Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

SparkTrust and MindSpark pup removed, BSOD, Chorme, Random file corruption


  • This topic is locked This topic is locked
3 replies to this topic

#1 tomjohnson1010

tomjohnson1010

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:49 AM

Posted 14 January 2017 - 04:02 PM

Hello and thank you for taking the time to help.

A few days ago, my Windows 10 Home pc failed to get Updates.  Then later that day I had the BSOD come up.  I then ran trial versions of MalwareBytes, AdwCleaner and HitmanPro.  All of which found pups.  I then had the BSOD appear again with a different message about 1 hour after a reboot.  So I went to SAFE mode and did a chkdsk /r.  It did find corrupted files but no bad sectors. I then did the Windows Memory check and it found nothing wrong.  After going back to normal mode an hour or so later it BSOD again with a different message.  HitmanPro ran a quick scan on reboot.  It found shell32.dll was modified in the Windows Update catalog.  After a while BSOD came up again with another message.  After boot up I tried to use Chrome and it went to Aw Snap page when I was reading a page and scrolling after the page was already rendered.  I found it did this for all sites if I stayed on a page for any length of time.  So I did this tutorial: https://www.bleepingcomputer.com/virus-removal/remove-critical_process_died_or_vince_scam .  After which my PC seemed to be better.  Services did not take up 13% of my CPU constantly and Windows Update completed.  I ran sfc /scannow and it reported there was nothing wrong, and all three AV mentioned above found nothing.  Then an hour and half later another BSOD with a different message appeared.  Chrome was acting up again so I just uninstalled it.  I usually use Edge now anyways.  HitmanPro finished a quick scan today and it d3dcsx_42.dll in the syswow64 directory as modified after the fact, and NVidia Experience says it can’t connect to internet for updates. Currently also I noticed when I mouse click a link or shortcut, the app will start 3 instances most times. 

 

Frst.txt:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-01-2017
Ran by Thomas (administrator) on TJIBP (14-01-2017 14:25:46)
Running from C:\Users\Thomas Johnson\Desktop
Loaded Profiles: Thomas & Rena & Tia & Susy & Admin & CosmicCrusaders (Available Profiles: Thomas & Rena & Tia & Susy & Admin & CosmicCrusaders)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(DTS) C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Windows\System32\PnkBstrA.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Oracle Corporation) C:\Program Files (x86)\MySQL\MySQL Notifier 1.1.6\MySQLNotifier.exe
(Ideazon, Inc.) C:\Program Files (x86)\Ideazon\ZEngine\Zboard.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.16112.10211.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-08-08] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-08-08] (Realtek Semiconductor)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-27] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
HKLM-x32\...\Run: [Zboard] => C:\Program Files (x86)\Ideazon\ZEngine\Zboard.exe [182784 2011-02-22] (Ideazon, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-3961692445-1704526220-941834897-1000\...\Run: [MySQL Notifier] => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1.6\MySqlNotifier.exe [773120 2014-09-03] (Oracle Corporation)
HKU\S-1-5-21-3961692445-1704526220-941834897-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [806400 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-21-3961692445-1704526220-941834897-1021\...\Run: [Dropbox Update] => C:\Users\Tia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-10] (Dropbox, Inc.)
HKU\S-1-5-21-3961692445-1704526220-941834897-1021\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-21-3961692445-1704526220-941834897-1026\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [KSS] => "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe" autorun
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{463cf37e-5d7e-48d0-84e6-b31a9be0acbc}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Internet Explorer:
==================
HKU\S-1-5-21-3961692445-1704526220-941834897-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/
HKU\S-1-5-21-3961692445-1704526220-941834897-1021\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
HKU\S-1-5-21-3961692445-1704526220-941834897-1023\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-3961692445-1704526220-941834897-1000 -> {F8BA0533-BA2B-4AB9-AFB3-C337B97E6B2E} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14] (Microsoft Corp.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2017-01-12] (Oracle Corporation)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2017-01-12] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-3961692445-1704526220-941834897-1000 -> No Name - {37153479-1976-43C3-A1EE-557513977B64} -  No File
Toolbar: HKU\S-1-5-21-3961692445-1704526220-941834897-1003 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {16F67783-7E72-4C39-99C4-4780A8335484} hxxp://www.syncmyride.com/Own/Modules/UpdateCenter/applets/sync.cab
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: HKLM-x32 {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab
DPF: HKLM-x32 {55963676-2F5E-4BAF-AC28-CF26AA587566} hxxps://vpn.parcelite.com/CACHE/stc/1/binaries/vpnweb.cab
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1439659099702
DPF: HKLM-x32 {B8BE5E93-A60C-4D26-A2DC-220313175592} hxxp://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: HKLM-x32 {F773E7B2-62A9-4524-9109-87D2F0BEFAA4} hxxp://zone.msn.com/bingame/zpagames/zpa_kqrp.cab56961.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-3961692445-1704526220-941834897-1000 -> hxxp://www.google.com/
FireFox:
========
FF DefaultProfile: uqfqseak.default
FF ProfilePath: C:\Users\Thomas Johnson\AppData\Roaming\Mozilla\Firefox\Profiles\uqfqseak.default [2017-01-14]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-12] ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll [No File]
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [No File]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-12] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [No File]
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2011-09-22] (CANON INC.)
FF Plugin-x32: @esn/esnlaunch,version=1.102.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll [No File]
FF Plugin-x32: @esn/esnlaunch,version=1.110.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll [No File]
FF Plugin-x32: @esn/esnlaunch,version=1.118.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll [No File]
FF Plugin-x32: @esn/esnlaunch,version=1.132.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll [No File]
FF Plugin-x32: @esn/esnlaunch,version=1.140.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll [No File]
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll [No File]
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2017-01-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2017-01-12] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-11] (NVIDIA Corporation)
FF Plugin HKU\S-1-5-21-3961692445-1704526220-941834897-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Thomas Johnson\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2011-07-22] (Unity Technologies ApS)
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\Thomas Johnson\AppData\Local\Google\Chrome\User Data\Default [2017-01-14]
CHR Extension: (Google Drive) - C:\Users\Thomas Johnson\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-07]
CHR Extension: (YouTube) - C:\Users\Thomas Johnson\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Thomas Johnson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-07]
CHR Extension: (Gmail) - C:\Users\Thomas Johnson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-07]
CHR Extension: (Chrome Media Router) - C:\Users\Thomas Johnson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-19]
CHR HKLM-x32\...\Chrome\Extension: [eoalfhodgifhbkgmbbdafcihjpdldpll] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [90112 2011-12-27] (ASUSTeK Computer Inc.) [File not signed]
R2 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [218768 2015-08-08] (DTS)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2017-01-12] (SurfRight B.V.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
S3 MySQL; C:\Program Files\MySQL\MySQL Server 5.6\bin\mysqld.exe [13084672 2016-05-16] () [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [464440 2017-01-05] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [464440 2017-01-05] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-12-11] (NVIDIA Corporation)
S2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [427064 2017-01-05] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119176 2017-01-10] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2181648 2017-01-10] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-07-20] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-07-15] ()
S3 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-04-17] ()
R2 SNMP; C:\WINDOWS\System32\snmp.exe [53248 2016-10-14] (Microsoft Corporation)
R2 SNMP; C:\WINDOWS\SysWOW64\snmp.exe [47104 2016-10-14] (Microsoft Corporation)
R3 StateRepository; C:\WINDOWS\SysWOW64\windows.staterepository.dll [3370496 2016-11-11] (Microsoft Corporation) [File not signed]
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-09-06] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Alpham1; C:\WINDOWS\System32\drivers\Alpham164.sys [52992 2007-07-23] (Ideazon Corporation)
R3 Alpham2; C:\WINDOWS\System32\drivers\Alpham264.sys [21760 2007-03-20] (Ideazon Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2011-12-27] ()
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77416 2016-12-14] ()
R4 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [54736 2017-01-14] ()
S3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-01-14] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [250816 2017-01-14] (Malwarebytes)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
S0 mv61xx; C:\WINDOWS\System32\drivers\mv61xx.sys [86016 2006-11-14] (Marvell Semiconductor, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3f929cc119e3b994\nvlddmkm.sys [14200880 2016-12-12] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29240 2017-01-05] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47672 2017-01-05] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [59448 2017-01-05] (NVIDIA Corporation)
U5 PROCMON23; C:\Windows\System32\Drivers\PROCMON23.sys [84792 2017-01-12] (Sysinternals - www.sysinternals.com)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19936 2010-08-16] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2010-08-16] ()
U5 rzudd; C:\Windows\System32\Drivers\rzudd.sys [203288 2016-06-23] (Razer Inc)
S3 SAlphamHid; C:\WINDOWS\System32\drivers\SAlpham64.sys [34944 2011-09-17] (SteelSeries Corporation)
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 yukonw8; C:\WINDOWS\System32\drivers\yk63x64.sys [288768 2016-07-16] (Marvell)
S3 CMUAC; \SystemRoot\system32\DRIVERS\CMUAC.sys [X]
U3 idsvc; no ImagePath
S2 MBAMChameleon; \SystemRoot\system32\drivers\MBAMChameleon.sys [X]
S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]
S3 vpnva; \SystemRoot\System32\drivers\vpnva64-6.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-14 14:25 - 2017-01-14 14:26 - 00019935 _____ C:\Users\Thomas Johnson\Desktop\FRST.txt
2017-01-14 14:25 - 2017-01-14 14:25 - 02419200 _____ (Farbar) C:\Users\Thomas Johnson\Desktop\FRST64.exe
2017-01-14 14:25 - 2017-01-14 14:25 - 00000000 ____D C:\FRST
2017-01-14 13:50 - 2017-01-14 13:50 - 00000000 ____D C:\Users\Thomas Johnson\AppData\Local\{BB3215F3-3F52-4B99-81EB-DE37004BF0F8}
2017-01-14 13:49 - 2017-01-14 13:49 - 00054736 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2017-01-13 01:35 - 2017-01-13 01:36 - 00514020 _____ C:\WINDOWS\Minidump\011317-29140-01.dmp
2017-01-13 01:35 - 2017-01-13 01:35 - 1058462682 _____ C:\WINDOWS\MEMORY.DMP
2017-01-13 00:29 - 2017-01-13 00:29 - 00000020 ___SH C:\Users\CosmicCrusaders.IIS APPPOOL\ntuser.ini
2017-01-13 00:29 - 2017-01-13 00:29 - 00000000 _SHDL C:\Users\CosmicCrusaders.IIS APPPOOL\My Documents
2017-01-13 00:29 - 2017-01-13 00:29 - 00000000 _SHDL C:\Users\CosmicCrusaders.IIS APPPOOL\Documents\My Videos
2017-01-13 00:29 - 2017-01-13 00:29 - 00000000 _SHDL C:\Users\CosmicCrusaders.IIS APPPOOL\Documents\My Pictures
2017-01-13 00:29 - 2017-01-13 00:29 - 00000000 _SHDL C:\Users\CosmicCrusaders.IIS APPPOOL\Documents\My Music
2017-01-13 00:29 - 2017-01-13 00:29 - 00000000 ____D C:\Users\CosmicCrusaders.IIS APPPOOL
2017-01-13 00:29 - 2016-09-27 21:29 - 00000000 ____D C:\Users\CosmicCrusaders.IIS APPPOOL\Documents\Visual Studio 2013
2017-01-13 00:29 - 2016-09-27 21:29 - 00000000 ____D C:\Users\CosmicCrusaders.IIS APPPOOL\Documents\Visual Studio 2010
2017-01-13 00:29 - 2016-09-27 21:29 - 00000000 ____D C:\Users\CosmicCrusaders.IIS APPPOOL\AppData\Roaming\TuneUp Software
2017-01-13 00:29 - 2016-09-27 21:29 - 00000000 ____D C:\Users\CosmicCrusaders.IIS APPPOOL\AppData\Roaming\Media Center Programs
2017-01-13 00:29 - 2016-09-27 21:29 - 00000000 ____D C:\Users\CosmicCrusaders.IIS APPPOOL\AppData\Local\Microsoft Help
2017-01-12 23:45 - 2017-01-12 23:46 - 00000000 ____D C:\Users\Thomas Johnson\AppData\Local\{1770E28D-8BCE-4B51-B0E4-38F804A370B0}
2017-01-12 20:03 - 2017-01-12 20:03 - 00001015 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2017-01-12 20:03 - 2017-01-12 20:03 - 00000977 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2017-01-12 19:25 - 2017-01-12 19:25 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-01-12 19:25 - 2017-01-12 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-01-12 18:08 - 2016-12-11 12:23 - 00134712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-01-12 18:07 - 2016-09-09 12:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-01-12 18:07 - 2016-09-09 12:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-01-12 18:07 - 2016-09-09 12:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-01-12 18:07 - 2016-09-09 12:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-01-12 18:06 - 2017-01-12 18:06 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-01-12 18:04 - 2016-12-11 21:03 - 40125496 _____ C:\WINDOWS\system32\nvcompiler.dll
2017-01-12 18:04 - 2016-12-11 21:03 - 35222976 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-01-12 18:04 - 2016-12-11 21:03 - 34710584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-01-12 18:04 - 2016-12-11 21:03 - 28201408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-01-12 18:04 - 2016-12-11 21:03 - 10912744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-01-12 18:04 - 2016-12-11 21:03 - 10803880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-01-12 18:04 - 2016-12-11 21:03 - 10353960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-01-12 18:04 - 2016-12-11 21:03 - 09158616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-01-12 18:04 - 2016-12-11 21:03 - 08913328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-01-12 18:04 - 2016-12-11 21:03 - 08761560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-01-12 18:04 - 2016-12-11 21:03 - 02950200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-01-12 18:04 - 2016-12-11 21:03 - 02587704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-01-12 18:04 - 2016-12-11 21:03 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437633.dll
2017-01-12 18:04 - 2016-12-11 21:03 - 01038392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-01-12 18:04 - 2016-12-11 21:03 - 00974784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-01-12 18:04 - 2016-12-11 21:03 - 00942528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-01-12 18:04 - 2016-12-11 21:03 - 00894400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-01-12 18:04 - 2016-12-11 21:03 - 00683640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-01-12 18:04 - 2016-12-11 21:03 - 00572888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-01-12 16:42 - 2017-01-12 16:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2017-01-12 16:42 - 2017-01-12 16:42 - 00000000 ____D C:\Program Files\HitmanPro
2017-01-12 16:40 - 2017-01-12 17:13 - 00000000 ____D C:\ProgramData\HitmanPro
2017-01-12 16:27 - 2017-01-13 00:26 - 00000000 ____D C:\AdwCleaner
2017-01-12 15:51 - 2017-01-14 12:44 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-01-12 15:51 - 2017-01-12 20:02 - 00102856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-01-12 15:51 - 2017-01-12 15:51 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-01-12 15:50 - 2017-01-14 12:44 - 00250816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-01-12 15:50 - 2017-01-12 15:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-01-12 15:50 - 2017-01-12 15:50 - 00000000 ____D C:\Program Files\Malwarebytes
2017-01-12 15:50 - 2016-12-14 12:55 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-01-12 09:54 - 2017-01-12 09:54 - 00000000 ____D C:\Users\Thomas Johnson\AppData\Local\{CD7B215A-24F2-43B5-9180-1823DFB402BF}
2017-01-12 00:50 - 2017-01-12 02:34 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-01-12 00:50 - 2017-01-12 00:50 - 00003806 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-01-11 23:54 - 2017-01-12 00:18 - 00000000 ____D C:\Program Files\Common Files\AV
2017-01-11 23:50 - 2017-01-12 09:49 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2017-01-11 23:39 - 2017-01-11 23:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2017-01-11 23:39 - 2017-01-11 23:39 - 00000000 ____D C:\Program Files\7-Zip
2017-01-11 20:10 - 2017-01-11 20:10 - 00000000 ____D C:\Users\Thomas Johnson\AppData\Local\{406434F6-0E3E-4E98-9C3A-4A1287C9107A}
2017-01-11 18:31 - 2017-01-11 18:31 - 00250816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\1A3C7118.sys
2017-01-11 11:19 - 2017-01-11 11:24 - 00000000 ___HD C:\$WINDOWS.~BT
2017-01-11 10:54 - 2017-01-11 10:54 - 00000000 ____D C:\Program Files\VS2012Schemas
2017-01-11 10:54 - 2017-01-11 10:54 - 00000000 ____D C:\Program Files\VS2010Schemas
2017-01-11 10:53 - 2017-01-11 10:53 - 08388608 _____ C:\Users\Thomas Johnson\AzureStorageEmulatorDb46_log.ldf
2017-01-11 10:53 - 2017-01-11 10:53 - 08388608 _____ C:\Users\Thomas Johnson\AzureStorageEmulatorDb46.mdf
2017-01-11 10:53 - 2017-01-11 10:53 - 00000000 ____D C:\Users\Thomas Johnson\AppData\Local\AzureStorageEmulator
2017-01-11 10:53 - 2017-01-11 10:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Azure
2017-01-11 10:53 - 2017-01-11 10:53 - 00000000 ____D C:\ProgramData\dftmp
2017-01-11 10:53 - 2017-01-11 10:53 - 00000000 ____D C:\Program Files\Microsoft SDKs
2017-01-11 09:49 - 2017-01-11 09:49 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET Core 1.0.1 Local Feed
2017-01-11 09:38 - 2016-12-20 23:03 - 00136544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqmigplugin.dll
2017-01-11 09:38 - 2016-12-20 22:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-01-11 09:38 - 2016-12-20 22:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-01-11 09:38 - 2016-12-13 22:41 - 00362496 _____ (Windows ® Win 7 DDK provider) C:\WINDOWS\SysWOW64\DXCpl.exe
2017-01-11 09:38 - 2016-12-13 22:35 - 02220032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d12SDKLayers.dll
2017-01-11 09:37 - 2016-12-20 23:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-01-11 09:37 - 2016-12-20 23:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-01-11 09:37 - 2016-12-20 23:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-01-11 09:37 - 2016-12-20 23:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-01-11 09:37 - 2016-12-20 23:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-01-11 09:37 - 2016-12-20 23:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-01-11 09:37 - 2016-12-20 22:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-11 09:37 - 2016-12-20 22:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2017-01-11 09:37 - 2016-12-20 22:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-01-11 09:37 - 2016-12-20 22:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-01-11 09:37 - 2016-12-20 22:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-01-11 09:37 - 2016-12-20 22:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-01-11 09:37 - 2016-12-20 22:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-01-11 09:37 - 2016-12-20 22:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-01-11 09:37 - 2016-12-20 22:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-01-11 09:37 - 2016-12-20 22:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-01-11 09:37 - 2016-12-13 23:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-01-11 09:37 - 2016-12-13 23:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-01-11 09:37 - 2016-12-13 23:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-01-11 09:37 - 2016-12-13 23:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-01-11 09:37 - 2016-12-13 22:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-01-11 09:37 - 2016-12-13 22:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 09:37 - 2016-12-13 22:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-01-11 09:37 - 2016-11-02 06:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-01-11 09:37 - 2016-08-01 22:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-01-11 09:30 - 2016-12-21 01:45 - 00153952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcmiplugin.dll
2017-01-11 09:30 - 2016-12-21 01:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-01-11 09:30 - 2016-12-21 01:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-01-11 09:30 - 2016-12-21 01:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-01-11 09:30 - 2016-12-21 01:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-01-11 09:30 - 2016-12-21 01:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-11 09:30 - 2016-12-21 01:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-11 09:30 - 2016-12-21 01:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-11 09:30 - 2016-12-21 01:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-01-11 09:30 - 2016-12-21 01:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-01-11 09:30 - 2016-12-21 01:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-01-11 09:30 - 2016-12-21 01:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-01-11 09:30 - 2016-12-21 01:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-01-11 09:30 - 2016-12-21 00:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-11 09:30 - 2016-12-21 00:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-01-11 09:30 - 2016-12-21 00:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-01-11 09:30 - 2016-12-21 00:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-01-11 09:30 - 2016-12-21 00:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-01-11 09:30 - 2016-12-13 23:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-11 09:30 - 2016-12-13 22:42 - 00384000 _____ (Windows ® Win 7 DDK provider) C:\WINDOWS\system32\DXCpl.exe
2017-01-11 09:30 - 2016-12-13 22:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-01-11 09:30 - 2016-12-13 22:25 - 02795520 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d12SDKLayers.dll
2017-01-11 09:29 - 2016-12-13 23:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-01-11 09:29 - 2016-12-13 23:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-11 09:29 - 2016-12-13 23:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-11 09:29 - 2016-12-13 22:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-11 09:29 - 2016-11-02 05:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-01-11 09:29 - 2016-11-02 04:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-11 09:29 - 2016-11-02 04:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-01-11 00:24 - 2016-12-21 02:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-01-11 00:24 - 2016-12-21 02:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-01-11 00:24 - 2016-12-21 02:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-01-11 00:24 - 2016-12-21 01:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-11 00:24 - 2016-12-21 01:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-01-11 00:24 - 2016-12-21 01:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-01-11 00:24 - 2016-12-21 01:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-11 00:24 - 2016-12-21 01:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-01-11 00:24 - 2016-12-21 01:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-01-11 00:24 - 2016-12-21 01:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-11 00:24 - 2016-12-21 01:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-01-11 00:24 - 2016-12-21 01:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-11 00:24 - 2016-12-21 01:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-01-11 00:24 - 2016-12-21 01:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-11 00:24 - 2016-12-21 01:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-11 00:24 - 2016-12-21 01:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-11 00:24 - 2016-12-21 01:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-01-11 00:24 - 2016-12-21 01:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-01-11 00:24 - 2016-12-21 01:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-11 00:24 - 2016-12-21 01:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-01-11 00:24 - 2016-12-21 01:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-01-11 00:24 - 2016-12-21 01:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-11 00:24 - 2016-12-21 01:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-01-11 00:24 - 2016-12-21 01:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-01-11 00:24 - 2016-12-21 01:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-11 00:24 - 2016-12-21 01:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-01-11 00:24 - 2016-12-21 01:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-01-11 00:24 - 2016-12-21 00:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-01-11 00:24 - 2016-12-21 00:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-11 00:24 - 2016-12-21 00:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-11 00:24 - 2016-12-21 00:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-11 00:24 - 2016-12-21 00:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-01-11 00:24 - 2016-12-21 00:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-01-11 00:24 - 2016-12-21 00:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-11 00:24 - 2016-12-21 00:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-11 00:24 - 2016-12-21 00:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-01-11 00:24 - 2016-12-21 00:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-01-11 00:24 - 2016-12-21 00:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-11 00:24 - 2016-12-21 00:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-01-11 00:24 - 2016-12-21 00:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-11 00:24 - 2016-12-21 00:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-11 00:24 - 2016-12-21 00:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-01-11 00:24 - 2016-12-20 23:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-01-11 00:24 - 2016-12-20 23:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-01-11 00:24 - 2016-12-20 23:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-01-11 00:24 - 2016-12-20 22:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-01-11 00:24 - 2016-12-20 22:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-01-11 00:24 - 2016-12-20 22:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-01-11 00:24 - 2016-12-20 22:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-01-11 00:24 - 2016-12-20 22:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-01-11 00:24 - 2016-12-20 22:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-01-11 00:24 - 2016-12-20 22:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-01-11 00:24 - 2016-12-20 22:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-01-11 00:24 - 2016-12-20 22:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-01-11 00:24 - 2016-12-20 22:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-01-11 00:24 - 2016-12-20 22:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-01-11 00:24 - 2016-12-20 22:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-01-11 00:24 - 2016-12-20 22:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-01-11 00:24 - 2016-12-20 22:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-01-11 00:24 - 2016-12-20 22:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-01-11 00:24 - 2016-12-20 22:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-01-11 00:24 - 2016-12-13 23:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-01-11 00:24 - 2016-12-13 23:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-01-11 00:24 - 2016-12-13 23:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-01-11 00:24 - 2016-12-13 23:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-11 00:24 - 2016-12-13 23:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-01-11 00:24 - 2016-12-13 23:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-01-11 00:24 - 2016-12-13 23:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-01-11 00:24 - 2016-12-13 23:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-01-11 00:24 - 2016-12-13 23:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-01-11 00:24 - 2016-12-13 23:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-01-11 00:24 - 2016-12-13 22:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-11 00:24 - 2016-12-13 22:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-01-11 00:24 - 2016-12-13 22:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-01-11 00:24 - 2016-12-13 22:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-01-11 00:24 - 2016-12-13 22:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-11 00:24 - 2016-12-13 22:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-01-11 00:24 - 2016-12-13 22:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-01-11 00:24 - 2016-12-13 22:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 00:24 - 2016-12-13 22:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-01-11 00:24 - 2016-12-13 22:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-01-11 00:24 - 2016-12-13 22:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-11 00:24 - 2016-12-13 22:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-01-11 00:24 - 2016-12-13 22:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-01-11 00:24 - 2016-12-13 22:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-01-11 00:24 - 2016-12-13 22:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-11 00:24 - 2016-12-13 22:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-11 00:24 - 2016-12-13 22:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-01-11 00:24 - 2016-12-13 22:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-01-11 00:24 - 2016-12-13 22:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-01-11 00:24 - 2016-12-13 22:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-01-11 00:24 - 2016-12-13 22:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-01-11 00:24 - 2016-12-13 22:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-01-11 00:24 - 2016-12-13 22:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-01-11 00:24 - 2016-12-13 22:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-01-11 00:24 - 2016-12-13 22:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-01-11 00:24 - 2016-12-13 22:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-01-11 00:24 - 2016-12-13 22:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-01-11 00:24 - 2016-12-13 22:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-01-11 00:24 - 2016-12-13 22:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-01-11 00:24 - 2016-12-13 22:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-01-11 00:24 - 2016-12-13 22:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-01-11 00:24 - 2016-12-13 22:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-01-11 00:24 - 2016-12-13 22:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-01-11 00:24 - 2016-12-13 22:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-01-11 00:24 - 2016-12-13 22:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-01-11 00:24 - 2016-12-13 22:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-01-11 00:24 - 2016-12-13 22:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-01-11 00:24 - 2016-12-13 22:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-01-11 00:24 - 2016-12-13 22:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-01-11 00:24 - 2016-12-13 22:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-01-11 00:24 - 2016-12-13 22:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-01-11 00:24 - 2016-11-02 04:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-11 00:05 - 2017-01-05 19:10 - 00158264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-01-11 00:05 - 2017-01-05 19:10 - 00126008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-01-11 00:05 - 2017-01-05 19:10 - 00059448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-01-10 23:37 - 2017-01-13 01:35 - 00000000 ____D C:\WINDOWS\Minidump
2017-01-10 20:24 - 2017-01-10 20:24 - 00000000 ____D C:\Users\Thomas Johnson\AppData\Local\{62F19FEF-3CEA-4EBF-AFF6-721BCB5282F4}
2017-01-09 23:07 - 2017-01-09 23:07 - 00000000 ____D C:\Users\Thomas Johnson\AppData\Local\{8D732A37-C774-476B-A258-B08BD7BAD132}
2017-01-05 21:16 - 2017-01-05 21:16 - 00000000 ____D C:\Users\Thomas Johnson\AppData\Local\{EA5E9285-3F89-494D-BD37-BBDDD5CB937F}
2017-01-03 20:40 - 2017-01-03 20:40 - 00000000 ____D C:\Users\Thomas Johnson\AppData\Local\{6D11B656-3830-453C-95A9-13321B4AD892}
2017-01-02 20:03 - 2017-01-02 20:03 - 00000000 ____D C:\Users\Thomas Johnson\AppData\Local\{4C734A43-9EAC-4C64-B347-B42FFCCC67C3}
2017-01-01 16:32 - 2017-01-01 16:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Andy
2017-01-01 16:30 - 2016-11-11 23:16 - 00052288 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmkbd.sys
2017-01-01 16:26 - 2017-01-01 16:26 - 00000000 ____D C:\ProgramData\Apple
2017-01-01 16:04 - 2017-01-01 16:04 - 00000000 ____D C:\Users\Thomas Johnson\AppData\Local\{2B915ED2-48BB-48FB-B01A-773824B4F4F7}
2017-01-01 09:42 - 2017-01-01 09:43 - 00000000 ____D C:\Users\Rena\AppData\Local\NVIDIA Corporation
2017-01-01 09:42 - 2017-01-01 09:42 - 00000020 ___SH C:\Users\Rena\ntuser.ini
2017-01-01 09:42 - 2017-01-01 09:42 - 00000000 ____D C:\Users\Rena\AppData\Local\NVIDIA
2017-01-01 09:42 - 2017-01-01 09:42 - 00000000 ____D C:\Users\Rena\AppData\Local\ConnectedDevicesPlatform
2016-12-29 22:08 - 2016-12-29 22:08 - 00000000 ____D C:\Users\Thomas Johnson\AppData\Local\{DB91909A-1311-4B9D-89DA-ED08C356A141}
2016-12-27 21:04 - 2016-12-27 21:04 - 00000000 ____D C:\Users\Thomas Johnson\AppData\Local\{2F8F8ACE-CF18-4007-861C-256BFAD7F4C6}
2016-12-26 15:33 - 2016-12-26 15:33 - 00000000 ____D C:\Users\Thomas Johnson\AppData\Local\{94E070D5-FE0D-4F48-A534-7DB2B3BBE40B}
2016-12-25 20:45 - 2016-12-25 20:45 - 00000000 ____D C:\Users\Thomas Johnson\AppData\Local\{7B84C2B7-2B25-42D5-B6D6-125842DF8637}
2016-12-23 22:42 - 2016-12-11 21:03 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437633.dll
2016-12-23 22:27 - 2017-01-11 00:05 - 00180440 _____ C:\ProgramData\NvTelemetryContainer.log
2016-12-23 22:27 - 2017-01-10 23:35 - 01290924 _____ C:\ProgramData\NvTelemetryContainer.log_backup1
2016-12-23 22:26 - 2017-01-11 00:05 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-23 22:26 - 2017-01-05 18:09 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2016-12-23 22:20 - 2016-12-23 22:20 - 00000000 ____D C:\Users\Thomas Johnson\AppData\Local\{6EFB55AB-87FC-4E19-8974-96320F035F18}
2016-12-22 21:15 - 2016-12-22 21:15 - 00000000 ____D C:\Users\Thomas Johnson\AppData\Local\{21BB86A3-61F3-42AB-A8FE-AAECB263E459}
2016-12-21 20:04 - 2016-12-21 20:04 - 00000000 ____D C:\Users\Thomas Johnson\AppData\Local\{48A3B54A-0F39-4120-80F5-615898D9781F}
2016-12-19 20:07 - 2016-12-19 20:07 - 00000000 ____D C:\Users\Thomas Johnson\AppData\Local\{FC4618A9-7076-4754-B0D1-B58560058238}
2016-12-19 13:01 - 2016-12-19 13:01 - 01105047 _____ C:\Users\Susy\Downloads\Provider Directory.pdf
2016-12-19 12:32 - 2016-12-19 12:32 - 00477639 _____ C:\Users\Susy\Downloads\Eye Doctors.pdf
2016-12-16 14:11 - 2016-12-16 14:11 - 00003268 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2016-12-15 20:10 - 2016-12-15 20:10 - 00000000 ____D C:\Users\Thomas Johnson\AppData\Local\{BAAC4DB2-0CCC-49E2-A3C1-61254CCB9534}
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-14 14:24 - 2016-09-27 20:55 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-14 14:24 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\rescache
2017-01-14 13:49 - 2011-12-10 10:24 - 00000000 ____D C:\Users\Thomas Johnson\AppData\Local\Google
2017-01-14 13:33 - 2015-04-21 20:11 - 00000000 ____D C:\Users\Thomas Johnson\AppData\Roaming\Mozilla
2017-01-14 13:32 - 2016-10-07 16:43 - 00000000 ____D C:\Program Files (x86)\Google
2017-01-14 13:28 - 2016-07-16 05:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-14 13:28 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-14 13:27 - 2013-12-19 21:56 - 00000000 ____D C:\Users\Thomas Johnson\AppData\Local\CrashDumps
2017-01-14 13:26 - 2016-09-27 20:59 - 00000000 ____D C:\ProgramData\NVIDIA
2017-01-14 12:44 - 2016-09-27 21:44 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-13 01:38 - 2016-07-16 00:04 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-01-13 01:37 - 2016-09-27 21:03 - 00000000 ____D C:\Users\Thomas Johnson
2017-01-13 01:24 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\Registration
2017-01-13 00:30 - 2013-09-18 07:53 - 00000000 ____D C:\Users\Thomas Johnson\AppData\Roaming\TS3Client
2017-01-13 00:30 - 2010-09-03 20:02 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-13 00:24 - 2016-09-27 23:44 - 00490278 _____ C:\WINDOWS\system32\perfh012.dat
2017-01-13 00:24 - 2016-09-27 23:44 - 00150068 _____ C:\WINDOWS\system32\perfc012.dat
2017-01-13 00:24 - 2016-09-27 21:02 - 02039806 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-13 00:03 - 2010-08-27 11:06 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-01-13 00:02 - 2016-12-13 17:46 - 00000000 ____D C:\ProgramData\FaceLift
2017-01-13 00:02 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\System
2017-01-13 00:02 - 2016-07-16 05:45 - 00000000 ____D C:\WINDOWS\INF
2017-01-12 23:39 - 2015-10-10 21:30 - 00084792 ____H (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCMON23.SYS
2017-01-12 23:33 - 2016-07-16 05:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-12 20:03 - 2013-09-18 07:53 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2017-01-12 19:25 - 2015-03-19 22:04 - 00000000 ____D C:\Program Files (x86)\Java
2017-01-12 19:25 - 2014-04-08 23:02 - 00000000 ____D C:\ProgramData\Oracle
2017-01-12 18:08 - 2016-11-06 21:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-01-12 18:08 - 2016-09-27 20:59 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-01-12 18:08 - 2012-05-31 20:21 - 00000000 ____D C:\temp
2017-01-12 18:07 - 2016-07-17 21:48 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-01-12 18:07 - 2010-09-25 23:10 - 00000000 ____D C:\Users\Thomas Johnson\AppData\Local\ElevatedDiagnostics
2017-01-12 17:42 - 2015-08-16 22:55 - 00000000 ____D C:\BIN
2017-01-12 16:31 - 2015-08-09 11:25 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-01-12 15:50 - 2013-05-14 09:11 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-12 14:39 - 2016-10-25 19:59 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2017-01-12 10:46 - 2016-02-13 07:20 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-01-12 10:43 - 2016-09-27 20:55 - 00357280 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-01-12 10:39 - 2016-07-16 05:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-01-12 10:39 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-01-12 10:39 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-01-12 10:39 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-01-12 10:39 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-01-12 10:20 - 2011-03-12 14:09 - 00007640 _____ C:\Users\Thomas Johnson\AppData\Local\resmon.resmoncfg
2017-01-12 10:09 - 2013-09-20 00:44 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-12 01:17 - 2015-07-25 16:32 - 00000000 ____D C:\Users\Thomas Johnson\Documents\Visual Studio 2015
2017-01-12 00:49 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-01-12 00:49 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-01-12 00:23 - 2016-07-16 05:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-01-12 00:22 - 2016-07-16 00:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-01-11 23:52 - 2015-10-30 00:28 - 00000000 ____D C:\Users\Default.migrated
2017-01-11 22:41 - 2013-09-18 08:22 - 00000000 ____D C:\ProgramData\boost_interprocess
2017-01-11 11:24 - 2016-09-27 23:53 - 00000000 ___DC C:\WINDOWS\Panther
2017-01-11 11:24 - 2016-09-27 21:45 - 00001908 _____ C:\WINDOWS\diagwrn.xml
2017-01-11 11:24 - 2016-09-27 21:45 - 00001908 _____ C:\WINDOWS\diagerr.xml
2017-01-11 10:53 - 2010-09-25 19:53 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2017-01-11 10:00 - 2015-07-25 16:19 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2017-01-11 09:55 - 2015-07-25 16:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Web Tools
2017-01-11 09:49 - 2016-07-10 14:22 - 00000000 ____D C:\Program Files\dotnet
2017-01-11 00:49 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-01-11 00:06 - 2016-11-06 21:06 - 00003884 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-11 00:06 - 2013-11-13 23:14 - 00000000 ____D C:\Users\Thomas Johnson\AppData\Local\NVIDIA Corporation
2017-01-11 00:05 - 2016-11-06 21:06 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-11 00:05 - 2016-11-06 21:06 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-11 00:05 - 2016-11-06 21:06 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-11 00:05 - 2016-11-06 21:06 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-11 00:05 - 2016-11-06 21:05 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-11 00:05 - 2016-09-27 20:59 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-01-11 00:05 - 2016-09-27 20:59 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-01-11 00:04 - 2013-07-19 11:16 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-01-11 00:00 - 2010-09-03 20:58 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-01-10 23:56 - 2011-10-24 21:06 - 00000000 ____D C:\Users\Thomas Johnson\AppData\Roaming\Origin
2017-01-10 23:56 - 2011-10-24 21:05 - 00000000 ____D C:\ProgramData\Origin
2017-01-10 23:39 - 2013-09-18 07:57 - 00000000 ____D C:\Users\Thomas Johnson\AppData\Roaming\teamspeak3-server_win64
2017-01-10 22:37 - 2016-10-18 20:01 - 00000000 ____D C:\Users\Thomas Johnson\Documents\Battlefield 1
2017-01-10 20:26 - 2011-10-24 21:05 - 00000000 ____D C:\Program Files (x86)\Origin
2017-01-05 19:10 - 2016-11-06 21:06 - 01855544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-01-05 19:10 - 2016-11-06 21:06 - 01756728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-01-05 19:10 - 2016-11-06 21:06 - 01454136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-01-05 19:10 - 2016-11-06 21:06 - 01318968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-01-05 19:10 - 2016-11-06 21:06 - 00121912 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-01-05 19:10 - 2016-11-06 21:05 - 00047672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-01-01 20:27 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-01-01 16:30 - 2016-09-27 21:02 - 01931696 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-01-01 15:59 - 2016-09-27 21:03 - 00000000 ____D C:\Users\Rena
2017-01-01 09:46 - 2014-12-04 09:21 - 00000000 ____D C:\Users\Rena\AppData\Local\CrashDumps
2017-01-01 09:44 - 2015-08-27 13:29 - 00002367 _____ C:\Users\Rena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-01-01 09:44 - 2015-08-27 13:29 - 00000000 ___RD C:\Users\Rena\OneDrive
2017-01-01 09:44 - 2015-08-08 18:28 - 00000000 ____D C:\Users\Rena\AppData\Local\Packages
2016-12-26 16:11 - 2010-09-25 21:47 - 00000000 ____D C:\Program Files (x86)\MySQL
2016-12-23 22:28 - 2016-11-06 21:06 - 00000000 ____D C:\Users\Thomas Johnson\AppData\Local\NVIDIA
2016-12-22 17:13 - 2016-07-16 05:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-22 17:13 - 2016-07-16 05:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-21 18:27 - 2016-07-28 21:44 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3961692445-1704526220-941834897-1000UA.job
2016-12-21 18:27 - 2016-07-28 21:44 - 00000888 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3961692445-1704526220-941834897-1000Core.job
2016-12-19 16:25 - 2016-10-14 12:12 - 00008856 ____H C:\Users\Susy\AppData\Local\IconCache.db
2016-12-19 16:25 - 2016-09-27 21:03 - 00000000 ____D C:\Users\Susy\AppData\Local\Temp
2016-12-19 16:25 - 2016-09-27 21:03 - 00000000 ____D C:\Users\Susy
2016-12-19 15:06 - 2016-11-27 11:59 - 00000000 ____D C:\Users\Susy\AppData\Local\CrashDumps
2016-12-19 13:01 - 2013-01-05 22:15 - 00000000 ___RD C:\Users\Susy\Downloads
2016-12-19 12:07 - 2016-09-27 21:03 - 00000000 ____D C:\Users\Susy\AppData\Local
2016-12-19 12:07 - 2013-01-05 22:15 - 00000000 ___RD C:\Users\Susy\Videos
2016-12-16 14:57 - 2016-09-27 21:03 - 00524288 ___SH C:\Users\Susy\NTUSER.DAT{4abba47b-852f-11e6-80c0-af217ae6c099}.TMContainer00000000000000000002.regtrans-ms
2016-12-16 14:57 - 2016-09-27 21:03 - 00524288 ___SH C:\Users\Susy\NTUSER.DAT{4abba47b-852f-11e6-80c0-af217ae6c099}.TMContainer00000000000000000001.regtrans-ms
2016-12-16 14:57 - 2016-09-27 21:03 - 00065536 ___SH C:\Users\Susy\NTUSER.DAT{4abba47b-852f-11e6-80c0-af217ae6c099}.TM.blf
2016-12-16 14:11 - 2016-09-27 21:03 - 00000000 ___RD C:\Users\Susy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-16 14:11 - 2015-10-05 16:51 - 00002367 _____ C:\Users\Susy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-16 14:11 - 2015-10-05 16:51 - 00000000 ___RD C:\Users\Susy\OneDrive
2016-12-16 14:09 - 2015-10-05 16:48 - 00000000 ____D C:\Users\Susy\AppData\Local\Packages
2016-12-16 14:08 - 2016-10-14 08:50 - 00000174 ___SH C:\Users\Susy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-16 14:08 - 2013-01-05 22:16 - 00000402 ___SH C:\Users\Susy\Documents\desktop.ini
2016-12-16 14:08 - 2013-01-05 22:16 - 00000282 ___SH C:\Users\Susy\Downloads\desktop.ini
2016-12-16 14:08 - 2013-01-05 22:16 - 00000282 ___SH C:\Users\Susy\Desktop\desktop.ini
2016-12-16 14:08 - 2013-01-05 22:16 - 00000174 ___SH C:\Users\Susy\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
2016-12-16 14:08 - 2013-01-05 22:16 - 00000000 ___RD C:\Users\Susy\Searches
2016-12-16 14:08 - 2013-01-05 22:16 - 00000000 ___RD C:\Users\Susy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-16 14:08 - 2013-01-05 22:16 - 00000000 ___RD C:\Users\Susy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2016-12-16 14:08 - 2013-01-05 22:15 - 00000000 ___RD C:\Users\Susy\Saved Games
2016-12-16 14:08 - 2013-01-05 22:15 - 00000000 ___RD C:\Users\Susy\Pictures
2016-12-16 14:08 - 2013-01-05 22:15 - 00000000 ___RD C:\Users\Susy\Music
2016-12-16 14:08 - 2013-01-05 22:15 - 00000000 ___RD C:\Users\Susy\Links
2016-12-16 14:08 - 2013-01-05 22:15 - 00000000 ___RD C:\Users\Susy\Favorites
2016-12-16 14:08 - 2013-01-05 22:15 - 00000000 ___RD C:\Users\Susy\Documents
2016-12-16 14:08 - 2013-01-05 22:15 - 00000000 ___RD C:\Users\Susy\Desktop
2016-12-16 14:08 - 2013-01-05 22:15 - 00000000 ___RD C:\Users\Susy\Contacts
==================== Files in the root of some directories =======
2013-11-29 10:11 - 2013-11-29 10:11 - 0228412 _____ () C:\Users\Thomas Johnson\AppData\Roaming\AvidLicenseControl_Install.log
2010-09-11 23:49 - 2010-09-11 23:49 - 0003584 _____ () C:\Users\Thomas Johnson\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-12-24 12:30 - 2011-12-24 12:30 - 0001514 ____S () C:\Users\Thomas Johnson\AppData\Local\nxhhuxnu2p7b
2015-09-05 20:10 - 2015-09-05 20:10 - 0000841 _____ () C:\Users\Thomas Johnson\AppData\Local\recently-used.xbel
2011-03-12 14:09 - 2017-01-12 10:20 - 0007640 _____ () C:\Users\Thomas Johnson\AppData\Local\resmon.resmoncfg
2016-09-27 21:00 - 2016-09-27 21:00 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2011-06-03 22:12 - 2011-06-03 22:12 - 0000056 _____ () C:\ProgramData\ezsidmv.dat
2016-12-23 22:27 - 2017-01-11 00:05 - 0180440 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-23 22:27 - 2017-01-10 23:35 - 1290924 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
2011-12-24 12:30 - 2011-12-24 12:30 - 0001514 ____S () C:\ProgramData\nxhhuxnu2p7b
Files to move or delete:
====================
C:\Users\Thomas Johnson\JsDocComments.js
C:\Users\Thomas Johnson\Modern.Intellisense.js

==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-01-14 12:55
==================== End of FRST.txt ============================

Attached Files



BC AdBot (Login to Remove)

 


#2 tomjohnson1010

tomjohnson1010
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:49 AM

Posted 17 January 2017 - 02:06 PM

I ended up doing a Clean reinstall of Windows.



#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,740 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:49 AM

Posted 19 January 2017 - 04:05 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> https://www.bleepingcomputer.com/logreply/637399 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#4 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,740 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:49 AM

Posted 24 January 2017 - 04:10 PM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users