Jump to content

Search the Community

Showing results for tags 'pop ups'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Nebula
    • Malwarebytes Nebula Modules
    • Malwarebytes Endpoint Security
    • Other Malwarebytes Business Products
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 21 results

  1. I can't see or download or print pdf statements on my credit union's website. They suggested that something is blocking popups on my end. Chrome lets you allow popups on certain sites, is there something like that if Malwarebytes does block cookies? Thanks, Anne
  2. I updated MB today, I have the premium version, I have not stopped getting pop-ups saying different variations of coinhive is being blocked. I cleared my cache in Chrome, ran adware and that found nothing. The pop-ups will NOT stop I'm losing my mind. I haven't gone to any weird sites today just the normal deal I do every day. I scanned with Farbar and here are those results Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-09-2017 Ran by Effymaysims (administrator) on NORMAJEAN (29-09-2017 12:33:19) Running from C:\Users\Effymaysims\Desktop Loaded Profiles: Effymaysims (Available Profiles: Effymaysims) Platform: Windows 10 Home Version 1703 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe (Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe (Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe (Intel Corporation) C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe (Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\RAMDisk\MSI_RAMDisk_Service.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe (MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\DPC Latency Tuner\DPCLT_Service.exe (MSI) C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe (MSI) C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Microsoft Corporation) C:\WINDOWS\SysWOW64\wbem\WmiPrvSE.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\VideoCardMonitorII.exe (Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\EyeRest.exe (Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\TriggerModeMonitor.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe (Micro-Star INT'L CO.,LTD.) C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe (Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI X Boost\X_Boost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe () C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe (Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe (Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe (Spotify Ltd) C:\Users\Effymaysims\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Microsoft Corporation) C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17072.16431.0_x64__8wekyb3d8bbwe\Music.UI.exe (Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe (Microsoft Corporation) C:\WINDOWS\System32\WWAHost.exe (Microsoft Corporation) C:\WINDOWS\System32\DataExchangeHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\WINDOWS\System32\smartscreen.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235944 2017-08-24] (Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated) HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1559576 2017-07-06] (Seagate Technology LLC) HKLM-x32\...\Run: [OnScreen Control] => C:\Program Files (x86)\LG Electronics\OnScreen Control\bin\OnScreenStartUpApp.exe [1786832 2017-02-08] (TODO: <Company name>) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [759120 2015-04-22] () HKLM-x32\...\Run: [MSI Network Manager] => C:\MSI\MSI Network Manager\MSI_Network_Manager.exe [4470200 2017-08-04] (Micro-Star INT'L CO., LTD.) HKLM-x32\...\Run: [X_Boost] => C:\Program Files (x86)\MSI\MSI X Boost\X_Boost.exe [4221880 2017-08-25] (Micro-Star INT'L CO., LTD.) HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [17315512 2017-08-31] (Micro-Star INT'L CO., LTD.) HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [835768 2017-09-08] (MSI) HKU\S-1-5-21-3807984614-234364850-2689374515-1003\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [139840 2017-07-06] (Seagate Technology LLC) HKU\S-1-5-21-3807984614-234364850-2689374515-1003\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe HKU\S-1-5-21-3807984614-234364850-2689374515-1003\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart HKU\S-1-5-21-3807984614-234364850-2689374515-1003\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-3807984614-234364850-2689374515-1003\...\Run: [Discord] => C:\Users\Effymaysims\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.) HKU\S-1-5-21-3807984614-234364850-2689374515-1003\...\Run: [Spotify Web Helper] => C:\Users\Effymaysims\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-09-28] (Spotify Ltd) Startup: C:\Users\Effymaysims\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2017-07-19] ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 Tcpip\..\Interfaces\{55bca073-c7d3-41f5-b178-37a29aadf4fc}: [DhcpNameServer] 75.75.75.75 75.75.76.76 Tcpip\..\Interfaces\{b1696dff-aff3-42bd-af49-b84664824a14}: [DhcpNameServer] 10.0.1.1 10.0.1.3 Internet Explorer: ================== HKU\S-1-5-21-3807984614-234364850-2689374515-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://oem17win10.msn.com/?pc=NMTE SearchScopes: HKU\S-1-5-21-3807984614-234364850-2689374515-1003 -> DefaultScope {9D825E1D-057D-4728-8F64-0608FB9D5669} URL = BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-09-28] (Microsoft Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-09-28] (Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-28] (Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-09-28] (Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-28] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-09-28] (Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-28] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-09-28] (Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-28] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-09-28] (Microsoft Corporation) FireFox: ======== FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-28] (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-09-28] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-09-16] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-09-16] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-09-05] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-09-05] (Google Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems) Chrome: ======= CHR StartupUrls: Default -> "hxxps://www.thesimsresource.com/","hxxp://sssvitlans.tumblr.com/","hxxps://www.tumblr.com/dashboard","hxxps://www.pinterest.com/","hxxp://sims4studio.com/","hxxps://www.etsy.com/" CHR DefaultSearchKeyword: Default -> lp CHR Profile: C:\Users\Effymaysims\AppData\Local\Google\Chrome\User Data\Default [2017-09-29] CHR Extension: (Google Drive) - C:\Users\Effymaysims\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-05] CHR Extension: (YouTube) - C:\Users\Effymaysims\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-05] CHR Extension: (OneTab) - C:\Users\Effymaysims\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2017-09-05] CHR Extension: (uBlock Origin) - C:\Users\Effymaysims\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-09-05] CHR Extension: (HTTPS Everywhere) - C:\Users\Effymaysims\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2017-09-15] CHR Extension: (Pinterest Save Button) - C:\Users\Effymaysims\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2017-09-20] CHR Extension: (LastPass: Free Password Manager) - C:\Users\Effymaysims\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2017-09-28] CHR Extension: (Grammarly for Chrome) - C:\Users\Effymaysims\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2017-09-21] CHR Extension: (Chrome Web Store Payments) - C:\Users\Effymaysims\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-05] CHR Extension: (Tumblr Savior) - C:\Users\Effymaysims\AppData\Local\Google\Chrome\User Data\Default\Extensions\oefddkjnflmjbclpnnoegglmmdfkidip [2017-09-05] CHR Extension: (Gmail) - C:\Users\Effymaysims\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-05] CHR Extension: (Chrome Media Router) - C:\Users\Effymaysims\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-14] CHR Profile: C:\Users\Effymaysims\AppData\Local\Google\Chrome\User Data\System Profile [2017-09-15] CHR HKU\S-1-5-21-3807984614-234364850-2689374515-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated) R2 AESMService; C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe [3759752 2016-05-18] (Intel Corporation) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated) R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [599384 2017-08-01] (cFos Software GmbH) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7761608 2017-09-08] (Microsoft Corporation) S2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135488 2017-08-11] (SurfRight B.V.) S2 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [150256 2015-05-04] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [630048 2016-12-05] (Intel(R) Corporation) R3 Intel(R) Online Connect; C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe [25824 2016-10-04] (Intel Corporation) S2 Intel(R) Online Connect Helper; C:\Program Files\Intel\Intel(R) Online Connect\iocHelperService.exe [22752 2016-10-04] (Intel Corporation) S3 Intel(R) Online Connect Software Asset Manager; C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-09-29] (Intel Corporation) R2 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe [173288 2016-10-05] (Intel(R) Corporation) R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe [496872 2016-10-05] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [196200 2017-02-19] (Intel Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes) S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [2108600 2017-09-01] (MSI) S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2347704 2017-08-31] (MSI) S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [4054200 2017-09-01] (MSI) R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2247352 2017-08-31] (MSI) R2 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2489016 2017-09-04] (MSI) S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2136248 2017-08-31] (MSI) S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [4848312 2017-08-31] (MSI) R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [81848 2017-08-24] (Micro-Star INT'L CO., LTD.) R2 MSI_DPCLTSERVICE; C:\Program Files (x86)\MSI\DPC Latency Tuner\DPCLT_Service.exe [2149816 2017-08-25] (Micro-Star INT'L CO., LTD.) R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [111568 2017-04-05] (MSI) S2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2295480 2017-08-31] (Micro-Star INT'L CO., LTD.) R2 MSI_RAMDisk_Service; C:\Program Files (x86)\MSI\RAMDisk\MSI_RAMDisk_Service.exe [70608 2017-08-25] (Micro-Star Int'l Co., Ltd.) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-09-19] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-09-19] (NVIDIA Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-09-16] (NVIDIA Corporation) R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-09-19] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2098528 2017-08-29] (Electronic Arts) S3 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2977640 2017-08-29] (Electronic Arts) S3 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16120 2017-05-10] (Seagate Technology LLC) S4 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [140832 2017-07-06] (Seagate Technology LLC) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-28] (Microsoft Corporation) S3 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [701896 2017-09-13] (Wacom Technology, Corp.) R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18264 2017-02-23] (Intel(R) Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-08-24] () S3 IaNVMe; C:\WINDOWS\System32\drivers\IaNVMe.sys [101872 2016-01-26] (Intel Corporation) S3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [254704 2015-05-04] (Intel Corporation) R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37064 2016-08-24] (Intel Corporation) R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [192960 2017-09-28] (Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [101824 2017-09-28] (Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-09-28] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253888 2017-09-28] (Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [94144 2017-09-29] (Malwarebytes) R1 MpKsl4ca56522; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C441E29D-ED34-40EB-9110-0771D328493D}\MpKsl4ca56522.sys [58120 2017-09-29] (Microsoft Corporation) R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrfl.sys [59792 2016-09-13] (Intel Corporation) S3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7116288 2016-07-16] (Intel Corporation) [File not signed] S3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\Command Center\ClockGen\NTIOLib_X64.sys [14288 2017-07-10] (MSI) S3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\Command Center\NTIOLib_X64.sys [14288 2017-07-10] (MSI) S3 NTIOLib_CC_CPU; C:\Program Files (x86)\MSI\Command Center\CPU\NTIOLib_X64.sys [14288 2017-07-10] (MSI) R3 NTIOLib_CC_DDR; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [14288 2017-07-10] (MSI) S3 NTIOLib_CC_SMB; C:\Program Files (x86)\MSI\Command Center\SMBus\NTIOLib_X64.sys [14288 2017-07-10] (MSI) S3 NTIOLib_CC_SuperIO; C:\Program Files (x86)\MSI\Command Center\SuperIO\NTIOLib_X64.sys [14288 2017-07-10] (MSI) R3 NTIOLib_DPC; C:\Program Files (x86)\MSI\DPC Latency Tuner\NTIOLib_X64.sys [14288 2017-03-29] (MSI) R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [14288 2017-03-29] (MSI) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_63f40b686fe9309f\nvlddmkm.sys [15619320 2017-09-18] (NVIDIA Corporation) S3 nvme; C:\WINDOWS\System32\drivers\nvme.sys [119840 2015-12-16] (Samsung Electronics Co., Ltd) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-09-19] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-07-26] (NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57976 2017-09-16] (NVIDIA Corporation) S3 ocznvme; C:\WINDOWS\System32\drivers\ocznvme.sys [99592 2016-06-10] (TOSHIBA CORPORATION) S3 ocztrimfilter; C:\WINDOWS\System32\drivers\ocztrimfilter.sys [29064 2016-06-10] (TOSHIBA CORPORATION) R2 RAMDriv; C:\WINDOWS\system32\DRIVERS\ramdriv.sys [86936 2016-03-10] (Micro-Star Int'l Co., Ltd.) R2 RAMDriv; C:\Windows\SysWOW64\DRIVERS\ramdriv.sys [86936 2016-03-10] (Micro-Star Int'l Co., Ltd.) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [963056 2017-05-17] (Realtek ) R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [6320640 2017-03-18] (Realtek Semiconductor Corporation ) S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] () S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2016-10-18] () S3 SGXEPC; C:\WINDOWS\System32\drivers\sgx_driver.sys [52824 2016-05-18] (Windows (R) Win 7 DDK provider) S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-12-21] (Apple, Inc.) [File not signed] S3 WacHidRouterPro; C:\WINDOWS\System32\drivers\wachidrouter.sys [122000 2017-07-25] (Wacom Technology) S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation) S3 ipadtst; \??\C:\Program Files (x86)\MSI\Super Charger\ipadtst_64.sys [X] S3 ipadtst2; \??\C:\Program Files (x86)\MSI\Super Charger\ipadtst2_64.sys [X] S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X] ========================== Drivers MD5 ======================= ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Three Months Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-09-29 12:33 - 2017-09-29 12:33 - 000027089 _____ C:\Users\Effymaysims\Desktop\FRST.txt 2017-09-29 12:33 - 2017-09-29 12:33 - 000000000 ____D C:\Users\Effymaysims\Desktop\FRST-OlderVersion 2017-09-28 23:31 - 2017-09-28 23:31 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign02a1dc90d589299e 2017-09-28 23:10 - 2017-09-28 23:10 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignf0e74d36ea5f25af 2017-09-28 23:09 - 2017-09-28 23:09 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign9a5ab2f37bca1542 2017-09-28 23:09 - 2017-09-28 23:09 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign98aa3e3eb5dae568 2017-09-28 21:08 - 2017-09-28 21:08 - 000101824 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2017-09-28 14:03 - 2017-09-28 14:03 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign73031eb757c60e8c 2017-09-28 14:03 - 2017-09-28 14:03 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign31b04cdb187d0c3d 2017-09-28 12:20 - 2017-09-28 12:20 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign0a3783389f22eb0b 2017-09-28 12:14 - 2017-09-28 12:14 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignaf1415a31af9ece8 2017-09-28 12:14 - 2017-09-28 12:14 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign6bb5d51b9b2ee554 2017-09-28 12:14 - 2017-09-28 12:14 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign0807591dfde7e7a7 2017-09-28 11:29 - 2017-09-28 11:29 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsigne4b998182f32e704 2017-09-28 11:29 - 2017-09-28 11:29 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsigndac3982d98997137 2017-09-28 01:23 - 2017-09-28 01:23 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2017-09-28 00:42 - 2017-09-28 00:42 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign925db204c1d8d7a9 2017-09-28 00:40 - 2017-09-28 00:40 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignf4d009c627b2d170 2017-09-28 00:40 - 2017-09-28 00:40 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign1cd5bc5b00e2bbda 2017-09-28 00:17 - 2017-09-28 13:24 - 000001942 _____ C:\Users\Public\Desktop\Blender.lnk 2017-09-28 00:17 - 2017-09-28 00:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender Foundation 2017-09-28 00:17 - 2017-09-28 00:17 - 000000000 ____D C:\Program Files\Blender Foundation 2017-09-27 13:48 - 2017-09-27 13:48 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignb2bd0afc2a551be4 2017-09-27 13:48 - 2017-09-27 13:48 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign726469ed088981e7 2017-09-27 13:48 - 2017-09-27 13:48 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign3b214641b6f2e96b 2017-09-27 11:41 - 2017-09-27 11:41 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsigna3e3260a5415a9be 2017-09-27 11:40 - 2017-09-27 11:40 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign8fc06e2a30b17e58 2017-09-27 11:40 - 2017-09-27 11:40 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign1bc5412e6e5ac4b9 2017-09-27 09:43 - 2017-09-27 09:43 - 4138827554 ____N C:\WINDOWS\MEMORY.DMP 2017-09-27 02:19 - 2017-09-27 02:19 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign1fc71cd34868e01e 2017-09-27 02:15 - 2017-09-27 02:15 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsigndd8f249f6f11d8aa 2017-09-27 02:15 - 2017-09-27 02:15 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign7361eb0587e52d73 2017-09-26 18:04 - 2017-09-26 18:04 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsigne60f0a346531af51 2017-09-26 18:04 - 2017-09-26 18:04 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign2feb3563bc6562f8 2017-09-26 18:04 - 2017-09-26 18:04 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign29a3040041961657 2017-09-26 17:22 - 2017-09-26 17:22 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsigncb869dce79ccb5bb 2017-09-26 17:22 - 2017-09-26 17:22 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign70a69d620854294a 2017-09-26 17:22 - 2017-09-26 17:22 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign1789bee98284404f 2017-09-26 16:01 - 2017-09-26 16:01 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignd96fa3fb53923973 2017-09-26 16:01 - 2017-09-26 16:01 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign8d1c0eec2b23001a 2017-09-26 16:01 - 2017-09-26 16:01 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign41512efb40799942 2017-09-26 13:50 - 2017-09-26 13:50 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignb877a84b2979aef6 2017-09-26 13:50 - 2017-09-26 13:50 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignafddd5a16d174daf 2017-09-26 11:31 - 2017-09-26 11:31 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignc2f43b5adeaee97c 2017-09-26 11:31 - 2017-09-26 11:31 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignae0d850805d2823d 2017-09-26 11:31 - 2017-09-26 11:31 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign497a0e7467a4b9e3 2017-09-26 07:46 - 2017-09-26 07:46 - 000002032 _____ C:\Users\Public\Desktop\MSI Live Update 6.lnk 2017-09-26 07:42 - 2017-09-26 07:42 - 000001298 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk 2017-09-26 07:42 - 2017-09-26 07:42 - 000001286 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk 2017-09-25 20:17 - 2017-09-25 20:17 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign43c64795e1ca2cc9 2017-09-25 20:08 - 2017-09-25 20:08 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsigne322cb1c09f28766 2017-09-25 20:08 - 2017-09-25 20:08 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign7014b498044a84b3 2017-09-25 19:52 - 2017-09-25 19:52 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsigncf5b1b535ec1397d 2017-09-25 19:37 - 2017-09-25 19:37 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign326b0894471a7676 2017-09-25 19:36 - 2017-09-25 19:36 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignf1c6d849a5d6e0ad 2017-09-25 19:36 - 2017-09-25 19:36 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignec83f7cba86004ed 2017-09-25 15:53 - 2017-09-18 16:20 - 001065104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2017-09-25 15:53 - 2017-09-18 16:20 - 000900376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2017-09-25 15:53 - 2017-09-18 16:18 - 000965024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi 2017-09-25 15:53 - 2017-09-18 16:17 - 001395664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2017-09-25 15:53 - 2017-09-18 16:17 - 001186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2017-09-25 15:53 - 2017-09-18 16:17 - 001147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2017-09-25 15:53 - 2017-09-18 16:17 - 001024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2017-09-25 15:53 - 2017-09-18 16:17 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe 2017-09-25 15:53 - 2017-09-18 16:11 - 001018272 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2017-09-25 15:53 - 2017-09-18 16:09 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2017-09-25 15:53 - 2017-09-18 15:26 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll 2017-09-25 15:53 - 2017-09-18 15:25 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll 2017-09-25 15:53 - 2017-09-18 15:23 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll 2017-09-25 15:53 - 2017-09-18 15:20 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll 2017-09-25 15:53 - 2017-09-18 15:20 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll 2017-09-25 15:53 - 2017-09-18 15:18 - 001398784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2017-09-25 15:53 - 2017-09-18 15:15 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll 2017-09-23 17:20 - 2017-09-23 17:20 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignfa8e4defe297dee7 2017-09-23 17:20 - 2017-09-23 17:20 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignbfefa44a5e4a69d5 2017-09-23 17:19 - 2017-09-23 17:19 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignb20b5b509e408266 2017-09-23 17:19 - 2017-09-23 17:19 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign61bd52aac32a6552 2017-09-23 17:18 - 2017-09-23 17:18 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignc075c6cf6551d1cb 2017-09-23 17:18 - 2017-09-23 17:18 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign76d76967b2bf9783 2017-09-23 17:12 - 2017-09-23 17:12 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Wacom 2017-09-23 17:12 - 2017-09-23 17:12 - 000000000 ____D C:\Users\Effymaysims\.android 2017-09-23 17:10 - 2017-09-23 17:10 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablet 2017-09-23 17:08 - 2017-09-27 09:48 - 000000000 ____D C:\Users\Effymaysims\AppData\Roaming\WTablet 2017-09-23 17:07 - 2017-09-23 17:10 - 000000000 ____D C:\Program Files\Tablet 2017-09-23 17:07 - 2017-09-13 14:46 - 002305992 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\Wacom_Tablet.dll 2017-09-23 17:07 - 2017-09-13 14:46 - 002299336 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\Wacom_Touch_Tablet.dll 2017-09-23 17:07 - 2017-09-13 14:46 - 002198984 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\WacomMT.dll 2017-09-23 17:07 - 2017-09-13 14:46 - 002137032 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\Wintab32.dll 2017-09-23 17:07 - 2017-09-13 14:46 - 001819592 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\Wacom_Tablet.dll 2017-09-23 17:07 - 2017-09-13 14:46 - 001812936 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\Wacom_Touch_Tablet.dll 2017-09-23 17:07 - 2017-09-13 14:46 - 001697736 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\WacomMT.dll 2017-09-23 17:07 - 2017-09-13 14:46 - 001658312 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\Wintab32.dll 2017-09-23 17:07 - 2017-08-03 16:13 - 000033952 _____ (Wacom Technology) C:\WINDOWS\system32\Drivers\wacomrouterfilter.sys 2017-09-23 17:07 - 2017-07-25 10:08 - 001804688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdfcoinstaller01011.dll 2017-09-23 17:07 - 2017-07-25 10:08 - 000122000 _____ (Wacom Technology) C:\WINDOWS\system32\Drivers\wachidrouter.sys 2017-09-23 17:07 - 2012-12-11 15:12 - 001721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wdfcoinstaller01009.dll 2017-09-21 17:27 - 2017-09-21 17:27 - 000000000 ____D C:\Program Files (x86)\VulkanRT 2017-09-21 17:27 - 2017-09-16 10:17 - 000135800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe 2017-09-21 17:27 - 2017-07-20 10:21 - 000905504 _____ C:\WINDOWS\system32\vulkan-1.dll 2017-09-21 17:27 - 2017-07-20 10:21 - 000776992 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2017-09-21 17:27 - 2017-07-20 10:21 - 000578848 _____ C:\WINDOWS\system32\vulkaninfo.exe 2017-09-21 17:27 - 2017-07-20 10:21 - 000477472 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2017-09-21 17:25 - 2017-09-16 12:27 - 040240064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll 2017-09-21 17:25 - 2017-09-16 12:27 - 035925440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2017-09-21 17:25 - 2017-09-16 12:27 - 035314112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll 2017-09-21 17:25 - 2017-09-16 12:27 - 029020096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2017-09-21 17:25 - 2017-09-16 12:27 - 023132720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2017-09-21 17:25 - 2017-09-16 12:27 - 018849784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2017-09-21 17:25 - 2017-09-16 12:27 - 013782904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2017-09-21 17:25 - 2017-09-16 12:27 - 012241792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll 2017-09-21 17:25 - 2017-09-16 12:27 - 011692856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2017-09-21 17:25 - 2017-09-16 12:27 - 010087504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll 2017-09-21 17:25 - 2017-09-16 12:27 - 004145088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2017-09-21 17:25 - 2017-09-16 12:27 - 003575744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2017-09-21 17:25 - 2017-09-16 12:27 - 001988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438569.dll 2017-09-21 17:25 - 2017-09-16 12:27 - 001606592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438569.dll 2017-09-21 17:25 - 2017-09-16 12:27 - 001291912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll 2017-09-21 17:25 - 2017-09-16 12:27 - 001290024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll 2017-09-21 17:25 - 2017-09-16 12:27 - 001067968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2017-09-21 17:25 - 2017-09-16 12:27 - 001008816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll 2017-09-21 17:25 - 2017-09-16 12:27 - 001007280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll 2017-09-21 17:25 - 2017-09-16 12:27 - 001005176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2017-09-21 17:25 - 2017-09-16 12:27 - 000972920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2017-09-21 17:25 - 2017-09-16 12:27 - 000924280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2017-09-21 17:25 - 2017-09-16 12:27 - 000781728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2017-09-21 17:25 - 2017-09-16 12:27 - 000725112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll 2017-09-21 17:25 - 2017-09-16 12:27 - 000690504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll 2017-09-21 17:25 - 2017-09-16 12:27 - 000618928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll 2017-09-21 17:25 - 2017-09-16 12:27 - 000617232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2017-09-21 17:25 - 2017-09-16 12:27 - 000609728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2017-09-21 17:25 - 2017-09-16 12:27 - 000584128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll 2017-09-21 17:25 - 2017-09-16 12:27 - 000578056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll 2017-09-21 17:25 - 2017-09-16 12:27 - 000499136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2017-09-21 13:20 - 2017-09-21 13:20 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignc81c86f266c089b9 2017-09-21 13:17 - 2017-09-21 13:17 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign7e582e0a98c40a2b 2017-09-21 13:17 - 2017-09-21 13:17 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign33b8383cab0262b7 2017-09-21 11:41 - 2017-09-21 11:41 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignb0d2bf25c352b9c4 2017-09-21 11:41 - 2017-09-21 11:41 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign43691072b6e8007a 2017-09-21 11:41 - 2017-09-21 11:41 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign33c9ad5eeeab3af6 2017-09-21 11:28 - 2017-09-21 11:28 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignfc5c93d2a9cafa7d 2017-09-21 11:28 - 2017-09-21 11:28 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsigndb58555382a7a991 2017-09-21 11:28 - 2017-09-21 11:28 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsigna7cdf48b7b84c8f7 2017-09-21 11:20 - 2017-09-21 11:20 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign8f218112355efb13 2017-09-21 11:20 - 2017-09-21 11:20 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign4458fa6527b0159c 2017-09-21 11:20 - 2017-09-21 11:20 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign129b594be46ebebe 2017-09-21 11:09 - 2017-09-21 11:09 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignbb616cfb67182e80 2017-09-21 11:05 - 2017-09-21 11:05 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignc0e4f01838998e7e 2017-09-21 11:05 - 2017-09-21 11:05 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign4f7fd11dbf240ef5 2017-09-20 21:37 - 2017-09-20 21:37 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignd06b20e9799305ae 2017-09-20 21:37 - 2017-09-20 21:37 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignb131f967d24c2e01 2017-09-20 21:37 - 2017-09-20 21:37 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign2374f800728edc1c 2017-09-20 21:32 - 2017-09-20 21:32 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignad69b490e1fa7782 2017-09-20 21:32 - 2017-09-20 21:32 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign571f30cbd9f0c48f 2017-09-20 21:32 - 2017-09-20 21:32 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign3938cf797d44460b 2017-09-20 16:18 - 2017-09-20 16:18 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign4d39ec9e000834ed 2017-09-20 16:09 - 2017-09-20 16:09 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignb95502d9e62720c4 2017-09-20 16:09 - 2017-09-20 16:09 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign23f78671c511d398 2017-09-20 11:36 - 2017-09-20 11:36 - 000002016 _____ C:\Users\Public\Desktop\MSI Smart Tool.lnk 2017-09-20 11:36 - 2017-09-20 11:36 - 000001757 _____ C:\Users\Public\Desktop\MSI Network Manager.lnk 2017-09-20 11:36 - 2017-07-31 18:23 - 001503208 _____ (cFos Software GmbH) C:\WINDOWS\system32\Drivers\cfosspeed6.sys 2017-09-20 11:35 - 2017-09-20 11:35 - 000001130 _____ C:\Users\Public\Desktop\MSI Fast Boot.lnk 2017-09-20 11:31 - 2017-09-20 11:31 - 000000000 ____D C:\ProgramData\Audyssey Labs 2017-09-20 11:31 - 2017-08-24 05:41 - 015211624 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE3.dll 2017-09-20 11:31 - 2017-08-24 05:41 - 003299824 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll 2017-09-20 11:31 - 2017-08-24 05:41 - 002190984 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll 2017-09-20 11:31 - 2017-08-24 05:41 - 001435144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll 2017-09-20 11:31 - 2017-08-24 05:41 - 001382232 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll 2017-09-20 11:31 - 2017-08-24 05:41 - 001337640 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaeapo64.dll 2017-09-20 11:31 - 2017-08-24 05:41 - 000873464 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll 2017-09-20 11:31 - 2017-08-24 05:41 - 000852128 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tosasfapo64.dll 2017-09-20 11:31 - 2017-08-24 05:41 - 000604800 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaemaxapo64.dll 2017-09-20 11:31 - 2017-08-24 05:41 - 000532376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll 2017-09-20 11:31 - 2017-08-24 05:41 - 000467160 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll 2017-09-20 11:31 - 2017-08-24 05:41 - 000447176 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\toseaeapo64.dll 2017-09-20 11:31 - 2017-08-24 05:41 - 000381408 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll 2017-09-20 11:31 - 2017-08-24 05:41 - 000341152 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll 2017-09-20 11:31 - 2017-08-24 05:41 - 000341152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll 2017-09-20 11:31 - 2017-08-24 05:41 - 000221968 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll 2017-09-20 11:31 - 2017-08-24 05:41 - 000209536 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll 2017-09-20 11:31 - 2017-08-24 05:41 - 000166200 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll 2017-09-20 11:31 - 2017-08-24 05:41 - 000158696 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll 2017-09-20 11:31 - 2017-08-24 05:41 - 000075536 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll 2017-09-20 11:31 - 2017-08-24 05:40 - 003410840 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll 2017-09-20 11:31 - 2017-08-24 05:40 - 003122656 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll 2017-09-20 11:31 - 2017-08-24 05:40 - 001016928 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll 2017-09-20 11:31 - 2017-08-24 05:40 - 000984912 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll 2017-09-20 11:31 - 2017-08-24 05:40 - 000965024 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll 2017-09-20 11:31 - 2017-08-24 05:40 - 000866640 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll 2017-09-20 11:31 - 2017-08-24 05:40 - 000231912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll 2017-09-20 11:31 - 2017-08-24 05:40 - 000090912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll 2017-09-20 11:31 - 2017-08-24 05:40 - 000088320 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll 2017-09-20 11:31 - 2017-08-24 05:40 - 000083624 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll 2017-09-20 11:31 - 2017-08-24 05:39 - 003677160 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl 2017-09-20 11:31 - 2017-08-24 05:39 - 003509200 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll 2017-09-20 11:31 - 2017-08-24 05:39 - 003205120 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll 2017-09-20 11:31 - 2017-08-24 05:39 - 003132640 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll 2017-09-20 11:31 - 2017-08-24 05:39 - 001348160 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll 2017-09-20 11:31 - 2017-08-24 05:39 - 000877432 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SEHDHF32.dll 2017-09-20 11:31 - 2017-08-24 05:39 - 000868176 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll 2017-09-20 11:31 - 2017-08-24 05:39 - 000737968 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.dll 2017-09-20 11:31 - 2017-08-24 05:39 - 000691680 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll 2017-09-20 11:31 - 2017-08-24 05:39 - 000526280 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll 2017-09-20 11:31 - 2017-08-24 05:39 - 000387312 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll 2017-09-20 11:31 - 2017-08-24 05:39 - 000343704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll 2017-09-20 11:31 - 2017-08-24 05:39 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll 2017-09-20 11:31 - 2017-08-24 05:39 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll 2017-09-20 11:31 - 2017-08-24 05:39 - 000258864 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll 2017-09-20 11:31 - 2017-08-24 05:39 - 000214832 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll 2017-09-20 11:31 - 2017-08-24 05:39 - 000110984 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll 2017-09-20 11:31 - 2017-08-24 05:39 - 000088344 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll 2017-09-20 11:31 - 2017-08-24 05:38 - 072520712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat 2017-09-20 11:31 - 2017-08-24 05:38 - 002211304 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll 2017-09-20 11:31 - 2017-08-24 01:56 - 013272986 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT 2017-09-20 11:30 - 2017-08-24 05:39 - 000151784 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll 2017-09-20 11:30 - 2017-08-24 05:38 - 007172912 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll 2017-09-20 11:30 - 2017-08-24 05:38 - 007096184 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll 2017-09-20 11:30 - 2017-08-24 05:38 - 006264632 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll 2017-09-20 11:30 - 2017-08-24 05:38 - 001780616 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll 2017-09-20 11:30 - 2017-08-24 05:38 - 001591056 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll 2017-09-20 11:30 - 2017-08-24 05:38 - 001508928 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll 2017-09-20 11:30 - 2017-08-24 05:38 - 001159184 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll 2017-09-20 11:30 - 2017-08-24 05:38 - 000743960 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll 2017-09-20 11:30 - 2017-08-24 05:38 - 000727432 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll 2017-09-20 11:30 - 2017-08-24 05:38 - 000708312 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll 2017-09-20 11:30 - 2017-08-24 05:38 - 000680552 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll 2017-09-20 11:30 - 2017-08-24 05:38 - 000504304 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll 2017-09-20 11:30 - 2017-08-24 05:38 - 000447720 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll 2017-09-20 11:30 - 2017-08-24 05:38 - 000445400 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll 2017-09-20 11:30 - 2017-08-24 05:38 - 000441264 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll 2017-09-20 11:30 - 2017-08-24 05:38 - 000416504 _____ (Harman) C:\WINDOWS\system32\HMUI.dll 2017-09-20 11:30 - 2017-08-24 05:38 - 000406456 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2APIPCLL.dll 2017-09-20 11:30 - 2017-08-24 05:38 - 000378384 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll 2017-09-20 11:30 - 2017-08-24 05:38 - 000366120 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\HMAPO.dll 2017-09-20 11:30 - 2017-08-24 05:38 - 000360344 _____ (Harman) C:\WINDOWS\system32\HMClariFi.dll 2017-09-20 11:30 - 2017-08-24 05:38 - 000253896 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll 2017-09-20 11:30 - 2017-08-24 05:38 - 000253864 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll 2017-09-20 11:30 - 2017-08-24 05:38 - 000252872 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll 2017-09-20 11:30 - 2017-08-24 05:38 - 000203840 _____ (Harman) C:\WINDOWS\system32\HMHVS.dll 2017-09-20 11:30 - 2017-08-24 05:38 - 000190936 _____ (Harman) C:\WINDOWS\system32\HMEQ_Voice.dll 2017-09-20 11:30 - 2017-08-24 05:38 - 000190936 _____ (Harman) C:\WINDOWS\system32\HMEQ.dll 2017-09-20 11:30 - 2017-08-24 05:38 - 000179592 _____ (Harman) C:\WINDOWS\system32\HMLimiter.dll 2017-09-20 11:30 - 2017-08-24 05:38 - 000154360 _____ (Harman) C:\WINDOWS\system32\HarmanAudioInterface.dll 2017-09-20 11:30 - 2017-08-24 05:38 - 000134200 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll 2017-09-20 11:30 - 2017-08-24 05:38 - 000122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll 2017-09-20 11:30 - 2017-08-24 05:38 - 000084616 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll 2017-09-20 11:30 - 2017-08-24 05:37 - 005346992 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll 2017-09-20 11:30 - 2017-08-24 05:37 - 002993720 _____ (Audyssey Labs) C:\WINDOWS\system32\AudysseyEfx.dll 2017-09-20 11:30 - 2017-08-24 05:37 - 002444688 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll 2017-09-20 11:30 - 2017-08-24 05:37 - 001965808 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll 2017-09-20 11:30 - 2017-08-24 05:37 - 001959600 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll 2017-09-20 11:30 - 2017-08-24 05:37 - 001544248 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOProp.dll 2017-09-20 11:30 - 2017-08-24 05:37 - 001372392 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOv251.dll 2017-09-20 11:30 - 2017-08-24 05:37 - 001259728 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOvlldp.dll 2017-09-20 11:30 - 2017-08-24 05:37 - 000362048 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll 2017-09-20 11:30 - 2017-08-24 05:37 - 000327456 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll 2017-09-20 11:30 - 2017-08-24 05:37 - 000310424 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll 2017-09-20 11:30 - 2017-08-24 05:37 - 000272712 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll 2017-09-20 11:30 - 2017-08-24 05:37 - 000118592 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll 2017-09-20 11:30 - 2017-08-24 05:37 - 000105304 _____ C:\WINDOWS\system32\audioLibVc.dll 2017-09-19 23:56 - 2017-09-19 23:56 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsigne2830aadb264a8ac 2017-09-19 23:46 - 2017-09-19 23:46 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign8f1b3d374bcf3e5d 2017-09-19 23:46 - 2017-09-19 23:46 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign0ccc7b28470a30d7 2017-09-19 22:46 - 2017-09-19 22:46 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignee0710b70f6f8541 2017-09-19 22:45 - 2017-09-19 22:45 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign0e0869096c774bd8 2017-09-19 22:45 - 2017-09-19 22:45 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign066f0521bbe0ff9c 2017-09-19 15:16 - 2017-09-19 15:16 - 000000000 ____D C:\Users\Effymaysims\AppData\Roaming\The Sims Resource 2017-09-19 01:03 - 2017-09-19 01:03 - 000000000 ____D C:\WINDOWS\%LOCALAPPDATA% 2017-09-18 19:48 - 2017-09-18 19:48 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign3ecf959c7c27a3e0 2017-09-18 19:45 - 2017-09-18 19:45 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignfa7f62ca53c51656 2017-09-18 19:45 - 2017-09-18 19:45 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignaa9f24074042f963 2017-09-18 19:40 - 2017-09-18 19:40 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign132e280b77fe66d3 2017-09-18 19:39 - 2017-09-18 19:39 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignd1fe09c4db6989e3 2017-09-18 19:39 - 2017-09-18 19:39 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign178baf92e8b14f70 2017-09-18 02:25 - 2017-09-26 07:48 - 000001242 _____ C:\Users\Public\Desktop\MSI Command Center.lnk 2017-09-18 00:16 - 2017-09-18 00:16 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign1944365abf634343 2017-09-18 00:15 - 2017-09-18 00:15 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsigna9cafea3f5cc280c 2017-09-18 00:15 - 2017-09-18 00:15 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign43a8dd208cb1a6d4 2017-09-17 20:10 - 2017-09-17 20:10 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign22441647f521c9a7 2017-09-17 20:09 - 2017-09-17 20:09 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignad2c7b3eea535b42 2017-09-17 20:09 - 2017-09-17 20:09 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsigna9d71f6f2b2878ee 2017-09-17 19:07 - 2017-09-17 19:07 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignc7ebcaf436ac9b9b 2017-09-17 19:03 - 2017-09-17 19:03 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign4ca3741ac2d528e3 2017-09-17 19:03 - 2017-09-17 19:03 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign3ba46dc9f7ecf159 2017-09-17 16:45 - 2017-09-17 16:45 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignfb75a3195719f751 2017-09-17 16:45 - 2017-09-17 16:45 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign3692a738d5679a88 2017-09-17 16:45 - 2017-09-17 16:45 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign13f6aaec66540669 2017-09-17 16:32 - 2017-09-17 16:32 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignd8ea5942ffd5bc60 2017-09-17 16:31 - 2017-09-17 16:31 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignb6dca74c12cde599 2017-09-17 16:31 - 2017-09-17 16:31 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign3bc60152e2b05839 2017-09-16 23:54 - 2017-09-16 23:54 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign3f33940062d64ae5 2017-09-16 23:44 - 2017-09-16 23:44 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign9e9b600327be02a5 2017-09-16 23:44 - 2017-09-16 23:44 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign6b511857a7cf459e 2017-09-16 22:24 - 2017-09-16 22:24 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Deployment 2017-09-16 22:24 - 2017-09-16 22:24 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Apps\2.0 2017-09-16 13:59 - 2017-09-16 13:59 - 000149923 _____ C:\Users\Effymaysims\Desktop\EffymaysimsJGloomtat3.package 2017-09-16 13:47 - 2017-09-16 13:47 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsigncb84568bdfed0e7b 2017-09-16 13:41 - 2017-09-16 13:41 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign3cb35c351f9e64b0 2017-09-16 13:39 - 2017-09-16 13:39 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignec187e1e9dcd19fd 2017-09-16 13:39 - 2017-09-16 13:39 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign51cab1744a5e1031 2017-09-16 13:37 - 2017-09-16 13:37 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign41a26e1b5d8d1d16 2017-09-16 13:10 - 2017-09-16 13:10 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign8b1bb950d5886706 2017-09-16 13:10 - 2017-09-16 13:10 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign52f70be42ecc7e1e 2017-09-16 12:55 - 2017-09-16 12:55 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignb454911a0f3abc95 2017-09-16 12:55 - 2017-09-16 12:55 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignaf6908776128abc1 2017-09-16 12:55 - 2017-09-16 12:55 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign65c7eb1dd825d236 2017-09-16 03:51 - 2017-09-16 03:51 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignee0382997b6248f6 2017-09-16 03:44 - 2017-09-16 03:44 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign6e16ed1615493719 2017-09-16 03:44 - 2017-09-16 03:44 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign2abd243a080d2b28 2017-09-16 02:38 - 2017-09-16 02:38 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignfcd5c78f032aaeb4 2017-09-16 02:38 - 2017-09-16 02:38 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignd5cc746eddec85a4 2017-09-16 02:38 - 2017-09-16 02:38 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignbf1ecd0499a61bc5 2017-09-15 16:49 - 2017-09-15 16:49 - 000002268 _____ C:\Users\Public\Desktop\ZBrush 4R7 64-bit Trial.lnk 2017-09-15 16:49 - 2017-09-15 16:49 - 000002242 _____ C:\Users\Public\Desktop\ZBrush 4R7 Trial.lnk 2017-09-15 16:49 - 2017-09-15 16:49 - 000000000 ____D C:\Users\Public\Pixologic 2017-09-15 16:49 - 2017-09-15 16:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pixologic 2017-09-15 16:48 - 2017-09-15 16:48 - 000000000 ____D C:\Program Files (x86)\Pixologic 2017-09-15 16:14 - 2017-09-15 16:14 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign841f480e512d549e 2017-09-15 16:12 - 2017-09-15 16:12 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign57adfb4f7f0a5b56 2017-09-15 16:12 - 2017-09-15 16:12 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign1fe7f85835a9a19c 2017-09-15 15:15 - 2017-09-29 12:33 - 002399744 _____ (Farbar) C:\Users\Effymaysims\Desktop\FRST64.exe 2017-09-15 14:06 - 2017-09-15 14:06 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign0da47ff6aa263603 2017-09-15 13:20 - 2017-09-15 13:20 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignccdb0e079c72defe 2017-09-15 12:53 - 2017-09-15 12:53 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign4c772f2339471f72 2017-09-15 12:48 - 2017-09-15 12:48 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign88c6ba7e279ee8e3 2017-09-15 12:48 - 2017-09-15 12:48 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign31aa0101a8ee9279 2017-09-14 01:41 - 2017-09-14 01:41 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign3495508c03fad347 2017-09-14 01:36 - 2017-09-14 01:36 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsigna2299d3253bdbc36 2017-09-14 01:36 - 2017-09-14 01:36 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign6cf60672b590ce06 2017-09-13 23:46 - 2017-09-16 21:36 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\XMODS 2017-09-13 21:40 - 2017-09-13 21:40 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignfbda70d93e38cc6d 2017-09-13 21:40 - 2017-09-13 21:40 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignc2f79169a5ab1270 2017-09-13 21:40 - 2017-09-13 21:40 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign670277838a6e2357 2017-09-13 16:19 - 2017-09-13 16:19 - 000001060 _____ C:\Users\Effymaysims\Desktop\Blender.lnk 2017-09-13 16:16 - 2017-09-13 16:16 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignd8219de2feccf27e 2017-09-13 16:16 - 2017-09-13 16:16 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign2eee30239a934adf 2017-09-13 13:35 - 2017-09-13 13:35 - 008182736 _____ (Malwarebytes) C:\Users\Effymaysims\Desktop\adwcleaner_7.0.2.1.exe 2017-09-13 13:35 - 2017-09-13 13:35 - 001790024 _____ (Malwarebytes) C:\Users\Effymaysims\Desktop\JRT.exe 2017-09-13 13:04 - 2017-09-29 10:58 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2017-09-13 13:04 - 2017-09-28 21:08 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-09-13 13:04 - 2017-09-28 21:08 - 000192960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys 2017-09-13 13:04 - 2017-09-28 21:08 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2017-09-13 13:04 - 2017-09-13 13:04 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-09-13 13:04 - 2017-09-13 13:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-09-13 13:04 - 2017-08-24 11:27 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys 2017-09-13 12:18 - 2017-09-13 12:18 - 000003602 _____ C:\WINDOWS\System32\Tasks\Effymaysims DBAgent 2 0 2017-09-12 20:02 - 2017-09-04 22:30 - 000287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2017-09-12 20:02 - 2017-09-04 22:21 - 000189344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2017-09-12 20:02 - 2017-09-04 22:18 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2017-09-12 20:02 - 2017-09-04 22:16 - 000546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2017-09-12 20:02 - 2017-09-04 22:12 - 001409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2017-09-12 20:02 - 2017-09-04 22:12 - 001292880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2017-09-12 20:02 - 2017-09-04 22:12 - 000627080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2017-09-12 20:02 - 2017-09-04 22:12 - 000081176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll 2017-09-12 20:02 - 2017-09-04 22:11 - 002675104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2017-09-12 20:02 - 2017-09-04 21:53 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2017-09-12 20:02 - 2017-09-04 21:52 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2017-09-12 20:02 - 2017-09-04 21:50 - 004330920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll 2017-09-12 20:02 - 2017-09-04 21:46 - 004471888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2017-09-12 20:02 - 2017-09-04 21:45 - 005821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2017-09-12 20:02 - 2017-09-04 21:45 - 002476712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2017-09-12 20:02 - 2017-09-04 21:45 - 002166808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2017-09-12 20:02 - 2017-09-04 21:45 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2017-09-12 20:02 - 2017-09-04 21:45 - 000085784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialUIBroker.exe 2017-09-12 20:02 - 2017-09-04 21:44 - 000569264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll 2017-09-12 20:02 - 2017-09-04 21:43 - 000611096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2017-09-12 20:02 - 2017-09-04 21:43 - 000359560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll 2017-09-12 20:02 - 2017-09-04 21:43 - 000280480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe 2017-09-12 20:02 - 2017-09-04 21:43 - 000169376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2017-09-12 20:02 - 2017-09-04 21:43 - 000042456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll 2017-09-12 20:02 - 2017-09-04 21:42 - 002330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2017-09-12 20:02 - 2017-09-04 21:42 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2017-09-12 20:02 - 2017-09-04 21:42 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2017-09-12 20:02 - 2017-09-04 21:42 - 000291904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll 2017-09-12 20:02 - 2017-09-04 21:42 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2017-09-12 20:02 - 2017-09-04 21:41 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-09-12 20:02 - 2017-09-04 21:41 - 006761560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2017-09-12 20:02 - 2017-09-04 21:41 - 004671832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2017-09-12 20:02 - 2017-09-04 21:41 - 001106904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll 2017-09-12 20:02 - 2017-09-04 21:41 - 001013912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll 2017-09-12 20:02 - 2017-09-04 21:40 - 000052768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll 2017-09-12 20:02 - 2017-09-04 21:37 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2017-09-12 20:02 - 2017-09-04 21:28 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys 2017-09-12 20:02 - 2017-09-04 21:28 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys 2017-09-12 20:02 - 2017-09-04 21:27 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2017-09-12 20:02 - 2017-09-04 21:27 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys 2017-09-12 20:02 - 2017-09-04 21:26 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-09-12 20:02 - 2017-09-04 21:26 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll 2017-09-12 20:02 - 2017-09-04 21:26 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys 2017-09-12 20:02 - 2017-09-04 21:25 - 013844480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2017-09-12 20:02 - 2017-09-04 21:25 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2017-09-12 20:02 - 2017-09-04 21:25 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys 2017-09-12 20:02 - 2017-09-04 21:25 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE 2017-09-12 20:02 - 2017-09-04 21:24 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2017-09-12 20:02 - 2017-09-04 21:24 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcrecovery.dll 2017-09-12 20:02 - 2017-09-04 21:23 - 020509184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-09-12 20:02 - 2017-09-04 21:23 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll 2017-09-12 20:02 - 2017-09-04 21:23 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll 2017-09-12 20:02 - 2017-09-04 21:22 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll 2017-09-12 20:02 - 2017-09-04 21:22 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll 2017-09-12 20:02 - 2017-09-04 21:22 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll 2017-09-12 20:02 - 2017-09-04 21:22 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll 2017-09-12 20:02 - 2017-09-04 21:22 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2017-09-12 20:02 - 2017-09-04 21:22 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2017-09-12 20:02 - 2017-09-04 21:21 - 006728704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2017-09-12 20:02 - 2017-09-04 21:21 - 001178624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll 2017-09-12 20:02 - 2017-09-04 21:21 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll 2017-09-12 20:02 - 2017-09-04 21:21 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll 2017-09-12 20:02 - 2017-09-04 21:21 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll 2017-09-12 20:02 - 2017-09-04 21:21 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2017-09-12 20:02 - 2017-09-04 21:21 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.exe 2017-09-12 20:02 - 2017-09-04 21:20 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2017-09-12 20:02 - 2017-09-04 21:20 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2017-09-12 20:02 - 2017-09-04 21:19 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-09-12 20:02 - 2017-09-04 21:19 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2017-09-12 20:02 - 2017-09-04 21:19 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll 2017-09-12 20:02 - 2017-09-04 21:19 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll 2017-09-12 20:02 - 2017-09-04 21:19 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll 2017-09-12 20:02 - 2017-09-04 21:19 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2017-09-12 20:02 - 2017-09-04 21:18 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll 2017-09-12 20:02 - 2017-09-04 21:18 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll 2017-09-12 20:02 - 2017-09-04 21:18 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll 2017-09-12 20:02 - 2017-09-04 21:18 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll 2017-09-12 20:02 - 2017-09-04 21:18 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2017-09-12 20:02 - 2017-09-04 21:18 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll 2017-09-12 20:02 - 2017-09-04 21:18 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll 2017-09-12 20:02 - 2017-09-04 21:17 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2017-09-12 20:02 - 2017-09-04 21:17 - 000918528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll 2017-09-12 20:02 - 2017-09-04 21:17 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll 2017-09-12 20:02 - 2017-09-04 21:17 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll 2017-09-12 20:02 - 2017-09-04 21:17 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll 2017-09-12 20:02 - 2017-09-04 21:16 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2017-09-12 20:02 - 2017-09-04 21:16 - 000844288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll 2017-09-12 20:02 - 2017-09-04 21:16 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll 2017-09-12 20:02 - 2017-09-04 21:16 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2017-09-12 20:02 - 2017-09-04 21:16 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll 2017-09-12 20:02 - 2017-09-04 21:16 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll 2017-09-12 20:02 - 2017-09-04 21:15 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2017-09-12 20:02 - 2017-09-04 21:15 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2017-09-12 20:02 - 2017-09-04 21:15 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll 2017-09-12 20:02 - 2017-09-04 21:15 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2017-09-12 20:02 - 2017-09-04 21:15 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2017-09-12 20:02 - 2017-09-04 21:15 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll 2017-09-12 20:02 - 2017-09-04 21:14 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2017-09-12 20:02 - 2017-09-04 21:14 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll 2017-09-12 20:02 - 2017-09-04 21:14 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2017-09-12 20:02 - 2017-09-04 21:14 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll 2017-09-12 20:02 - 2017-09-04 21:14 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll 2017-09-12 20:02 - 2017-09-04 21:13 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2017-09-12 20:02 - 2017-09-04 21:13 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll 2017-09-12 20:02 - 2017-09-04 21:12 - 006265856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-09-12 20:02 - 2017-09-04 21:12 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2017-09-12 20:02 - 2017-09-04 21:12 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2017-09-12 20:02 - 2017-09-04 21:12 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2017-09-12 20:02 - 2017-09-04 21:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2017-09-12 20:02 - 2017-09-04 21:11 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2017-09-12 20:02 - 2017-09-04 21:11 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll 2017-09-12 20:02 - 2017-09-04 21:11 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll 2017-09-12 20:02 - 2017-09-04 21:11 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2017-09-12 20:02 - 2017-09-04 21:11 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2017-09-12 20:02 - 2017-09-04 21:10 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll 2017-09-12 20:02 - 2017-09-04 21:10 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2017-09-12 20:02 - 2017-09-04 21:10 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll 2017-09-12 20:02 - 2017-09-04 21:10 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthHFSrv.dll 2017-09-12 20:02 - 2017-09-04 21:06 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll 2017-09-12 20:02 - 2017-09-04 21:06 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2017-09-12 20:02 - 2017-09-04 21:04 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll 2017-09-12 20:02 - 2017-09-04 21:04 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll 2017-09-12 20:01 - 2017-09-04 22:31 - 001596592 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2017-09-12 20:01 - 2017-09-04 22:31 - 001346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2017-09-12 20:01 - 2017-09-04 22:31 - 000750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2017-09-12 20:01 - 2017-09-04 22:31 - 000115792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll 2017-09-12 20:01 - 2017-09-04 22:27 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2017-09-12 20:01 - 2017-09-04 22:27 - 000136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys 2017-09-12 20:01 - 2017-09-04 22:26 - 008319904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-09-12 20:01 - 2017-09-04 22:26 - 001930840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2017-09-12 20:01 - 2017-09-04 22:25 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll 2017-09-12 20:01 - 2017-09-04 22:25 - 000159648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys 2017-09-12 20:01 - 2017-09-04 22:24 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2017-09-12 20:01 - 2017-09-04 22:24 - 000519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2017-09-12 20:01 - 2017-09-04 22:23 - 004462120 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll 2017-09-12 20:01 - 2017-09-04 22:23 - 001242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2017-09-12 20:01 - 2017-09-04 22:20 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2017-09-12 20:01 - 2017-09-04 22:19 - 004848960 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2017-09-12 20:01 - 2017-09-04 22:19 - 002443168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2017-09-12 20:01 - 2017-09-04 22:18 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2017-09-12 20:01 - 2017-09-04 22:18 - 005477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll 2017-09-12 20:01 - 2017-09-04 22:18 - 002972552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2017-09-12 20:01 - 2017-09-04 22:18 - 002647224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2017-09-12 20:01 - 2017-09-04 22:18 - 001668344 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll 2017-09-12 20:01 - 2017-09-04 22:18 - 000685512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll 2017-09-12 20:01 - 2017-09-04 22:18 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2017-09-12 20:01 - 2017-09-04 22:17 - 000316320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe 2017-09-12 20:01 - 2017-09-04 22:16 - 001320344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll 2017-09-12 20:01 - 2017-09-04 22:16 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll 2017-09-12 20:01 - 2017-09-04 22:16 - 000724200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2017-09-12 20:01 - 2017-09-04 22:16 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys 2017-09-12 20:01 - 2017-09-04 22:16 - 000410168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll 2017-09-12 20:01 - 2017-09-04 22:16 - 000228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2017-09-12 20:01 - 2017-09-04 22:16 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2017-09-12 20:01 - 2017-09-04 22:16 - 000049720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll 2017-09-12 20:01 - 2017-09-04 22:15 - 003116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2017-09-12 20:01 - 2017-09-04 22:15 - 000871448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2017-09-12 20:01 - 2017-09-04 22:15 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2017-09-12 20:01 - 2017-09-04 22:15 - 000381824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll 2017-09-12 20:01 - 2017-09-04 22:15 - 000257440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2017-09-12 20:01 - 2017-09-04 22:14 - 021352656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-09-12 20:01 - 2017-09-04 22:14 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2017-09-12 20:01 - 2017-09-04 22:14 - 004708504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2017-09-12 20:01 - 2017-09-04 22:14 - 001146176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll 2017-09-12 20:01 - 2017-09-04 22:14 - 000958664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll 2017-09-12 20:01 - 2017-09-04 22:14 - 000254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2017-09-12 20:01 - 2017-09-04 22:14 - 000094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2017-09-12 20:01 - 2017-09-04 22:13 - 001619816 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2017-09-12 20:01 - 2017-09-04 22:13 - 000064680 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll 2017-09-12 20:01 - 2017-09-04 22:11 - 000610720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys 2017-09-12 20:01 - 2017-09-04 22:11 - 000387936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll 2017-09-12 20:01 - 2017-09-04 21:53 - 001620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2017-09-12 20:01 - 2017-09-04 21:45 - 023679488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-09-12 20:01 - 2017-09-04 21:31 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-09-12 20:01 - 2017-09-04 21:30 - 001639936 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2017-09-12 20:01 - 2017-09-04 21:30 - 001275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll 2017-09-12 20:01 - 2017-09-04 21:30 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll 2017-09-12 20:01 - 2017-09-04 21:30 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll 2017-09-12 20:01 - 2017-09-04 21:30 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2017-09-12 20:01 - 2017-09-04 21:30 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE 2017-09-12 20:01 - 2017-09-04 21:30 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll 2017-09-12 20:01 - 2017-09-04 21:30 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll 2017-09-12 20:01 - 2017-09-04 21:30 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe 2017-09-12 20:01 - 2017-09-04 21:29 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll 2017-09-12 20:01 - 2017-09-04 21:28 - 017371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2017-09-12 20:01 - 2017-09-04 21:28 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2017-09-12 20:01 - 2017-09-04 21:27 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2017-09-12 20:01 - 2017-09-04 21:27 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll 2017-09-12 20:01 - 2017-09-04 21:27 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll 2017-09-12 20:01 - 2017-09-04 21:27 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2017-09-12 20:01 - 2017-09-04 21:27 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll 2017-09-12 20:01 - 2017-09-04 21:27 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2017-09-12 20:01 - 2017-09-04 21:27 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll 2017-09-12 20:01 - 2017-09-04 21:26 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe 2017-09-12 20:01 - 2017-09-04 21:26 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\csplte.dll 2017-09-12 20:01 - 2017-09-04 21:26 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll 2017-09-12 20:01 - 2017-09-04 21:26 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll 2017-09-12 20:01 - 2017-09-04 21:26 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll 2017-09-12 20:01 - 2017-09-04 21:26 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll 2017-09-12 20:01 - 2017-09-04 21:26 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.exe 2017-09-12 20:01 - 2017-09-04 21:26 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe 2017-09-12 20:01 - 2017-09-04 21:25 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll 2017-09-12 20:01 - 2017-09-04 21:25 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2017-09-12 20:01 - 2017-09-04 21:25 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2017-09-12 20:01 - 2017-09-04 21:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2017-09-12 20:01 - 2017-09-04 21:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys 2017-09-12 20:01 - 2017-09-04 21:24 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2017-09-12 20:01 - 2017-09-04 21:24 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll 2017-09-12 20:01 - 2017-09-04 21:24 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll 2017-09-12 20:01 - 2017-09-04 21:24 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll 2017-09-12 20:01 - 2017-09-04 21:24 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll 2017-09-12 20:01 - 2017-09-04 21:24 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll 2017-09-12 20:01 - 2017-09-04 21:24 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll 2017-09-12 20:01 - 2017-09-04 21:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2017-09-12 20:01 - 2017-09-04 21:23 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll 2017-09-12 20:01 - 2017-09-04 21:23 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe 2017-09-12 20:01 - 2017-09-04 21:23 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll 2017-09-12 20:01 - 2017-09-04 21:23 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys 2017-09-12 20:01 - 2017-09-04 21:23 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2017-09-12 20:01 - 2017-09-04 21:23 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll 2017-09-12 20:01 - 2017-09-04 21:23 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll 2017-09-12 20:01 - 2017-09-04 21:22 - 023684608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-09-12 20:01 - 2017-09-04 21:22 - 000556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll 2017-09-12 20:01 - 2017-09-04 21:22 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2017-09-12 20:01 - 2017-09-04 21:22 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll 2017-09-12 20:01 - 2017-09-04 21:22 - 000413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2017-09-12 20:01 - 2017-09-04 21:22 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2017-09-12 20:01 - 2017-09-04 21:22 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll 2017-09-12 20:01 - 2017-09-04 21:22 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2017-09-12 20:01 - 2017-09-04 21:22 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2017-09-12 20:01 - 2017-09-04 21:22 - 000213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll 2017-09-12 20:01 - 2017-09-04 21:22 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll 2017-09-12 20:01 - 2017-09-04 21:21 - 001051136 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll 2017-09-12 20:01 - 2017-09-04 21:21 - 000946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll 2017-09-12 20:01 - 2017-09-04 21:21 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll 2017-09-12 20:01 - 2017-09-04 21:21 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll 2017-09-12 20:01 - 2017-09-04 21:21 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll 2017-09-12 20:01 - 2017-09-04 21:20 - 007337472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2017-09-12 20:01 - 2017-09-04 21:20 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2017-09-12 20:01 - 2017-09-04 21:20 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2017-09-12 20:01 - 2017-09-04 21:20 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2017-09-12 20:01 - 2017-09-04 21:20 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll 2017-09-12 20:01 - 2017-09-04 21:20 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2017-09-12 20:01 - 2017-09-04 21:20 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe 2017-09-12 20:01 - 2017-09-04 21:19 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2017-09-12 20:01 - 2017-09-04 21:19 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll 2017-09-12 20:01 - 2017-09-04 21:19 - 001028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2017-09-12 20:01 - 2017-09-04 21:19 - 000996864 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2017-09-12 20:01 - 2017-09-04 21:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll 2017-09-12 20:01 - 2017-09-04 21:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll 2017-09-12 20:01 - 2017-09-04 21:19 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll 2017-09-12 20:01 - 2017-09-04 21:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2017-09-12 20:01 - 2017-09-04 21:18 - 012801536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-09-12 20:01 - 2017-09-04 21:18 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll 2017-09-12 20:01 - 2017-09-04 21:18 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2017-09-12 20:01 - 2017-09-04 21:18 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2017-09-12 20:01 - 2017-09-04 21:18 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll 2017-09-12 20:01 - 2017-09-04 21:18 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll 2017-09-12 20:01 - 2017-09-04 21:18 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll 2017-09-12 20:01 - 2017-09-04 21:18 - 000832000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe 2017-09-12 20:01 - 2017-09-04 21:18 - 000803328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2017-09-12 20:01 - 2017-09-04 21:18 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2017-09-12 20:01 - 2017-09-04 21:18 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll 2017-09-12 20:01 - 2017-09-04 21:18 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2017-09-12 20:01 - 2017-09-04 21:18 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2017-09-12 20:01 - 2017-09-04 21:18 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll 2017-09-12 20:01 - 2017-09-04 21:18 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll 2017-09-12 20:01 - 2017-09-04 21:17 - 008207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-09-12 20:01 - 2017-09-04 21:17 - 002765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll 2017-09-12 20:01 - 2017-09-04 21:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2017-09-12 20:01 - 2017-09-04 21:17 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe 2017-09-12 20:01 - 2017-09-04 21:16 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2017-09-12 20:01 - 2017-09-04 21:16 - 002680320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll 2017-09-12 20:01 - 2017-09-04 21:16 - 000440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll 2017-09-12 20:01 - 2017-09-04 21:16 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll 2017-09-12 20:01 - 2017-09-04 21:15 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2017-09-12 20:01 - 2017-09-04 21:15 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2017-09-12 20:01 - 2017-09-04 21:15 - 003059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2017-09-12 20:01 - 2017-09-04 21:15 - 002503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll 2017-09-12 20:01 - 2017-09-04 21:15 - 002055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-09-12 20:01 - 2017-09-04 21:15 - 001736704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll 2017-09-12 20:01 - 2017-09-04 21:15 - 001460224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2017-09-12 20:01 - 2017-09-04 21:15 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2017-09-12 20:01 - 2017-09-04 21:15 - 001143296 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2017-09-12 20:01 - 2017-09-04 21:15 - 001077248 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2017-09-12 20:01 - 2017-09-04 21:15 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2017-09-12 20:01 - 2017-09-04 21:15 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2017-09-12 20:01 - 2017-09-04 21:15 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2017-09-12 20:01 - 2017-09-04 21:14 - 011887104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-09-12 20:01 - 2017-09-04 21:14 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2017-09-12 20:01 - 2017-09-04 21:14 - 002445824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-09-12 20:01 - 2017-09-04 21:14 - 002177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll 2017-09-12 20:01 - 2017-09-04 21:14 - 002006528 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll 2017-09-12 20:01 - 2017-09-04 21:14 - 001657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll 2017-09-12 20:01 - 2017-09-04 21:14 - 001583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2017-09-12 20:01 - 2017-09-04 21:14 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2017-09-12 20:01 - 2017-09-04 21:14 - 000827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2017-09-12 20:01 - 2017-09-04 21:14 - 000810496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll 2017-09-12 20:01 - 2017-09-04 21:13 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2017-09-12 20:01 - 2017-09-04 21:13 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2017-09-12 20:01 - 2017-09-04 21:13 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2017-09-12 20:01 - 2017-09-04 21:12 - 002153984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2017-09-12 20:01 - 2017-09-04 21:11 - 001463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2017-09-12 20:01 - 2017-09-04 21:11 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys 2017-09-12 20:01 - 2017-09-04 21:09 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll 2017-09-12 20:01 - 2017-09-04 21:07 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll 2017-09-12 20:01 - 2017-09-04 21:07 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll 2017-09-12 20:01 - 2017-09-04 21:06 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll 2017-09-12 20:01 - 2017-08-31 22:55 - 000031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin 2017-09-12 19:42 - 2017-09-12 19:49 - 000000375 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics 2017-09-12 18:26 - 2017-09-12 18:26 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignb7d2bcad035d511d 2017-09-12 18:26 - 2017-09-12 18:26 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsigna7048e88cfa39e1d 2017-09-12 18:26 - 2017-09-12 18:26 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign18e8fd8fe0b05a7a 2017-09-12 18:08 - 2017-09-12 18:08 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignda689e3703efa267 2017-09-12 18:08 - 2017-09-12 18:08 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign9537881dff6d36b8 2017-09-12 18:08 - 2017-09-12 18:08 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign84dcfdf5ade087f7 2017-09-12 14:56 - 2017-09-12 14:56 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsigne8342f6656a45b97 2017-09-12 14:56 - 2017-09-12 14:56 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignc45938894e26a9c9 2017-09-12 14:56 - 2017-09-12 14:56 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign592ce3d3a9cc623c 2017-09-12 14:23 - 2017-09-12 14:23 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignbc55827240412b77 2017-09-12 14:23 - 2017-09-12 14:23 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign2aca639835f22f43 2017-09-12 14:23 - 2017-09-12 14:23 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign119e0a2450d1c37c 2017-09-12 13:40 - 2017-09-12 13:40 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsigne6b9b3aff1adfaa6 2017-09-12 13:32 - 2017-09-12 13:32 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign9e8db19f17faf2e1 2017-09-12 13:32 - 2017-09-12 13:32 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign3faaa88e46f67caf 2017-09-12 13:20 - 2017-09-12 13:20 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignef36d88ee3f6c5db 2017-09-12 13:19 - 2017-09-12 13:19 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignd9d57b5417d268e1 2017-09-12 13:19 - 2017-09-12 13:19 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignd4c98a836494f220 2017-09-12 13:17 - 2017-09-12 13:17 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign4e8fbb8a871ab308 2017-09-12 10:49 - 2017-09-12 10:49 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignc296b360722e069c 2017-09-12 10:49 - 2017-09-12 10:49 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignb4a409c13274e260 2017-09-12 10:49 - 2017-09-12 10:49 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignb03cc4c1dff6ff5b 2017-09-12 04:30 - 2017-09-12 04:30 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign78c173cda19ce663 2017-09-12 04:30 - 2017-09-12 04:30 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign0329b0d148e4d4ba 2017-09-12 03:35 - 2017-09-12 03:35 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign0eb3b6b06afb8c5e 2017-09-12 03:30 - 2017-09-12 03:30 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignf9d27bc303dffc53 2017-09-12 03:30 - 2017-09-12 03:30 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsigne1227dab84481fa6 2017-09-12 01:50 - 2017-09-12 01:50 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign0937ea9cb6bee50f 2017-09-12 01:42 - 2017-09-12 01:42 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign49a944aa930579ed 2017-09-12 01:42 - 2017-09-12 01:42 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign265aae81543eac92 2017-09-11 22:51 - 2017-09-11 22:51 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignfdb5ff7b0f4fbcf7 2017-09-11 22:50 - 2017-09-11 22:50 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign9aa07fda669a7689 2017-09-11 22:50 - 2017-09-11 22:50 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign2eacdfd5ccabafdf 2017-09-11 00:19 - 2017-09-11 00:19 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign684decdc83bde010 2017-09-11 00:08 - 2017-09-11 00:08 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsigne89b995616ebafa9 2017-09-11 00:08 - 2017-09-11 00:08 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign59bb0c9b408a2cac 2017-09-10 22:54 - 2017-09-10 22:54 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign0e2ab22839eb98c9 2017-09-10 22:52 - 2017-09-10 22:52 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignddb21d6adea723d2 2017-09-10 22:52 - 2017-09-10 22:52 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign1df36144b14207ca 2017-09-10 22:17 - 2017-09-10 22:17 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsigna17185804f5315ca 2017-09-10 22:16 - 2017-09-10 22:16 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignd4cf328e8341e912 2017-09-10 22:16 - 2017-09-10 22:16 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign45c14a43d716135e 2017-09-10 20:24 - 2017-09-10 20:24 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignf918bad2cc4e1a80 2017-09-10 20:14 - 2017-09-10 20:14 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignfe401c37044ed397 2017-09-10 20:14 - 2017-09-10 20:14 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignf118d0721da3c8ae 2017-09-10 19:18 - 2017-09-10 19:18 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign92426e5dbe0299ac 2017-09-10 19:14 - 2017-09-10 19:14 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsigndab790fac1741e7b 2017-09-10 19:14 - 2017-09-10 19:14 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign381a492deeb3c40b 2017-09-09 04:28 - 2017-09-09 04:28 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign6a42697170e4c322 2017-09-09 04:28 - 2017-09-09 04:28 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign4f8fccae19cc6c46 2017-09-09 04:28 - 2017-09-09 04:28 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign237529f892819dc1 2017-09-08 23:31 - 2017-09-08 23:31 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsigncc7f1aa64b952d90 2017-09-08 23:26 - 2017-09-08 23:26 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignd22d38a994ce9e89 2017-09-08 23:26 - 2017-09-08 23:26 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign307a79e23bf78a68 2017-09-08 23:05 - 2017-09-08 23:05 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignc649e55a387c1382 2017-09-08 23:04 - 2017-09-08 23:04 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignc59dc119e0a307ed 2017-09-08 23:04 - 2017-09-08 23:04 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign43a037049252369b 2017-09-08 22:24 - 2017-09-08 22:24 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsigne8ff45fc15dd886e 2017-09-08 22:24 - 2017-09-08 22:24 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign9cfb4748f2e08a7d 2017-09-08 20:49 - 2017-09-08 20:49 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign52baf32252c74ae3 2017-09-08 20:42 - 2017-09-08 20:42 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignea344966340347f0 2017-09-08 20:42 - 2017-09-08 20:42 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign1cae6b8a2b029345 2017-09-08 19:37 - 2017-09-08 19:37 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign977fd51c87f0f154 2017-09-08 19:33 - 2017-09-08 19:33 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign9ab174ffb7f8d07f 2017-09-08 19:33 - 2017-09-08 19:33 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign0afcc4aaac18bddb 2017-09-08 18:21 - 2017-09-08 18:21 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignef61b3c850d831a9 2017-09-08 18:21 - 2017-09-08 18:21 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign3f5d59c66f87b743 2017-09-08 17:28 - 2017-09-08 17:34 - 000000000 ____D C:\Users\Effymaysims\AppData\Roaming\discord 2017-09-08 17:28 - 2017-09-08 17:28 - 000002302 _____ C:\Users\Effymaysims\Desktop\Discord.lnk 2017-09-08 17:28 - 2017-09-08 17:28 - 000000000 ____D C:\Users\Effymaysims\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc 2017-09-08 17:28 - 2017-09-08 17:28 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Discord 2017-09-08 17:27 - 2017-09-08 17:28 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\SquirrelTemp 2017-09-08 17:10 - 2017-09-08 17:10 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign17a2b1e16ffcb01d 2017-09-08 17:08 - 2017-09-08 17:08 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignf86eb6acc531ebbb 2017-09-08 17:08 - 2017-09-08 17:08 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign19c2195dab6a76e1 2017-09-08 16:20 - 2017-09-08 16:20 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignf52bd8ca3594c1a9 2017-09-08 16:20 - 2017-09-08 16:20 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsigna47085b367ab71fc 2017-09-08 15:56 - 2017-09-08 15:56 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignb097b13769d113f6 2017-09-08 15:56 - 2017-09-08 15:56 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign7783260f151b9bc4 2017-09-08 15:56 - 2017-09-08 15:56 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign5b6cd3f9b74d3e59 2017-09-08 15:56 - 2017-09-08 15:56 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign5a775bf621791c08 2017-09-08 15:56 - 2017-09-08 15:56 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign0587f87a2680956c 2017-09-08 15:33 - 2017-09-08 15:33 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign9019a65a24ab81c7 2017-09-08 15:33 - 2017-09-08 15:33 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign68e1e8cf5928708c 2017-09-08 15:33 - 2017-09-08 15:33 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign4fc9d52d14e4c734 2017-09-08 00:04 - 2017-09-08 00:04 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign062dced6b598f0d2 2017-09-08 00:02 - 2017-09-08 00:02 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign7fdc63a490e1b624 2017-09-08 00:02 - 2017-09-08 00:02 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign6e6ffc1d31978cb6 2017-09-07 23:51 - 2017-09-07 23:51 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsigndda06b9532022d83 2017-09-07 23:51 - 2017-09-07 23:51 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign95fe885462b8d6d5 2017-09-07 23:50 - 2017-09-07 23:50 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignf0df518a5d1b8fa6 2017-09-07 23:50 - 2017-09-07 23:50 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign7d3353ce916bdc9e 2017-09-07 23:15 - 2017-09-07 23:15 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignac0905cdf9c0481b 2017-09-07 23:09 - 2017-09-07 23:09 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign1f8932db9792df9f 2017-09-07 23:08 - 2017-09-07 23:08 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsigneded3dceeedd6bc2 2017-09-07 23:08 - 2017-09-07 23:08 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignda147a3ce4122816 2017-09-07 21:49 - 2017-09-07 21:49 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignc30a85d6c4b2d4a2 2017-09-07 21:49 - 2017-09-07 21:49 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign7937e8ab158a8685 2017-09-07 18:20 - 2017-09-07 18:20 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign794f2f6d7b0c51fd 2017-09-07 18:09 - 2017-09-07 18:09 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign7a4982fb997d8094 2017-09-07 18:09 - 2017-09-07 18:09 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign724c771dc50ef93e 2017-09-07 17:34 - 2017-09-07 17:34 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign827973ced0140a95 2017-09-07 17:34 - 2017-09-07 17:34 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign785d0b5f96c36a41 2017-09-07 02:39 - 2017-09-07 02:39 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignbd23f1b261f1c97c 2017-09-07 02:38 - 2017-09-07 02:38 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign2d510d8c348ce705 2017-09-07 02:38 - 2017-09-07 02:38 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign1323b3cd10045583 2017-09-07 02:11 - 2017-09-07 02:11 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignd74e17714c72958c 2017-09-07 02:07 - 2017-09-07 02:07 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsigna727368f635450f2 2017-09-07 02:07 - 2017-09-07 02:07 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign961e1864dfb53d08 2017-09-07 02:07 - 2017-09-07 02:07 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign478411b795a9f9fd 2017-09-07 02:05 - 2017-09-07 02:05 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign57027847f9b171a0 2017-09-07 02:05 - 2017-09-07 02:05 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign2f7aeaba0b63b3c9 2017-09-07 01:25 - 2017-09-07 01:25 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign579c0235d17abdbc 2017-09-07 01:25 - 2017-09-07 01:25 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign3d8969c4e3393913 2017-09-06 22:02 - 2017-09-06 22:02 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign300e5bbf367270b5 2017-09-06 22:00 - 2017-09-06 22:00 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignc65c80179644e7e2 2017-09-06 22:00 - 2017-09-06 22:00 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign0b70c2f7d37af4c4 2017-09-06 20:03 - 2017-09-06 20:03 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsignf808f07812fd625c 2017-09-06 20:03 - 2017-09-06 20:03 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign5fbfe3945653c090 2017-09-06 18:49 - 2017-09-06 18:49 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign94efc74c8aa06aaf 2017-09-06 18:46 - 2017-09-06 18:46 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign6a3b2f43fc87f276 2017-09-06 18:46 - 2017-09-06 18:46 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign5047c6b82c3eceac 2017-09-06 09:54 - 2017-09-06 09:54 - 000012872 _____ (SurfRight B.V.) C:\WINDOWS\system32\bootdelete.exe 2017-09-06 01:47 - 2017-09-06 01:47 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign58d9bec7263adf3f 2017-09-06 01:38 - 2017-09-06 01:38 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsigncce933c22a00f85b 2017-09-06 01:38 - 2017-09-06 01:38 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Tempzxpsign842a4c4e14c5e765 2017-09-05 23:02 - 2017-09-05 23:06 - 000000000 ____D C:\Program Files\Intel Driver Update Utility 2017-09-05 23:02 - 2016-10-18 17:14 - 000021984 _____ C:\WINDOWS\system32\Drivers\semav6msr64.sys 2017-09-05 19:48 - 2017-09-28 20:18 - 000002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-09-05 19:48 - 2017-09-28 20:18 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-09-05 19:48 - 2017-09-05 19:48 - 000003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2017-09-05 19:48 - 2017-09-05 19:48 - 000003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2017-09-05 18:18 - 2017-09-29 12:33 - 000000000 ____D C:\FRST 2017-09-05 18:07 - 2017-09-05 18:07 - 066347240 _____ (Malwarebytes ) C:\Users\Effymaysims\Downloads\mb3-setup-consumer-3.2.2.2018.exe 2017-09-02 15:09 - 2017-09-02 15:09 - 000000000 ____D C:\Users\Effymaysims\My Online Documents 2017-09-02 00:20 - 2017-09-02 00:20 - 003558224 _____ C:\Users\Effymaysims\Desktop\rombb.blend 2017-09-02 00:20 - 2017-09-02 00:20 - 000001079 _____ C:\Users\Effymaysims\Desktop\romber.package 2017-09-02 00:19 - 2017-09-02 00:19 - 002597530 _____ C:\Users\Effymaysims\Desktop\nudeforrombmes.blend 2017-09-02 00:19 - 2017-09-02 00:19 - 000000335 _____ C:\Users\Effymaysims\Desktop\nudeforromb.package 2017-09-01 20:45 - 2017-09-01 20:45 - 002598120 _____ C:\Users\Effymaysims\Desktop\NUDEFORNIGHTDRESS.blend 2017-09-01 20:44 - 2017-09-03 23:38 - 001623456 _____ C:\Users\Effymaysims\Desktop\NUDEFORNIGHTDRES.package 2017-09-01 20:44 - 2017-09-01 23:47 - 003422208 _____ C:\Users\Effymaysims\Desktop\EALONGTOPDRESS.blend 2017-09-01 20:44 - 2017-09-01 22:14 - 003423961 _____ C:\Users\Effymaysims\Desktop\EALONGTOPDRESS.blend1 2017-09-01 20:44 - 2017-09-01 20:44 - 000000547 _____ C:\Users\Effymaysims\Desktop\EaLONTOPDRES.package 2017-09-01 20:15 - 2017-09-01 20:15 - 003558079 _____ C:\Users\Effymaysims\Desktop\EAVNECKROMBER.blend 2017-09-01 20:15 - 2017-09-01 20:15 - 000000591 _____ C:\Users\Effymaysims\Desktop\EAvneckjumper.package 2017-09-01 20:12 - 2017-09-01 20:12 - 002597095 _____ C:\Users\Effymaysims\Desktop\femalenude1.blend 2017-09-01 20:12 - 2017-09-01 20:12 - 000000333 _____ C:\Users\Effymaysims\Desktop\FEMALENUDEtop.package 2017-08-31 11:44 - 2017-08-31 11:44 - 000000000 ____D C:\Users\Effymaysims\AppData\LocalLow\Temp 2017-08-28 20:31 - 2017-08-28 20:31 - 000000000 ____D C:\Users\Effymaysims\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender 2017-08-25 22:21 - 2017-09-13 16:15 - 000000000 ____D C:\Users\Effymaysims\Desktop\mbam-chameleon-3.1.33.0 2017-08-25 22:15 - 2017-09-05 22:48 - 000000000 ____D C:\Users\Effymaysims\Desktop\mbar 2017-08-25 22:15 - 2017-09-05 22:48 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2017-08-25 20:28 - 2017-08-21 18:01 - 001988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438541.dll 2017-08-25 20:28 - 2017-08-21 18:01 - 001597888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438541.dll 2017-08-25 20:28 - 2017-08-21 18:01 - 000000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json 2017-08-25 20:28 - 2017-08-21 18:01 - 000000669 _____ C:\WINDOWS\system32\nv-vk64.json 2017-08-23 00:27 - 2017-08-23 00:27 - 000003846 _____ C:\WINDOWS\System32\Tasks\Effymaysims1 Merge 2017-08-20 13:16 - 2017-08-20 13:16 - 000001100 _____ C:\Users\Effymaysims\Desktop\photoFXlab (32-bit).lnk 2017-08-20 13:16 - 2017-08-20 13:16 - 000001082 _____ C:\Users\Effymaysims\Desktop\photoFXlab (64-bit).lnk 2017-08-20 13:16 - 2017-08-20 13:16 - 000001074 _____ C:\Users\Effymaysims\Desktop\Topaz Texture Effects 2 (64-bit).lnk 2017-08-20 13:16 - 2017-08-20 13:16 - 000001029 _____ C:\Users\Effymaysims\Desktop\Topaz Impression 2 (64-bit).lnk 2017-08-20 13:16 - 2017-08-20 13:16 - 000000969 _____ C:\Users\Effymaysims\Desktop\Topaz Glow 2 (64-bit).lnk 2017-08-20 13:15 - 2017-08-20 13:15 - 000000993 _____ C:\Users\Effymaysims\Desktop\Topaz DeNoise 6 (64-bit).lnk 2017-08-20 13:15 - 2017-08-20 13:15 - 000000989 _____ C:\Users\Effymaysims\Desktop\Topaz ReMask 5 (64-bit).lnk 2017-08-16 10:51 - 2017-08-16 10:51 - 000001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CC 2017.lnk 2017-08-15 22:02 - 2017-09-21 11:16 - 000151552 _____ C:\WINDOWS\SysWOW64\nvRegDev.dll 2017-08-15 22:02 - 2017-09-21 11:03 - 000061440 _____ C:\WINDOWS\SysWOW64\nvPhotoshopUtil.dll 2017-08-15 22:02 - 2017-09-21 11:03 - 000040960 _____ C:\WINDOWS\SysWOW64\nvISWOW64.dll 2017-08-14 20:39 - 2017-08-14 20:39 - 000000373 _____ C:\Users\Effymaysims\Desktop\stuff.package 2017-08-14 20:28 - 2017-08-14 20:28 - 000000000 ____D C:\Users\Effymaysims\AppData\Roaming\NVIDIA 2017-08-14 20:00 - 2017-09-16 10:54 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat 2017-08-14 20:00 - 2017-09-16 10:34 - 006463424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2017-08-14 20:00 - 2017-09-16 10:34 - 002478528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2017-08-14 20:00 - 2017-09-16 10:34 - 001762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2017-08-14 20:00 - 2017-09-16 10:34 - 000548472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2017-08-14 20:00 - 2017-09-16 10:34 - 000392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2017-08-14 20:00 - 2017-09-16 10:34 - 000082040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2017-08-14 20:00 - 2017-09-16 10:34 - 000069752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2017-08-14 20:00 - 2017-09-15 08:03 - 008248071 _____ C:\WINDOWS\system32\nvcoproc.bin 2017-08-14 20:00 - 2017-08-09 17:34 - 000513144 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2017-08-14 20:00 - 2017-08-09 17:34 - 000418752 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2017-08-14 19:58 - 2017-09-16 12:27 - 004210544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2017-08-14 19:58 - 2017-09-16 12:27 - 003712024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2017-08-14 19:58 - 2017-09-16 12:27 - 000057976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys 2017-08-14 19:58 - 2017-09-16 12:27 - 000046443 _____ C:\WINDOWS\system32\nvinfo.pb 2017-08-14 19:58 - 2017-08-10 10:49 - 001615448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll 2017-08-14 19:58 - 2017-08-10 10:49 - 000218712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys 2017-08-14 19:58 - 2017-08-10 10:49 - 000045976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll 2017-08-14 19:58 - 2017-08-09 17:34 - 001988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438528.dll 2017-08-14 19:58 - 2017-08-09 17:34 - 001598072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438528.dll 2017-08-14 15:41 - 2017-08-14 15:41 - 000000000 ____D C:\Users\Effymaysims\AppData\Roaming\Apple Computer 2017-08-14 15:41 - 2017-08-14 15:41 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Apple Computer 2017-08-14 15:39 - 2017-08-14 15:39 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Apple 2017-08-13 20:51 - 2017-08-13 20:51 - 000414873 _____ C:\Users\Effymaysims\Desktop\EffymaysimsEternoMaleTattoos.package 2017-08-11 14:10 - 2017-08-11 14:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro 2017-08-11 14:10 - 2017-08-11 14:10 - 000000000 ____D C:\Program Files\HitmanPro 2017-08-11 14:08 - 2017-09-06 09:54 - 000000000 ____D C:\ProgramData\HitmanPro 2017-08-08 20:38 - 2017-07-31 19:38 - 000406544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll 2017-08-08 20:38 - 2017-07-31 19:38 - 000382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2017-08-08 20:38 - 2017-07-31 19:36 - 000119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys 2017-08-08 20:38 - 2017-07-31 19:35 - 000133904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe 2017-08-08 20:38 - 2017-07-31 19:34 - 000349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2017-08-08 20:38 - 2017-07-31 19:33 - 000473240 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll 2017-08-08 20:38 - 2017-07-31 19:32 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2017-08-08 20:38 - 2017-07-31 19:31 - 000176024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll 2017-08-08 20:38 - 2017-07-31 19:30 - 000411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2017-08-08 20:38 - 2017-07-31 19:30 - 000143736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe 2017-08-08 20:38 - 2017-07-31 19:30 - 000082336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys 2017-08-08 20:38 - 2017-07-31 19:26 - 000204192 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll 2017-08-08 20:38 - 2017-07-31 19:17 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll 2017-08-08 20:38 - 2017-07-31 19:16 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2017-08-08 20:38 - 2017-07-31 19:14 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll 2017-08-08 20:38 - 2017-07-31 19:13 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll 2017-08-08 20:38 - 2017-07-31 19:12 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll 2017-08-08 20:38 - 2017-07-31 19:09 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2017-08-08 20:38 - 2017-07-31 19:08 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll 2017-08-08 20:38 - 2017-07-31 19:07 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2017-08-08 20:38 - 2017-07-31 19:06 - 000798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2017-08-08 20:38 - 2017-07-31 18:44 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys 2017-08-08 20:38 - 2017-07-31 18:41 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll 2017-08-08 20:38 - 2017-07-31 18:41 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2017-08-08 20:38 - 2017-07-31 18:41 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll 2017-08-08 20:38 - 2017-07-31 18:40 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll 2017-08-08 20:38 - 2017-07-31 18:39 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll 2017-08-08 20:38 - 2017-07-31 18:38 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll 2017-08-08 20:38 - 2017-07-31 18:38 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll 2017-08-08 20:38 - 2017-07-31 18:37 - 000582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll 2017-08-08 20:38 - 2017-07-31 18:37 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll 2017-08-08 20:38 - 2017-07-31 18:35 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2017-08-08 20:38 - 2017-07-31 18:33 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2017-08-08 20:38 - 2017-07-31 18:33 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll 2017-08-08 20:38 - 2017-07-31 18:31 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2017-08-08 20:38 - 2017-07-31 18:30 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2017-08-08 20:38 - 2017-07-31 18:30 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2017-08-08 20:38 - 2017-07-31 18:30 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll 2017-08-08 20:38 - 2017-07-31 18:27 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll 2017-08-08 20:38 - 2017-07-31 18:27 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll 2017-08-08 20:38 - 2017-07-31 18:26 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe 2017-08-08 20:38 - 2017-07-31 18:25 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll 2017-08-08 20:38 - 2017-07-31 18:25 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2017-08-08 20:38 - 2017-07-31 18:25 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll 2017-08-08 20:38 - 2017-07-31 15:45 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll 2017-08-08 20:38 - 2017-07-31 15:45 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll 2017-08-08 20:38 - 2017-07-31 15:45 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll 2017-08-08 20:38 - 2017-07-31 15:45 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll 2017-08-08 20:38 - 2017-07-31 15:45 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll 2017-08-08 20:38 - 2017-07-31 15:45 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll 2017-08-08 20:38 - 2017-07-31 15:45 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll 2017-08-08 20:38 - 2017-07-31 15:45 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll 2017-08-08 20:38 - 2017-07-31 15:45 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll 2017-08-08 20:38 - 2017-07-31 15:45 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll 2017-08-08 20:38 - 2017-07-31 15:45 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll 2017-08-08 20:38 - 2017-07-31 15:45 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll 2017-08-08 20:38 - 2017-07-31 15:45 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll 2017-08-08 20:38 - 2017-07-31 15:45 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll 2017-08-08 20:38 - 2017-07-31 15:45 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll 2017-08-05 17:08 - 2017-08-05 17:08 - 000001007 _____ C:\Users\Effymaysims\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\S4Studio.lnk 2017-08-04 21:24 - 2017-08-04 21:24 - 000001029 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk 2017-08-03 13:36 - 2017-08-03 13:36 - 000000000 ____D C:\Users\Effymaysims\AppData\Roaming\Google 2017-08-03 13:35 - 2017-09-05 19:48 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Google 2017-08-03 13:35 - 2017-09-05 19:48 - 000000000 ____D C:\Program Files (x86)\Google 2017-08-03 10:43 - 2017-09-29 12:02 - 000000000 ____D C:\AdwCleaner 2017-08-01 16:59 - 2017-07-27 22:30 - 001068720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2017-08-01 16:59 - 2017-07-27 22:24 - 002327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2017-08-01 16:59 - 2017-07-27 22:24 - 000455584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2017-08-01 16:59 - 2017-07-27 22:24 - 000119904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll 2017-08-01 16:59 - 2017-07-27 22:24 - 000116280 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll 2017-08-01 16:59 - 2017-07-27 22:23 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys 2017-08-01 16:59 - 2017-07-27 22:20 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys 2017-08-01 16:59 - 2017-07-27 22:17 - 000660680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2017-08-01 16:59 - 2017-07-27 22:16 - 000961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll 2017-08-01 16:59 - 2017-07-27 22:15 - 005302968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll 2017-08-01 16:59 - 2017-07-27 22:14 - 000318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe 2017-08-01 16:59 - 2017-07-27 22:13 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2017-08-01 16:59 - 2017-07-27 22:13 - 002604248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2017-08-01 16:59 - 2017-07-27 22:13 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2017-08-01 16:59 - 2017-07-27 22:13 - 001033544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll 2017-08-01 16:59 - 2017-07-27 22:13 - 000192264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll 2017-08-01 16:59 - 2017-07-27 22:13 - 000104432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.dll 2017-08-01 16:59 - 2017-07-27 22:12 - 001337856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2017-08-01 16:59 - 2017-07-27 22:12 - 001325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2017-08-01 16:59 - 2017-07-27 22:12 - 000323936 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll 2017-08-01 16:59 - 2017-07-27 22:10 - 001114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll 2017-08-01 16:59 - 2017-07-27 22:09 - 000529992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2017-08-01 16:59 - 2017-07-27 22:09 - 000527976 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2017-08-01 16:59 - 2017-07-27 22:07 - 000805816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2017-08-01 16:59 - 2017-07-27 21:48 - 000100232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll 2017-08-01 16:59 - 2017-07-27 21:48 - 000096648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll 2017-08-01 16:59 - 2017-07-27 21:40 - 000551200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2017-08-01 16:59 - 2017-07-27 21:38 - 004213656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2017-08-01 16:59 - 2017-07-27 21:36 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2017-08-01 16:59 - 2017-07-27 21:36 - 002424024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2017-08-01 16:59 - 2017-07-27 21:36 - 001195760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2017-08-01 16:59 - 2017-07-27 21:36 - 000866808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll 2017-08-01 16:59 - 2017-07-27 21:36 - 000864248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2017-08-01 16:59 - 2017-07-27 21:36 - 000173104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll 2017-08-01 16:59 - 2017-07-27 21:36 - 000090464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.dll 2017-08-01 16:59 - 2017-07-27 21:35 - 000988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2017-08-01 16:59 - 2017-07-27 21:35 - 000277432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll 2017-08-01 16:59 - 2017-07-27 21:33 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll 2017-08-01 16:59 - 2017-07-27 21:33 - 000414296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2017-08-01 16:59 - 2017-07-27 21:31 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll 2017-08-01 16:59 - 2017-07-27 21:30 - 001722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll 2017-08-01 16:59 - 2017-07-27 21:29 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll 2017-08-01 16:59 - 2017-07-27 21:27 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys 2017-08-01 16:59 - 2017-07-27 21:26 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll 2017-08-01 16:59 - 2017-07-27 21:26 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe 2017-08-01 16:59 - 2017-07-27 21:26 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll 2017-08-01 16:59 - 2017-07-27 21:26 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\IpNatHlpClient.dll 2017-08-01 16:59 - 2017-07-27 21:25 - 003464704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll 2017-08-01 16:59 - 2017-07-27 21:25 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll 2017-08-01 16:59 - 2017-07-27 21:25 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys 2017-08-01 16:59 - 2017-07-27 21:24 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll 2017-08-01 16:59 - 2017-07-27 21:24 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll 2017-08-01 16:59 - 2017-07-27 21:23 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll 2017-08-01 16:59 - 2017-07-27 21:23 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll 2017-08-01 16:59 - 2017-07-27 21:22 - 000778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2017-08-01 16:59 - 2017-07-27 21:22 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll 2017-08-01 16:59 - 2017-07-27 21:22 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll 2017-08-01 16:59 - 2017-07-27 21:22 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll 2017-08-01 16:59 - 2017-07-27 21:22 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2017-08-01 16:59 - 2017-07-27 21:22 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe 2017-08-01 16:59 - 2017-07-27 21:21 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2017-08-01 16:59 - 2017-07-27 21:21 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll 2017-08-01 16:59 - 2017-07-27 21:21 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll 2017-08-01 16:59 - 2017-07-27 21:21 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\qasf.dll 2017-08-01 16:59 - 2017-07-27 21:21 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll 2017-08-01 16:59 - 2017-07-27 21:20 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll 2017-08-01 16:59 - 2017-07-27 21:20 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll 2017-08-01 16:59 - 2017-07-27 21:20 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IpNatHlpClient.dll 2017-08-01 16:59 - 2017-07-27 21:19 - 000942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll 2017-08-01 16:59 - 2017-07-27 21:19 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2017-08-01 16:59 - 2017-07-27 21:19 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2017-08-01 16:59 - 2017-07-27 21:19 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2017-08-01 16:59 - 2017-07-27 21:19 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll 2017-08-01 16:59 - 2017-07-27 21:19 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe 2017-08-01 16:59 - 2017-07-27 21:19 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll 2017-08-01 16:59 - 2017-07-27 21:19 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll 2017-08-01 16:59 - 2017-07-27 21:19 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll 2017-08-01 16:59 - 2017-07-27 21:18 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2017-08-01 16:59 - 2017-07-27 21:18 - 001298432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll 2017-08-01 16:59 - 2017-07-27 21:18 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll 2017-08-01 16:59 - 2017-07-27 21:18 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2017-08-01 16:59 - 2017-07-27 21:18 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll 2017-08-01 16:59 - 2017-07-27 21:17 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2017-08-01 16:59 - 2017-07-27 21:17 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll 2017-08-01 16:59 - 2017-07-27 21:16 - 001291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll 2017-08-01 16:59 - 2017-07-27 21:16 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll 2017-08-01 16:59 - 2017-07-27 21:16 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2017-08-01 16:59 - 2017-07-27 21:16 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qasf.dll 2017-08-01 16:59 - 2017-07-27 21:15 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2017-08-01 16:59 - 2017-07-27 21:15 - 003204608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll 2017-08-01 16:59 - 2017-07-27 21:15 - 000612864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsvcs.dll 2017-08-01 16:59 - 2017-07-27 21:15 - 000586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2017-08-01 16:59 - 2017-07-27 21:14 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2017-08-01 16:59 - 2017-07-27 21:14 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe 2017-08-01 16:59 - 2017-07-27 21:14 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll 2017-08-01 16:59 - 2017-07-27 21:13 - 004535296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2017-08-01 16:59 - 2017-07-27 21:13 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2017-08-01 16:59 - 2017-07-27 21:13 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe 2017-08-01 16:59 - 2017-07-27 21:12 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2017-08-01 16:59 - 2017-07-27 21:12 - 002939392 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2017-08-01 16:59 - 2017-07-27 21:12 - 000952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll 2017-08-01 16:59 - 2017-07-27 21:12 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2017-08-01 16:59 - 2017-07-27 21:12 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2017-08-01 16:59 - 2017-07-27 21:11 - 001357312 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2017-08-01 16:59 - 2017-07-27 21:10 - 001706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2017-08-01 16:59 - 2017-07-27 21:10 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2017-08-01 16:59 - 2017-07-27 21:10 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsvcs.dll 2017-08-01 16:59 - 2017-07-27 21:09 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe 2017-08-01 16:59 - 2017-07-27 21:09 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll 2017-08-01 16:59 - 2017-07-27 21:08 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2017-08-01 16:59 - 2017-07-27 21:08 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2017-08-01 16:59 - 2017-07-27 21:08 - 000600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll 2017-08-01 16:59 - 2017-07-27 21:08 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys 2017-08-01 16:59 - 2017-07-27 21:07 - 002211840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2017-08-01 16:59 - 2017-07-27 21:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe 2017-08-01 16:59 - 2017-07-27 21:07 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll 2017-08-01 16:59 - 2017-07-27 21:07 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll 2017-08-01 16:59 - 2017-07-27 21:07 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll 2017-08-01 16:59 - 2017-07-27 21:06 - 001833984 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll 2017-08-01 16:59 - 2017-07-27 21:06 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll 2017-08-01 16:59 - 2017-07-27 21:06 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll 2017-08-01 16:59 - 2017-07-27 21:05 - 001536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2017-08-01 16:59 - 2017-07-27 21:05 - 001525760 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe 2017-08-01 16:59 - 2017-07-27 21:05 - 001087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2017-08-01 16:59 - 2017-07-27 21:05 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe 2017-08-01 16:59 - 2017-07-27 21:05 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe 2017-08-01 16:59 - 2017-07-27 21:05 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe 2017-08-01 16:59 - 2017-07-27 21:05 - 000538112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll 2017-08-01 16:59 - 2017-07-27 21:05 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll 2017-08-01 16:59 - 2017-07-27 21:02 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe 2017-08-01 16:59 - 2017-07-27 21:02 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe 2017-08-01 16:59 - 2017-07-27 21:02 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll 2017-07-30 00:43 - 2017-09-27 10:01 - 000000000 ____D C:\WINDOWS\Minidump 2017-07-27 18:52 - 2017-07-27 18:52 - 000000000 ____D C:\tmp 2017-07-26 19:51 - 2017-07-26 19:51 - 000001043 _____ C:\Users\Public\Desktop\Marvelous Designer 5 Enterprise.lnk 2017-07-26 19:51 - 2017-07-26 19:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Marvelous Designer 5 Enterprise 2017-07-25 03:08 - 2017-07-25 03:08 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\ECRSC 2017-07-20 10:21 - 2017-07-20 10:21 - 000905504 _____ C:\WINDOWS\system32\vulkan-1-1-0-54-1.dll 2017-07-20 10:21 - 2017-07-20 10:21 - 000776992 _____ C:\WINDOWS\SysWOW64\vulkan-1-1-0-54-1.dll 2017-07-20 10:21 - 2017-07-20 10:21 - 000578848 _____ C:\WINDOWS\system32\vulkaninfo-1-1-0-54-1.exe 2017-07-20 10:21 - 2017-07-20 10:21 - 000477472 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-1-0-54-1.exe 2017-07-18 22:49 - 2017-09-20 22:51 - 000001485 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2017-07-18 22:49 - 2017-08-25 20:30 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\NVIDIA Corporation 2017-07-18 22:49 - 2017-07-18 22:49 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\NVIDIA 2017-07-18 22:48 - 2017-09-21 17:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2017-07-18 22:48 - 2017-09-20 22:51 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-07-18 22:48 - 2017-09-20 22:51 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-07-18 22:48 - 2017-09-20 22:51 - 000003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-07-18 22:48 - 2017-09-20 22:51 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-07-18 22:48 - 2017-09-20 22:51 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-07-18 22:48 - 2017-09-20 22:51 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-07-18 22:48 - 2017-09-20 22:51 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-07-18 22:48 - 2017-09-20 22:51 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-07-18 22:48 - 2017-09-19 00:23 - 001923008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 2017-07-18 22:48 - 2017-09-19 00:23 - 001755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll 2017-07-18 22:48 - 2017-09-19 00:23 - 001505728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll 2017-07-18 22:48 - 2017-09-19 00:23 - 001317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll 2017-07-18 22:48 - 2017-09-19 00:23 - 000121280 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll 2017-07-18 22:48 - 2017-09-18 14:29 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat 2017-07-18 22:46 - 2017-09-19 00:23 - 000179136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll 2017-07-18 22:46 - 2017-09-19 00:23 - 000146368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll 2017-07-18 22:46 - 2017-07-26 10:09 - 000048064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys 2017-07-18 16:52 - 2017-07-18 16:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio 2017-07-16 18:52 - 2017-07-16 18:52 - 000015178 _____ C:\Users\Effymaysims\AppData\Local\recently-used.xbel 2017-07-15 11:19 - 2017-07-15 11:19 - 000000975 _____ C:\Users\Effymaysims\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ModConflictDetector.lnk 2017-07-12 16:45 - 2017-07-16 18:52 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\gtk-2.0 2017-07-12 16:38 - 2017-07-16 20:45 - 000000000 ____D C:\Users\Effymaysims\.gimp-2.8 2017-07-12 16:38 - 2017-07-12 16:38 - 000000828 _____ C:\Users\Public\Desktop\GIMP 2.lnk 2017-07-12 16:38 - 2017-07-12 16:38 - 000000828 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk 2017-07-12 16:38 - 2017-07-12 16:38 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\gegl-0.2 2017-07-12 16:38 - 2017-07-12 16:38 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\fontconfig 2017-07-12 08:34 - 2017-07-07 00:24 - 000117664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2017-07-12 08:34 - 2017-07-07 00:21 - 032688336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll 2017-07-12 08:34 - 2017-07-07 00:20 - 002021680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll 2017-07-12 08:34 - 2017-07-07 00:14 - 001760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2017-07-12 08:34 - 2017-07-07 00:13 - 000336320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe 2017-07-12 08:34 - 2017-07-07 00:10 - 001670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2017-07-12 08:34 - 2017-07-07 00:09 - 000041376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininitext.dll 2017-07-12 08:34 - 2017-07-06 23:57 - 000125344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll 2017-07-12 08:34 - 2017-07-06 23:37 - 031652264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll 2017-07-12 08:34 - 2017-07-06 23:37 - 001339352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll 2017-07-12 08:34 - 2017-07-06 23:31 - 001518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2017-07-12 08:34 - 2017-07-06 23:31 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2017-07-12 08:34 - 2017-07-06 23:30 - 000949920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll 2017-07-12 08:34 - 2017-07-06 23:29 - 000123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Clipc.dll 2017-07-12 08:34 - 2017-07-06 23:27 - 000443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll 2017-07-12 08:34 - 2017-07-06 23:26 - 001529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2017-07-12 08:34 - 2017-07-06 23:25 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininitext.dll 2017-07-12 08:34 - 2017-07-06 23:23 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapprovp.dll 2017-07-12 08:34 - 2017-07-06 23:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll 2017-07-12 08:34 - 2017-07-06 23:19 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll 2017-07-12 08:34 - 2017-07-06 23:18 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll 2017-07-12 08:34 - 2017-07-06 23:18 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll 2017-07-12 08:34 - 2017-07-06 23:17 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2017-07-12 08:34 - 2017-07-06 23:14 - 003784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll 2017-07-12 08:34 - 2017-07-06 23:14 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr 2017-07-12 08:34 - 2017-07-06 23:13 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2017-07-12 08:34 - 2017-07-06 23:12 - 001420800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll 2017-07-12 08:34 - 2017-07-06 23:10 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapprovp.dll 2017-07-12 08:34 - 2017-07-06 23:08 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2017-07-12 08:34 - 2017-07-06 23:07 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll 2017-07-12 08:34 - 2017-07-06 23:07 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll 2017-07-12 08:34 - 2017-07-06 23:07 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll 2017-07-12 08:34 - 2017-07-06 23:07 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll 2017-07-12 08:34 - 2017-07-06 23:06 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll 2017-07-12 08:34 - 2017-07-06 23:05 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll 2017-07-12 08:34 - 2017-07-06 23:05 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll 2017-07-12 08:34 - 2017-07-06 23:04 - 001403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll 2017-07-12 08:34 - 2017-07-06 23:04 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2017-07-12 08:34 - 2017-07-06 23:03 - 006123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2017-07-12 08:34 - 2017-07-06 23:02 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr 2017-07-12 08:34 - 2017-07-06 23:00 - 002588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll 2017-07-12 08:34 - 2017-07-06 23:00 - 001565184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2017-07-12 08:34 - 2017-07-06 22:59 - 001494016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2017-07-12 08:34 - 2017-07-06 22:58 - 002782720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2017-07-12 08:34 - 2017-07-06 22:58 - 002298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2017-07-12 08:34 - 2017-07-06 22:58 - 001237504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll 2017-07-12 08:34 - 2017-07-06 22:55 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll 2017-07-12 08:34 - 2017-07-06 22:55 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll 2017-07-12 08:34 - 2017-07-06 22:53 - 001301504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll 2017-07-12 08:34 - 2017-07-06 22:53 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe 2017-07-12 08:33 - 2017-07-07 07:00 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll 2017-07-12 08:33 - 2017-07-07 00:14 - 001171032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll 2017-07-12 08:33 - 2017-07-07 00:13 - 000147800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll 2017-07-12 08:33 - 2017-07-07 00:10 - 000372128 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2017-07-12 08:33 - 2017-07-07 00:07 - 001106848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2017-07-12 08:33 - 2017-07-07 00:07 - 000058488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe 2017-07-12 08:33 - 2017-07-06 23:27 - 000859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll 2017-07-12 08:33 - 2017-07-06 23:27 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll 2017-07-12 08:33 - 2017-07-06 23:27 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll 2017-07-12 08:33 - 2017-07-06 23:27 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll 2017-07-12 08:33 - 2017-07-06 23:21 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll 2017-07-12 08:33 - 2017-07-06 23:19 - 007149056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2017-07-12 08:33 - 2017-07-06 23:19 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll 2017-07-12 08:33 - 2017-07-06 23:18 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll 2017-07-12 08:33 - 2017-07-06 23:18 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll 2017-07-12 08:33 - 2017-07-06 23:13 - 005892096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2017-07-12 08:33 - 2017-07-06 23:12 - 001713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2017-07-12 08:33 - 2017-07-06 23:11 - 003139584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2017-07-12 08:33 - 2017-07-06 23:11 - 002829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2017-07-12 08:33 - 2017-07-06 23:11 - 002649600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2017-07-12 08:33 - 2017-07-06 23:11 - 001888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2017-07-12 08:33 - 2017-07-06 23:11 - 001812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2017-07-12 08:33 - 2017-07-06 23:06 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2017-07-12 08:33 - 2017-07-06 23:06 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll 2017-07-12 08:33 - 2017-07-06 23:05 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe 2017-07-12 08:33 - 2017-07-06 23:04 - 001703424 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2017-07-12 08:33 - 2017-07-06 23:04 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll 2017-07-11 18:54 - 2017-07-11 18:54 - 000000000 ____D C:\WINDOWS\Panther 2017-07-10 20:39 - 2017-07-10 20:39 - 000000000 ___DL C:\Program Files (x86)\TeameeVo 2017-07-10 20:38 - 2017-07-10 20:38 - 000000000 ___DL C:\Program Files (x86)\Origin Games 2017-07-10 20:38 - 2017-07-10 20:38 - 000000000 ___DL C:\Program Files (x86)\Origin 2017-07-10 01:40 - 2017-07-10 01:40 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Intel Telemetry 2017-07-10 01:40 - 2017-07-10 01:40 - 000000000 ____D C:\ProgramData\Intel Telemetry 2017-07-09 17:42 - 2017-07-09 17:42 - 000000000 ____D C:\Users\Effymaysims\AppData\Roaming\Macromedia 2017-07-09 13:48 - 2017-07-09 13:48 - 000000000 ____D C:\Users\Effymaysims\AppData\Roaming\Sun 2017-07-09 13:48 - 2017-07-09 13:48 - 000000000 ____D C:\Users\Effymaysims\AppData\LocalLow\Sun 2017-07-09 13:46 - 2017-07-09 13:48 - 000000000 ____D C:\ProgramData\Oracle 2017-07-07 23:27 - 2017-07-07 23:27 - 000000000 ____D C:\Program Files\Reference Assemblies 2017-07-07 23:27 - 2017-07-07 23:27 - 000000000 ____D C:\Program Files\MSBuild 2017-07-07 23:27 - 2017-07-07 23:27 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies 2017-07-07 23:27 - 2017-07-07 23:27 - 000000000 ____D C:\Program Files (x86)\MSBuild 2017-07-07 23:26 - 2017-02-10 11:26 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2017-07-07 23:26 - 2017-02-10 11:26 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2017-07-07 23:26 - 2017-02-10 11:26 - 000035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2017-07-07 23:26 - 2017-02-10 11:21 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2017-07-07 23:26 - 2017-02-10 11:21 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2017-07-07 23:26 - 2017-02-10 11:21 - 000035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2017-07-07 23:24 - 2017-03-02 13:50 - 000196608 _____ (LG Soft India) C:\WINDOWS\SysWOW64\LGDeviceManager.dll 2017-07-07 23:24 - 2017-03-02 13:50 - 000135168 _____ (LG Soft India) C:\WINDOWS\SysWOW64\LGMonitorDDCCISDK.dll 2017-07-07 23:24 - 2017-03-02 13:50 - 000102400 _____ (LG Soft India) C:\WINDOWS\SysWOW64\LGProtocolEngine.dll 2017-07-07 23:24 - 2017-02-01 18:50 - 000049152 _____ () C:\WINDOWS\SysWOW64\LGErrorHandler.dll 2017-07-07 11:07 - 2017-09-11 18:52 - 000004160 _____ C:\WINDOWS\System32\Tasks\Effymaysims1 2017-07-07 10:57 - 2017-07-07 10:57 - 000003866 _____ C:\WINDOWS\System32\Tasks\Effymaysims Merge 2017-07-07 10:57 - 2017-07-07 10:57 - 000003838 _____ C:\WINDOWS\System32\Tasks\Effymaysims 2017-07-07 10:37 - 2017-07-07 10:37 - 000000000 ___HD C:\ProgramData\CanonIJFAX 2017-07-07 10:37 - 2012-09-21 05:00 - 000303104 _____ (CANON INC.) C:\WINDOWS\system32\CNCALBL.DLL 2017-07-05 19:30 - 2017-07-05 19:30 - 000000000 ____D C:\ProgramData\S4Studio 2017-07-05 14:53 - 2017-07-05 14:53 - 000002414 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk 2017-07-05 14:53 - 2017-07-05 14:53 - 000002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk 2017-07-05 14:53 - 2017-07-05 14:53 - 000002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk 2017-07-05 14:25 - 2017-07-05 14:25 - 000000713 _____ C:\Users\Effymaysims\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk 2017-07-04 17:46 - 2017-09-29 11:19 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Spotify 2017-07-04 17:46 - 2017-07-04 17:46 - 000001925 _____ C:\Users\Effymaysims\Desktop\Spotify.lnk 2017-07-04 17:46 - 2017-07-04 17:46 - 000001911 _____ C:\Users\Effymaysims\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2017-07-04 17:45 - 2017-09-29 10:55 - 000000000 ____D C:\Users\Effymaysims\AppData\Roaming\Spotify 2017-07-04 16:38 - 2017-07-04 16:38 - 000000000 ____D C:\Users\Effymaysims\AppData\Roaming\Blender Foundation 2017-07-03 09:57 - 2017-05-17 17:18 - 000131568 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll 2017-07-02 19:02 - 2017-07-02 19:16 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Topaz Labs 2017-07-02 19:01 - 2017-08-10 21:05 - 000000000 ____D C:\Users\Effymaysims\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Topaz Labs 2017-07-02 19:01 - 2017-08-10 21:04 - 000000000 ____D C:\Program Files\Common Files\Topaz Labs 2017-07-02 18:15 - 2017-07-02 18:15 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2017.lnk 2017-07-02 18:12 - 2017-08-16 10:51 - 000000000 ____D C:\Program Files\Common Files\Adobe 2017-07-02 18:12 - 2017-08-16 10:51 - 000000000 ____D C:\Program Files\Adobe 2017-07-02 18:03 - 2017-07-02 18:03 - 000003274 _____ C:\WINDOWS\System32\Tasks\Adobe Uninstaller 2017-07-01 22:55 - 2017-07-01 22:56 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Mod Conflict Detector 2017-07-01 22:55 - 2017-07-01 22:55 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\ModConflictDetector 2017-07-01 04:13 - 2017-09-16 13:53 - 000001456 _____ C:\Users\Effymaysims\AppData\Local\Adobe Save for Web 13.0 Prefs ==================== Three Months Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-09-29 12:25 - 2017-06-27 23:52 - 000000000 ____D C:\ProgramData\NVIDIA 2017-09-29 11:57 - 2017-06-29 21:24 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\CrashDumps 2017-09-29 10:55 - 2017-06-28 03:23 - 000000000 ___RD C:\Users\Effymaysims\Creative Cloud Files 2017-09-29 10:55 - 2017-06-28 03:16 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Adobe 2017-09-29 03:09 - 2017-06-29 18:21 - 000000000 ____D C:\ProgramData\Origin 2017-09-29 03:09 - 2017-06-27 23:52 - 000000000 ____D C:\Users\Effymaysims 2017-09-29 01:00 - 2017-06-27 23:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2017-09-29 00:24 - 2017-06-29 18:23 - 000000000 ____D C:\Users\Effymaysims\AppData\Roaming\Origin 2017-09-28 20:24 - 2017-06-27 23:58 - 003377478 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-09-28 20:18 - 2017-06-27 23:54 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-09-28 20:18 - 2017-03-18 04:40 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2017-09-28 20:14 - 2017-06-28 00:38 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\ElevatedDiagnostics 2017-09-28 20:14 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\system32\NDF 2017-09-28 15:40 - 2017-06-27 23:51 - 000661296 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-09-28 11:39 - 2017-03-18 14:03 - 000000000 ___HD C:\Program Files\WindowsApps 2017-09-28 11:39 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\AppReadiness 2017-09-28 01:24 - 2017-03-18 14:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-09-28 01:23 - 2017-03-18 14:03 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2017-09-28 01:23 - 2016-09-08 14:02 - 000000000 ____D C:\Program Files\Microsoft Office 2017-09-27 11:15 - 2017-06-29 21:45 - 000007658 _____ C:\Users\Effymaysims\AppData\Local\resmon.resmoncfg 2017-09-27 01:32 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\rescache 2017-09-26 07:48 - 2017-06-29 06:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI 2017-09-26 07:48 - 2017-06-29 06:58 - 000000000 ____D C:\Program Files (x86)\MSI 2017-09-26 07:48 - 2017-06-29 06:58 - 000000000 ____D C:\MSI 2017-09-26 07:42 - 2017-06-28 03:18 - 000000000 ____D C:\Program Files (x86)\Adobe 2017-09-25 16:02 - 2017-03-18 14:01 - 000000000 ____D C:\WINDOWS\INF 2017-09-25 15:57 - 2017-03-18 13:51 - 000000000 ____D C:\WINDOWS\CbsTemp 2017-09-21 17:27 - 2017-06-27 23:52 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2017-09-21 11:28 - 2017-06-27 23:11 - 000000000 ____D C:\Users\Effymaysims\AppData\Roaming\Adobe 2017-09-21 11:17 - 2017-06-27 23:52 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2017-09-21 11:17 - 2017-04-12 09:17 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2017-09-21 11:04 - 2017-06-27 23:52 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2017-09-21 11:03 - 2017-06-28 03:18 - 000000000 ____D C:\ProgramData\Adobe 2017-09-20 11:36 - 2017-06-29 06:59 - 000065986 _____ C:\WINDOWS\cFosSpeed_Setup_Log.txt 2017-09-20 11:36 - 2017-06-29 06:59 - 000002002 _____ C:\Users\Public\Desktop\MSI X Boost.lnk 2017-09-20 11:36 - 2017-06-29 06:59 - 000000000 ____D C:\Program Files\cFosSpeed 2017-09-20 11:35 - 2017-06-29 06:59 - 000001994 _____ C:\Users\Public\Desktop\MSI RAMDisk.lnk 2017-09-20 11:31 - 2017-06-29 07:00 - 000001206 _____ C:\Users\Public\Desktop\MSI DPC Latency Tuner.lnk 2017-09-20 11:31 - 2017-06-29 06:56 - 000000000 ____D C:\WINDOWS\system32\RTCOM 2017-09-20 11:31 - 2017-06-29 06:56 - 000000000 ____D C:\WINDOWS\system32\DAX3 2017-09-20 11:31 - 2017-06-27 23:51 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2017-09-20 11:31 - 2017-06-27 23:51 - 000000000 ____D C:\WINDOWS\system32\DAX2 2017-09-20 11:31 - 2017-04-12 09:18 - 000000000 ___HD C:\Program Files (x86)\Temp 2017-09-13 13:04 - 2017-06-28 03:00 - 000000000 ____D C:\ProgramData\Malwarebytes 2017-09-13 03:16 - 2016-08-31 11:56 - 000000000 __RHD C:\Users\Public\AccountPictures 2017-09-13 03:10 - 2017-03-18 14:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2017-09-13 03:10 - 2017-03-18 14:03 - 000000000 ___SD C:\WINDOWS\system32\F12 2017-09-13 03:10 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2017-09-13 03:10 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2017-09-13 03:10 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\system32\setup 2017-09-13 03:10 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\ShellExperiences 2017-09-13 03:10 - 2017-03-18 14:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2017-09-13 03:10 - 2017-03-18 14:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2017-09-12 22:00 - 2017-06-28 00:38 - 000000000 ____D C:\WINDOWS\system32\MRT 2017-09-12 21:59 - 2017-06-28 00:38 - 138202976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-09-12 19:51 - 2017-06-29 18:36 - 000000902 _____ C:\Users\Public\Desktop\The Sims 4.lnk 2017-09-08 00:21 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2017-09-05 23:06 - 2017-06-29 07:00 - 000000000 ____D C:\WINDOWS\System32\Tasks\Intel 2017-09-05 23:06 - 2017-04-12 09:17 - 000000000 ____D C:\Program Files\Intel 2017-09-05 23:06 - 2016-09-08 13:59 - 000000000 ____D C:\ProgramData\Package Cache 2017-09-05 23:02 - 2017-04-12 09:18 - 000000000 ____D C:\ProgramData\Intel 2017-09-04 14:22 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\Registration 2017-09-04 08:58 - 2017-06-27 23:11 - 000000000 ____D C:\Users\Effymaysims\AppData\Local\Packages 2017-09-02 08:15 - 2017-03-18 14:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2017-09-02 08:15 - 2017-03-18 14:06 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl ==================== Files in the root of some directories ======= 2017-07-01 04:13 - 2017-09-16 13:53 - 000001456 _____ () C:\Users\Effymaysims\AppData\Local\Adobe Save for Web 13.0 Prefs 2017-07-16 18:52 - 2017-07-16 18:52 - 000015178 _____ () C:\Users\Effymaysims\AppData\Local\recently-used.xbel 2017-06-29 21:45 - 2017-09-27 11:15 - 000007658 _____ () C:\Users\Effymaysims\AppData\Local\resmon.resmoncfg 2017-06-27 23:51 - 2017-06-27 23:51 - 000000000 ____H () C:\ProgramData\DP45977C.lfl ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== BCD ================================ Firmware Boot Manager --------------------- identifier {fwbootmgr} displayorder {bootmgr} {fd79348a-3a9d-11e7-9fd8-806e6f6e6963} {4af72bf2-3a9e-11e7-9fd9-806e6f6e6963} {4af72bf3-3a9e-11e7-9fd9-806e6f6e6963} {4af72bf4-3a9e-11e7-9fd9-806e6f6e6963} timeout 2 Windows Boot Manager -------------------- identifier {bootmgr} device partition=\Device\HarddiskVolume4 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale en-US inherit {globalsettings} default {current} resumeobject {7b0fd983-1fa2-11e7-8570-4ccc6af46738} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Firmware Application (101fffff) ------------------------------- identifier {4af72bf2-3a9e-11e7-9fd9-806e6f6e6963} description UEFI:CD/DVD Drive Firmware Application (101fffff) ------------------------------- identifier {4af72bf3-3a9e-11e7-9fd9-806e6f6e6963} description UEFI:Removable Device Firmware Application (101fffff) ------------------------------- identifier {4af72bf4-3a9e-11e7-9fd9-806e6f6e6963} description UEFI:Network Device Firmware Application (101fffff) ------------------------------- identifier {fd79348a-3a9d-11e7-9fd8-806e6f6e6963} device partition=\Device\HarddiskVolume4 path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI description Windows Boot Manager Windows Boot Loader ------------------- identifier {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 10 locale en-US inherit {bootloadersettings} recoverysequence {7b0fd985-1fa2-11e7-8570-4ccc6af46738} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {7b0fd983-1fa2-11e7-8570-4ccc6af46738} nx OptIn bootmenupolicy Standard Windows Boot Loader ------------------- identifier {7b0fd985-1fa2-11e7-8570-4ccc6af46738} device ramdisk=[\Device\HarddiskVolume7]\Recovery\WindowsRE\Winre.wim,{7b0fd986-1fa2-11e7-8570-4ccc6af46738} path \windows\system32\winload.efi description Windows Recovery Environment locale en-US inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume7]\Recovery\WindowsRE\Winre.wim,{7b0fd986-1fa2-11e7-8570-4ccc6af46738} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Resume from Hibernate --------------------- identifier {7b0fd983-1fa2-11e7-8570-4ccc6af46738} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale en-US inherit {resumeloadersettings} recoverysequence {7b0fd985-1fa2-11e7-8570-4ccc6af46738} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Windows Memory Tester --------------------- identifier {memdiag} device partition=\Device\HarddiskVolume4 path \EFI\Microsoft\Boot\memtest.efi description Windows Memory Diagnostic locale en-US inherit {globalsettings} badmemoryaccess Yes EMS Settings ------------ identifier {emssettings} bootems No Debugger Settings ----------------- identifier {dbgsettings} debugtype Local RAM Defects ----------- identifier {badmemory} Global Settings --------------- identifier {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Boot Loader Settings -------------------- identifier {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Hypervisor Settings ------------------- identifier {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Resume Loader Settings ---------------------- identifier {resumeloadersettings} inherit {globalsettings} Device options -------------- identifier {7b0fd986-1fa2-11e7-8570-4ccc6af46738} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume7 ramdisksdipath \Recovery\WindowsRE\boot.sdi LastRegBack: 2017-09-20 13:37 ==================== End of FRST.txt ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-09-2017 Ran by Effymaysims (29-09-2017 12:33:43) Running from C:\Users\Effymaysims\Desktop Windows 10 Home Version 1703 (X64) (2017-06-28 06:58:07) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3807984614-234364850-2689374515-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3807984614-234364850-2689374515-503 - Limited - Disabled) Effymaysims (S-1-5-21-3807984614-234364850-2689374515-1003 - Administrator - Enabled) => C:\Users\Effymaysims Guest (S-1-5-21-3807984614-234364850-2689374515-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov) Adobe Bridge CC 2017 (HKLM-x32\...\KBRG_7_0) (Version: 7.0 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated) Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.12 - Adobe Systems Incorporated) Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_1) (Version: 18.1.1 - Adobe Systems Incorporated) Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 385.69 - NVIDIA Corporation) Hidden Blender (HKLM\...\{783066A2-72B1-41E8-9633-59BB343C8713}) (Version: 2.76.1 - Blender Foundation) Blender (HKLM\...\Blender) (Version: 2.70a - Blender Foundation) Bulk Rename Utility 3.0.0.1 (64-bit) (HKLM\...\Bulk Rename Utility Installation_is1) (Version: - TGRMN Software) cFosSpeed v10.23 (HKLM\...\cFosSpeed) (Version: 10.23 - cFos Software GmbH, Bonn) CPUID CPU-Z MSI 1.77 (HKLM\...\CPUID CPU-Z MSI_is1) (Version: 1.77 - CPUID, Inc.) Discord (HKU\S-1-5-21-3807984614-234364850-2689374515-1003\...\Discord) (Version: 0.0.298 - Discord Inc.) GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.20.286 - SurfRight B.V.) Intel Extreme Tuning Utility (HKLM-x32\...\{79E98F35-0524-446C-8EF5-4E863C4D87E2}) (Version: 6.2.0.24 - Intel Corporation) Hidden Intel Extreme Tuning Utility (HKLM-x32\...\{7afa48c7-9901-40fa-8f9b-f0707e2bc5b6}) (Version: 6.2.0.24 - Intel Corporation) Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1004 - Intel Corporation) Intel(R) Online Connect Software Asset Manager (HKLM-x32\...\{AE956AB9-CD98-4F1E-8B9E-C3C66E290D64}) (Version: 3.4.2072 - Intel Corporation) Hidden Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{D63E2831-1429-41AC-8C16-8F3F6CD215B4}) (Version: 17.1.1519.1030 - Intel Corporation) Intel® Software Guard Extensions Platform Software (HKLM\...\{2DF17C75-9627-4213-8612-17955E92F782}) (Version: 1.6.101.32869 - Intel Corporation) Malwarebytes version 3.2.2.2018 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2018 - Malwarebytes) Marvelous Designer 5 Enterprise (HKLM-x32\...\Marvelous Designer 5 Enterprise) (Version: - CLO Virtual Fashion Inc.) Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.8431.2079 - Microsoft Corporation) Microsoft Office Home and Student 2016 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 16.0.8431.2079 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation) MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 3.0.0.39 - MSI) MSI DPC Latency Tuner (HKLM-x32\...\{1AAC56F3-3F60-47DB-BE6B-088F36ADFDC5}_is1) (Version: 1.0.0.20 - MSI) MSI Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.1.12 - MSI) MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.21 - MSI) MSI Network Manager (HKLM-x32\...\{649B53FC-BD11-4704-ABDC-DD5CAD921361}_is1) (Version: 1.0.0.51 - MSI) MSI RAMDisk (HKLM-x32\...\{F29CF050-7278-4CDB-9EF8-2DC6DAA87453}}_is1) (Version: 1.0.0.26 - MSI) MSI Smart Tool (HKLM-x32\...\{DDCCA038-DAB1-4D09-B85C-848020AA75D6}}_is1) (Version: 1.0.0.22 - MSI) MSI X Boost (HKLM-x32\...\{515143BB-7A11-4D85-B941-D520AAAA099C}_is1) (Version: 1.0.0.32 - MSI) NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA 3D Vision Driver 385.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 385.69 - NVIDIA Corporation) NVIDIA GeForce Experience 3.9.0.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.0.97 - NVIDIA Corporation) NVIDIA Graphics Driver 385.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 385.69 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation) NVIDIA Photoshop Plug-ins (HKLM-x32\...\{23F79416-CAD1-41BF-99A3-040F6C814AAA}) (Version: 8.50 - ) NVIDIA Photoshop Plug-ins 64 bit (HKLM-x32\...\{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}) (Version: 8.50 - ) NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2079 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2079 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden OnScreen Control (HKLM-x32\...\{E5C1B339-0E4E-49A5-859E-5E1DE1938706}) (Version: 2.50 - LG Electronics Inc) Origin (HKLM-x32\...\Origin) (Version: 10.5.2.49155 - Electronic Arts, Inc.) photoFXlab (HKLM-x32\...\photoFXlab) (Version: 1.2.11 - Topaz Labs) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.16.323.2017 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8237 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0280 - REALTEK Semiconductor Corp.) Seagate Dashboard (HKLM-x32\...\{EA266F00-A8E7-43A0-8DED-FBFE3F076934}) (Version: 4.8.5.0 - Seagate) Sims 4 Tray Importer (S4TI) 1.5.5 (HKLM-x32\...\{8665A9CC-9652-4F31-907A-DE2E7A8E8E97}_is1) (Version: 1.5.5 - TeameeVo) Spotify (HKU\S-1-5-21-3807984614-234364850-2689374515-1003\...\Spotify) (Version: 1.0.64.399.g4637b02a - Spotify AB) The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.34.18.1020 - Electronic Arts Inc.) Topaz Adjust 5 (HKLM-x32\...\Topaz Adjust 5) (Version: 5.2.0 - Topaz Labs, LLC) Topaz B&W Effects (HKLM-x32\...\Topaz BW Effects 2) (Version: 2.1.0 - Topaz Labs, LLC) Topaz Clarity (HKLM-x32\...\Topaz Clarity) (Version: 1.1.0 - Topaz Labs, LLC) Topaz Clean 3 (HKLM-x32\...\Topaz Clean 3) (Version: 3.2.0 - Topaz Labs, LLC) Topaz DeJpeg 4 (HKLM-x32\...\Topaz DeJpeg 4) (Version: 4.1.0 - Topaz Labs, LLC) Topaz DeNoise 6 (HKLM-x32\...\Topaz DeNoise 6) (Version: 6.0.1 - Topaz Labs, LLC) Topaz Detail 3 (HKLM-x32\...\Topaz Detail 3) (Version: 3.3.0 - Topaz Labs, LLC) Topaz Fusion Express 2 (HKLM-x32\...\Topaz Fusion Express 2) (Version: 2.1.3 - Topaz Labs, LLC) Topaz Glow 2 (HKLM\...\Topaz Glow 2) (Version: 2.0.0 - Topaz Labs, LLC) Topaz Impression 2 (HKLM-x32\...\Topaz Impression 2) (Version: 2.0.4 - Topaz Labs, LLC) Topaz InFocus (HKLM-x32\...\Topaz InFocus) (Version: 1.1.0 - Topaz Labs, LLC) Topaz Lens Effects (HKLM-x32\...\Topaz Lens Effects) (Version: 1.3.0 - Topaz Labs, LLC) Topaz ReMask 5 (HKLM-x32\...\Topaz ReMask 5) (Version: 5.0.1 - Topaz Labs, LLC) Topaz ReStyle (HKLM-x32\...\Topaz ReStyle) (Version: 1.1.0 - Topaz Labs, LLC) Topaz Simplify 4 (HKLM-x32\...\Topaz Simplify 4) (Version: 4.2.0 - Topaz Labs, LLC) Topaz Star Effects (HKLM-x32\...\Topaz Star Effects) (Version: 1.2.0 - Topaz Labs, LLC) Topaz Texture Effects 2 (HKLM-x32\...\Topaz Texture Effects 2) (Version: 2.1.0 - Topaz Labs, LLC) <==== ATTENTION Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.24-5 - Wacom Technology Corp.) ZBrush 4R7 Trial (HKLM-x32\...\ZBrush 4R7 Trial 4R7 Trial) (Version: 4R7 Trial - Pixologic) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3807984614-234364850-2689374515-1003_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-0B4F629B7628}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File CustomCLSID: HKU\S-1-5-21-3807984614-234364850-2689374515-1003_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Effymaysims\AppData\Local\Microsoft\OneDrive\17.3.6917.0607_1\amd64\FileSyncShell64.dll => No File CustomCLSID: HKU\S-1-5-21-3807984614-234364850-2689374515-1003_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Effymaysims\AppData\Local\Microsoft\OneDrive\17.3.6917.0607_1\amd64\FileSyncShell64.dll => No File CustomCLSID: HKU\S-1-5-21-3807984614-234364850-2689374515-1003_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Effymaysims\AppData\Local\Microsoft\OneDrive\17.3.6917.0607_1\amd64\FileSyncShell64.dll => No File CustomCLSID: HKU\S-1-5-21-3807984614-234364850-2689374515-1003_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll () CustomCLSID: HKU\S-1-5-21-3807984614-234364850-2689374515-1003_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] () ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => E:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] () ContextMenuHandlers1: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => E:\Program Files (x86)\Bulk Rename Utility\BRUhere64.dll [2016-02-04] (Bulk Rename Utility) ContextMenuHandlers2: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => E:\Program Files (x86)\Bulk Rename Utility\BRUhere64.dll [2016-02-04] (Bulk Rename Utility) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => E:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers4: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => E:\Program Files (x86)\Bulk Rename Utility\BRUhere64.dll [2016-02-04] (Bulk Rename Utility) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-09-16] (NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => E:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] () ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {059D7C03-A921-4943-A06D-D03342956FE8} - System32\Tasks\Adobe Uninstaller => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2017-09-20] (Adobe Systems Incorporated) Task: {0B4C9FDB-B0DB-4297-9335-AA9C14E56242} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [2017-07-06] (Seagate Technology LLC) Task: {13E090C6-AFEA-4C7E-AAC9-33DEDB31DF5C} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe Task: {2570A62F-FBD4-456A-B0C6-2EA4EB66CAF8} - System32\Tasks\S-1-5-21-3807984614-234364850-2689374515-1003\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-03-18] (Microsoft Corporation) Task: {26EF0FC9-1615-40F8-815A-B2B5A05A503E} - System32\Tasks\Effymaysims => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2017-07-06] (Seagate Technology LLC) Task: {282B78E8-2F00-43E8-8E6B-AFB7EB13DF67} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-28] () Task: {2870DCA1-41E0-4200-9BCD-13A3F8ABA622} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7 => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-09-29] (Intel Corporation) Task: {2A9C1D71-7148-408B-A75F-EDCC2E995144} - System32\Tasks\Effymaysims1 Merge => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2017-07-06] (Seagate Technology LLC) Task: {468224EC-0135-4EAD-8A09-C99C6B731A5D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-05] (Google Inc.) Task: {4DD33D87-E799-4A5B-9925-B42DE24346A6} - System32\Tasks\Effymaysims Merge => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2017-07-06] (Seagate Technology LLC) Task: {4F6F78CA-368D-4F7F-8D14-68BCD56255C8} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-12-05] (Intel(R) Corporation) Task: {51C6EA0C-5CF6-47A8-BBF3-36E8FA78A268} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2015-11-20] (Intel Corporation) Task: {520FEC42-31E9-4D1E-AA15-E23C674CEFB4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-09-08] (Microsoft Corporation) Task: {55441035-EE5E-4691-A6B4-A01AD55B56B6} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-09-19] (NVIDIA Corporation) Task: {5D2731EF-12E3-4B39-AEA6-82F2787C3BB3} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-09-29] (Intel Corporation) Task: {5F7967D6-09A2-405F-B446-46233E50946D} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-09-08] (Microsoft Corporation) Task: {6A1FFAA8-19CE-4C5E-9A7E-78303AC26C5A} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\Effymaysims\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {6F223BBB-64E7-4157-B9C5-A07544F47D8C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-09-19] (NVIDIA Corporation) Task: {728E7628-092B-499E-8916-F66BC916A676} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-09-19] (NVIDIA Corporation) Task: {7F7E7D2B-6BFC-4A8E-9455-AAFF5A8DE029} - System32\Tasks\Effymaysims DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2017-07-06] (Seagate Technology LLC) Task: {87FC93FD-DCF4-4654-B611-9781BF8737DB} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-09-19] (NVIDIA Corporation) Task: {8B5FDC73-4723-4AE8-B785-CB385291C179} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-sowingseasonya@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated) Task: {95070F49-553C-4A10-8C4A-BB888165CC4B} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-09-19] (NVIDIA Corporation) Task: {989290B9-C0A4-4308-A610-A9EA3877871A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-05] (Google Inc.) Task: {A7C8A667-D87B-419D-9116-F1009B883746} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-09-19] (NVIDIA Corporation) Task: {AE7BADD6-6142-459E-A756-9E3F01FD95CD} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-09-19] (NVIDIA Corporation) Task: {C04975D7-1CDC-4DBA-8552-C1FE77523686} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-09-28] (Microsoft Corporation) Task: {C2E1B95D-3DA4-40DE-A9CC-1C15FE395A77} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-28] () Task: {D2AFDB29-3EAC-4330-A67A-E074FCAA83C7} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-09-19] (NVIDIA Corporation) Task: {E7DB5661-4CC3-49B5-AC7E-C6B5578812F5} - System32\Tasks\Effymaysims1 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2017-07-06] (Seagate Technology LLC) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2016-10-05 12:15 - 2016-10-05 12:15 - 000107752 _____ () C:\Program Files\Intel\Intel(R) Online Connect Access\libglog.dll 2016-10-05 12:15 - 2016-10-05 12:15 - 000412904 _____ () C:\Program Files\Intel\Intel(R) Online Connect Access\JsonCpp.dll 2017-07-18 22:48 - 2017-09-19 00:23 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-10-04 17:09 - 2016-10-04 17:09 - 000253664 _____ () C:\Program Files\Intel\Intel(R) Online Connect\CSLibWrapper.dll 2017-09-13 13:04 - 2017-08-24 11:27 - 002264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2017-08-14 20:00 - 2017-09-16 10:34 - 000133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2017-08-14 03:48 - 2017-08-14 03:48 - 000491600 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll 2017-03-18 13:58 - 2017-03-18 13:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2017-03-18 13:59 - 2017-03-18 19:31 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-08-14 03:48 - 2017-08-14 03:48 - 034865232 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe 2017-09-26 15:50 - 2017-09-26 15:51 - 034451968 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17072.16431.0_x64__8wekyb3d8bbwe\Music.UI.exe 2017-09-26 15:50 - 2017-09-26 15:51 - 009145344 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17072.16431.0_x64__8wekyb3d8bbwe\EntCommon.dll 2017-08-25 16:57 - 2017-08-25 16:57 - 000957952 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17072.16431.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll 2017-09-26 15:50 - 2017-09-26 15:51 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17072.16431.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2017-09-26 15:50 - 2017-09-26 15:51 - 013224960 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17072.16431.0_x64__8wekyb3d8bbwe\Music.Visuals.dll 2017-09-26 12:53 - 2017-09-21 00:29 - 004022616 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libglesv2.dll 2017-09-26 12:53 - 2017-09-21 00:29 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libegl.dll 2017-09-20 11:36 - 2016-04-20 14:12 - 000772608 _____ () C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\Lib\USB_DLL.dll 2017-02-19 09:52 - 2017-02-19 09:52 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2017-09-20 02:42 - 2017-09-20 02:42 - 067115616 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll 2017-09-06 18:11 - 2017-09-06 18:11 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node 2017-09-06 18:11 - 2017-09-06 18:11 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node 2017-09-06 18:11 - 2017-09-06 18:11 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node 2017-09-06 18:11 - 2017-09-06 18:11 - 000125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node 2017-09-20 03:04 - 2017-09-20 03:04 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll 2017-09-06 18:11 - 2017-09-06 18:11 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node 2017-07-18 22:48 - 2017-09-19 00:23 - 069807552 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll 2017-07-18 22:48 - 2017-09-19 00:23 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-09-12 20:11 - 2017-09-12 20:11 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node 2017-09-12 20:10 - 2017-09-12 20:10 - 000117760 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node 2017-09-12 20:11 - 2017-09-12 20:11 - 000125440 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node 2017-09-12 20:11 - 2017-09-12 20:11 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node 2017-09-20 02:59 - 2017-09-20 02:59 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll 2017-09-12 20:11 - 2017-09-12 20:11 - 000098816 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\bufferutil\build\Release\bufferutil.node 2017-09-12 20:11 - 2017-09-12 20:11 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2016-07-16 04:47 - 2017-09-28 20:17 - 000000830 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3807984614-234364850-2689374515-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Effymaysims\Desktop\wowagain.png DNS Servers: 75.75.75.75 - 75.75.76.76 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\Services: lfsvc => 3 HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "Live Update" HKLM\...\StartupApproved\Run32: => "MSI Network Manager" HKLM\...\StartupApproved\Run32: => "Mystic Light" HKLM\...\StartupApproved\Run32: => "DBAgent" HKLM\...\StartupApproved\Run32: => "Super Charger" HKU\S-1-5-21-3807984614-234364850-2689374515-1003\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk" HKU\S-1-5-21-3807984614-234364850-2689374515-1003\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3807984614-234364850-2689374515-1003\...\StartupApproved\Run: => "Uploader" HKU\S-1-5-21-3807984614-234364850-2689374515-1003\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-3807984614-234364850-2689374515-1003\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-3807984614-234364850-2689374515-1003\...\StartupApproved\Run: => "GoogleDriveSync" HKU\S-1-5-21-3807984614-234364850-2689374515-1003\...\StartupApproved\Run: => "ApplePhotoStreams" HKU\S-1-5-21-3807984614-234364850-2689374515-1003\...\StartupApproved\Run: => "iCloudPhotos" HKU\S-1-5-21-3807984614-234364850-2689374515-1003\...\StartupApproved\Run: => "iCloudDrive" HKU\S-1-5-21-3807984614-234364850-2689374515-1003\...\StartupApproved\Run: => "iCloudServices" HKU\S-1-5-21-3807984614-234364850-2689374515-1003\...\StartupApproved\Run: => "Discord" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [TCP Query User{DE12EBFD-C79C-4440-950B-970B7610FEF0}C:\users\effymaysims\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\effymaysims\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{DD6DAEC6-C6A0-4D5B-ADAC-5F3C8A90CD92}C:\users\effymaysims\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\effymaysims\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{0B61A624-F697-4897-B279-1F0ED22F09BD}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe FirewallRules: [UDP Query User{476E0A17-3EA7-4868-8921-B7F877F9A017}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe ==================== Restore Points ========================= 27-09-2017 09:48:30 JRT Pre-Junkware Removal 27-09-2017 15:05:30 JRT Pre-Junkware Removal 28-09-2017 01:06:56 JRT Pre-Junkware Removal 28-09-2017 09:36:41 anythingyousaycanandwillbeheldagainstyou 28-09-2017 18:27:10 JRT Pre-Junkware Removal 28-09-2017 20:19:23 JRT Pre-Junkware Removal ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/29/2017 11:57:38 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: ModConflictDetector.exe, version: 4.0.0.0, time stamp: 0x561cda42 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x00007ffa83c1b9e5 Faulting process id: 0x2550 Faulting application start time: 0x01d3395027778a5a Faulting application path: E:\Effymaysims\Documents\ModConflictDetector.exe Faulting module path: unknown Report Id: 62c8e342-9fe4-4a99-80ed-ba66b82cf836 Faulting package full name: Faulting package-relative application ID: Error: (09/29/2017 11:57:37 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: ModConflictDetector.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.NullReferenceException at DmitryMalfatto.SimsMods.SimsModBase.GetExtensionsTypeFile(System.IO.FileInfo) at DmitryMalfatto.SimsMods.SimsModBase.get_TypeISimsMod() at DmitryMalfatto.SimsMods.SimsModBase.Dispose(Boolean) at DmitryMalfatto.SimsMods.SimsModBase.Dispose() at DmitryMalfatto.SimsMods.SimsModBase.Finalize() Error: (09/28/2017 09:51:38 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program S4Studio.exe version 3.0.1.9 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 113c Start Time: 01d338db4a76cefe Termination Time: 1 Application Path: E:\Desktop\Sims4Studio_v3.0.1.9 (Harmony)\S4Studio.exe Report Id: 6ad36bf9-eaee-4e90-857e-c89934c721ba Faulting package full name: Faulting package-relative application ID: Error: (09/28/2017 06:28:15 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: mbam.exe, version: 3.0.0.1169, time stamp: 0x599723f1 Faulting module name: Qt5Core.dll, version: 5.6.2.0, time stamp: 0x594d4411 Exception code: 0xc0000005 Fault offset: 0x0018da93 Faulting process id: 0x70c Faulting application start time: 0x01d338c237b79d7b Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll Report Id: 18afe51f-d6e1-42b7-a7aa-5f3735a44513 Faulting package full name: Faulting package-relative application ID: Error: (09/28/2017 02:04:17 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Adobe Spaces Helper.exe, version: 0.0.0.0, time stamp: 0x58fefe7b Faulting module name: libcef.dll, version: 3.2924.1537.0, time stamp: 0x584a4ed5 Exception code: 0xc0000005 Fault offset: 0x000000000049f61f Faulting process id: 0x3cb8 Faulting application start time: 0x01d3389d2db815f7 Faulting application path: C:\Program Files\Adobe\Adobe Photoshop CC 2017\Required\Plug-ins\Spaces\Adobe Spaces Helper.exe Faulting module path: C:\Program Files\Adobe\Adobe Photoshop CC 2017\Required\Plug-ins\Spaces\libcef.dll Report Id: c2a32953-ac07-4050-813b-cdac5b25e72e Faulting package full name: Faulting package-relative application ID: Error: (09/28/2017 02:04:17 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Adobe Spaces Helper.exe, version: 0.0.0.0, time stamp: 0x58fefe7b Faulting module name: libcef.dll, version: 3.2924.1537.0, time stamp: 0x584a4ed5 Exception code: 0xc0000005 Fault offset: 0x0000000000147fc5 Faulting process id: 0x3ac8 Faulting application start time: 0x01d3389d2dbd80fa Faulting application path: C:\Program Files\Adobe\Adobe Photoshop CC 2017\Required\Plug-ins\Spaces\Adobe Spaces Helper.exe Faulting module path: C:\Program Files\Adobe\Adobe Photoshop CC 2017\Required\Plug-ins\Spaces\libcef.dll Report Id: 0719f45a-67ee-448d-8b2b-ea7011050206 Faulting package full name: Faulting package-relative application ID: Error: (09/28/2017 02:03:59 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Photoshop.exe, version: 18.1.1.252, time stamp: 0x58fefd04 Faulting module name: Photoshop.exe, version: 18.1.1.252, time stamp: 0x58fefd04 Exception code: 0xc000041d Fault offset: 0x00000000077e524f Faulting process id: 0x1698 Faulting application start time: 0x01d3389d2a58831c Faulting application path: C:\Program Files\Adobe\Adobe Photoshop CC 2017\Photoshop.exe Faulting module path: C:\Program Files\Adobe\Adobe Photoshop CC 2017\Photoshop.exe Report Id: 9567b8d3-8b25-4d28-bbd3-e93361ee5b23 Faulting package full name: Faulting package-relative application ID: Error: (09/28/2017 02:03:39 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Photoshop.exe, version: 18.1.1.252, time stamp: 0x58fefd04 Faulting module name: Photoshop.exe, version: 18.1.1.252, time stamp: 0x58fefd04 Exception code: 0xc0000005 Fault offset: 0x00000000077e524f Faulting process id: 0x1698 Faulting application start time: 0x01d3389d2a58831c Faulting application path: C:\Program Files\Adobe\Adobe Photoshop CC 2017\Photoshop.exe Faulting module path: C:\Program Files\Adobe\Adobe Photoshop CC 2017\Photoshop.exe Report Id: fe15f36c-92a6-424d-95d0-9753e87cf565 Faulting package full name: Faulting package-relative application ID: Error: (09/28/2017 10:31:50 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program Bulk Rename Utility.exe version 3.0.0.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 3e30 Start Time: 01d3387f9de5599f Termination Time: 3 Application Path: E:\Program Files (x86)\Bulk Rename Utility\Bulk Rename Utility.exe Report Id: 6375246f-bb5a-43bb-abe2-3529c63d937c Faulting package full name: Faulting package-relative application ID: Error: (09/28/2017 10:31:26 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program Bulk Rename Utility.exe version 3.0.0.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 1d00 Start Time: 01d3387f8a90be39 Termination Time: 2 Application Path: E:\Program Files (x86)\Bulk Rename Utility\Bulk Rename Utility.exe Report Id: 527f7ea5-660b-44d9-9c02-3634ac5c3b1f Faulting package full name: Faulting package-relative application ID: System errors: ============= Error: (09/29/2017 03:09:19 AM) (Source: DCOM) (EventID: 10010) (User: NORMAJEAN) Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout. Error: (09/28/2017 08:40:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The MSI Live Update Service service terminated unexpectedly. It has done this 1 time(s). Error: (09/28/2017 08:40:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The HitmanPro Scheduler service terminated unexpectedly. It has done this 1 time(s). Error: (09/28/2017 08:40:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The AdobeUpdateService service terminated unexpectedly. It has done this 1 time(s). Error: (09/28/2017 08:19:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The NVIDIA LocalSystem Container service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service. Error: (09/28/2017 08:19:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The NVIDIA Display Container LS service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service. Error: (09/28/2017 08:19:02 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Intel(R) Online Connect Helper service. Error: (09/28/2017 08:18:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The CldFlt service failed to start due to the following error: The request is not supported. Error: (09/28/2017 08:17:58 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY) Description: There was an error while attempting to read the local hosts file. Error: (09/28/2017 08:17:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Intel(R) Dynamic Application Loader Host Interface Service service terminated unexpectedly. It has done this 1 time(s). CodeIntegrity: =================================== Date: 2017-09-21 11:04:52.407 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-09-21 11:04:50.663 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-09-21 11:04:44.709 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-09-21 11:04:44.587 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-09-19 01:03:54.058 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\WINDOWS\System32\aepic.dll because the set of per-page image hashes could not be found on the system. Date: 2017-09-19 01:03:53.947 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\WINDOWS\System32\aepic.dll because the set of per-page image hashes could not be found on the system. Date: 2017-09-19 01:03:43.633 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\WINDOWS\System32\aepic.dll because the set of per-page image hashes could not be found on the system. Date: 2017-09-19 01:03:43.517 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\WINDOWS\System32\aepic.dll because the set of per-page image hashes could not be found on the system. Date: 2017-09-19 01:03:33.181 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\WINDOWS\System32\aepic.dll because the set of per-page image hashes could not be found on the system. Date: 2017-09-19 01:03:33.061 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\WINDOWS\System32\aepic.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-7700K CPU @ 4.20GHz Percentage of memory in use: 45% Total physical RAM: 16350.35 MB Available physical RAM: 8832.64 MB Total Virtual: 32734.35 MB Available Virtual: 23965.88 MB ==================== Drives ================================ Drive b: (RAMDisk) (Fixed) (Total:0.25 GB) (Free:0.25 GB) FAT Drive c: () (Fixed) (Total:117.89 GB) (Free:36.62 GB) NTFS Drive e: (New Volume) (Fixed) (Total:1862.89 GB) (Free:1563.82 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000) Partition: GPT. ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt ============================
  3. Before installing malwarebytes I was getting a popup that would take over and I would have to force close chrome. I am using a windows 10 computer. After installing it blocks the website from coming up and creates a protection report which I have attached. AVG, zempura, malwarebytes all say sytem is clean popup.txt
  4. For a little over 2-3 weeks or so I've been having an issue, even despite having Malwarebytes (and even purchasing it yesterday), of new windows with sketchy ads/websites popping up while I'm just on Chrome. It seems to only be on Chrome and I've tried many things suggested, even restarting Chrome, uninstalling, reinstalling, using cleaners, different anti malware programs, and even tried weeks ago a system restart to an earlier date but I must have acted too late as the time brought back (which I think was around the 10th or 11th of May) I was still infected, but nothing could detect or get rid of whatever it is that is causing chrome to do this. Malwarebytes seem to "stop" the pop ups, and says they blocked it but it's not preventing it from happening and there are times when the page isn't even blocked so I have to manually do it with a chrome addon...which doesn't help much. It kind of just makes it so a blocked site pops up in a new window. Some of the sketchy sites that pop up are, but definitely not limited to: - goodsearch(.)com - go.mobifoth(.)com - digitalprivacyalerts(.)org - go.searchlock(.)com - foy4a.trackvoluum(.)com - marmrtr111(.)com - And Just many many other really random things. Those were just very few of a whole list that is on chromes "blacklist" addon I have. I've seen issues similar to this on other forums, but a lot of them have warnings regarding the specific system a person is using, so I wanted to ask for help with this. I was kinda of scared to try something I saw without guidance. I did try something by myself involving something called FRST but I feel I may have messed up somewhere along the way...as evident since I still have the issue.
  5. So every 15 minutes of the entire day I get an extremely abrasive Malwarebytes random popup on the lower-right corner, it'll either say Skype is a virus or it'll just randomly open up the Malwarebytes program and leave it at that. I tried disabling every form of notification but it still pops up every 15 minutes, how do I prevent this from spamming me relentlessly? Or do we need to switch to another program.
  6. My HP laptops browsers & Android Browsers got infected first . Chrome was badly hit by pop ups on almost every click. Any site redirects automatically to the URL starting from ad-type.google.com and then redirecting to Total Ad Performance.com. I cleaned all extensions from chrome, blocked pop ups, checked all necessary steps to stop these pop us, deleted cache cookies etc. , No useless software or toolbar. Added Ad Block Plus to Chrome,Scanned with Malware bytes & Avast Security. As of now i'm a bit relieved as less pop ups are coming but once in 5 min a pop up from Total ad performance comes and avast blocks it as Malware. But my android Xiaomi Mi3 is badly hit. Chrome ,mozilla , local native Browser ,UC Browser all are getting pop ups at every click. Finally i decided to factory reset my device (it took guts as i wasted 3 hours in backup and reinstalling) But still still still even after hard reset browsers had pop ups. Please suggest me what to do. Im really scared Thank you Sagar
  7. Hi and hopefully, I am in the correct forum. Within the last month or so, I've been getting these "Adcash" popups throughout the day. I can get them when I am click on something else on a webpage that I know has nothing to do with ads. They are random, but very annoying. When I get them, the either popup in another tab, or they try to run behind my current window. I try not to let the page load due to fear that something else is trying to install, so I rarely get to see what's trying to load. Also, please see some of the symptoms below that I believe is related to this adware issue: - The adwares has effected all apple products in the house (mobile, laptops) - My internet has sometimes been so slow that I cannot use it - I get this pop up sometimes that is either extremely hard to get rid of or I have to hard boot my computer off and turn it back on. The pop up is trying to get me to call a number to remove the "detected viruses" off of my computer. I know it's a phishing scam. - My email has been acting weird on my iphone... Sometimes it looks as if I received hundreds of emails from the year 2070 and some of the emails are read and some are unread... The sender is shown as something like "Sender". I can't remember the sender's name, but its really weird. - Sometimes pages won't load or pages that were previously loaded goes to a "Page cannot be loaded" screen (could be due to slow internet) - Format for some platforms like Facebook is distorted really bad. - Can't scroll down sometimes (This happens on one particular page only and could be a different issue) I think I covered it all, but if I remember that I've forgotten something, I will update this post. I appreciate any help on this. Thanks Robin
  8. A week or 2 ago, I first received ad.adsmatte.com pop-ups each time i used most web sites except while usingFRST.txtAddition.txtFRST.txt youtube. I ignored them as the pop-ups initially led to a facebook login page(so i thought no biggie), but today it's some e-commerce site (aliexpress.com or something similar). I've always had pop ups blocked so that was weird. Plus today, more sinister looking pop ups showed up and began obstructing web pages. They would not go away unless i clicked on them or used task manager to end Chrome or Mozilla. They said things like "are you sure you want to leave this page?" or that some lp flash player needs to be updated. Did download Malwarebytes, ran the scan. It detected a Trojan.Inject and a PUP.optional.toolbar in my downloads, i deleted them in a flash. But no change. The ads/page blockers continue to pop up. Some pc-help sites recommended disabling javascript which solved everything, but if there was a more convenient solution, it would be just splendid.
  9. I tried to use my sons computer and can't because of all of the pop ups and redirects. I went to download farbar but it wouldn't let me. Would someone please help me clean this up.
  10. I've been recently bombarded by pop windows when I click on my links, like the ones to log in or log out of my usually sites or when I click on any random area of the page. My son downloads heaps of crap and I clean it out and this time I've wiped alot of bullsh*t software out - I've used zoek with no scripts and can see my computer runs a bit faster but I still have these pop ups opening up on my browser constantly, the only thing I can get from it is it might be called "The enhanced shopping assistant" but when I click on the sidebar popup and it gives me a settings icon, i click it and try to use the "opt out" it doesn't really let me out - but sez Iam opt'd out. And when I look I find it no where in my extensions for chrome (newest version of chrome) or my windows software unistal screen. Im no computer genius but I've been able to carry my own but Im lost, frustrated and at my wits end. Any ideas or suggestions would be met with much appreciation, I realize today its Christmas morning so I hope you all take the time to enjoy it first then I look forward to hearing from you good people. Thank you! Happy Holidays. PS The file I included shows "The enhanced shopping assistant" and the window it opens that sez it will let me turn it off, but really does not. I imagine it has to do with my random pop up windows as well, but you folks are the pros so please tell me! Thank you again.
  11. For some odd reason, every website I open through Google chrome, now has a pop up window that appears on the left side of the screen for a split second, then disappears. It goes away so fast that I can't see if it contains any text. I'm unsure as to what it is and I have tried searching through Google for answers and nobody has any. Other people are experiencing the same thing, but no one knows what is causing this. Does anybody here know what it might be and if it is malware? I update my Malwarebytes free version almost daily and the last scan I did recently removed a few of those PUP programs. I am running Windows 7 on a Dell Inspiron N7110 laptop. I recently installed the Google Chrome apps for Adblock Pro and Adblock Super. I'm wondering if it's possible that one of those programs is causing this and it can easily be rectified.
  12. How do I rid this nuissance PC Performer Pop-Up? Thank You.
  13. My laptop has some sort of infection -- pop-ups and redirects to odd pages. Sometimes I get the blocking access to a malicious site -- sometimes not. I've run the scan and it's not cleaning it. Judy
  14. Hey. Can I please ask you this? I have gotten some nasty malware - not sure but it may have been a part of an update for JAVA, but unsure. One thing is certain and that is I NEED HELP to get this out of the system. Any gurus on the subject? Thanks a lot for any reply! --------------------------------------------------------------------- Added some logs: --------------------------------------------------------------------- FRST: --------- Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-02-2014 Ran by Rune (administrator) on RUNESTASJON-PC on 10-02-2014 22:18:34 Running from K:\Movables Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.seolinkrobot.com) Skype Click to Call (x32 Version: 6.9.12585 - Skype Technologies S.A.) Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.) SmartFTP Client Setup Files 4.1 (x64) (remove only) (x32 Version: 4.1 - SmartSoft Ltd) Spelling Dictionaries Support For Adobe Reader 9 (x32 Version: 9.0.0 - Adobe Systems Incorporated) Steam (x32 Version: 1.0.0.0 - Valve Corporation) SWF Components (x32 Version: 1.0.0 - Keyword Rockstar, Inc.) TweetAdder4 (x32 Version: 4.0.130521 - TweetAdder.com) Unity Web Player (HKCU Version: - Unity Technologies ApS) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3 - Microsoft Corporation) Uplay (x32 Version: 2.0 - Ubisoft) Vegas Pro 11.0 (x32 Version: 11.0.370 - Sony) Video Components (x32 Version: 1.0.0 - Keyword Rockstar, Inc.) Viral Meme Maker version 1.0.5 (x32 Version: 1.0.5 - ) Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (x32 Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player 2.1.2 (x32 Version: 2.1.2 - VideoLAN) Webroot SecureAnywhere (x32 Version: 8.0.4.46 - Webroot) WebTablet IE Plugin (x32 Version: 1.1.0.4 - Wacom Technology Corp.) WebTablet Netscape Plugin (x32 Version: 1.1.0.3 - Wacom Technology Corp.) WP Auto Links (x32 Version: 1.0.0 - Reilly Labs) ==================== Restore Points ========================= 05-02-2014 19:05:40 Driver Booster : NVIDIA GeForce GT 520 07-02-2014 14:59:54 Removed Trapcode Suite 64-bit 08-02-2014 14:14:34 Windows Update 09-02-2014 12:08:05 AA11 09-02-2014 12:08:51 AA11 09-02-2014 12:11:11 AA11 09-02-2014 12:49:17 Installed AVG 2014 09-02-2014 12:49:24 Installed AVG 2014 10-02-2014 19:46:20 Removed AVG 2014 10-02-2014 19:48:44 Removed AVG 2014 10-02-2014 19:50:56 avast! antivirus system restore point 10-02-2014 20:48:45 Removed Java 7 Update 51 ==================== Hosts content: ========================== 2012-04-15 19:32 - 2012-04-15 19:01 - 00001811 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com 127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com 127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com 127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com 127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com 127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net ==================== Scheduled Tasks (whitelisted) ============= Task: {0C5CB6C2-A7C8-4C43-AD05-E01609C88053} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup Task: {4611432B-BF01-4324-859B-9393CEDEE758} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe Task: {6E64468E-11C6-40EA-AB11-6FB2D5B78135} - System32\Tasks\AdobeAAMUpdater-1.0-Runestasjon-PC-Rune => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15] (Adobe Systems Incorporated) Task: {9B7A4555-2ADC-4C1B-AAC7-B38AABE18625} - System32\Tasks\Run RoboForm TaskBar Icon => E:\Programs\Roboform\RoboTaskBarIcon.exe [2013-12-01] (Siber Systems) Task: {A74AB3BC-35D3-47A3-B333-22896AC721A8} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-892377978-1441931877-1165036963-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-01-31] (RealNetworks, Inc.) Task: {AC1A2C52-A321-41E8-808E-CA3BCC6069A9} - System32\Tasks\Run RoboForm Process => E:\Programs\Roboform\Identities.exe [2013-12-01] (Siber Systems) Task: {AD3370DC-C03A-4597-A7C5-3AD6D82FC3B6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05] (Adobe Systems Incorporated) Task: {E88F3D95-9D88-4362-A46A-B16EA0FB3117} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation) Task: {F6FB6E80-7085-4A4D-8EF9-98B4A17C039A} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html?aaa=KICMNMLMJMHMKJNJHMPMCNOJOJMJMJCNLMNMMMKMCNNJLMLJPMCNJJJMMMGMJJMMIMHMIMIMPMOMJNJICMIMCNGMCNNMFMGMCNOMOMCNGMJMPMPMFMJMCNOMCNIMJMPMOMCNNMJNPICMOMFMEKMICNJJCKFMKMGMOMJNHICMIJKJKIIJNMJNBJCMNKKIBJKJPNKLDJDJGJBJIJMIKJBJJNKJCMJNNICMJNDJCMKJBJ" Task: {F77DFB73-8DCA-4BA0-8387-973893A2A661} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-892377978-1441931877-1165036963-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-01-31] (RealNetworks, Inc.) Task: {FB352FED-08AA-41C5-8663-8CFD39DFE055} - System32\Tasks\Go to RoboForm Install page => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html?aaa=KICMLMKMNMNMLMMMLJGMCNKJGMNJLMCNLMJMLMPMCNGMPMLMOMCNLJJJLMMMIMOMKMIMJJJJPMMJJNJICMJMCNOMPMCNNMFMGMCNPMCNHMOMOMNMFMJMCNOMCNIMJMPMOMCNNMJNPICMPMFMEKMICNJJCKFMNMMMJNHICMEKMICNJJCKJNBJCMNKKIBJKJJNKJCMJNNICMJNDJCMKJBJ" Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============= 2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () E:\Programs\Filezilla\FileZilla FTP Client\fzshellext_64.dll 2011-04-13 00:03 - 2011-04-13 00:03 - 02857808 _____ () E:\Programs\Telenor\mobilt bredband\mobilt bredband.exe 2014-02-10 22:10 - 2014-02-10 22:10 - 01166132 _____ () E:\Temp Downloads\adwcleaner(2).exe 2013-09-13 19:51 - 2013-09-13 19:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2013-09-13 19:51 - 2013-09-13 19:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2011-05-06 12:07 - 2011-05-06 12:07 - 00460144 _____ () C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe 2010-10-25 23:06 - 2010-10-25 23:06 - 02248704 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtCore4.dll 2011-05-06 12:07 - 2011-05-06 12:07 - 04317184 _____ () C:\Program Files (x86)\Flip Video\FlipShare\Core.dll 2011-05-06 12:02 - 2011-05-06 12:02 - 00737280 _____ () C:\Program Files (x86)\Flip Video\FlipShare\qca2.dll 2010-10-25 23:23 - 2010-10-25 23:23 - 08351744 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtGui4.dll 2010-10-25 23:08 - 2010-10-25 23:08 - 00983040 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtNetwork4.dll 2010-10-25 23:23 - 2010-10-25 23:23 - 00204800 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtSql4.dll 2010-10-25 23:06 - 2010-10-25 23:06 - 00364544 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtXml4.dll 2010-10-26 07:34 - 2010-10-26 07:34 - 11853824 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtWebKit4.dll 2010-10-25 23:37 - 2010-10-25 23:37 - 00258048 _____ () C:\Program Files (x86)\Flip Video\FlipShare\phonon4.dll 2010-05-20 12:49 - 2010-05-20 12:49 - 00258048 _____ () C:\Program Files (x86)\Flip Video\FlipShare\boost_serialization-vc80-mt-1_43.dll 2010-05-17 08:47 - 2010-05-17 08:47 - 01199104 _____ () C:\Program Files (x86)\Flip Video\FlipShare\PocoFoundation.dll 2010-05-17 08:47 - 2010-05-17 08:47 - 00642048 _____ () C:\Program Files (x86)\Flip Video\FlipShare\PocoNet.dll 2010-05-17 08:47 - 2010-05-17 08:47 - 00511488 _____ () C:\Program Files (x86)\Flip Video\FlipShare\PocoXML.dll 2011-05-06 11:58 - 2011-05-06 11:58 - 01085440 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe 2010-10-25 23:06 - 2010-10-25 23:06 - 02248704 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\QtCore4.dll 2010-10-25 23:08 - 2010-10-25 23:08 - 00983040 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\QtNetwork4.dll 2010-10-25 23:23 - 2010-10-25 23:23 - 00204800 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\QtSql4.dll 2010-05-20 12:49 - 2010-05-20 12:49 - 00258048 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\boost_serialization-vc80-mt-1_43.dll 2010-05-17 08:47 - 2010-05-17 08:47 - 01199104 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoFoundation.dll 2010-05-17 08:47 - 2010-05-17 08:47 - 00642048 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoNet.dll 2010-05-17 08:47 - 2010-05-17 08:47 - 00175616 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoNetSSL.dll 2010-05-17 08:47 - 2010-05-17 08:47 - 00291840 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoUtil.dll 2010-05-17 08:47 - 2010-05-17 08:47 - 00511488 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoXML.dll 2010-05-17 08:47 - 2010-05-17 08:47 - 00110592 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoCrypto.dll 2014-01-27 21:43 - 2014-01-27 21:43 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2011-11-11 23:08 - 2011-11-11 23:08 - 02145304 _____ () E:\Programs\Logitech Webcam\LWS\Webcam Software\QtCore4.dll 2011-11-11 23:08 - 2011-11-11 23:08 - 07956504 _____ () E:\Programs\Logitech Webcam\LWS\Webcam Software\QtGui4.dll 2011-11-11 23:08 - 2011-11-11 23:08 - 00342552 _____ () E:\Programs\Logitech Webcam\LWS\Webcam Software\QtXml4.dll 2011-11-11 23:08 - 2011-11-11 23:08 - 00029208 _____ () E:\Programs\Logitech Webcam\LWS\Webcam Software\imageformats\QGif4.dll 2011-11-11 23:08 - 2011-11-11 23:08 - 00128536 _____ () E:\Programs\Logitech Webcam\LWS\Webcam Software\imageformats\QJpeg4.dll 2013-08-17 08:38 - 2013-08-17 08:38 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\f60b3ee2de3f41a024920486d46d49f2\IsdiInterop.ni.dll 2012-02-23 06:12 - 2011-04-30 09:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll 2011-04-13 00:03 - 2011-04-13 00:03 - 01384448 ____R () E:\Programs\Telenor\mobilt bredband\OSCSettingsLibU_vc90.dll 2011-04-13 00:03 - 2011-04-13 00:03 - 01995776 _____ () E:\Programs\Telenor\mobilt bredband\QtDeclarative4.dll 2011-04-13 00:03 - 2011-04-13 00:03 - 01116160 _____ () E:\Programs\Telenor\mobilt bredband\QtScript4.dll 2011-04-13 00:03 - 2011-04-13 00:03 - 02142720 _____ () E:\Programs\Telenor\mobilt bredband\QtCore4.dll 2011-04-13 00:03 - 2011-04-13 00:03 - 00184320 _____ () E:\Programs\Telenor\mobilt bredband\QtSql4.dll 2011-04-13 00:03 - 2011-04-13 00:03 - 02530304 _____ () E:\Programs\Telenor\mobilt bredband\QtXmlPatterns4.dll 2011-04-13 00:03 - 2011-04-13 00:03 - 00916480 _____ () E:\Programs\Telenor\mobilt bredband\QtNetwork4.dll 2011-04-13 00:03 - 2011-04-13 00:03 - 00335360 _____ () E:\Programs\Telenor\mobilt bredband\QtXml4.dll 2011-04-13 00:03 - 2011-04-13 00:03 - 07793152 _____ () E:\Programs\Telenor\mobilt bredband\QtGui4.dll 2011-04-13 00:03 - 2011-04-13 00:03 - 00860160 ____R () E:\Programs\Telenor\mobilt bredband\NDISAPI.dll 2011-04-13 00:03 - 2011-04-13 00:03 - 00063312 _____ () E:\Programs\Telenor\mobilt bredband\LicenseRegistration.dll 2011-04-13 00:03 - 2011-04-13 00:03 - 00416768 ____R () E:\Programs\Telenor\mobilt bredband\sqldrivers\qsqlite4.dll 2011-04-13 00:03 - 2011-04-13 00:03 - 00027648 _____ () E:\Programs\Telenor\mobilt bredband\imageformats\qico4.dll 2011-04-13 00:03 - 2011-04-13 00:03 - 00121344 _____ () E:\Programs\Telenor\mobilt bredband\imageformats\qjpeg4.dll 2014-02-06 21:18 - 2014-02-06 21:18 - 03583600 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2014-02-10 20:57 - 2014-02-10 20:57 - 01013248 _____ () C:\Users\Rune\AppData\Roaming\Mozilla\Firefox\Profiles\st0cn8zi.default\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\platform\WINNT_x86-msvc\components\wrxpcom.dll 2014-02-05 22:59 - 2014-02-05 22:59 - 16287624 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\ProgramData\TEMP:0FF263E8 ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service" ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (02/10/2014 09:36:37 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/10/2014 09:08:05 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/10/2014 08:52:15 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/10/2014 08:49:44 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/10/2014 08:46:32 PM) (Source: Application Error) (User: ) Description: Faulting application name: avgui.exe, version: 14.0.0.4330, time stamp: 0x52dfa8b0 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x4c24448d Faulting process id: 0x1478 Faulting application start time: 0xavgui.exe0 Faulting application path: avgui.exe1 Faulting module path: avgui.exe2 Report Id: avgui.exe3 Error: (02/10/2014 08:25:22 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/09/2014 08:07:12 PM) (Source: Windows Backup) (User: ) Description: The backup did not complete because of an error writing to the backup location I:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006). Error: (02/09/2014 07:57:14 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (02/10/2014 09:38:41 PM) (Source: Service Control Manager) (User: ) Description: The NVIDIA Update Service Daemon service failed to start due to the following error: %%1069 Error: (02/10/2014 09:38:41 PM) (Source: Service Control Manager) (User: ) Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: %%1330 To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). Error: (02/10/2014 09:38:15 PM) (Source: Service Control Manager) (User: ) Description: The LiveUpdate service terminated unexpectedly. It has done this 1 time(s). Error: (02/10/2014 09:34:34 PM) (Source: Service Control Manager) (User: ) Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (02/10/2014 09:34:34 PM) (Source: Service Control Manager) (User: ) Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (02/10/2014 09:34:34 PM) (Source: Service Control Manager) (User: ) Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (02/10/2014 09:34:34 PM) (Source: Service Control Manager) (User: ) Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (02/10/2014 09:34:34 PM) (Source: Service Control Manager) (User: ) Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (02/10/2014 09:34:34 PM) (Source: Service Control Manager) (User: ) Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (02/10/2014 09:34:34 PM) (Source: Service Control Manager) (User: ) Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Microsoft Office Sessions: ========================= ==================== Memory info =========================== Percentage of memory in use: 16% Total physical RAM: 16360.88 MB Available physical RAM: 13627.02 MB Total Pagefile: 32719.94 MB Available Pagefile: 29908.19 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:111.79 GB) (Free:34.16 GB) NTFS Drive e: (New Volume) (Fixed) (Total:931.39 GB) (Free:616.67 GB) NTFS Drive k: () (Fixed) (Total:29.8 GB) (Free:25.44 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 713ADFE5) Partition 1: (Not Active) - (Size=993 KB) - (Type=42) Partition 2: (Active) - (Size=125 MB) - (Type=42) Partition 3: (Not Active) - (Size=931 GB) - (Type=42) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 713ADFFD) Partition 1: (Not Active) - (Size=112 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (Size: 30 GB) (Disk ID: D05815ED) Partition 1: (Not Active) - (Size=30 GB) - (Type=0C) ==================== End Of Log ============================ ASWMBR: ------- aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software Run date: 2014-02-10 22:28:23 ----------------------------- 22:28:23.830 OS Version: Windows x64 6.1.7601 Service Pack 1 22:28:23.830 Number of processors: 4 586 0x2A07 22:28:23.830 ComputerName: RUNESTASJON-PC UserName: Rune 22:28:35.491 Initialize success 22:30:31.542 AVAST engine defs: 14021001 22:30:55.546 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 22:30:55.546 Disk 0 Vendor: ST1000DM CC46 Size: 953869MB BusType: 3 22:30:55.556 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-1 22:30:55.556 Disk 1 Vendor: OCZ-AGIL 2.15 Size: 114473MB BusType: 3 22:30:55.566 Disk 1 MBR read successfully 22:30:55.576 Disk 1 MBR scan 22:30:55.576 Disk 1 Windows 7 default MBR code 22:30:55.586 Disk 1 Partition 1 00 07 HPFS/NTFS NTFS 114471 MB offset 2048 22:30:55.606 Disk 1 scanning C:\Windows\system32\drivers 22:30:58.846 Service scanning 22:31:06.986 Modules scanning 22:31:06.986 Disk 1 trace - called modules: 22:31:06.996 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll 22:31:07.006 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa80103d3060] 22:31:07.006 3 CLASSPNP.SYS[fffff88001efb43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800dfd6050] 22:31:07.197 AVAST engine scan C:\Windows 22:31:07.657 AVAST engine scan C:\Windows\system32 22:32:28.338 AVAST engine scan C:\Windows\system32\drivers 22:32:31.089 AVAST engine scan C:\Users\Rune 22:33:24.845 AVAST engine scan C:\ProgramData 22:33:33.076 Scan finished successfully 22:34:18.371 Disk 1 MBR has been saved successfully to "C:\Users\Rune\Desktop\Mother\Avastlog\MBR.dat" 22:34:18.371 The log file has been saved successfully to "C:\Users\Rune\Desktop\Mother\Avastlog\aswMBR.txt"
  15. I recently got a new computer with Window 7 on it. Ever since I first turned it on, I have been inundated with pop ups, constant redirects, ads pasted over ads, ads pasted over text I am trying to read. I use Mozilla Firefox, and my preferences for home page and new tab will not save for longer than a day at most, before being changed to something else. I have tried everything I can think of to fix this problem. I bought the Pro Version of Malwarebytes, I have tried the steps from Remove Pop-up Ads from Internet Explorer, Firefox and ChromeWhich was from the Malwarebytes Forum and it worked for barely a day before the ads and redirects took over again. Adwcleaner will not work on my computer, it chokes up and goes non responsive. I have downloaded add ons for Firefox, they do not help. I run Kapersky Anti-Virus every single day. Very few if any problems show up on Kapersky or Malwarebytes, since I run them several times a day, trying to find SOMETHING that is causing this. I am very close to wiping this computer and installing XP. I cannot get any work done, I am simply at my wits end. Can anyone help me? Is there something else I can do to handle this problem? Thank you, Tracey
  16. I have had a problem with ads popping up on the bottom left and right of any browser starting today. I have tried the basic steps to remove this with malwarebytes and AVG to no success. I am not even sure "what" it is to do any additional constructive searching. Anyone have a solution? Thank you in advance... EpicCG
  17. I first had been having a problem with my mouse acting laggy and my keyboard acting like it has sticky keys. I have tried changing the batteries and making sure the keyboard was clean. The second thing I did was trying to update the drivers for my mouse and keyboard. They are Logitech make, so I searched for there homepage to get the driver updates. Since then I have been getting these random popups every morning for driverupdate. I have tried removing and uninstaillng these programs, but it looks to me like they reinstall themselves overnight. I need help in getting the randowm browser opening popups to stop, my mouse lagging to stop, and my sticky keys keyboard issue to stop.
  18. Trying to get rid of annoying pop ups that appear at the bottom left and right corners of my internet screen. If someone could help it would be greatly appreciated.
  19. I do not know a lot about computers I need help. I am get sent to all kinds of sites. I am getting pop ups. The Malwarebytes that I am a paying member is not fully protested nor will my firewall work. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16455 Run by Bobby at 9:13:37 on 2012-12-12 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3003.1764 [GMT -6:00] . SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe C:\Windows\system32\dldtcoms.exe C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Common Files\Motive\McciCMService.exe C:\Program Files\Common Files\Motive\McciCMService.exe C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Program Files\ATT-SST\McciTrayApp.exe C:\Windows\System32\StikyNot.exe C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Windows\system32\SearchIndexer.exe C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe C:\Program Files\Realtek\RtVOsd\RtVOsd.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvh.exe C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Windows\system32\wuauclt.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.gmail.com/ uSearch Bar = Preserve mWinlogon: Userinit = userinit.exe, BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned> BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - <orphaned> uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe mRun: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll LSP: mswsock.dll Trusted Zone: $talisma_url$ DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab DPF: {E0FEE963-BB53-4215-81AD-B28C77384644} - hxxps://pattcw.att.motive.com/wizlet/DSLActivation/static/installer/ATTInternetInstaller64.cab TCP: NameServer = 192.168.1.254 TCP: Interfaces\{41F10B22-D76D-4363-A57C-27706C3364D3} : DHCPNameServer = 192.168.42.129 TCP: Interfaces\{54A4FC6A-9B22-4065-9589-834F34BF9278} : DHCPNameServer = 192.168.42.129 TCP: Interfaces\{C6EA4EC8-0A3A-41F9-B151-2F68B1DE9BD4} : DHCPNameServer = 192.168.1.254 TCP: Interfaces\{C6EA4EC8-0A3A-41F9-B151-2F68B1DE9BD4}\2796368616274637E65677 : DHCPNameServer = 192.168.2.1 192.168.2.1 TCP: Interfaces\{C6EA4EC8-0A3A-41F9-B151-2F68B1DE9BD4}\E4544574541425 : DHCPNameServer = 192.168.1.1 Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2 sxssrv,4 x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s x64-Run: [ATT-SST_McciTrayApp] "C:\Program Files\ATT-SST\McciTrayApp.exe" x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab x64-DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Bobby\AppData\Roaming\Mozilla\Firefox\Profiles\ecxudfw3.default\ FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Common Files\Motive\npMotive.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Bobby\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll FF - plugin: C:\Users\Bobby\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll FF - plugin: C:\Users\Bobby\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll . ============= SERVICES / DRIVERS =============== . R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-7-8 98208] R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-5-21 140272] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624] R2 dldt_device;dldt_device;C:\Windows\System32\dldtcoms.exe -service --> C:\Windows\System32\dldtcoms.exe -service [?] R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072] R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264] R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-9 26680] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-2 399432] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-2 676936] R2 McciCMService64;McciCMService64;C:\Program Files\Common Files\Motive\McciCMService.exe [2011-2-11 517632] R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-3-23 87040] R2 RtVOsdService;RtVOsdService Installer;C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [2010-4-19 315392] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-12-2 25928] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240] R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\Windows\System32\drivers\rtl8192se.sys [2011-9-8 1225832] R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264] R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648] R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960] R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-6-18 103992] S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-8-15 57280] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-7-28 1511872] S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-2 33736] S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\System32\drivers\htcnprot.sys [2010-6-25 36928] S3 Leapfrog-USBLAN;Leapfrog-USBLAN;C:\Windows\System32\drivers\btblan.sys [2011-8-23 40320] S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368] S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864] S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312] S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-9-17 59392] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-12-29 1255736] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120] . =============== Created Last 30 ================ . 2012-12-06 06:40:57 -------- d-----w- C:\Users\Bobby\AppData\Local\Macromedia 2012-12-06 06:40:17 -------- d-----w- C:\Users\Bobby\AppData\Local\Mozilla 2012-12-02 13:42:20 0 ----a-w- C:\Windows\SysWow64\shoFAA8.tmp 2012-12-02 12:18:09 -------- d-----w- C:\Users\Bobby\AppData\Roaming\Malwarebytes 2012-12-02 12:17:50 -------- d-----w- C:\ProgramData\Malwarebytes 2012-12-02 12:17:48 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-12-02 12:17:48 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-11-26 05:51:19 -------- d-----w- C:\ProgramData\Recovery 2012-11-26 04:31:00 -------- d-----w- C:\ProgramData\Grisoft 2012-11-26 04:08:41 -------- d-----w- C:\Program Files (x86)\Zone Labs 2012-11-26 04:06:48 -------- d-----w- C:\Windows\Internet Logs 2012-11-15 15:31:34 0 ----a-w- C:\Windows\SysWow64\sho24E0.tmp 2012-11-15 08:42:01 9728 ----a-w- C:\Windows\System32\Wdfres.dll 2012-11-15 08:42:01 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys 2012-11-15 08:42:01 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys 2012-11-15 08:42:01 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui 2012-11-15 08:33:30 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys 2012-11-15 08:33:30 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys 2012-11-15 08:33:29 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll 2012-11-15 08:33:29 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll 2012-11-15 08:33:28 744448 ----a-w- C:\Windows\System32\WUDFx.dll 2012-11-15 08:33:28 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll 2012-11-15 08:33:28 229888 ----a-w- C:\Windows\System32\WUDFHost.exe 2012-11-15 01:38:51 -------- d-----we C:\Windows\system64 2012-11-15 01:27:55 -------- d-----w- C:\Users\Bobby\AppData\Local\DownTango 2012-11-15 01:27:45 -------- d-----w- C:\Program Files (x86)\Red Sky . ==================== Find3M ==================== . 2012-11-17 19:38:11 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-11-17 19:38:11 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-10-18 18:25:58 3149824 ----a-w- C:\Windows\System32\win32k.sys 2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll 2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll 2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll 2012-10-09 18:17:13 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll 2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll 2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll 2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll 2012-10-08 11:31:03 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2012-10-08 11:23:52 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-10-08 11:22:55 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-10-08 11:18:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-10-08 11:17:35 599040 ----a-w- C:\Windows\System32\vbscript.dll 2012-10-08 11:13:33 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-10-08 07:56:24 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-10-08 07:48:03 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-10-08 07:47:44 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-10-08 07:44:05 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-10-08 07:43:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2012-10-08 07:40:56 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll 2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll 2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll 2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll 2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll 2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll 2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll 2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll 2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll 2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys 2012-09-25 22:47:43 78336 ----a-w- C:\Windows\SysWow64\synceng.dll 2012-09-25 22:46:17 95744 ----a-w- C:\Windows\System32\synceng.dll 2012-09-24 20:32:24 477168 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll 2012-09-24 20:32:20 473072 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-09-20 22:02:06 1832760 ----a-w- C:\Windows\System32\LogiLDA.DLL 2012-09-14 19:19:29 2048 ----a-w- C:\Windows\System32\tzres.dll 2012-09-14 18:28:53 2048 ----a-w- C:\Windows\SysWow64\tzres.dll . ============= FINISH: 9:14:32.52 =============== Attach . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 12/26/2010 12:04:09 PM System Uptime: 12/12/2012 6:37:25 AM (3 hours ago) . Motherboard: Hewlett-Packard | | 1605 Processor: Intel® Celeron® CPU 900 @ 2.20GHz | CPU | 2194/800mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 216 GiB total, 105.244 GiB free. D: is FIXED (NTFS) - 16 GiB total, 2.325 GiB free. E: is CDROM (CDFS) . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP194: 11/28/2012 8:25:45 AM - Windows Update RP195: 12/5/2012 6:30:26 AM - Restore Operation . ==== Installed Programs ====================== . Acrobat.com Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.4) Adobe Shockwave Player 11.5 Apple Application Support Apple Software Update AT&T Service & Support Tool att.net Internet Mail att.net Toolbar Bejeweled 2 Deluxe Blackhawk Striker 2 Build-a-lot 2 calibre CCleaner Chuzzle Deluxe CinemaNow Media Manager Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module CyberLink DVD Suite CyberLink MediaShow CyberLink PowerDVD 9 CyberLink YouCam D3DX10 Diner Dash 2 Restaurant Rescue Dora's Carnival Adventure Energy Star Digital Logo Escape Rosecliff Island ESU for Microsoft Windows 7 FATE Final Drive Nitro Flickr Uploadr 3.2.1 Google Drive Google Talk (remove only) Google Talk Plugin Google Update Helper Heroes of Hellas 2 - Olympia Hewlett-Packard ACLM.NET v1.1.2.0 HP Advisor HP Customer Experience Enhancements HP Documentation HP Game Console HP Games HP MediaSmart CinemaNow 2.0 HP Photo Creations HP Power Manager HP Quick Launch HP Setup HP Software Framework HP Support Assistant HP Wireless Assistant HTC BMP USB Driver HTC Driver Installer HTC Sync Intel® Control Center Intel® Graphics Media Accelerator Driver Intel® Rapid Storage Technology Java Auto Updater Java 6 Update 20 (64-bit) Java 6 Update 37 Jewel Quest 3 Jewel Quest Solitaire 2 Junk Mail filter update LabelPrint LeapFrog Connect LeapFrog LeapPad Explorer Plugin Malwarebytes Anti-Malware version 1.65.1.1000 Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Camera Codec Pack Microsoft Office 2010 Microsoft Office Click-to-Run 2010 Microsoft Office Starter 2010 - English Microsoft Silverlight Microsoft SkyDrive Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft WSE 3.0 Runtime Movie Maker Mozilla Firefox 17.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSVCRT110 MSVCRT110_amd64 MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB2721691) NHRA Drag Racing 2 Opera 12.11 Paint.NET v3.5.10 Pandora Penguins! Photo Common Photo Gallery Photo Viewer PhotoNow! Picasa Web Albums Live Publisher Plants vs. Zombies Poker Superstars III Polar Bowler Polar Golfer Power2Go PowerDirector QuickTime Realtek Ethernet Controller Driver For Windows 7 Realtek High Definition Audio Driver REALTEK Wireless LAN Software Recovery Manager Roxio CinemaNow 2.0 RtVOsd Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Shutterfly Express Uploader Synaptics Pointing Device Driver Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin) Virtual Families Virtual Villagers - The Secret City Wheel of Fortune 2 Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Zuma Deluxe . ==== Event Viewer Messages From Past Week ======== . 12/8/2012 7:40:33 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service. 12/6/2012 11:19:36 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the RtVOsdService service. 12/5/2012 4:35:25 AM, Error: Schannel [36887] - The following fatal alert was received: 42. 12/5/2012 2:00:41 AM, Error: Service Control Manager [7022] - The Windows Update service hung on starting. 12/12/2012 6:40:09 AM, Error: Service Control Manager [7034] - The HP Wireless Assistant Service service terminated unexpectedly. It has done this 1 time(s). 12/12/2012 6:37:47 AM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed. 12/12/2012 6:37:46 AM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed. 12/12/2012 6:37:45 AM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service. 12/11/2012 11:50:03 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000f4 (0x0000000000000003, 0xfffffa80054bfb30, 0xfffffa80054bfe10, 0xfffff800031df460). A dump was saved in: C:\Windows\Minidump\121112-37955-01.dmp. Report Id: 121112-37955-01. 12/10/2012 9:01:14 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1. . ==== End Of File ===========================
  20. I continue to receive small ads in the bottom right and left corners of my computer screen. I ran Malwarebytes, Windows Security, Webroot and Adware Antivirus and none of them are picking up the issue. I'm not sure how to get rid of them at this point. Attached photo of one of the pop ads. DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.5.0 Run by Montes at 18:17:56 on 2012-10-04 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4027.2435 [GMT -7:00] . AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C} AV: Webroot SecureAnywhere *Enabled/Updated* {9C0666FC-6C7D-3E97-3C40-0C6B33FC7401} SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Webroot SecureAnywhere *Enabled/Updated* {27678718-4A47-3119-06F0-3719487B3EBC} . ============== Running Processes =============== . C:\windows\system32\wininit.exe C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe C:\Program Files\Webroot\WRSA.exe C:\windows\system32\nvvsvc.exe C:\windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k NetworkService C:\windows\system32\nvvsvc.exe C:\windows\System32\spoolsv.exe C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe C:\windows\system32\taskhost.exe C:\Program Files\Webroot\WRSA.exe C:\windows\system32\Dwm.exe C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\windows\System32\svchost.exe -k HPZ12 C:\windows\Explorer.EXE C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe C:\windows\System32\svchost.exe -k HPZ12 C:\windows\system32\svchost.exe -k imgsvc C:\windows\system32\ThpSrv.exe C:\Windows\system32\TODDSrv.exe C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe C:\Program Files\TOSHIBA\TECO\TecoService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\windows\system32\SearchIndexer.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe C:\Program Files\TOSHIBA\TECO\Teco.exe C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe C:\Program Files\TOSHIBA\FlashCards\Hotkey\TcrdKBB.exe c:\Program Files\Microsoft Security Client\NisSrv.exe C:\Windows\system32\WUDFHost.exe C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe C:\windows\system32\svchost.exe -k SDRSVC C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\SymcPCCULaunchSvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\PROGRA~2\Intuit\QUICKB~1\QBDBMgr.exe C:\PROGRAM FILES (X86)\KODAK\AIO\STATUSMONITOR\EKStatusMonitor.EXE C:\windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe C:\Program Files (x86)\TeamViewer\Version7\tv_x64.exe C:\windows\system32\SearchProtocolHost.exe C:\windows\system32\SearchFilterHost.exe C:\windows\system32\DllHost.exe C:\windows\system32\DllHost.exe C:\windows\SysWOW64\cmd.exe C:\windows\system32\conhost.exe C:\windows\SysWOW64\cscript.exe C:\windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uSearch Bar = Preserve uStart Page = hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_2&u=E72823479FE87A7C995050506DB535C9 uDefault_Page_URL = hxxp://start.toshiba.com/ mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA uInternet Settings,ProxyOverride = *.local mWinlogon: Userinit=userinit.exe BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File BHO: TOSHIBA Media Controller Plug-in: {f3c88694-effa-4d78-b409-54b7b2535b14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll {555d4d79-4bd2-4094-a395-cfc534424a05} uRun: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart mRun: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe mRun: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP mRun: [sVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun mRun: [TRCMan] C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe mRun: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" UNATTENDED mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [Conime] %windir%\system32\conime.exe mRun: [WRSVC] "C:\Program Files\Webroot\WRSA.exe" -ul dRunOnce: [KodakHomeCenter] "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe" mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_06-windows-i586.cab DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab TCP: DhcpNameServer = 192.168.0.1 TCP: Interfaces\{2047265C-D533-4E15-B8EF-94C9746AD58D} : DhcpNameServer = 192.168.0.1 TCP: Interfaces\{2047265C-D533-4E15-B8EF-94C9746AD58D}\2375942554930393 : DhcpNameServer = 192.168.1.254 TCP: Interfaces\{2047265C-D533-4E15-B8EF-94C9746AD58D}\671636164796F6E6 : DhcpNameServer = 66.129.55.2 72.19.160.2 72.19.128.53 TCP: Interfaces\{2047265C-D533-4E15-B8EF-94C9746AD58D}\B4A4 : DhcpNameServer = 192.168.0.1 TCP: Interfaces\{2047265C-D533-4E15-B8EF-94C9746AD58D}\C696E6B6379737 : DhcpNameServer = 192.168.0.1 TCP: Interfaces\{26E77D32-DFF8-4ADA-B4B7-43A779FB87DC} : DhcpNameServer = 192.168.0.1 192.168.0.1 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO-X64: 0x1 - No File BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO-X64: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO-X64: {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File BHO-X64: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File mRun-x64: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe mRun-x64: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP mRun-x64: [sVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL mRun-x64: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 mRun-x64: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun mRun-x64: [TRCMan] C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe mRun-x64: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" UNATTENDED mRun-x64: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun-x64: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [Conime] %windir%\system32\conime.exe mRun-x64: [WRSVC] "C:\Program Files\Webroot\WRSA.exe" -ul SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll Hosts: 74.55.76.230 www.google-analytics.com. Hosts: 74.55.76.230 ad-emea.doubleclick.net. Hosts: 74.55.76.230 www.statcounter.com. Hosts: 178.250.45.15 www.google-analytics.com. Hosts: 178.250.45.15 ad-emea.doubleclick.net. . Note: multiple HOSTS entries found. Please refer to Attach.txt . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Montes\AppData\Roaming\Mozilla\Firefox\Profiles\o4zzz7be.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q= FF - prefs.js: network.proxy.type - 0 FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\windows\SysWOW64\npmproxy.dll . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\system32\DRIVERS\MpFilter.sys --> C:\windows\system32\DRIVERS\MpFilter.sys [?] R0 Thpdrv;TOSHIBA HDD Protection Driver;C:\windows\system32\DRIVERS\thpdrv.sys --> C:\windows\system32\DRIVERS\thpdrv.sys [?] R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;C:\windows\system32\DRIVERS\Thpevm.SYS --> C:\windows\system32\DRIVERS\Thpevm.SYS [?] R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\system32\DRIVERS\tos_sps64.sys --> C:\windows\system32\DRIVERS\tos_sps64.sys [?] R0 WRkrn;WRkrn;C:\windows\system32\drivers\WRkrn.sys --> C:\windows\system32\drivers\WRkrn.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?] R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-3-29 913792] R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [2012-6-18 394712] R2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [2012-6-19 777728] R2 NisDrv;Microsoft Network Inspection System;C:\windows\system32\DRIVERS\NisDrvWFP.sys --> C:\windows\system32\DRIVERS\NisDrvWFP.sys [?] R2 Norton PC Checkup Application Launcher;Toshiba Laptop Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\SymcPCCULaunchSvc.exe [2011-7-25 135608] R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-7-25 1604200] R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe [2011-7-25 126392] R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-10-4 2754984] R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-4-6 258928] R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\system32\DRIVERS\TVALZFL.sys --> C:\windows\system32\DRIVERS\TVALZFL.sys [?] R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-7-25 2320920] R2 WRSVC;WRSVC;C:\Program Files\Webroot\WRSA.exe [2012-10-4 724976] R3 enecir;ENE CIR Receiver;C:\windows\system32\DRIVERS\enecir.sys --> C:\windows\system32\DRIVERS\enecir.sys [?] R3 enecirhid;ENE CIR HID Receiver;C:\windows\system32\DRIVERS\enecirhid.sys --> C:\windows\system32\DRIVERS\enecirhid.sys [?] R3 enecirhidma;ENE CIR HIDmini Filter;C:\windows\system32\DRIVERS\enecirhidma.sys --> C:\windows\system32\DRIVERS\enecirhidma.sys [?] R3 HECIx64;Intel® Management Engine Interface;C:\windows\system32\DRIVERS\HECIx64.sys --> C:\windows\system32\DRIVERS\HECIx64.sys [?] R3 JMCR;JMCR;C:\windows\system32\DRIVERS\jmcr.sys --> C:\windows\system32\DRIVERS\jmcr.sys [?] R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\windows\system32\drivers\nvhda64v.sys --> C:\windows\system32\drivers\nvhda64v.sys [?] R3 PGEffect;Pangu effect driver;C:\windows\system32\DRIVERS\pgeffect.sys --> C:\windows\system32\DRIVERS\pgeffect.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys --> C:\windows\system32\DRIVERS\Rt64win7.sys [?] R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\windows\system32\DRIVERS\rtl8192se.sys --> C:\windows\system32\DRIVERS\rtl8192se.sys [?] R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-7-25 54136] R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560] R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-2-23 835952] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\windows\system32\DRIVERS\vwifimp.sys --> C:\windows\system32\DRIVERS\vwifimp.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944] S3 acpials;ALS Sensor Filter;C:\windows\system32\DRIVERS\acpials.sys --> C:\windows\system32\DRIVERS\acpials.sys [?] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-5-20 250288] S3 cricut;cricut;C:\windows\system32\DRIVERS\cricut_x64.sys --> C:\windows\system32\DRIVERS\cricut_x64.sys [?] S3 fssfltr;fssfltr;C:\windows\system32\DRIVERS\fssfltr.sys --> C:\windows\system32\DRIVERS\fssfltr.sys [?] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-25 114144] S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096] S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\system32\Drivers\usbaapl64.sys --> C:\windows\system32\Drivers\usbaapl64.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?] S3 WSDPrintDevice;WSD Print Support via UMB;C:\windows\system32\DRIVERS\WSDPrint.sys --> C:\windows\system32\DRIVERS\WSDPrint.sys [?] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2012-10-05 01:06:25 -------- d-----w- C:\Program Files (x86)\TeamViewer 2012-10-04 21:07:32 150776 ----a-w- C:\windows\SysWow64\WRusr.dll 2012-10-04 21:07:32 102896 ----a-w- C:\windows\System32\WRusr.dll 2012-10-04 21:07:31 110672 ----a-w- C:\windows\System32\drivers\WRkrn.sys 2012-10-04 21:07:29 -------- d-----w- C:\Program Files\Webroot 2012-10-04 21:06:56 -------- d-----w- C:\ProgramData\WRData 2012-10-04 16:29:19 -------- d-----w- C:\Users\Montes\AppData\Roaming\LavasoftStatistics 2012-10-04 16:13:53 -------- d-----w- C:\Users\Montes\AppData\Local\Downloaded Installations 2012-10-04 04:32:36 9308616 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8B6BBE1D-B938-4FB1-8842-E8AED2DADC3C}\mpengine.dll 2012-10-03 17:19:47 972192 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C05E7D78-6769-44BE-8BCF-BD3C52A3C760}\gapaengine.dll 2012-10-03 17:19:33 9308616 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-10-02 06:04:32 -------- d-----w- C:\Users\Montes\AppData\Local\{3F5C2C56-6B17-4B09-8C1B-4E8BFB06BBD0} 2012-09-29 23:06:37 -------- d-----w- C:\Users\Montes\AppData\Roaming\KODAK AiO Home Center1211043503 2012-09-26 17:48:57 245760 ----a-w- C:\windows\System32\OxpsConverter.exe 2012-09-12 19:57:49 950128 ----a-w- C:\windows\System32\drivers\ndis.sys 2012-09-12 19:57:49 41472 ----a-w- C:\windows\System32\drivers\RNDISMP.sys 2012-09-12 19:57:47 574464 ----a-w- C:\windows\System32\d3d10level9.dll 2012-09-12 19:57:47 490496 ----a-w- C:\windows\SysWow64\d3d10level9.dll 2012-09-12 19:57:47 1913200 ----a-w- C:\windows\System32\drivers\tcpip.sys 2012-09-12 19:57:46 376688 ----a-w- C:\windows\System32\drivers\netio.sys 2012-09-12 19:57:46 288624 ----a-w- C:\windows\System32\drivers\FWPKCLNT.SYS 2012-09-11 18:39:11 -------- d-----r- C:\Program Files (x86)\Skype . ==================== Find3M ==================== . 2012-09-20 18:21:02 73136 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-09-20 18:21:02 696240 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe 2012-09-08 00:04:46 25928 ----a-w- C:\windows\System32\drivers\mbam.sys 2012-08-31 05:03:48 228768 ----a-w- C:\windows\System32\drivers\MpFilter.sys 2012-08-31 05:03:48 128456 ----a-w- C:\windows\System32\drivers\NisDrvWFP.sys 2012-08-27 15:15:46 72248 ----a-w- C:\windows\System32\drivers\cricut_x64.sys 2012-08-24 10:31:32 2312704 ----a-w- C:\windows\System32\jscript9.dll 2012-08-24 10:21:18 1392128 ----a-w- C:\windows\System32\wininet.dll 2012-08-24 10:20:11 1494528 ----a-w- C:\windows\System32\inetcpl.cpl 2012-08-24 10:14:45 173056 ----a-w- C:\windows\System32\ieUnatt.exe 2012-08-24 10:13:29 599040 ----a-w- C:\windows\System32\vbscript.dll 2012-08-24 10:09:42 2382848 ----a-w- C:\windows\System32\mshtml.tlb 2012-08-24 06:59:17 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll 2012-08-24 06:51:27 1129472 ----a-w- C:\windows\SysWow64\wininet.dll 2012-08-24 06:51:02 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl 2012-08-24 06:47:26 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe 2012-08-24 06:47:12 420864 ----a-w- C:\windows\SysWow64\vbscript.dll 2012-08-24 06:43:58 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb 2012-08-22 21:43:04 821736 ----a-w- C:\windows\SysWow64\npDeployJava1.dll 2012-08-22 21:43:04 746984 ----a-w- C:\windows\SysWow64\deployJava1.dll 2012-07-18 18:15:06 3148800 ----a-w- C:\windows\System32\win32k.sys . ============= FINISH: 18:18:42.02 =============== Attach: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 7/29/2011 1:56:31 PM System Uptime: 10/4/2012 5:12:40 PM (1 hours ago) . Motherboard: TOSHIBA | | NWQAA Processor: Intel® Core i7 CPU Q 720 @ 1.60GHz | CPU | 1600/133mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 454 GiB total, 312.422 GiB free. D: is CDROM (UDF) E: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: SBRE Device ID: ROOT\LEGACY_SBRE\0000 Manufacturer: Name: SBRE PNP Device ID: ROOT\LEGACY_SBRE\0000 Service: SBRE . ==== System Restore Points =================== . RP207: 9/22/2012 8:00:13 AM - Windows Update RP208: 9/26/2012 10:48:45 AM - Windows Update RP209: 9/27/2012 11:48:49 AM - Windows Update RP210: 10/1/2012 2:04:27 PM - Windows Update RP211: 10/2/2012 8:12:25 AM - Windows Update RP212: 10/3/2012 12:16:59 PM - Installed Java 7 Update 7 RP213: 10/4/2012 3:58:57 PM - Removed Java 7 Update 7 RP214: 10/4/2012 5:10:05 PM - Installed Microsoft Fix it 50267 . ==== Hosts File Hijack ====================== . Hosts: 74.55.76.230 www.google-analytics.com. Hosts: 74.55.76.230 ad-emea.doubleclick.net. Hosts: 74.55.76.230 www.statcounter.com. Hosts: 178.250.45.15 www.google-analytics.com. Hosts: 178.250.45.15 ad-emea.doubleclick.net. Hosts: 178.250.45.15 www.statcounter.com. . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) Adobe AIR Adobe Community Help Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Media Player Adobe Photoshop CS5 Adobe Reader 9.5.2 Advanced SystemCare 5 aioscnnr Apple Application Support Apple Software Update Autodesk SketchBookExpress 2011 Bejeweled 2 Deluxe C4USelfUpdater center Chuzzle Deluxe Compatibility Pack for the 2007 Office system Cricut Driver v2.01 Cricut Craft Room® D3DX10 Escape Rosecliff Island essentials FATE - The Traitor Soul Intel® Management Engine Components Intel® Rapid Storage Technology J2SE Runtime Environment 5.0 Jewel Quest 3 JMicron Flash Media Controller Driver Junk Mail filter update KODAK AiO Software Malwarebytes Anti-Malware version 1.65.0.1400 Mesh Runtime Messenger Companion Microsoft .NET Framework 1.1 Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office Home and Student 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Suite Activation Assistant Microsoft Office Ultimate 2007 Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Works Microsoft WSE 3.0 Runtime Microsoft_VC80_ATL_x86 Microsoft_VC80_CRT_x86 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFCLOC_x86 Microsoft_VC90_ATL_x86 Microsoft_VC90_CRT_x86 Microsoft_VC90_MFC_x86 Mozilla Firefox 15.0 (x86 en-US) Mozilla Firefox 15.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK NVIDIA PhysX NVIDIA Updatus ocr Origin PDF Settings CS5 Penguins! Polar Bowler PreReq QuickBooks Pro 2007 QuickTime RadLab v1.1.2 Realtek Ethernet Controller Driver For Windows 7 Realtek High Definition Audio Driver Realtek WLAN Driver Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition Skype™ 5.10 SupportSoft Assisted Service TeamViewer 7 The Sims™ 3 The Sims™ 3 Ambitions The Sims™ 3 Late Night The Sims™ 3 World Adventures TOSHIBA Application Installer TOSHIBA Assist TOSHIBA Bulletin Board TOSHIBA DVD PLAYER TOSHIBA eco Utility TOSHIBA Face Recognition TOSHIBA Flash Cards Support Utility TOSHIBA Hardware Setup TOSHIBA HDD/SSD Alert Toshiba Laptop Checkup TOSHIBA Media Controller TOSHIBA Media Controller Plug-in Toshiba Online Backup TOSHIBA Quality Application TOSHIBA ReelTime TOSHIBA Remote Control Manager TOSHIBA Service Station TOSHIBA Sleep Utility TOSHIBA Supervisor Password TOSHIBA Value Added Package TOSHIBA Web Camera Application ToshibaRegistration Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Utility Common Driver Virtual Families Virtual Villagers - The Secret City Webroot SecureAnywhere WildTangent Games WildTangent ORB Game Console Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Messenger Companion Core Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Zuma's Revenge . ==== Event Viewer Messages From Past Week ======== . 9/27/2012 11:58:43 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.137.519.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8800.0 Error code: 0x8024402f Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 10/4/2012 5:14:10 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 10/4/2012 5:13:27 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SBRE 10/4/2012 2:24:44 PM, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start. 10/4/2012 2:23:10 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 10/4/2012 2:23:04 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 10/4/2012 2:23:00 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 10/4/2012 2:22:59 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 10/4/2012 2:22:59 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 10/4/2012 2:22:58 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 10/4/2012 2:22:52 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 10/4/2012 2:22:44 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache MpFilter NetBIOS NetBT nsiproxy Psched rdbss SBRE spldr tdx vwififlt Wanarpv6 WfpLwf 10/4/2012 2:22:44 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 10/4/2012 2:22:44 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 10/4/2012 2:22:44 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 10/4/2012 2:22:44 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 10/4/2012 2:22:44 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 10/4/2012 2:22:44 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 10/4/2012 2:22:44 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 10/4/2012 2:22:44 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 10/4/2012 2:22:44 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 10/3/2012 9:47:45 PM, Error: Service Control Manager [7034] - The Advanced SystemCare Service 5 service terminated unexpectedly. It has done this 1 time(s). . ==== End Of File ===========================
  21. I continue to receive small ads in the bottom right and left corners of my computer screen. I ran Malwarebytes, AVG and Adware Antivirus and none of them are picking up the issue. I'm not sure how get rid of them at this point. I also have an issue where I will click on a link and it will redirect me to another site all together that was completely unrelated to the trusted link I was clicking on. Help! I've attached an image of what the advertisements look like.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.