Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected or not?


  • This topic is locked This topic is locked
13 replies to this topic

#1 woch2331

woch2331

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Local time:06:57 AM

Posted 25 November 2016 - 08:59 PM

I reloaded my computer in late July and things haven't been 'bad', but they haven't been 'good' either.

 

OS:  Windows 7 Home Premium 64-bit

Processor:  Intel i7 920 @ 2.67GHz
RAM:  12.0 GB
 

Just lately, I getting a 'Not Responding' message with several applications. Open Internet Explorer (Homepage = Google) and go to Yahoo - 'Not Responding'. Open Mozilla (Homepage Google) and go to Yahoo - 'Not Responding'. Open a few windows and copy files, Windows Explorer - 'Not Responding'. I try to open Task Manager and even that hangs and won't open right away. Random reboots, application errors and just plain headaches. The system eventually catches up and perform ok, but the issues are still there. (Maybe too much overhead with Dropbox, Dashlane or LogMeIn??)

 

How about system restore? I checked and no restore points found.

 

I checked the browser toolbars and add-ons. Cleaned the hard drive. Ran CHKDS and defrag the drive. No 'strange' processes running. Nothing in msconfig that appears noticeable.

 

I updated and ran Malwarebytes - no issues. Ran AdwCleaner - no issues. Ran Farbar and have the FRST.txt file and the Addition.txt file.

 

If there's nothing there, then I plan on wiping the drive and reloading the OS (again) and see if things improve. But, thought I would ask for help and see what's wrong (if anything).

 

 

 

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-11-2016
Ran by Mike (administrator) on MIKE-PC (25-11-2016 20:33:58)
Running from C:\Users\Mike\Desktop\BleepingComputer
Loaded Profiles: Mike (Available Profiles: Mike & LogMeInRemoteUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\ramaint.exe
() C:\Program Files (x86)\Tiger At Work\tigerVPN\tigerService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
() C:\Users\Mike\AppData\Roaming\Dashlane\DashlanePlugin.exe
(Dashlane, Inc.) C:\Users\Mike\AppData\Roaming\Dashlane\Dashlane.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2015-06-15] (LogMeIn, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-11-01] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25673776 2016-11-07] (Dropbox, Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-21-2406199817-2934641360-1423206144-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-10-05] (Apple Inc.)
HKU\S-1-5-21-2406199817-2934641360-1423206144-1001\...\Run: [DashlanePlugin] => C:\Users\Mike\AppData\Roaming\Dashlane\DashlanePlugin.exe [536960 2016-11-10] ()
HKU\S-1-5-21-2406199817-2934641360-1423206144-1001\...\Run: [Dashlane] => C:\Users\Mike\AppData\Roaming\Dashlane\Dashlane.exe [478592 2016-11-10] (Dashlane, Inc.)
HKU\S-1-5-21-2406199817-2934641360-1423206144-1001\...\MountPoints2: {d5c4fd49-25ed-11e6-bce3-001fbc083f67} - "M:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2016-05-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-09] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{46B64A49-7D09-4526-A798-C9E45136DB89}: [DhcpNameServer] 37.252.232.35
Tcpip\..\Interfaces\{6E8DC97D-7067-43AF-904E-1586F1BD0BB3}: [DhcpNameServer] 75.75.75.75 75.75.76.76

Internet Explorer:
==================
HKU\S-1-5-21-2406199817-2934641360-1423206144-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?gws_rd=ssl
SearchScopes: HKU\S-1-5-21-2406199817-2934641360-1423206144-1001 -> DefaultScope {F5941783-40D5-45EB-A743-485C594B8995} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-2406199817-2934641360-1423206144-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2406199817-2934641360-1423206144-1001 -> {F5941783-40D5-45EB-A743-485C594B8995} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-24] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Dashlane BHO -> {42D79B50-CC4A-4A8E-860F-BE674AF053A2} -> C:\Users\Mike\AppData\Roaming\Dashlane\ie\Dashlanei.dll [2016-11-10] (Dashlane, Inc.)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-24] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM-x32 - Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\Mike\AppData\Roaming\Dashlane\ie\KWIEBar.dll [2016-11-10] (Dashlane, Inc.)
DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} hxxps://secure.logmein.com//activex/ractrl.cab?lmi=2757
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll [2008-03-06] (Belarc, Inc.)

FireFox:
========
FF DefaultProfile: gt1rvq06.default
FF DefaultProfile: mike.wochholz@comcast.net
FF ProfilePath: C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\gt1rvq06.default [2016-11-25]
FF Homepage: Mozilla\Firefox\Profiles\gt1rvq06.default -> hxxp://www.google.com/
FF Extension: (Dashlane) - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\gt1rvq06.default\Extensions\jetpack-extension@dashlane.com.xpi [2016-08-16]
FF Extension: (New Tab Override (browser.newtab.url replacement)) - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\gt1rvq06.default\Extensions\newtaboverride@agenedia.com.xpi [2016-11-22]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-11-19]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-11-19]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-29] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-09] (AVAST Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-30] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-30] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [42096 2016-11-07] (Dropbox, Inc.)
S4 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2016-01-29] (NVIDIA Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [419336 2016-10-20] (LogMeIn, Inc.)
R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [509448 2016-10-20] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2015-06-15] (LogMeIn, Inc.)
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2016-01-29] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2016-01-29] (NVIDIA Corporation)
S3 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145736 2013-08-15] (Nuance Communications, Inc.)
R2 tiger service; C:\Program Files (x86)\Tiger At Work\tigerVPN\tigerService.exe [62464 2016-05-31] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-09] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-09] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2015-06-15] (LogMeIn, Inc.)
S4 LMIRfsClientNP; no ImagePath
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2016-01-29] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2016-01-29] (NVIDIA Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-21 15:42 - 2016-11-25 17:59 - 00000000 ____D C:\AdwCleaner
2016-11-20 20:12 - 2016-11-20 20:12 - 00000000 __SHD C:\found.003
2016-11-20 15:03 - 2016-11-20 15:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-11-19 21:55 - 2016-11-25 20:33 - 00000000 ____D C:\FRST
2016-11-19 21:52 - 2016-11-25 20:33 - 00000000 ____D C:\Users\Mike\Desktop\BleepingComputer
2016-11-19 21:46 - 2016-10-11 10:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-11-19 21:46 - 2016-10-11 10:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-11-19 21:46 - 2016-10-11 10:24 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-11-19 21:46 - 2016-10-11 10:24 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-11-19 21:46 - 2016-10-11 10:21 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 09:55 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-11-19 21:46 - 2016-10-11 09:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-11-19 21:46 - 2016-10-11 09:51 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-11-19 21:46 - 2016-10-11 09:51 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-11-19 21:46 - 2016-10-11 09:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-11-19 21:46 - 2016-10-11 09:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-11-19 21:46 - 2016-10-11 09:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 09:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 09:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 09:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 08:18 - 00419648 _____ C:\Windows\SysWOW64\locale.nls
2016-11-19 21:46 - 2016-10-04 10:13 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-11-19 21:46 - 2016-10-04 10:13 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-11-19 21:46 - 2016-10-04 10:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-11-19 21:46 - 2016-10-04 10:13 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-11-19 21:45 - 2016-10-11 10:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-11-19 21:45 - 2016-10-11 10:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-11-19 21:45 - 2016-10-11 10:37 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-11-19 21:45 - 2016-10-11 10:37 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-11-19 21:45 - 2016-10-11 10:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-11-19 21:45 - 2016-10-11 10:32 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-11-19 21:45 - 2016-10-11 10:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-11-19 21:45 - 2016-10-11 10:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-11-19 21:45 - 2016-10-11 10:32 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-11-19 21:45 - 2016-10-11 10:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-11-19 21:45 - 2016-10-11 10:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-11-19 21:45 - 2016-10-11 10:32 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-11-19 21:45 - 2016-10-11 10:32 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-11-19 21:45 - 2016-10-11 10:32 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-11-19 21:45 - 2016-10-11 10:32 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-11-19 21:45 - 2016-10-11 10:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-11-19 21:45 - 2016-10-11 10:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-11-19 21:45 - 2016-10-11 10:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-11-19 21:45 - 2016-10-11 10:32 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-11-19 21:45 - 2016-10-11 10:32 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-11-19 21:45 - 2016-10-11 10:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-11-19 21:45 - 2016-10-11 10:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-11-19 21:45 - 2016-10-11 10:03 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-11-19 21:45 - 2016-10-11 10:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-11-19 21:45 - 2016-10-11 10:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-11-19 21:45 - 2016-10-11 09:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-11-19 21:45 - 2016-10-11 09:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-11-19 21:45 - 2016-10-11 09:56 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-11-19 21:45 - 2016-10-11 09:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2016-11-19 21:45 - 2016-10-11 09:55 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-11-19 21:45 - 2016-10-11 09:55 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-11-19 21:45 - 2016-10-11 09:55 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-11-19 21:45 - 2016-10-11 09:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-11-19 21:45 - 2016-10-11 08:17 - 00419648 _____ C:\Windows\system32\locale.nls
2016-11-19 21:45 - 2016-10-08 08:06 - 00633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-11-19 21:45 - 2016-10-04 10:31 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-11-19 21:45 - 2016-10-04 10:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-11-19 21:45 - 2016-10-04 10:31 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-11-19 21:45 - 2016-10-04 10:31 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-11-19 12:12 - 2016-11-19 12:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-11-19 12:12 - 2016-09-09 15:53 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-11-19 10:29 - 2016-11-25 15:57 - 00000000 ____D C:\Users\Mike\AppData\Local\DD89FC40-F868-44E2-B631-9D3E966C9A23.aplzod
2016-11-19 10:26 - 2016-11-19 12:25 - 00000000 ___RD C:\Users\Mike\iCloudDrive
2016-11-19 10:26 - 2016-11-19 10:26 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud
2016-11-19 09:15 - 2016-11-19 09:19 - 00000000 ____D C:\Users\Mike\Documents\iTunes Playlist
2016-11-19 07:50 - 2016-11-19 07:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-11-19 07:49 - 2016-11-19 07:50 - 00000000 ____D C:\Program Files\iTunes
2016-11-19 07:49 - 2016-11-19 07:49 - 00000000 ____D C:\Program Files\iPod
2016-11-19 07:47 - 2016-11-19 07:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2016-11-13 20:02 - 2016-11-14 17:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-09 03:27 - 2016-11-09 03:27 - 00000000 __SHD C:\found.002
2016-11-09 00:24 - 2016-11-02 10:36 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-11-09 00:24 - 2016-11-02 10:32 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-11-09 00:24 - 2016-11-02 10:32 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-11-09 00:24 - 2016-11-02 10:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-11-09 00:24 - 2016-11-02 10:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-11-09 00:24 - 2016-11-02 10:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-11-09 00:24 - 2016-11-02 10:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-11-09 00:24 - 2016-11-02 10:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-11-09 00:24 - 2016-11-02 10:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-11-09 00:24 - 2016-11-02 09:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-11-09 00:24 - 2016-10-27 22:59 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-11-09 00:24 - 2016-10-27 22:14 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-11-09 00:24 - 2016-10-27 14:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-11-09 00:24 - 2016-10-27 14:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-11-09 00:24 - 2016-10-27 13:55 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-11-09 00:24 - 2016-10-27 13:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-11-09 00:24 - 2016-10-27 13:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-11-09 00:24 - 2016-10-27 13:53 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-11-09 00:24 - 2016-10-27 13:53 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-11-09 00:24 - 2016-10-27 13:51 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-11-09 00:24 - 2016-10-27 13:44 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-11-09 00:24 - 2016-10-27 13:43 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-11-09 00:24 - 2016-10-27 13:38 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-11-09 00:24 - 2016-10-27 13:37 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-11-09 00:24 - 2016-10-27 13:37 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-11-09 00:24 - 2016-10-27 13:37 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-11-09 00:24 - 2016-10-27 13:37 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-11-09 00:24 - 2016-10-27 13:28 - 25763328 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-11-09 00:24 - 2016-10-27 13:28 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-11-09 00:24 - 2016-10-27 13:24 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-11-09 00:24 - 2016-10-27 13:19 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-11-09 00:24 - 2016-10-27 13:15 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-11-09 00:24 - 2016-10-27 13:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-11-09 00:24 - 2016-10-27 13:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-11-09 00:24 - 2016-10-27 13:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-11-09 00:24 - 2016-10-27 13:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-11-09 00:24 - 2016-10-27 13:02 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-11-09 00:24 - 2016-10-27 12:49 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-11-09 00:24 - 2016-10-27 12:46 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-11-09 00:24 - 2016-10-27 12:46 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-11-09 00:24 - 2016-10-27 12:44 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-11-09 00:24 - 2016-10-27 12:44 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-11-09 00:24 - 2016-10-27 12:17 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-11-09 00:24 - 2016-10-27 12:16 - 02920448 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-11-09 00:24 - 2016-10-27 12:03 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-11-09 00:24 - 2016-10-27 11:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-11-09 00:24 - 2016-10-27 10:05 - 20304896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-11-09 00:24 - 2016-10-25 10:02 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-11-09 00:24 - 2016-10-22 12:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-11-09 00:24 - 2016-10-22 12:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-11-09 00:24 - 2016-10-22 12:36 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-11-09 00:24 - 2016-10-22 12:35 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-11-09 00:24 - 2016-10-22 12:35 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-11-09 00:24 - 2016-10-22 12:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-11-09 00:24 - 2016-10-22 12:27 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-11-09 00:24 - 2016-10-22 12:27 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-11-09 00:24 - 2016-10-22 12:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-11-09 00:24 - 2016-10-22 12:22 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-11-09 00:24 - 2016-10-22 12:21 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-11-09 00:24 - 2016-10-22 12:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-11-09 00:24 - 2016-10-22 12:20 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-11-09 00:24 - 2016-10-22 12:09 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-11-09 00:24 - 2016-10-22 12:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-11-09 00:24 - 2016-10-22 12:03 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-11-09 00:24 - 2016-10-22 11:59 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-11-09 00:24 - 2016-10-22 11:58 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-11-09 00:24 - 2016-10-22 11:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-11-09 00:24 - 2016-10-22 11:54 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-11-09 00:24 - 2016-10-22 11:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-11-09 00:24 - 2016-10-22 11:45 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-11-09 00:24 - 2016-10-22 11:44 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-11-09 00:24 - 2016-10-22 11:43 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-11-09 00:24 - 2016-10-22 11:43 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-11-09 00:24 - 2016-10-22 11:30 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-11-09 00:24 - 2016-10-22 11:12 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-11-09 00:24 - 2016-10-22 11:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-11-09 00:24 - 2016-10-22 11:09 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-11-09 00:24 - 2016-10-15 10:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-11-09 00:24 - 2016-10-15 10:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-11-09 00:24 - 2016-10-15 10:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-11-09 00:24 - 2016-10-15 10:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-11-09 00:24 - 2016-10-11 10:37 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-11-09 00:24 - 2016-10-11 10:31 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2016-11-09 00:24 - 2016-10-11 10:31 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-11-09 00:24 - 2016-10-11 10:31 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2016-11-09 00:24 - 2016-10-11 10:31 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2016-11-09 00:24 - 2016-10-11 10:31 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-11-09 00:24 - 2016-10-11 10:31 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2016-11-09 00:24 - 2016-10-11 10:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2016-11-09 00:24 - 2016-10-11 10:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2016-11-09 00:24 - 2016-10-11 10:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2016-11-09 00:24 - 2016-10-11 10:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2016-11-09 00:24 - 2016-10-11 10:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2016-11-09 00:24 - 2016-10-11 10:31 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2016-11-09 00:24 - 2016-10-11 10:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2016-11-09 00:24 - 2016-10-11 10:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-11-09 00:24 - 2016-10-11 10:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2016-11-09 00:24 - 2016-10-11 10:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2016-11-09 00:24 - 2016-10-11 10:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2016-11-09 00:24 - 2016-10-11 10:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2016-11-09 00:24 - 2016-10-11 10:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2016-11-09 00:24 - 2016-10-11 10:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2016-11-09 00:24 - 2016-10-11 10:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2016-11-09 00:24 - 2016-10-11 10:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2016-11-09 00:24 - 2016-10-11 10:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2016-11-09 00:24 - 2016-10-11 10:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2016-11-09 00:24 - 2016-10-11 08:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-11-09 00:24 - 2016-10-11 08:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-11-09 00:24 - 2016-10-07 10:32 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-11-09 00:24 - 2016-10-07 10:32 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-11-09 00:24 - 2016-10-07 10:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-11-09 00:24 - 2016-10-07 10:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-11-09 00:24 - 2016-10-07 10:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-11-09 00:24 - 2016-10-07 10:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-11-09 00:24 - 2016-10-05 09:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-11-07 17:49 - 2016-11-07 17:49 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2016-11-07 17:49 - 2016-11-07 17:49 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2016-11-07 17:49 - 2016-11-07 17:49 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2016-11-07 17:49 - 2016-11-07 17:49 - 00042096 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2016-10-26 18:26 - 2016-11-20 20:40 - 00320256 _____ C:\Windows\ntbtlog.txt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-25 20:17 - 2016-05-30 05:51 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-11-25 19:42 - 2016-05-30 06:25 - 00000904 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-11-25 18:06 - 2009-07-13 23:45 - 00013760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-25 18:06 - 2009-07-13 23:45 - 00013760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-25 18:05 - 2016-05-29 18:15 - 00000000 _____ C:\Users\Mike\AppData\LocalLow\rightsCheck_1.txt
2016-11-25 18:01 - 2016-06-04 15:05 - 00000988 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2016-11-25 18:01 - 2016-05-30 06:28 - 00000000 ___RD C:\Users\Mike\Dropbox
2016-11-25 18:01 - 2016-05-30 06:25 - 00000900 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-11-25 18:01 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-25 16:47 - 2016-05-29 19:51 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-11-25 16:41 - 2016-05-31 17:02 - 00000000 ____D C:\Users\Mike\Documents\Outlook Files
2016-11-25 15:59 - 2016-09-05 16:08 - 00000000 ____D C:\Users\Mike\AppData\Local\Ignition Casino
2016-11-25 09:25 - 2016-06-01 20:09 - 00000000 ____D C:\ProgramData\LogMeIn
2016-11-25 08:31 - 2016-06-26 18:57 - 00000000 ____D C:\Users\Mike\AppData\Roaming\HandBrake
2016-11-25 07:51 - 2016-06-11 10:11 - 00000000 ____D C:\Users\Mike\AppData\Roaming\vlc
2016-11-24 07:24 - 2016-07-17 06:52 - 00000000 ___RD C:\Users\Mike\Desktop\Desktop Icons
2016-11-24 07:24 - 2016-07-04 09:35 - 00002585 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaX.lnk
2016-11-24 07:24 - 2016-07-04 09:31 - 00000000 ____D C:\Users\Mike\Documents\MetaX
2016-11-24 07:24 - 2016-07-04 09:30 - 00000000 ____D C:\Program Files (x86)\MetaX
2016-11-23 06:26 - 2016-05-30 21:38 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Skype
2016-11-23 03:32 - 2016-06-14 05:55 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-11-23 03:32 - 2016-05-30 21:37 - 00000000 ____D C:\ProgramData\Skype
2016-11-20 15:03 - 2016-05-30 06:25 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-11-20 15:02 - 2016-10-02 14:05 - 00000000 _____ C:\Windows\SysWOW64\last.dump
2016-11-20 00:47 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2016-11-19 22:10 - 2009-07-14 00:13 - 00785942 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-19 22:10 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf
2016-11-19 21:48 - 2016-05-30 17:36 - 00778064 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-11-19 12:30 - 2016-05-29 20:00 - 00003888 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1464570042
2016-11-19 12:12 - 2016-05-29 19:53 - 00003922 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-11-19 10:48 - 2016-09-05 16:07 - 00000000 ____D C:\Ignition
2016-11-19 10:26 - 2016-06-04 20:41 - 00000000 ____D C:\Users\Mike\AppData\Local\Apple Inc
2016-11-19 10:26 - 2016-06-04 14:11 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Apple Computer
2016-11-19 10:26 - 2016-05-29 17:28 - 00000000 ____D C:\Users\Mike
2016-11-19 10:19 - 2016-05-30 06:23 - 00000000 ____D C:\Users\Mike\AppData\Local\ElevatedDiagnostics
2016-11-19 07:49 - 2016-06-04 14:10 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-11-16 16:52 - 2016-05-29 20:04 - 00000000 ____D C:\ProgramData\TEMP
2016-11-16 16:52 - 2016-05-29 20:04 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2016-11-16 05:43 - 2009-07-14 00:08 - 00032612 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-11-15 19:26 - 2016-05-29 18:09 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Dashlane
2016-11-14 19:00 - 2016-06-01 20:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-11-12 09:49 - 2016-06-07 19:15 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Mp3tag
2016-11-09 22:26 - 2016-05-30 07:38 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-11-09 17:37 - 2016-05-30 06:25 - 00003900 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2016-11-09 17:37 - 2016-05-30 06:25 - 00003648 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2016-11-09 03:31 - 2009-07-13 23:45 - 00417632 _____ C:\Windows\system32\FNTCACHE.DAT
2016-11-09 03:08 - 2016-05-29 17:32 - 00000000 ____D C:\Windows\system32\MRT
2016-11-09 03:03 - 2016-05-29 17:32 - 141011376 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-11-08 23:15 - 2009-07-14 00:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-11-08 11:17 - 2016-05-30 05:51 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-11-08 11:17 - 2016-05-30 05:51 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-11-08 11:17 - 2016-05-30 05:51 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-11-08 11:17 - 2016-05-30 05:51 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-11-08 11:17 - 2016-05-30 05:51 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-03 20:06 - 2016-05-30 07:37 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-03 16:56 - 2009-07-13 23:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-10-26 19:21 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\AppCompat

==================== Files in the root of some directories =======

2016-06-25 06:45 - 2016-08-05 22:01 - 0006144 _____ () C:\Users\Mike\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-06-10 05:37 - 2016-06-10 12:06 - 0000774 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

Some files in TEMP:
====================
C:\Users\Mike\AppData\Local\Temp\libeay32.dll
C:\Users\Mike\AppData\Local\Temp\msvcr120.dll
C:\Users\Mike\AppData\Local\Temp\sqlite3.dll
C:\Users\Mike\AppData\Local\Temp\_isA811.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-11-24 00:34

==================== End of FRST.txt ============================

 

Attached Files



BC AdBot (Login to Remove)

 


#2 woch2331

woch2331
  • Topic Starter

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Local time:06:57 AM

Posted 26 November 2016 - 09:35 AM

And... a BSOD this morning. Hardware problem or infection??

 

Problem signature:
  Problem Event Name: BlueScreen
  OS Version: 6.1.7601.2.1.0.768.3
  Locale ID: 1033

Additional information about the problem:
  BCCode: 24
  BCP1: 00000000001904FB
  BCP2: FFFFF88003338718
  BCP3: FFFFF88003337F70
  BCP4: FFFFF80002CF76BE
  OS Version: 6_1_7601
  Service Pack: 1_0
  Product: 768_1

Files that help describe the problem:
  C:\Windows\Minidump\112616-42187-01.dmp
  C:\Users\Mike\AppData\Local\Temp\WER-52140-0.sysdata.xml


Edited by woch2331, 26 November 2016 - 09:36 AM.


#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,664 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:57 AM

Posted 30 November 2016 - 09:00 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> https://www.bleepingcomputer.com/logreply/633122 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#4 woch2331

woch2331
  • Topic Starter

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Local time:06:57 AM

Posted 01 December 2016 - 05:58 AM

And another BSOD yesterday (11-30-2016) morning. When I returned home, computer was rebooted and again IE and Mozilla were non-responsive and another reboot seems to have them working again.

Just a hardware problem? Hope you can at least narrow down to an issue, or a complete wipe/reload will be coming up soon.

 

FRST.txt (12-01-2016)

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-11-2016
Ran by Mike (administrator) on MIKE-PC (01-12-2016 05:42:52)
Running from C:\Users\Mike\Desktop\BleepingComputer
Loaded Profiles: Mike (Available Profiles: Mike & LogMeInRemoteUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\ramaint.exe
() C:\Program Files (x86)\Tiger At Work\tigerVPN\tigerService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
() C:\Users\Mike\AppData\Roaming\Dashlane\DashlanePlugin.exe
(Dashlane, Inc.) C:\Users\Mike\AppData\Roaming\Dashlane\Dashlane.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2015-06-15] (LogMeIn, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-11-01] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25673776 2016-11-07] (Dropbox, Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-21-2406199817-2934641360-1423206144-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-10-05] (Apple Inc.)
HKU\S-1-5-21-2406199817-2934641360-1423206144-1001\...\Run: [DashlanePlugin] => C:\Users\Mike\AppData\Roaming\Dashlane\DashlanePlugin.exe [536960 2016-11-10] ()
HKU\S-1-5-21-2406199817-2934641360-1423206144-1001\...\Run: [Dashlane] => C:\Users\Mike\AppData\Roaming\Dashlane\Dashlane.exe [478592 2016-11-10] (Dashlane, Inc.)
HKU\S-1-5-21-2406199817-2934641360-1423206144-1001\...\MountPoints2: {d5c4fd49-25ed-11e6-bce3-001fbc083f67} - "M:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2016-05-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-09] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{46B64A49-7D09-4526-A798-C9E45136DB89}: [DhcpNameServer] 37.252.232.35
Tcpip\..\Interfaces\{6E8DC97D-7067-43AF-904E-1586F1BD0BB3}: [DhcpNameServer] 75.75.75.75 75.75.76.76

Internet Explorer:
==================
HKU\S-1-5-21-2406199817-2934641360-1423206144-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?gws_rd=ssl
SearchScopes: HKU\S-1-5-21-2406199817-2934641360-1423206144-1001 -> DefaultScope {F5941783-40D5-45EB-A743-485C594B8995} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-2406199817-2934641360-1423206144-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2406199817-2934641360-1423206144-1001 -> {F5941783-40D5-45EB-A743-485C594B8995} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-24] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Dashlane BHO -> {42D79B50-CC4A-4A8E-860F-BE674AF053A2} -> C:\Users\Mike\AppData\Roaming\Dashlane\ie\Dashlanei.dll [2016-11-10] (Dashlane, Inc.)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-24] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM-x32 - Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\Mike\AppData\Roaming\Dashlane\ie\KWIEBar.dll [2016-11-10] (Dashlane, Inc.)
DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} hxxps://secure.logmein.com//activex/ractrl.cab?lmi=2757
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll [2008-03-06] (Belarc, Inc.)

FireFox:
========
FF DefaultProfile: gt1rvq06.default
FF DefaultProfile: mike.wochholz@comcast.net
FF ProfilePath: C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\gt1rvq06.default [2016-11-30]
FF Homepage: Mozilla\Firefox\Profiles\gt1rvq06.default -> hxxp://www.google.com/
FF Extension: (Dashlane) - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\gt1rvq06.default\Extensions\jetpack-extension@dashlane.com.xpi [2016-08-16]
FF Extension: (New Tab Override (browser.newtab.url replacement)) - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\gt1rvq06.default\Extensions\newtaboverride@agenedia.com.xpi [2016-11-22]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-11-19]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-11-19]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-29] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-09] (AVAST Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-30] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-30] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [42096 2016-11-07] (Dropbox, Inc.)
S4 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2016-01-29] (NVIDIA Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [419336 2016-10-20] (LogMeIn, Inc.)
R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [509448 2016-10-20] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2015-06-15] (LogMeIn, Inc.)
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2016-01-29] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2016-01-29] (NVIDIA Corporation)
S3 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145736 2013-08-15] (Nuance Communications, Inc.)
R2 tiger service; C:\Program Files (x86)\Tiger At Work\tigerVPN\tigerService.exe [62464 2016-05-31] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-09] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-09] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2015-06-15] (LogMeIn, Inc.)
S4 LMIRfsClientNP; no ImagePath
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2016-01-29] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2016-01-29] (NVIDIA Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-30 16:55 - 2016-11-30 16:55 - 10662501 _____ (GuinpinSoft inc) C:\Users\Mike\Downloads\Setup_MakeMKV_v1.10.2.exe
2016-11-30 06:04 - 2016-11-30 06:04 - 00287288 _____ C:\Windows\Minidump\113016-39921-01.dmp
2016-11-27 13:52 - 2016-11-27 13:52 - 23840992 _____ (4Team Corporation) C:\Users\Mike\Downloads\sync2cloud_setup.exe.0r0a4hn.partial
2016-11-26 15:36 - 2016-11-26 15:47 - 00005004 _____ C:\Users\Mike\Documents\luggage tags v2.pdf
2016-11-26 15:30 - 2016-11-26 15:34 - 00004098 _____ C:\Users\Mike\Documents\luggage tags.pdf
2016-11-26 09:40 - 2016-11-26 08:11 - 00290936 _____ C:\Windows\Minidump\Minidump.dmp
2016-11-26 08:11 - 2016-11-26 08:11 - 00290936 _____ C:\Windows\Minidump\112616-42187-01.dmp
2016-11-21 15:42 - 2016-11-25 17:59 - 00000000 ____D C:\AdwCleaner
2016-11-20 20:12 - 2016-11-20 20:12 - 00000000 __SHD C:\found.003
2016-11-20 15:03 - 2016-11-20 15:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-11-19 21:55 - 2016-12-01 05:42 - 00000000 ____D C:\FRST
2016-11-19 21:52 - 2016-12-01 05:42 - 00000000 ____D C:\Users\Mike\Desktop\BleepingComputer
2016-11-19 21:46 - 2016-10-11 10:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-11-19 21:46 - 2016-10-11 10:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-11-19 21:46 - 2016-10-11 10:24 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-11-19 21:46 - 2016-10-11 10:24 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-11-19 21:46 - 2016-10-11 10:21 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 10:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 09:55 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-11-19 21:46 - 2016-10-11 09:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-11-19 21:46 - 2016-10-11 09:51 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-11-19 21:46 - 2016-10-11 09:51 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-11-19 21:46 - 2016-10-11 09:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-11-19 21:46 - 2016-10-11 09:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-11-19 21:46 - 2016-10-11 09:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 09:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 09:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 09:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-19 21:46 - 2016-10-11 08:18 - 00419648 _____ C:\Windows\SysWOW64\locale.nls
2016-11-19 21:46 - 2016-10-04 10:13 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-11-19 21:46 - 2016-10-04 10:13 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-11-19 21:46 - 2016-10-04 10:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-11-19 21:46 - 2016-10-04 10:13 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-11-19 21:45 - 2016-10-11 10:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-11-19 21:45 - 2016-10-11 10:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-11-19 21:45 - 2016-10-11 10:37 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-11-19 21:45 - 2016-10-11 10:37 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-11-19 21:45 - 2016-10-11 10:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-11-19 21:45 - 2016-10-11 10:32 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-11-19 21:45 - 2016-10-11 10:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-11-19 21:45 - 2016-10-11 10:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-11-19 21:45 - 2016-10-11 10:32 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-11-19 21:45 - 2016-10-11 10:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-11-19 21:45 - 2016-10-11 10:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-11-19 21:45 - 2016-10-11 10:32 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-11-19 21:45 - 2016-10-11 10:32 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-11-19 21:45 - 2016-10-11 10:32 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-11-19 21:45 - 2016-10-11 10:32 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-11-19 21:45 - 2016-10-11 10:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-11-19 21:45 - 2016-10-11 10:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-11-19 21:45 - 2016-10-11 10:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-11-19 21:45 - 2016-10-11 10:32 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-11-19 21:45 - 2016-10-11 10:32 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-11-19 21:45 - 2016-10-11 10:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-11-19 21:45 - 2016-10-11 10:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-19 21:45 - 2016-10-11 10:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-11-19 21:45 - 2016-10-11 10:03 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-11-19 21:45 - 2016-10-11 10:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-11-19 21:45 - 2016-10-11 10:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-11-19 21:45 - 2016-10-11 09:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-11-19 21:45 - 2016-10-11 09:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-11-19 21:45 - 2016-10-11 09:56 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-11-19 21:45 - 2016-10-11 09:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2016-11-19 21:45 - 2016-10-11 09:55 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-11-19 21:45 - 2016-10-11 09:55 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-11-19 21:45 - 2016-10-11 09:55 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-11-19 21:45 - 2016-10-11 09:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-11-19 21:45 - 2016-10-11 08:17 - 00419648 _____ C:\Windows\system32\locale.nls
2016-11-19 21:45 - 2016-10-08 08:06 - 00633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-11-19 21:45 - 2016-10-04 10:31 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-11-19 21:45 - 2016-10-04 10:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-11-19 21:45 - 2016-10-04 10:31 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-11-19 21:45 - 2016-10-04 10:31 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-11-19 12:12 - 2016-11-19 12:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-11-19 12:12 - 2016-09-09 15:53 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-11-19 10:29 - 2016-11-29 17:31 - 00000000 ____D C:\Users\Mike\AppData\Local\DD89FC40-F868-44E2-B631-9D3E966C9A23.aplzod
2016-11-19 10:26 - 2016-11-19 12:25 - 00000000 ___RD C:\Users\Mike\iCloudDrive
2016-11-19 10:26 - 2016-11-19 10:26 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud
2016-11-19 09:15 - 2016-11-19 09:19 - 00000000 ____D C:\Users\Mike\Documents\iTunes Playlist
2016-11-19 07:50 - 2016-11-19 07:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-11-19 07:49 - 2016-11-19 07:50 - 00000000 ____D C:\Program Files\iTunes
2016-11-19 07:49 - 2016-11-19 07:49 - 00000000 ____D C:\Program Files\iPod
2016-11-19 07:47 - 2016-11-19 07:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2016-11-13 20:02 - 2016-11-14 17:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-09 03:27 - 2016-11-09 03:27 - 00000000 __SHD C:\found.002
2016-11-09 00:24 - 2016-11-02 10:36 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-11-09 00:24 - 2016-11-02 10:32 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-11-09 00:24 - 2016-11-02 10:32 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-11-09 00:24 - 2016-11-02 10:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-11-09 00:24 - 2016-11-02 10:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-11-09 00:24 - 2016-11-02 10:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-11-09 00:24 - 2016-11-02 10:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-11-09 00:24 - 2016-11-02 10:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-11-09 00:24 - 2016-11-02 10:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-11-09 00:24 - 2016-11-02 09:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-11-09 00:24 - 2016-10-27 22:59 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-11-09 00:24 - 2016-10-27 22:14 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-11-09 00:24 - 2016-10-27 14:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-11-09 00:24 - 2016-10-27 14:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-11-09 00:24 - 2016-10-27 13:55 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-11-09 00:24 - 2016-10-27 13:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-11-09 00:24 - 2016-10-27 13:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-11-09 00:24 - 2016-10-27 13:53 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-11-09 00:24 - 2016-10-27 13:53 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-11-09 00:24 - 2016-10-27 13:51 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-11-09 00:24 - 2016-10-27 13:44 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-11-09 00:24 - 2016-10-27 13:43 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-11-09 00:24 - 2016-10-27 13:38 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-11-09 00:24 - 2016-10-27 13:37 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-11-09 00:24 - 2016-10-27 13:37 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-11-09 00:24 - 2016-10-27 13:37 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-11-09 00:24 - 2016-10-27 13:37 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-11-09 00:24 - 2016-10-27 13:28 - 25763328 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-11-09 00:24 - 2016-10-27 13:28 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-11-09 00:24 - 2016-10-27 13:24 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-11-09 00:24 - 2016-10-27 13:19 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-11-09 00:24 - 2016-10-27 13:15 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-11-09 00:24 - 2016-10-27 13:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-11-09 00:24 - 2016-10-27 13:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-11-09 00:24 - 2016-10-27 13:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-11-09 00:24 - 2016-10-27 13:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-11-09 00:24 - 2016-10-27 13:02 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-11-09 00:24 - 2016-10-27 12:49 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-11-09 00:24 - 2016-10-27 12:46 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-11-09 00:24 - 2016-10-27 12:46 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-11-09 00:24 - 2016-10-27 12:44 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-11-09 00:24 - 2016-10-27 12:44 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-11-09 00:24 - 2016-10-27 12:17 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-11-09 00:24 - 2016-10-27 12:16 - 02920448 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-11-09 00:24 - 2016-10-27 12:03 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-11-09 00:24 - 2016-10-27 11:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-11-09 00:24 - 2016-10-27 10:05 - 20304896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-11-09 00:24 - 2016-10-25 10:02 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-11-09 00:24 - 2016-10-22 12:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-11-09 00:24 - 2016-10-22 12:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-11-09 00:24 - 2016-10-22 12:36 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-11-09 00:24 - 2016-10-22 12:35 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-11-09 00:24 - 2016-10-22 12:35 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-11-09 00:24 - 2016-10-22 12:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-11-09 00:24 - 2016-10-22 12:27 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-11-09 00:24 - 2016-10-22 12:27 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-11-09 00:24 - 2016-10-22 12:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-11-09 00:24 - 2016-10-22 12:22 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-11-09 00:24 - 2016-10-22 12:21 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-11-09 00:24 - 2016-10-22 12:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-11-09 00:24 - 2016-10-22 12:20 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-11-09 00:24 - 2016-10-22 12:09 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-11-09 00:24 - 2016-10-22 12:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-11-09 00:24 - 2016-10-22 12:03 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-11-09 00:24 - 2016-10-22 11:59 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-11-09 00:24 - 2016-10-22 11:58 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-11-09 00:24 - 2016-10-22 11:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-11-09 00:24 - 2016-10-22 11:54 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-11-09 00:24 - 2016-10-22 11:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-11-09 00:24 - 2016-10-22 11:45 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-11-09 00:24 - 2016-10-22 11:44 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-11-09 00:24 - 2016-10-22 11:43 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-11-09 00:24 - 2016-10-22 11:43 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-11-09 00:24 - 2016-10-22 11:30 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-11-09 00:24 - 2016-10-22 11:12 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-11-09 00:24 - 2016-10-22 11:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-11-09 00:24 - 2016-10-22 11:09 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-11-09 00:24 - 2016-10-15 10:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-11-09 00:24 - 2016-10-15 10:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-11-09 00:24 - 2016-10-15 10:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-11-09 00:24 - 2016-10-15 10:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-11-09 00:24 - 2016-10-11 10:37 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-11-09 00:24 - 2016-10-11 10:31 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2016-11-09 00:24 - 2016-10-11 10:31 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-11-09 00:24 - 2016-10-11 10:31 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2016-11-09 00:24 - 2016-10-11 10:31 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2016-11-09 00:24 - 2016-10-11 10:31 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-11-09 00:24 - 2016-10-11 10:31 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2016-11-09 00:24 - 2016-10-11 10:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2016-11-09 00:24 - 2016-10-11 10:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2016-11-09 00:24 - 2016-10-11 10:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2016-11-09 00:24 - 2016-10-11 10:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2016-11-09 00:24 - 2016-10-11 10:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2016-11-09 00:24 - 2016-10-11 10:31 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2016-11-09 00:24 - 2016-10-11 10:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2016-11-09 00:24 - 2016-10-11 10:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-11-09 00:24 - 2016-10-11 10:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2016-11-09 00:24 - 2016-10-11 10:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2016-11-09 00:24 - 2016-10-11 10:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2016-11-09 00:24 - 2016-10-11 10:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2016-11-09 00:24 - 2016-10-11 10:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2016-11-09 00:24 - 2016-10-11 10:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2016-11-09 00:24 - 2016-10-11 10:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2016-11-09 00:24 - 2016-10-11 10:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2016-11-09 00:24 - 2016-10-11 10:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2016-11-09 00:24 - 2016-10-11 10:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2016-11-09 00:24 - 2016-10-11 08:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-11-09 00:24 - 2016-10-11 08:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-11-09 00:24 - 2016-10-07 10:32 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-11-09 00:24 - 2016-10-07 10:32 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-11-09 00:24 - 2016-10-07 10:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-11-09 00:24 - 2016-10-07 10:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-11-09 00:24 - 2016-10-07 10:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-11-09 00:24 - 2016-10-07 10:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-11-09 00:24 - 2016-10-05 09:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-11-07 17:49 - 2016-11-07 17:49 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2016-11-07 17:49 - 2016-11-07 17:49 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2016-11-07 17:49 - 2016-11-07 17:49 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2016-11-07 17:49 - 2016-11-07 17:49 - 00042096 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-01 05:17 - 2016-05-30 05:51 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-01 04:57 - 2016-06-01 20:09 - 00000000 ____D C:\ProgramData\LogMeIn
2016-12-01 04:48 - 2016-05-30 06:25 - 00000904 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-12-01 03:23 - 2009-07-13 23:45 - 00013760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-01 03:23 - 2009-07-13 23:45 - 00013760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-30 20:48 - 2016-05-30 06:25 - 00000900 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-11-30 17:28 - 2016-05-29 18:15 - 00000000 _____ C:\Users\Mike\AppData\LocalLow\rightsCheck_1.txt
2016-11-30 16:49 - 2016-06-26 18:57 - 00000000 ____D C:\Users\Mike\AppData\Roaming\HandBrake
2016-11-30 06:06 - 2016-05-30 06:28 - 00000000 ___RD C:\Users\Mike\Dropbox
2016-11-30 06:04 - 2016-06-10 15:40 - 00000000 ____D C:\Windows\Minidump
2016-11-30 06:04 - 2016-06-04 15:05 - 00000988 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2016-11-30 06:04 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-30 06:03 - 2016-06-10 15:40 - 713910823 _____ C:\Windows\MEMORY.DMP
2016-11-29 18:41 - 2016-05-31 17:02 - 00000000 ____D C:\Users\Mike\Documents\Outlook Files
2016-11-28 20:43 - 2016-05-30 06:25 - 00003900 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2016-11-28 20:43 - 2016-05-30 06:25 - 00003648 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2016-11-28 18:59 - 2016-09-05 16:08 - 00000000 ____D C:\Users\Mike\AppData\Local\Ignition Casino
2016-11-26 06:51 - 2016-07-04 09:30 - 00000000 ____D C:\Program Files (x86)\MetaX
2016-11-25 16:47 - 2016-05-29 19:51 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-11-25 07:51 - 2016-06-11 10:11 - 00000000 ____D C:\Users\Mike\AppData\Roaming\vlc
2016-11-24 07:24 - 2016-07-17 06:52 - 00000000 ___RD C:\Users\Mike\Desktop\Desktop Icons
2016-11-24 07:24 - 2016-07-04 09:35 - 00002585 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaX.lnk
2016-11-24 07:24 - 2016-07-04 09:31 - 00000000 ____D C:\Users\Mike\Documents\MetaX
2016-11-23 06:26 - 2016-05-30 21:38 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Skype
2016-11-23 03:32 - 2016-06-14 05:55 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-11-23 03:32 - 2016-05-30 21:37 - 00000000 ____D C:\ProgramData\Skype
2016-11-20 20:40 - 2016-10-26 18:26 - 00320256 _____ C:\Windows\ntbtlog.txt
2016-11-20 15:03 - 2016-05-30 06:25 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-11-20 15:02 - 2016-10-02 14:05 - 00000000 _____ C:\Windows\SysWOW64\last.dump
2016-11-20 00:47 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2016-11-19 22:10 - 2009-07-14 00:13 - 00785942 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-19 22:10 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf
2016-11-19 21:48 - 2016-05-30 17:36 - 00778064 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-11-19 12:30 - 2016-05-29 20:00 - 00003888 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1464570042
2016-11-19 12:12 - 2016-05-29 19:53 - 00003922 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-11-19 10:48 - 2016-09-05 16:07 - 00000000 ____D C:\Ignition
2016-11-19 10:26 - 2016-06-04 20:41 - 00000000 ____D C:\Users\Mike\AppData\Local\Apple Inc
2016-11-19 10:26 - 2016-06-04 14:11 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Apple Computer
2016-11-19 10:26 - 2016-05-29 17:28 - 00000000 ____D C:\Users\Mike
2016-11-19 10:19 - 2016-05-30 06:23 - 00000000 ____D C:\Users\Mike\AppData\Local\ElevatedDiagnostics
2016-11-19 07:49 - 2016-06-04 14:10 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-11-16 16:52 - 2016-05-29 20:04 - 00000000 ____D C:\ProgramData\TEMP
2016-11-16 16:52 - 2016-05-29 20:04 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2016-11-16 05:43 - 2009-07-14 00:08 - 00032612 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-11-15 19:26 - 2016-05-29 18:09 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Dashlane
2016-11-14 19:00 - 2016-06-01 20:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-11-12 09:49 - 2016-06-07 19:15 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Mp3tag
2016-11-09 22:26 - 2016-05-30 07:38 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-11-09 03:31 - 2009-07-13 23:45 - 00417632 _____ C:\Windows\system32\FNTCACHE.DAT
2016-11-09 03:08 - 2016-05-29 17:32 - 00000000 ____D C:\Windows\system32\MRT
2016-11-09 03:03 - 2016-05-29 17:32 - 141011376 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-11-08 23:15 - 2009-07-14 00:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-11-08 11:17 - 2016-05-30 05:51 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-11-08 11:17 - 2016-05-30 05:51 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-11-08 11:17 - 2016-05-30 05:51 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-11-08 11:17 - 2016-05-30 05:51 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-11-08 11:17 - 2016-05-30 05:51 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-03 20:06 - 2016-05-30 07:37 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-03 16:56 - 2009-07-13 23:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

==================== Files in the root of some directories =======

2016-06-25 06:45 - 2016-08-05 22:01 - 0006144 _____ () C:\Users\Mike\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-06-10 05:37 - 2016-06-10 12:06 - 0000774 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

Some files in TEMP:
====================
C:\Users\Mike\AppData\Local\Temp\libeay32.dll
C:\Users\Mike\AppData\Local\Temp\msvcr120.dll
C:\Users\Mike\AppData\Local\Temp\sqlite3.dll
C:\Users\Mike\AppData\Local\Temp\_isA811.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-11-24 00:34

==================== End of FRST.txt ============================

Attached Files


Edited by woch2331, 01 December 2016 - 08:22 PM.


#5 RayS

RayS

  • Malware Study Hall Senior
  • 2,280 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:57 AM

Posted 03 December 2016 - 06:05 AM

Hello woch2331,

My name is Ray and I'll be assisting you with your issue. Please give me a day or two to review your logs and prepare a reply. Since I'm still a trainee, all my posts have to be reviewed by my instructor prior to being posted to make sure that you receive the best assistance possible.

Thank you for your understanding, I'll be with you shortly!

RayS


I don't accept payment for my help, but it would please me if you perform a kindness for your neighbor. You might also contact your local animal shelter. They can always use a bag of kibble or a few cans of pet food. Who knows... you might even find a life-long furry friend there.


#6 RayS

RayS

  • Malware Study Hall Senior
  • 2,280 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:57 AM

Posted 05 December 2016 - 03:36 AM

Hello woch2331, and welcome to Bleeping Computer.

Please call me "Ray".

I will be helping you with your computer problem. If you would permit me to call you by your first name, please tell it to me.
 

  • Please do not attach any log files to your replies unless specifically requested. Instead, please copy and paste the entire text of the logs into the body of your reply. Use separate consecutive posts if that's easier for you.
  • Please do not try to fix anything and don't change the configuration of your PC without being advised to do so.
  • Always read my entire message before you begin to follow my instructions.
  • It may be helpful for you to print my instructions for easy reference.
  • Perform my instructions in the order as given.
  • Any fixes I provide are for this specific problem on this machine only.
  • Removing malware is hazardous. I will not knowingly advise actions that will damage your computer, but it is impossible to guarantee the safety of your system. It may even become necessary to re-format and re-install your operating system. Before we proceed, you should back up all your data -- preferably to a different computer or to off-line storage. In this case, definitely do not store your backups on the physical disk that holds your C drive . Do this first.


BitTorrent Warning

Going over your logs, I noticed that you have BitTorrent installed. 


  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and trojans spread across P2P file sharing networks, gaming, and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

It is pretty much certain that if you continue to use P2P programs, you will get infected.
I would recommend that you uninstall BitTorrent, however, that choice is up to you. If you choose to remove these programs, you can do so via Start > Control Panel > Add/Remove Programs.

If you wish to keep it, please do not use it until your computer is cleaned. Please let me know whether you will refrain from using BitTorrent or will delete it.


GSmartControl for Windows

Before we handle any of the other problems on your PC, we need to address the likely hardware failure of your C drive (physical disk 1). 

  • Download GSmartControl for Windows and save it to your desktop.
  • Double click gsmartcontrol.exe and follow the prompts to install the program all the way through to the Finish button.
  • Press the Windows Key + E at the same time.
  • Navigate to and double click C:\Program Files (86)\gsmartcontrol (select the application and not the icon).
  • Allow the program to search for and list your hard drive(s).
  • Double click on a drive.
  • A Device Information window will open.
  • Click the Perform Tests tab.
  • Make sure that the Test type is set to Short Self-test.
  • Click Execute.
  • After the test completes (in about one or two minutes), click View Output and copy and paste the contents into your reply.

Repeat this process by double-clicking on each of your drives one-at-a-time. Copy and paste each report into your reply.


In your next reply...

  • Confirm that you have backed up your data to a location other than your physical Disk 1.
  • Tell me whether you will delete or refrain from using BitTorrent.
  • Copy and paste the contents of all the disk analysis reports into the body of your message.

How is your computer running now?

Regards,

Ray


I don't accept payment for my help, but it would please me if you perform a kindness for your neighbor. You might also contact your local animal shelter. They can always use a bag of kibble or a few cans of pet food. Who knows... you might even find a life-long furry friend there.


#7 woch2331

woch2331
  • Topic Starter

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Local time:06:57 AM

Posted 05 December 2016 - 05:39 AM

1. Data has been backed up

2. BitTorrent has been deleted and computer rebooted

3. Posted scan results

 

Current operating system drive was brand-new when reinstalled

 

WDC WD10EACS-00ZJB0 - no errors found

WDC WD20EZRZ-00Z5HB0 - no errors found

WDC WD40EZRX-00SPEB0 - no errors found

WDC WD1001FALS-00J7B1 - no errors found

My Book 1111 - unable to scan

My Book 1230 - unable to scan

 

SCAN LOGS:

 

WDC WD10EACS-00ZJB0

*******************************************************************************************

smartctl 5.43 2012-06-30 r3573 [i686-w64-mingw32-win7(64)-sp1] (sf-5.43-1)
Copyright © 2002-12 by Bruce Allen, http://smartmontools.sourceforge.net

=== START OF INFORMATION SECTION ===
Model Family:     Western Digital Caviar Green
Device Model:     WDC WD10EACS-00ZJB0
Serial Number:    WD-WCASJ1063202
LU WWN Device Id: 5 0014ee 200f9e06e
Firmware Version: 01.01B01
User Capacity:    1,000,204,886,016 bytes [1.00 TB]
Sector Size:      512 bytes logical/physical
Device is:        In smartctl database [for details use: -P show]
ATA Version is:   8
ATA Standard is:  Exact ATA specification draft version not indicated
Local Time is:    Mon Dec 05 05:12:23 2016 EST
SMART support is: Available - device has SMART capability.
SMART support is: Enabled

=== START OF READ SMART DATA SECTION ===
SMART overall-health self-assessment test result: PASSED

General SMART Values:
Offline data collection status:  (0x85) Offline data collection activity
     was aborted by an interrupting command from host.
     Auto Offline Data Collection: Enabled.
Self-test execution status:      (   0) The previous self-test routine completed
     without error or no self-test has ever
     been run.
Total time to complete Offline
data collection:   (27960) seconds.
Offline data collection
capabilities:     (0x7b) SMART execute Offline immediate.
     Auto Offline data collection on/off support.
     Suspend Offline collection upon new
     command.
     Offline surface scan supported.
     Self-test supported.
     Conveyance Self-test supported.
     Selective Self-test supported.
SMART capabilities:            (0x0003) Saves SMART data before entering
     power-saving mode.
     Supports SMART auto save timer.
Error logging capability:        (0x01) Error logging supported.
     General Purpose Logging supported.
Short self-test routine
recommended polling time:   (   2) minutes.
Extended self-test routine
recommended polling time:   ( 320) minutes.
Conveyance self-test routine
recommended polling time:   (   5) minutes.
SCT capabilities:         (0x303f) SCT Status supported.
     SCT Error Recovery Control supported.
     SCT Feature Control supported.
     SCT Data Table supported.

SMART Attributes Data Structure revision number: 16
Vendor Specific SMART Attributes with Thresholds:
ID# ATTRIBUTE_NAME          FLAG     VALUE WORST THRESH TYPE      UPDATED  WHEN_FAILED RAW_VALUE
  1 Raw_Read_Error_Rate     0x000f   200   200   051    Pre-fail  Always       -       0
  3 Spin_Up_Time            0x0003   174   172   021    Pre-fail  Always       -       8258
  4 Start_Stop_Count        0x0032   082   082   000    Old_age   Always       -       18371
  5 Reallocated_Sector_Ct   0x0033   200   200   140    Pre-fail  Always       -       0
  7 Seek_Error_Rate         0x000e   200   200   051    Old_age   Always       -       0
  9 Power_On_Hours          0x0032   045   044   000    Old_age   Always       -       40507
 10 Spin_Retry_Count        0x0012   100   100   051    Old_age   Always       -       0
 11 Calibration_Retry_Count 0x0012   100   100   051    Old_age   Always       -       0
 12 Power_Cycle_Count       0x0032   100   100   000    Old_age   Always       -       134
192 Power-Off_Retract_Count 0x0032   200   200   000    Old_age   Always       -       61
193 Load_Cycle_Count        0x0032   181   181   000    Old_age   Always       -       59701
194 Temperature_Celsius     0x0022   112   084   000    Old_age   Always       -       40
196 Reallocated_Event_Count 0x0032   200   200   000    Old_age   Always       -       0
197 Current_Pending_Sector  0x0012   200   200   000    Old_age   Always       -       0
198 Offline_Uncorrectable   0x0010   200   200   000    Old_age   Offline      -       0
199 UDMA_CRC_Error_Count    0x003e   200   200   000    Old_age   Always       -       0
200 Multi_Zone_Error_Rate   0x0008   200   200   051    Old_age   Offline      -       0

SMART Error Log Version: 1
No Errors Logged

SMART Self-test log structure revision number 1
Num  Test_Description    Status                  Remaining  LifeTime(hours)  LBA_of_first_error
# 1  Short offline       Completed without error       00%     40507         -
# 2  Conveyance offline  Completed without error       00%     12197         -

SMART Selective self-test log data structure revision number 1
 SPAN  MIN_LBA  MAX_LBA  CURRENT_TEST_STATUS
    1        0        0  Not_testing
    2        0        0  Not_testing
    3        0        0  Not_testing
    4        0        0  Not_testing
    5        0        0  Not_testing
Selective self-test flags (0x0):
  After scanning selected spans, do NOT read-scan remainder of disk.
If Selective self-test is pending on power-up, resume after 0 minute delay.

 

WDC WD20EZRZ-00Z5HB0

*******************************************************************************************

smartctl 5.43 2012-06-30 r3573 [i686-w64-mingw32-win7(64)-sp1] (sf-5.43-1)
Copyright © 2002-12 by Bruce Allen, http://smartmontools.sourceforge.net

=== START OF INFORMATION SECTION ===
Device Model:     WDC WD20EZRZ-00Z5HB0
Serial Number:    WD-WCC4N2XUSKE5
LU WWN Device Id: 5 0014ee 2627eb543
Firmware Version: 80.00A80
User Capacity:    2,000,398,934,016 bytes [2.00 TB]
Sector Sizes:     512 bytes logical, 4096 bytes physical
Device is:        Not in smartctl database [for details use: -P showall]
ATA Version is:   8
ATA Standard is:  ACS-2 (revision not indicated)
Local Time is:    Mon Dec 05 05:06:26 2016 EST
SMART support is: Available - device has SMART capability.
SMART support is: Enabled

=== START OF READ SMART DATA SECTION ===
SMART overall-health self-assessment test result: PASSED

General SMART Values:
Offline data collection status:  (0x82) Offline data collection activity
     was completed without error.
     Auto Offline Data Collection: Enabled.
Self-test execution status:      (   0) The previous self-test routine completed
     without error or no self-test has ever
     been run.
Total time to complete Offline
data collection:   (26940) seconds.
Offline data collection
capabilities:     (0x7b) SMART execute Offline immediate.
     Auto Offline data collection on/off support.
     Suspend Offline collection upon new
     command.
     Offline surface scan supported.
     Self-test supported.
     Conveyance Self-test supported.
     Selective Self-test supported.
SMART capabilities:            (0x0003) Saves SMART data before entering
     power-saving mode.
     Supports SMART auto save timer.
Error logging capability:        (0x01) Error logging supported.
     General Purpose Logging supported.
Short self-test routine
recommended polling time:   (   2) minutes.
Extended self-test routine
recommended polling time:   ( 272) minutes.
Conveyance self-test routine
recommended polling time:   (   5) minutes.
SCT capabilities:         (0x7035) SCT Status supported.
     SCT Feature Control supported.
     SCT Data Table supported.

SMART Attributes Data Structure revision number: 16
Vendor Specific SMART Attributes with Thresholds:
ID# ATTRIBUTE_NAME          FLAG     VALUE WORST THRESH TYPE      UPDATED  WHEN_FAILED RAW_VALUE
  1 Raw_Read_Error_Rate     0x002f   173   172   051    Pre-fail  Always       -       62951
  3 Spin_Up_Time            0x0027   190   172   021    Pre-fail  Always       -       5466
  4 Start_Stop_Count        0x0032   100   100   000    Old_age   Always       -       79
  5 Reallocated_Sector_Ct   0x0033   197   197   140    Pre-fail  Always       -       98
  7 Seek_Error_Rate         0x002e   200   200   000    Old_age   Always       -       0
  9 Power_On_Hours          0x0032   094   094   000    Old_age   Always       -       4502
 10 Spin_Retry_Count        0x0032   100   253   000    Old_age   Always       -       0
 11 Calibration_Retry_Count 0x0032   100   253   000    Old_age   Always       -       0
 12 Power_Cycle_Count       0x0032   100   100   000    Old_age   Always       -       64
192 Power-Off_Retract_Count 0x0032   200   200   000    Old_age   Always       -       37
193 Load_Cycle_Count        0x0032   135   135   000    Old_age   Always       -       196889
194 Temperature_Celsius     0x0022   122   118   000    Old_age   Always       -       28
196 Reallocated_Event_Count 0x0032   174   174   000    Old_age   Always       -       26
197 Current_Pending_Sector  0x0032   200   199   000    Old_age   Always       -       180
198 Offline_Uncorrectable   0x0030   200   200   000    Old_age   Offline      -       172
199 UDMA_CRC_Error_Count    0x0032   200   200   000    Old_age   Always       -       0
200 Multi_Zone_Error_Rate   0x0008   200   199   000    Old_age   Offline      -       195

SMART Error Log Version: 1
No Errors Logged

SMART Self-test log structure revision number 1
Num  Test_Description    Status                  Remaining  LifeTime(hours)  LBA_of_first_error
# 1  Short offline       Completed without error       00%      4502         -

SMART Selective self-test log data structure revision number 1
 SPAN  MIN_LBA  MAX_LBA  CURRENT_TEST_STATUS
    1        0        0  Not_testing
    2        0        0  Not_testing
    3        0        0  Not_testing
    4        0        0  Not_testing
    5        0        0  Not_testing
Selective self-test flags (0x0):
  After scanning selected spans, do NOT read-scan remainder of disk.
If Selective self-test is pending on power-up, resume after 0 minute delay.

 

WDC WD40EZRX-00SPEB0

*******************************************************************************************

smartctl 5.43 2012-06-30 r3573 [i686-w64-mingw32-win7(64)-sp1] (sf-5.43-1)
Copyright © 2002-12 by Bruce Allen, http://smartmontools.sourceforge.net

=== START OF INFORMATION SECTION ===
Device Model:     WDC WD40EZRX-00SPEB0
Serial Number:    WD-WCC4E6UK9C4H
LU WWN Device Id: 5 0014ee 20bc8fdbf
Firmware Version: 80.00A80
User Capacity:    4,000,787,030,016 bytes [4.00 TB]
Sector Sizes:     512 bytes logical, 4096 bytes physical
Device is:        Not in smartctl database [for details use: -P showall]
ATA Version is:   8
ATA Standard is:  ACS-2 (revision not indicated)
Local Time is:    Mon Dec 05 05:09:06 2016 EST
SMART support is: Available - device has SMART capability.
SMART support is: Enabled

=== START OF READ SMART DATA SECTION ===
SMART overall-health self-assessment test result: PASSED

General SMART Values:
Offline data collection status:  (0x84) Offline data collection activity
     was suspended by an interrupting command from host.
     Auto Offline Data Collection: Enabled.
Self-test execution status:      (   0) The previous self-test routine completed
     without error or no self-test has ever
     been run.
Total time to complete Offline
data collection:   (52020) seconds.
Offline data collection
capabilities:     (0x7b) SMART execute Offline immediate.
     Auto Offline data collection on/off support.
     Suspend Offline collection upon new
     command.
     Offline surface scan supported.
     Self-test supported.
     Conveyance Self-test supported.
     Selective Self-test supported.
SMART capabilities:            (0x0003) Saves SMART data before entering
     power-saving mode.
     Supports SMART auto save timer.
Error logging capability:        (0x01) Error logging supported.
     General Purpose Logging supported.
Short self-test routine
recommended polling time:   (   2) minutes.
Extended self-test routine
recommended polling time:   ( 520) minutes.
Conveyance self-test routine
recommended polling time:   (   5) minutes.
SCT capabilities:         (0x7035) SCT Status supported.
     SCT Feature Control supported.
     SCT Data Table supported.

SMART Attributes Data Structure revision number: 16
Vendor Specific SMART Attributes with Thresholds:
ID# ATTRIBUTE_NAME          FLAG     VALUE WORST THRESH TYPE      UPDATED  WHEN_FAILED RAW_VALUE
  1 Raw_Read_Error_Rate     0x002f   200   200   051    Pre-fail  Always       -       0
  3 Spin_Up_Time            0x0027   186   182   021    Pre-fail  Always       -       7683
  4 Start_Stop_Count        0x0032   100   100   000    Old_age   Always       -       911
  5 Reallocated_Sector_Ct   0x0033   200   200   140    Pre-fail  Always       -       0
  7 Seek_Error_Rate         0x002e   200   200   000    Old_age   Always       -       0
  9 Power_On_Hours          0x0032   095   095   000    Old_age   Always       -       4340
 10 Spin_Retry_Count        0x0032   100   100   000    Old_age   Always       -       0
 11 Calibration_Retry_Count 0x0032   100   253   000    Old_age   Always       -       0
 12 Power_Cycle_Count       0x0032   100   100   000    Old_age   Always       -       60
192 Power-Off_Retract_Count 0x0032   200   200   000    Old_age   Always       -       21
193 Load_Cycle_Count        0x0032   199   199   000    Old_age   Always       -       5131
194 Temperature_Celsius     0x0022   122   119   000    Old_age   Always       -       30
196 Reallocated_Event_Count 0x0032   200   200   000    Old_age   Always       -       0
197 Current_Pending_Sector  0x0032   200   200   000    Old_age   Always       -       0
198 Offline_Uncorrectable   0x0030   200   200   000    Old_age   Offline      -       0
199 UDMA_CRC_Error_Count    0x0032   200   200   000    Old_age   Always       -       0
200 Multi_Zone_Error_Rate   0x0008   200   200   000    Old_age   Offline      -       0

SMART Error Log Version: 1
No Errors Logged

SMART Self-test log structure revision number 1
Num  Test_Description    Status                  Remaining  LifeTime(hours)  LBA_of_first_error
# 1  Short offline       Completed without error       00%      4340         -

SMART Selective self-test log data structure revision number 1
 SPAN  MIN_LBA  MAX_LBA  CURRENT_TEST_STATUS
    1        0        0  Not_testing
    2        0        0  Not_testing
    3        0        0  Not_testing
    4        0        0  Not_testing
    5        0        0  Not_testing
Selective self-test flags (0x0):
  After scanning selected spans, do NOT read-scan remainder of disk.
If Selective self-test is pending on power-up, resume after 0 minute delay.

 

WDC WD1001FALS-00J7B1

*******************************************************************************************

smartctl 5.43 2012-06-30 r3573 [i686-w64-mingw32-win7(64)-sp1] (sf-5.43-1)
Copyright © 2002-12 by Bruce Allen, http://smartmontools.sourceforge.net

=== START OF INFORMATION SECTION ===
Model Family:     Western Digital Caviar Black
Device Model:     WDC WD1001FALS-00J7B1
Serial Number:    WD-WMATV2656459
LU WWN Device Id: 5 0014ee 00178b453
Firmware Version: 05.00K05
User Capacity:    1,000,204,886,016 bytes [1.00 TB]
Sector Size:      512 bytes logical/physical
Device is:        In smartctl database [for details use: -P show]
ATA Version is:   8
ATA Standard is:  Exact ATA specification draft version not indicated
Local Time is:    Mon Dec 05 05:03:11 2016 EST
SMART support is: Available - device has SMART capability.
SMART support is: Enabled

=== START OF READ SMART DATA SECTION ===
SMART overall-health self-assessment test result: PASSED

General SMART Values:
Offline data collection status:  (0x85) Offline data collection activity
     was aborted by an interrupting command from host.
     Auto Offline Data Collection: Enabled.
Self-test execution status:      (   0) The previous self-test routine completed
     without error or no self-test has ever
     been run.
Total time to complete Offline
data collection:   (18600) seconds.
Offline data collection
capabilities:     (0x7b) SMART execute Offline immediate.
     Auto Offline data collection on/off support.
     Suspend Offline collection upon new
     command.
     Offline surface scan supported.
     Self-test supported.
     Conveyance Self-test supported.
     Selective Self-test supported.
SMART capabilities:            (0x0003) Saves SMART data before entering
     power-saving mode.
     Supports SMART auto save timer.
Error logging capability:        (0x01) Error logging supported.
     General Purpose Logging supported.
Short self-test routine
recommended polling time:   (   2) minutes.
Extended self-test routine
recommended polling time:   ( 214) minutes.
Conveyance self-test routine
recommended polling time:   (   5) minutes.
SCT capabilities:         (0x303f) SCT Status supported.
     SCT Error Recovery Control supported.
     SCT Feature Control supported.
     SCT Data Table supported.

SMART Attributes Data Structure revision number: 16
Vendor Specific SMART Attributes with Thresholds:
ID# ATTRIBUTE_NAME          FLAG     VALUE WORST THRESH TYPE      UPDATED  WHEN_FAILED RAW_VALUE
  1 Raw_Read_Error_Rate     0x002f   200   200   051    Pre-fail  Always       -       0
  3 Spin_Up_Time            0x0027   239   226   021    Pre-fail  Always       -       8008
  4 Start_Stop_Count        0x0032   087   087   000    Old_age   Always       -       13463
  5 Reallocated_Sector_Ct   0x0033   200   200   140    Pre-fail  Always       -       0
  7 Seek_Error_Rate         0x002e   100   253   000    Old_age   Always       -       0
  9 Power_On_Hours          0x0032   026   026   000    Old_age   Always       -       54574
 10 Spin_Retry_Count        0x0032   100   100   000    Old_age   Always       -       0
 11 Calibration_Retry_Count 0x0032   100   100   000    Old_age   Always       -       0
 12 Power_Cycle_Count       0x0032   100   100   000    Old_age   Always       -       395
192 Power-Off_Retract_Count 0x0032   200   200   000    Old_age   Always       -       90
193 Load_Cycle_Count        0x0032   196   196   000    Old_age   Always       -       13453
194 Temperature_Celsius     0x0022   121   110   000    Old_age   Always       -       29
196 Reallocated_Event_Count 0x0032   200   200   000    Old_age   Always       -       0
197 Current_Pending_Sector  0x0032   200   200   000    Old_age   Always       -       0
198 Offline_Uncorrectable   0x0030   200   200   000    Old_age   Offline      -       0
199 UDMA_CRC_Error_Count    0x0032   200   200   000    Old_age   Always       -       0
200 Multi_Zone_Error_Rate   0x0008   200   200   000    Old_age   Offline      -       0

SMART Error Log Version: 1
No Errors Logged

SMART Self-test log structure revision number 1
Num  Test_Description    Status                  Remaining  LifeTime(hours)  LBA_of_first_error
# 1  Short offline       Completed without error       00%     54574         -

SMART Selective self-test log data structure revision number 1
 SPAN  MIN_LBA  MAX_LBA  CURRENT_TEST_STATUS
    1        0        0  Not_testing
    2        0        0  Not_testing
    3        0        0  Not_testing
    4        0        0  Not_testing
    5        0        0  Not_testing
Selective self-test flags (0x0):
  After scanning selected spans, do NOT read-scan remainder of disk.
If Selective self-test is pending on power-up, resume after 0 minute delay.

 

My Book 1111

*******************************************************************************************

smartctl 5.43 2012-06-30 r3573 [i686-w64-mingw32-win7(64)-sp1] (sf-5.43-1)
Copyright © 2002-12 by Bruce Allen, http://smartmontools.sourceforge.net

Vendor:               WD     
Product:              My Book 1111   
Revision:             1032
User Capacity:        999,501,594,624 bytes [999 GB]
Logical block size:   512 bytes
Serial number:        WCAV55115087   
Device type:          disk
Local Time is:        Mon Dec 05 05:13:18 2016 EST
Device does not support SMART

Error Counter logging not supported
No self-tests have been logged

 

My Book 1230

*******************************************************************************************

smartctl 5.43 2012-06-30 r3573 [i686-w64-mingw32-win7(64)-sp1] (sf-5.43-1)
Copyright © 2002-12 by Bruce Allen, http://smartmontools.sourceforge.net

Vendor:               WD     
Product:              My Book 1230   
Revision:             1065
User Capacity:        4,000,752,599,040 bytes [4.00 TB]
Logical block size:   4096 bytes
Logical Unit id:      0x50014eef07d1ecd3
Serial number:        WCC4EPYC133V   
Device type:          disk
Local Time is:        Mon Dec 05 05:13:59 2016 EST
Device does not support SMART

Error Counter logging not supported
No self-tests have been logged



#8 RayS

RayS

  • Malware Study Hall Senior
  • 2,280 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:57 AM

Posted 07 December 2016 - 01:01 AM

Hello again,

Thank you for the disk diagnostic reports.

I am concerned about four of the five most critical indicators shown in the GSmartControl report for your 2TB disk:

 
WDC WD20EZRZ-00Z5HB0
User Capacity: 2,000,398,934,016 bytes [2.00 TB]
5 Reallocated_Sector_Ct 0x0033 197 197 140 Pre-fail Always - 98
10 Spin_Retry_Count 0x0032 100 253 000 Old_age Always - 0
196 Reallocated_Event_Count 0x0032 174 174 000 Old_age Always - 26
197 Current_Pending_Sector 0x0032 200 199 000 Old_age Always - 180
198 Offline_Uncorrectable 0x0030 200 200 000 Old_age Offline - 172

 




Let's run the Western Digital Data LifeGuard Diagnostic test on this drive.

Please download the tool from https://support.wdc.com/downloads.aspx?p=3&lang=en

That page gives complete instructions, however, the following page gives these same instructions with step-by-step screen shots.


  • See screen shots at: http://support.wdc.com/knowledgebase/answer.aspx?ID=940.
  • Be sure to select model number WDC WD20EZRZ-00Z5HB0 serial number WD-WCC4N2XUSKE5.
  • When the DLGDIAG window opens, click the QUICK TEST option.
  • When that scan completes, click VIEW TEST RESULT.
  • If the QUICK TEST result shows PASS, click the EXTENDED TEST option. If either test fails, please include the result in your reply.
  • Be very careful to avoid the WRITE ZEROS option, because all your data and programs will be destroyed.


In your next reply...


  • Please copy and paste any text reports or upload screen shot(s) if any tests fail.
  • Tell me how your PC is running now.

Thank you,

Ray


I don't accept payment for my help, but it would please me if you perform a kindness for your neighbor. You might also contact your local animal shelter. They can always use a bag of kibble or a few cans of pet food. Who knows... you might even find a life-long furry friend there.


#9 woch2331

woch2331
  • Topic Starter

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Local time:06:57 AM

Posted 08 December 2016 - 04:01 PM

I am away from home for week and won't be back until the middle of next week. I was able to remotely access my computer and ran the diagnostic test as requested. The Quick Test failed and I am currently running the Extended Test (estimated 8 hours running time). I will post a log when/if it finishes and when I'm able to access the computer again.

 

Mike



#10 woch2331

woch2331
  • Topic Starter

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Local time:06:57 AM

Posted 08 December 2016 - 04:03 PM

I meant to attach this error

Attached Files



#11 woch2331

woch2331
  • Topic Starter

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Local time:06:57 AM

Posted 09 December 2016 - 09:29 AM

Well, that didn't turn out very good. The extended test stopped with errors (Too many bad sectors detected).

Guess I need to dump the drive and install a 'new & improved' one?

 

Attached Files



#12 RayS

RayS

  • Malware Study Hall Senior
  • 2,280 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:57 AM

Posted 10 December 2016 - 04:54 AM

Hello again,

 

The screenshot showing the result of the Extended Test disk diagnostic confirms a failed drive. I concur in your suggestion to replace the faulty drive and install a fresh copy of the operating system. Before you purchase a new hard drive, it may be helpful for you to consult the Bleeping Computer Hardware forum; especially the Hard Drive Installation and Diagnostic Tools topic.

 

 

I'm sorry I couldn't be of more help. Here's some food for thought:


Guard against ransomware
A growing trend among cybercriminals is to encrypt all your data and then demand payment for the decryption key. For an overview, see Information on Ransomware (includes guides for some prevalent varieties of ransomware). See also the very comprehensive article, CryptoLocker Ransomware Information Guide and FAQ by Lawrence Abrams.

Prevention is far better than attempting to cure, therefore, I recommend the free version of CryptoPrevent. The Premium version includes some advanced features. Other security companies are developing products in this area as well.


Manage your passwords
Use different passwords on each account. Install one of the password managers like LastPass (free or premium version) or KeePass Password Safe.


Backup your data
Make frequent backups of all your important files such as documents, spreadsheets, photos, business records, etc. Synchronized files are convenient, but are just as vulnerable as local files. Offline storage is best because malware can infect all machines in a network. Fire and theft can affect all devices in a single physical location. Consider cloud storage, but be sure to encrypt all traffic to and from the cloud and protect your files with strong passwords. Disconnect from the service except when you are actually storing or retrieving files.


Please also consider doing the following in order to keep your PC secure and running well:


Keep Windows (and your other Microsoft software) up to date!

I cannot overstress this point. Holes are often found in Internet Explorer or Windows itself. Sometimes, these holes will allow an attacker unrestricted access to your computer. Therefore, please visit the Microsoft Update Website, and follow the on-screen instructions to set up Windows Update. It may be necessary to REBOOT several times until there are no more updates to install.

Keep your other software up to date as well
Malware can attack the software from any manufacturer. You can use the Secunia Personal Software Inspector occasionally to help you keep your software up-to-date.

Stay up to date!
The MOST IMPORTANT part of any security setup is keeping the software up to date. Malware writers release new variants every single day. If your software updates don't keep up, then malware will always be one step ahead. That's not a good thing!



Some final closing thoughts and information for your consideration:

Lawrence Abrams, founder of BleepingComputer.com, has developed an excellent tutorial which will provide you with the information you need to know to keep your computer secure and clean. Please take the time to read:

Simple and easy ways to keep your computer safe and secure on the Internet.

Here are some additional links you might find of interest:

 

Please reply to this post to confirm it can be closed.

 

Thank you for placing your trust in BleepingComputer. It was a pleasure serving you.

Best regards,

Ray


I don't accept payment for my help, but it would please me if you perform a kindness for your neighbor. You might also contact your local animal shelter. They can always use a bag of kibble or a few cans of pet food. Who knows... you might even find a life-long furry friend there.


#13 woch2331

woch2331
  • Topic Starter

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Local time:06:57 AM

Posted 12 December 2016 - 08:01 AM

Thanks for your recommendations and suggestions. I'll reload (again) and see how that works for me.

I'm fairly aware of security issues and try to maintain a 'clean' environment.

Using Dashlane for password, Dropbox and external drives for storage and I keep OS and apps up-to-date.

But, it's hard to beat a hardware issue, unless you replace the hardware.

 

Thanks again for your assistance and please go ahead and close this topic/thread.

 

Mike



#14 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,109 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:03:57 PM

Posted 12 December 2016 - 11:15 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users