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2016-10-11 20:45 - 2016-09-30 01:13 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2016-10-11 20:45 - 2016-09-30 01:07 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2016-10-11 20:45 - 2016-09-30 01:05 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2016-10-11 20:45 - 2016-09-30 01:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2016-10-11 20:45 - 2016-09-30 00:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-10-11 20:45 - 2016-09-30 00:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2016-10-11 20:45 - 2016-09-15 11:30 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll 2016-10-11 20:45 - 2016-09-15 11:15 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2016-10-11 20:45 - 2016-09-15 11:15 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll 2016-10-11 20:45 - 2016-09-12 17:13 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-10-11 20:45 - 2016-09-12 17:13 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2016-10-11 20:45 - 2016-09-12 17:08 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-10-11 20:45 - 2016-09-12 17:08 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-10-11 20:45 - 2016-09-12 17:08 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2016-10-11 20:45 - 2016-09-12 17:08 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2016-10-11 20:45 - 2016-09-12 17:08 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-10-11 20:45 - 2016-09-12 17:08 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-10-11 20:45 - 2016-09-12 17:08 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-10-11 20:45 - 2016-09-12 17:08 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2016-10-11 20:45 - 2016-09-12 17:08 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2016-10-11 20:45 - 2016-09-12 17:08 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2016-10-11 20:45 - 2016-09-12 17:08 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2016-10-11 20:45 - 2016-09-12 17:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll 2016-10-11 20:45 - 2016-09-12 17:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2016-10-11 20:45 - 2016-09-12 17:08 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2016-10-11 20:45 - 2016-09-12 17:08 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2016-10-11 20:45 - 2016-09-12 17:08 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2016-10-11 20:45 - 2016-09-12 17:08 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2016-10-11 20:45 - 2016-09-12 17:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2016-10-11 20:45 - 2016-09-12 16:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2016-10-11 20:45 - 2016-09-12 16:49 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2016-10-11 20:45 - 2016-09-12 16:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2016-10-11 20:45 - 2016-09-12 16:49 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2016-10-11 20:45 - 2016-09-12 16:49 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2016-10-11 20:45 - 2016-09-12 16:49 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2016-10-11 20:45 - 2016-09-12 16:49 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2016-10-11 20:45 - 2016-09-12 16:49 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2016-10-11 20:45 - 2016-09-12 16:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2016-10-11 20:45 - 2016-09-12 16:49 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2016-10-11 20:45 - 2016-09-12 16:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2016-10-11 20:45 - 2016-09-12 16:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll 2016-10-11 20:45 - 2016-09-12 16:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2016-10-11 20:45 - 2016-09-12 16:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2016-10-11 20:45 - 2016-09-12 16:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2016-10-11 20:45 - 2016-09-12 16:49 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2016-10-11 20:45 - 2016-09-12 16:39 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2016-10-11 20:45 - 2016-09-12 16:32 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-10-11 20:45 - 2016-09-12 16:32 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-10-11 20:45 - 2016-09-12 16:32 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-10-11 20:45 - 2016-09-12 16:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2016-10-11 20:45 - 2016-09-12 16:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2016-10-11 20:45 - 2016-09-12 16:25 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2016-10-11 20:45 - 2016-09-09 14:29 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2016-10-11 20:45 - 2016-09-09 14:26 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2016-10-11 20:45 - 2016-09-09 14:23 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 14:01 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2016-10-11 20:45 - 2016-09-09 14:00 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2016-10-11 20:45 - 2016-09-09 14:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2016-10-11 20:45 - 2016-09-09 14:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2016-10-11 20:45 - 2016-09-09 14:00 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:51 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2016-10-11 20:45 - 2016-09-09 13:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2016-10-11 20:45 - 2016-09-09 13:51 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2016-10-11 20:45 - 2016-09-09 13:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2016-10-11 20:45 - 2016-09-09 13:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2016-10-11 20:45 - 2016-09-09 13:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2016-10-11 20:45 - 2016-09-09 13:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2016-10-11 20:45 - 2016-09-09 13:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2016-10-11 20:45 - 2016-09-09 13:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2016-10-11 20:45 - 2016-09-09 13:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2016-10-11 20:45 - 2016-09-09 13:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2016-10-11 20:45 - 2016-09-09 13:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2016-10-11 20:45 - 2016-09-08 16:34 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2016-10-11 20:45 - 2016-09-08 16:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll 2016-10-11 20:45 - 2016-09-08 16:34 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2016-10-11 20:45 - 2016-09-08 16:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll 2016-10-11 20:45 - 2016-08-12 13:02 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2016-10-11 20:45 - 2016-08-12 13:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2016-10-11 20:45 - 2016-08-12 13:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2016-10-11 20:45 - 2016-08-12 12:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2016-10-11 20:45 - 2016-08-12 12:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2016-10-11 20:45 - 2016-08-12 12:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2016-10-11 20:45 - 2016-08-06 11:31 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll 2016-10-11 20:45 - 2016-08-06 11:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll 2016-10-11 20:45 - 2016-08-06 11:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll 2016-10-11 20:45 - 2016-08-06 11:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe 2016-10-11 20:45 - 2016-08-06 10:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe 2016-10-11 20:45 - 2016-08-06 10:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll 2016-10-11 20:45 - 2016-06-14 13:16 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2016-10-11 20:45 - 2016-06-14 13:16 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll 2016-10-11 20:45 - 2016-06-14 13:16 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll 2016-10-11 20:45 - 2016-06-14 13:16 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2016-10-11 20:45 - 2016-06-14 13:16 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2016-10-11 20:45 - 2016-06-14 13:16 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2016-10-11 20:45 - 2016-06-14 13:16 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll 2016-10-11 20:45 - 2016-06-14 13:16 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll 2016-10-11 20:45 - 2016-06-14 13:16 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll 2016-10-11 20:45 - 2016-06-14 13:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll 2016-10-11 20:45 - 2016-06-14 13:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2016-10-11 20:45 - 2016-06-14 11:21 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2016-10-11 20:45 - 2016-06-14 11:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll 2016-10-11 20:45 - 2016-06-14 11:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll 2016-10-11 20:45 - 2016-06-14 11:21 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2016-10-11 20:45 - 2016-06-14 11:21 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2016-10-11 20:45 - 2016-06-14 11:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2016-10-11 20:45 - 2016-06-14 11:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2016-10-11 20:45 - 2016-06-14 11:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll 2016-10-11 20:45 - 2016-06-14 11:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2016-10-11 20:45 - 2016-06-14 11:15 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2016-10-11 20:45 - 2016-06-14 11:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2016-10-11 20:45 - 2016-06-14 11:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2016-10-11 20:45 - 2016-06-14 11:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2016-10-11 20:45 - 2016-06-14 11:00 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe 2016-10-11 20:45 - 2016-06-14 11:00 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe 2016-10-11 20:44 - 2016-09-12 17:17 - 00077032 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2016-10-11 20:44 - 2016-09-12 17:08 - 01226752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2016-10-11 20:44 - 2016-09-09 11:54 - 01629184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2016-10-11 20:44 - 2016-09-09 11:54 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2016-10-11 20:44 - 2016-09-09 11:54 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2016-10-11 20:44 - 2016-09-09 11:54 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2016-10-11 20:44 - 2016-09-09 11:54 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll 2016-10-11 20:44 - 2016-09-09 11:54 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2016-10-11 20:44 - 2016-09-09 11:54 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2016-10-11 20:44 - 2016-08-29 11:31 - 14183424 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2016-10-11 20:44 - 2016-08-29 11:31 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2016-10-11 20:44 - 2016-08-29 11:31 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2016-10-11 20:44 - 2016-08-29 11:12 - 12880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2016-10-11 20:44 - 2016-08-29 11:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2016-10-11 20:44 - 2016-08-29 11:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll 2016-10-11 20:44 - 2016-08-29 11:04 - 03229696 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2016-10-11 20:44 - 2016-08-29 10:55 - 02972672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2016-10-11 20:44 - 2016-08-16 16:40 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2016-10-11 20:44 - 2016-08-16 16:40 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2016-10-11 20:44 - 2016-08-16 16:40 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2016-10-11 20:44 - 2016-08-16 16:40 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2016-10-11 20:44 - 2016-08-16 16:40 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2016-10-11 20:44 - 2016-08-16 16:40 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2016-10-11 20:44 - 2016-08-16 16:40 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2016-10-11 20:43 - 2016-07-22 10:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2016-10-11 20:43 - 2016-07-22 10:51 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2016-10-03 09:55 - 2016-10-03 09:55 - 00025356 _____ C:\Users\Tracie\Downloads\dancing-script-ot.zip ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-10-25 16:56 - 2016-07-29 09:51 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1e9a04b0975c1.job 2016-10-25 15:56 - 2016-07-29 09:51 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1e9a04ad0d8bd.job 2016-10-24 19:18 - 2009-07-14 01:13 - 00782010 _____ C:\Windows\system32\PerfStringBackup.INI 2016-10-24 19:18 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\inf 2016-10-24 05:03 - 2009-07-14 00:45 - 00034432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-10-24 05:03 - 2009-07-14 00:45 - 00034432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-10-24 04:37 - 2014-06-23 11:29 - 00000000 ___RD C:\Users\Gregg\Sync 2016-10-24 04:36 - 2013-08-10 11:48 - 00000000 ____D C:\Users\Gregg 2016-10-24 04:34 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-10-23 13:35 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache 2016-10-22 18:26 - 2013-10-29 07:49 - 00037888 ___SH C:\Users\Tracie\Thumbs.db 2016-10-22 16:02 - 2016-04-18 13:14 - 00000000 ____D C:\Users\Gregg\Desktop\Old Firefox Data 2016-10-22 14:08 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system 2016-10-22 12:30 - 2013-08-10 13:48 - 00000000 ____D C:\Users\Gregg\AppData\Local\ElevatedDiagnostics 2016-10-22 12:30 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF 2016-10-21 09:28 - 2013-08-11 08:34 - 00000000 ____D C:\Users\Tracie\AppData\LocalLow\VeriSign 2016-10-17 13:34 - 2016-06-18 22:12 - 00000000 ____D C:\Users\Tracie\AppData\Roaming\Skype 2016-10-17 13:25 - 2014-03-18 17:00 - 00000000 ____D C:\Users\Tracie\AppData\Local\ElevatedDiagnostics 2016-10-17 13:10 - 2016-06-18 22:11 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-10-17 13:10 - 2014-10-19 10:33 - 00000000 ____D C:\ProgramData\Skype 2016-10-17 13:06 - 2009-07-14 01:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD 2016-10-17 13:05 - 2013-09-13 08:15 - 00000000 ___RD C:\Users\Tracie\Virtual Machines 2016-10-17 13:05 - 2009-07-14 00:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2016-10-16 13:46 - 2013-08-18 13:54 - 00000000 ___RD C:\Users\Gregg\Virtual Machines 2016-10-16 13:46 - 2013-08-10 11:50 - 00106016 _____ C:\Users\Gregg\AppData\Local\GDIPFONTCACHEV1.DAT 2016-10-16 13:44 - 2009-07-14 00:45 - 00407440 _____ C:\Windows\system32\FNTCACHE.DAT 2016-10-16 13:42 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\Dism 2016-10-16 13:42 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\Dism 2016-10-16 13:41 - 2014-12-11 18:08 - 00000000 ____D C:\Windows\system32\appraiser 2016-10-16 13:41 - 2014-05-02 09:12 - 00000000 ___SD C:\Windows\system32\CompatTel 2016-10-16 13:40 - 2013-08-11 11:27 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2016-10-16 13:40 - 2013-08-11 11:27 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2016-10-11 20:58 - 2013-11-21 20:41 - 00000000 ____D C:\Windows\system32\MRT 2016-10-11 20:51 - 2013-11-21 20:41 - 143495576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-10-11 20:50 - 2013-08-11 11:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-10-11 20:32 - 2013-10-07 18:39 - 00000000 ____D C:\Users\Tracie\AppData\Roaming\Nitro PDF 2016-10-06 12:40 - 2013-08-11 08:32 - 00106016 _____ C:\Users\Tracie\AppData\Local\GDIPFONTCACHEV1.DAT 2016-10-04 10:57 - 2013-05-13 18:48 - 00002206 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk ==================== Files in the root of some directories ======= 2014-12-26 13:23 - 2016-05-26 00:26 - 0000291 _____ () C:\Users\Gregg\AppData\Roaming\WB.CFG 2015-03-21 11:23 - 2015-03-21 11:23 - 0274045 _____ () C:\Users\Gregg\AppData\Local\dsi1.dat 2015-03-21 11:23 - 2015-03-21 11:23 - 0161916 _____ () C:\Users\Gregg\AppData\Local\dsi2.dat ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-10-25 10:29 ==================== End of FRST.txt ============================ *************************************************************************************************************************************************************************** FIXLOG.TXT TO FOLLOW IN NEXT POST [/QUOTE]
Insert quotes…
Verification
Post reply
Top