[SOLVED] [Win7SP1 x86] Windows update, SFC, and SFCFIX all fail.

It is a little confusing. CLEAN BOOT results in a boot up with NO notification that W7 cannot check for updates automatically. WU is SET to check for updates automatically. Last check for updates is sometime BEFORE the moment of booting to CLEAN ... like even a day or more before. SOOOO Clean Boot is NOT checking for updates automatically.

Regular Boot: get notification 'can't check automatically'. WU set TO check. WU will say "Windows us up to date". Last check is PRIOR to this boot instance.
 
FRST Scan
1. Please download Farbar Recovery Scan Tool and save it to your Desktop.
Note: You need to run the 32-bit Version so please ensure you download that one.
2. Right click to run as administrator. When the tool opens click Yes to disclaimer.
3. Please ensure you place a check mark in the Addition.txt check box at the bottom of the form before running (if not already).
4. Press Scan button.
5. It will produce a log called FRST.txt in the same directory the tool is run from (which should now be the desktop)
6. Please copy and paste log back here.
7. Another log (Addition.txt - also located in the same directory as FRST.exe) will be generated Please also paste that along with the FRST.txt into your reply.
 
FIRST was run from a NORMAL Boot:

Code: 
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-09-2017 02Ran by Owner (administrator) on ACER-PC (23-09-2017 16:30:27)
Running from C:\Users\Owner\Desktop
Loaded Profiles: Owner (Available Profiles: Owner & Guest)
Platform: Microsoft Windows 7 Starter  Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: "C:\Program Files\SRWare Iron\chrome.exe" -- "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/


==================== Processes (Whitelisted) =================


(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)


(IObit) C:\Program Files\IObit\Advanced SystemCare Ultimate\ASCService.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare Ultimate\ASCAvSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\dsiwmis.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare Ultimate\Monitor.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Foxit Software Inc.) C:\Program Files\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer VCM\RS_Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
() C:\Program Files\EaseUS\Todo Backup\bin\TodoBackupService.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(KeepSolid Inc.) C:\Program Files\VPN Unlimited\vpn-unlimited-daemon.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(ALi) C:\Windows\WebCam\S6000\S6000Mnt.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(LastPass) C:\Program Files\LastPass\lastapp.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LMworker.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Dropbox, Inc.) C:\Program Files\Dropbox\Client\Dropbox.exe
(Box, Inc.) C:\Program Files\Box\Box Sync\BoxSync.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare Ultimate\ASCTray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Dropbox, Inc.) C:\Program Files\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files\Dropbox\Client\Dropbox.exe
(KeepSolid Inc.) C:\Program Files\VPN Unlimited\vpn-unlimited.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
() C:\Program Files\MightyText\MightyText.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
() C:\Program Files\VPN Unlimited\QtWebEngineProcess.exe
(The OpenVPN Project) C:\Program Files\VPN Unlimited\openvpn.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
() C:\Program Files\Siber Systems\GoodSync\gs-server.exe
() C:\Program Files\Box\Box Sync\BoxSyncMonitor.exe


==================== Registry (Whitelisted) ===========================


(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)


HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKLM\...\Run: [S6000Mnt] => Rundll32.exe S6000Rmv.dll ,WinMainRmv /StartStillMnt
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [16553472 2017-08-06] (Realtek Semiconductor)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [975952 2010-08-10] (Dritek System Inc.)
HKLM\...\Run: [LastApp] => C:\Program Files\LastPass\lastapp.exe [30021712 2016-01-05] (LastPass)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [1812264 2010-11-12] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [3481912 2017-09-20] (Dropbox, Inc.)
HKLM\...\Run: [BoxSync] => C:\Program Files\Box\Box Sync\BoxSync.exe [5079024 2017-08-07] (Box, Inc.)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [714120 2011-01-05] (Acer Incorporated)
HKLM\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKU\S-1-5-21-2533281548-2792480986-1104297636-1000\...\Run: [Advanced SystemCare Ultimate] => C:\Program Files\IObit\Advanced SystemCare Ultimate\ASCTray.exe [3023136 2017-06-19] (IObit)
HKU\S-1-5-21-2533281548-2792480986-1104297636-1000\...\Run: [VPN Unlimited] => C:\Program Files\VPN Unlimited\vpn-unlimited-launcher.exe [398168 2017-05-16] (KeepSolid Inc.)
HKU\S-1-5-21-2533281548-2792480986-1104297636-1000\...\Run: [GUDelayStartup] => C:\Program Files\Glary Utilities 5\StartupManager.exe [44024 2017-09-15] (Glarysoft Ltd)
HKU\S-1-5-21-2533281548-2792480986-1104297636-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2016-07-26]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2016-11-03]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MightyText.lnk [2016-07-21]
ShortcutTarget: MightyText.lnk -> C:\Program Files\MightyText\MightyText.exe ()
BootExecute: autocheck autochk *  SmartDefragBootTime.exe


==================== Internet (Whitelisted) ====================


(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)


Tcpip\Parameters: [DhcpNameServer] 10.204.0.1
Tcpip\..\Interfaces\{47BC881C-BF9B-4DC1-BAFD-B4EF2317C2DB}: [DhcpNameServer] 10.204.0.1
Tcpip\..\Interfaces\{8BA8B11D-3CDE-4E4D-AB6D-2FE701155FB2}: [DhcpNameServer] 192.168.29.1
Tcpip\..\Interfaces\{F433C961-DA20-4C9D-A7EB-CBC403AE569F}: [DhcpNameServer] 192.168.29.1


Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-21-2533281548-2792480986-1104297636-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.yahoo.com/?fr=avantsearch6
HKU\S-1-5-21-2533281548-2792480986-1104297636-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2533281548-2792480986-1104297636-1000 -> DefaultScope {4047CC5C-7BF8-4509-B638-9B80ED1B934D} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-2533281548-2792480986-1104297636-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2533281548-2792480986-1104297636-1000 -> {4047CC5C-7BF8-4509-B638-9B80ED1B934D} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer.dll [2017-03-28] (IObit)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-09-07] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files\Evernote\Evernote\EvernoteIE.dll [2017-09-07] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files\LastPass\LPToolbar.dll [2016-07-26] (LastPass)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-09-07] (Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files\LastPass\LPToolbar.dll [2016-07-26] (LastPass)
Toolbar: HKU\S-1-5-21-2533281548-2792480986-1104297636-1000 -> No Name - {724D43A0-0D85-11D4-9908-00400523E39A} -  No File
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2016-01-04] (Belarc, Inc.)
Handler: skype4com - No CLSID Value - 


FireFox:
========
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-08-22] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-08-22] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-08-22] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-08-22] (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-09-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-09-07] (Oracle Corporation)
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files\LastPass\nplastpass.dll [2016-07-26] (LastPass)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)


==================== Services (Whitelisted) ====================


(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


R2 AdvancedSystemCareService10; C:\Program Files\IObit\Advanced SystemCare Ultimate\ASCService.exe [1013024 2017-04-05] (IObit)
R2 ASCAntivirusSrv; C:\Program Files\IObit\Advanced SystemCare Ultimate\ascavsvc.exe [1931552 2017-01-06] (IObit)
S3 BoxSyncUpdateService; C:\Program Files\Box\Box Sync\SyncUpdaterService.exe [36680 2017-08-07] (Box, Inc.)
S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-12-03] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-12-03] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [43336 2017-09-20] (Dropbox, Inc.)
R2 EaseUS Agent; C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe [40080 2017-08-30] (CHENGDU YIWO Tech Development Co., Ltd)
R2 ePowerSvc; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [734592 2011-01-05] (Acer Incorporated)
R2 FoxitReaderService; C:\Program Files\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659456 2017-08-25] (Foxit Software Inc.)
R2 GsServer; C:\Program Files\Siber Systems\GoodSync\gs-server.exe [5032672 2017-08-23] ()
S2 IObitUnSvr; C:\Program Files\IObit\IObit Uninstaller\IUService.exe [360736 2017-03-28] (IObit)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [3398608 2017-05-09] (Malwarebytes)
R2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [260640 2010-01-29] (Acer Incorporated)
S3 SystemExplorerHelpService; C:\Program Files\System Explorer\service\SystemExplorerService.exe [567008 2014-12-20] (Mister Group)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH)
R2 Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [243232 2010-01-28] (Acer Group)
R2 VPNUnlimitedService; C:\Program Files\VPN Unlimited\vpn-unlimited-daemon.exe [62296 2017-05-16] (KeepSolid Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)


===================== Drivers (Whitelisted) ======================


(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [59936 2017-07-01] ()
R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [116008 2010-11-12] (ELAN Microelectronics Corp.)
R0 EUBAKUP; C:\Windows\System32\drivers\eubakup.sys [56824 2016-12-06] (CHENGDU YIWO Tech Development Co., Ltd)
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [46584 2016-12-06] ()
R1 EUDSKACS; C:\Windows\system32\drivers\eudskacs.sys [20984 2016-12-06] (CHENGDU YIWO Tech Development Co., Ltd)
R1 EUFDDISK; C:\Windows\system32\drivers\EuFdDisk.sys [195576 2016-12-06] (CHENGDU YIWO Tech Development Co., Ltd)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [17472 2015-08-11] (Glarysoft Ltd)
R2 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [196640 2016-10-27] (BitDefender LLC)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2015-08-31] (REALiX(tm))
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x86.sys [110280 2015-08-31] (Qualcomm Atheros Co., Ltd.)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [162240 2017-09-14] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [85400 2017-09-23] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [40352 2017-09-23] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [221600 2017-09-23] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [65824 2017-09-23] (Malwarebytes)
R3 S6000KNT; C:\Windows\System32\Drivers\S6000KNT.sys [167576 2015-08-31] (Windows (R) Win 7 DDK provider)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [18800 2016-03-22] (IObit)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
R3 Trufos; C:\Windows\System32\DRIVERS\TRUFOS.sys [458656 2016-11-02] (BitDefender S.R.L.)
S3 dbx; system32\DRIVERS\dbx.sys [X]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]


==================== NetSvcs (Whitelisted) ===================


(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)




==================== One Month Created files and folders ========


(If an entry is included in the fixlist, the file/folder will be moved.)


2017-09-23 16:30 - 2017-09-23 16:32 - 000016633 _____ C:\Users\Owner\Desktop\FRST.txt
2017-09-23 16:27 - 2017-09-23 16:26 - 001796096 _____ (Farbar) C:\Users\Owner\Desktop\FRST.exe
2017-09-23 11:36 - 2017-09-23 11:36 - 000000000 ___HD C:\OneDriveTemp
2017-09-21 15:14 - 2017-09-21 15:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-09-21 10:57 - 2017-09-21 11:00 - 160334608 _____ (Microsoft Corporation) C:\Users\Owner\Desktop\msert.exe
2017-09-20 11:48 - 2017-09-20 11:48 - 000043336 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-09-20 11:48 - 2017-09-20 11:48 - 000035432 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-09-20 11:48 - 2017-09-20 11:48 - 000035408 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-09-20 11:48 - 2017-09-20 11:48 - 000035408 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-09-20 10:59 - 2017-08-19 10:10 - 003209216 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2017-09-20 10:59 - 2017-08-19 10:10 - 000103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-09-20 10:59 - 2017-08-19 09:57 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2017-09-20 10:59 - 2017-08-19 09:57 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2017-09-20 10:59 - 2017-08-14 12:39 - 000137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-09-20 10:59 - 2017-08-14 12:39 - 000067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-09-20 10:59 - 2017-08-14 12:35 - 001062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-09-20 10:59 - 2017-08-14 12:35 - 000827904 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2017-09-20 10:59 - 2017-08-14 12:35 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-09-20 10:59 - 2017-08-14 12:35 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-09-20 10:59 - 2017-08-14 12:35 - 000554496 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-09-20 10:59 - 2017-08-14 12:35 - 000261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-09-20 10:59 - 2017-08-14 12:35 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-09-20 10:59 - 2017-08-14 12:35 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-09-20 10:59 - 2017-08-14 12:35 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-09-20 10:59 - 2017-08-14 12:35 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-09-20 10:59 - 2017-08-14 12:35 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-09-20 10:59 - 2017-08-14 12:35 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-09-20 10:59 - 2017-08-14 12:35 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-09-20 10:59 - 2017-08-14 12:35 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-09-20 10:59 - 2017-08-14 12:35 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-09-20 10:59 - 2017-08-14 12:35 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-09-20 10:59 - 2017-08-14 12:35 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-09-20 10:59 - 2017-08-13 16:35 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2017-09-20 10:59 - 2017-08-13 16:30 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-09-20 10:59 - 2017-08-13 16:26 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-09-20 10:59 - 2017-08-13 16:26 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-09-20 10:59 - 2017-08-13 16:26 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-09-20 10:59 - 2017-08-13 16:26 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-09-20 10:59 - 2017-08-13 16:26 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-09-20 10:59 - 2017-08-13 16:26 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-09-20 10:58 - 2017-08-19 10:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2017-09-20 10:58 - 2017-08-14 12:35 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2017-09-18 22:36 - 2017-09-18 22:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Greenshot
2017-09-18 22:36 - 2017-09-18 22:36 - 000000000 ____D C:\Program Files\Greenshot
2017-09-18 22:24 - 2017-09-18 22:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2017-09-16 18:35 - 2017-09-23 16:30 - 000000000 ____D C:\FRST
2017-09-14 20:00 - 2017-08-15 19:25 - 000347336 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-09-14 20:00 - 2017-08-15 09:01 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-09-14 20:00 - 2017-08-15 09:01 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-09-14 20:00 - 2017-08-15 09:01 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-09-14 20:00 - 2017-08-15 08:58 - 013673984 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-09-14 20:00 - 2017-08-13 11:54 - 020269056 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-09-14 20:00 - 2017-08-13 11:46 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-09-14 20:00 - 2017-08-13 11:45 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-09-14 20:00 - 2017-08-13 11:30 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-09-14 20:00 - 2017-08-13 11:29 - 000499200 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-09-14 20:00 - 2017-08-13 11:29 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-09-14 20:00 - 2017-08-13 11:28 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-09-14 20:00 - 2017-08-13 11:24 - 002291200 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-09-14 20:00 - 2017-08-13 11:22 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-09-14 20:00 - 2017-08-13 11:21 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-09-14 20:00 - 2017-08-13 11:19 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-09-14 20:00 - 2017-08-13 11:17 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-09-14 20:00 - 2017-08-13 11:17 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-09-14 20:00 - 2017-08-13 11:17 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-09-14 20:00 - 2017-08-13 11:01 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-09-14 20:00 - 2017-08-13 11:01 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-09-14 20:00 - 2017-08-13 11:00 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-09-14 20:00 - 2017-08-13 10:57 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-09-14 20:00 - 2017-08-13 10:48 - 004547072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-09-14 20:00 - 2017-08-13 10:46 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-09-14 20:00 - 2017-08-13 10:44 - 000694784 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-09-14 20:00 - 2017-08-13 10:44 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-09-14 20:00 - 2017-08-13 10:43 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-09-14 20:00 - 2017-08-13 10:17 - 002767872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-09-14 20:00 - 2017-08-13 10:14 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-09-14 20:00 - 2017-08-13 10:13 - 001314816 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-09-14 19:59 - 2017-08-19 10:10 - 000180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2017-09-14 19:59 - 2017-08-16 10:10 - 000629760 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-09-14 19:59 - 2017-08-16 09:50 - 002403328 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-09-14 19:59 - 2017-08-15 10:10 - 012880896 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-09-14 19:59 - 2017-08-15 10:10 - 001499648 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-09-14 19:59 - 2017-08-14 12:35 - 002150912 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2017-09-14 19:59 - 2017-08-14 12:35 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\mmcbase.dll
2017-09-14 19:59 - 2017-08-14 12:35 - 000172544 _____ (Microsoft Corporation) C:\Windows\system32\cic.dll
2017-09-14 19:59 - 2017-08-14 12:35 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\mmcshext.dll
2017-09-14 19:59 - 2017-08-13 16:30 - 001401344 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2017-09-14 19:59 - 2017-08-13 11:29 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-09-14 19:59 - 2017-08-13 11:18 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-09-14 19:59 - 2017-08-13 11:10 - 000667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-09-14 19:59 - 2017-08-13 10:53 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-09-14 19:59 - 2017-08-13 10:43 - 002058752 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-09-14 19:59 - 2017-08-11 01:24 - 004001000 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2017-09-14 19:59 - 2017-08-11 01:24 - 003945704 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-09-14 19:59 - 2017-08-11 01:21 - 001310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 001417728 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000781824 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000377344 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000299008 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\winnsi.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\nsi.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-09-14 19:59 - 2017-08-11 01:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-09-14 19:59 - 2017-08-11 01:09 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2017-09-14 19:59 - 2017-08-11 01:03 - 000026624 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2017-09-14 19:59 - 2017-08-11 01:01 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2017-09-14 19:59 - 2017-08-11 01:00 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-09-14 19:59 - 2017-08-11 01:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-09-14 19:59 - 2017-08-11 01:00 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-09-14 19:59 - 2017-08-11 01:00 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-09-14 19:59 - 2017-08-11 00:58 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-09-14 19:59 - 2017-08-11 00:58 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-09-14 19:59 - 2017-08-11 00:56 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-09-14 19:59 - 2017-08-11 00:56 - 000311808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-09-14 19:59 - 2017-08-11 00:56 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-09-14 19:59 - 2017-08-11 00:55 - 000188928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-09-14 19:59 - 2017-08-11 00:55 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-09-14 19:59 - 2017-08-11 00:55 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
2017-09-14 19:59 - 2017-08-11 00:55 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-09-14 19:59 - 2017-08-11 00:55 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-09-14 19:59 - 2017-08-11 00:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-09-14 19:59 - 2017-08-11 00:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-09-14 19:59 - 2017-07-29 09:50 - 000074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-09-14 19:59 - 2017-07-21 09:26 - 000518144 _____ C:\Windows\system32\msjetoledb40.dll
2017-09-14 19:59 - 2017-07-21 09:26 - 000409600 _____ (Microsoft Corporation) C:\Windows\system32\msexch40.dll
2017-09-14 19:59 - 2017-07-21 09:26 - 000290816 _____ (Microsoft Corporation) C:\Windows\system32\msjtes40.dll
2017-09-14 19:59 - 2017-07-21 09:26 - 000282624 _____ (Microsoft Corporation) C:\Windows\system32\mstext40.dll
2017-09-14 19:59 - 2017-07-14 10:10 - 001549824 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-09-14 19:59 - 2017-07-14 10:10 - 001400320 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-09-14 19:59 - 2017-07-14 10:10 - 001363968 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-09-14 19:59 - 2017-07-14 10:10 - 000666624 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-09-14 19:59 - 2017-07-14 10:10 - 000382976 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2017-09-14 19:59 - 2017-07-14 10:10 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-09-14 19:59 - 2017-07-14 10:10 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-09-14 19:59 - 2017-07-14 10:10 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-09-14 19:59 - 2017-07-14 10:10 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-09-14 19:59 - 2017-07-14 10:10 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-09-14 19:59 - 2017-07-14 10:00 - 000427520 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-09-14 19:59 - 2017-07-14 10:00 - 000164352 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-09-14 19:59 - 2017-07-14 09:59 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-09-14 19:59 - 2017-07-14 09:59 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-09-14 19:59 - 2017-07-14 09:50 - 000054272 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2017-09-14 19:59 - 2017-07-14 09:50 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2017-09-14 19:59 - 2017-07-08 10:19 - 000250600 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2017-09-14 19:59 - 2017-07-07 10:15 - 000296680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys
2017-09-14 19:59 - 2017-07-07 10:11 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2017-09-14 19:59 - 2017-07-07 10:10 - 000973312 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll
2017-09-14 19:59 - 2017-07-01 08:05 - 001311744 _____ (Microsoft Corporation) C:\Windows\system32\msjet40.dll
2017-09-14 19:59 - 2017-07-01 08:05 - 000866816 _____ (Microsoft Corporation) C:\Windows\system32\mswdat10.dll
2017-09-14 19:59 - 2017-07-01 08:05 - 000641536 _____ (Microsoft Corporation) C:\Windows\system32\mswstr10.dll
2017-09-14 19:59 - 2017-07-01 08:05 - 000616448 _____ (Microsoft Corporation) C:\Windows\system32\msrepl40.dll
2017-09-14 19:59 - 2017-07-01 08:05 - 000475648 _____ (Microsoft Corporation) C:\Windows\system32\msxbde40.dll
2017-09-14 19:59 - 2017-07-01 08:05 - 000375808 _____ (Microsoft Corporation) C:\Windows\system32\mspbde40.dll
2017-09-14 19:59 - 2017-07-01 08:05 - 000343552 _____ (Microsoft Corporation) C:\Windows\system32\msrd3x40.dll
2017-09-14 19:59 - 2017-07-01 08:05 - 000339968 _____ (Microsoft Corporation) C:\Windows\system32\msexcl40.dll
2017-09-14 19:59 - 2017-07-01 08:05 - 000310272 _____ (Microsoft Corporation) C:\Windows\system32\msrd2x40.dll
2017-09-14 19:59 - 2017-07-01 08:05 - 000240640 _____ (Microsoft Corporation) C:\Windows\system32\msltus40.dll
2017-09-14 19:59 - 2017-07-01 08:05 - 000144896 _____ (Microsoft Corporation) C:\Windows\system32\msjint40.dll
2017-09-14 19:59 - 2017-07-01 08:05 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\msjter40.dll
2017-09-13 12:21 - 2017-09-13 12:21 - 000000000 ____D C:\ProgramData\SystemAcCrux
2017-09-12 12:23 - 2017-09-12 12:27 - 239126136 _____ C:\Users\Owner\Desktop\Windows6.1-KB947821-v34-x86.msu
2017-09-11 09:17 - 2017-09-11 09:16 - 000197679 _____ C:\Users\Owner\Desktop\ListChkdskResult.exe
2017-09-09 20:52 - 2017-09-09 20:52 - 002884096 _____ (niemiro) C:\Users\Owner\Desktop\SFCFix.exe
2017-09-08 02:15 - 2017-09-21 09:15 - 000269104 _____ C:\Windows\system32\FNTCACHE.DAT
2017-09-08 01:37 - 2017-09-08 01:37 - 000058016 _____ C:\Users\Owner\AppData\Local\GDIPFONTCACHEV1.DAT
2017-09-08 00:23 - 2017-09-08 00:23 - 000000000 ____D C:\Program Files\Common Files\Skype
2017-09-08 00:18 - 2017-09-08 00:18 - 000000933 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-09-08 00:18 - 2017-09-08 00:18 - 000000921 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-09-08 00:08 - 2017-09-08 00:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMPlayer
2017-09-08 00:01 - 2017-09-08 00:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoodSync
2017-09-07 23:59 - 2017-09-07 23:59 - 000000000 ____D C:\Program Files\Common Files\Java
2017-09-07 23:35 - 2017-09-07 23:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2017-09-07 22:42 - 2017-09-07 22:42 - 000000590 _____ C:\Users\Owner\Desktop\foo (TM-AC1900-A9C0) (M).lnk
2017-09-07 22:27 - 2017-09-19 22:22 - 000000000 ____D C:\SFCFix
2017-09-07 22:21 - 2017-09-19 22:22 - 000000000 ____D C:\Users\Owner\AppData\Local\niemiro
2017-09-07 18:00 - 2017-09-07 18:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Box Sync
2017-09-07 17:11 - 2016-03-22 11:02 - 000018800 _____ (IObit) C:\Windows\system32\Drivers\SmartDefragDriver.sys


==================== One Month Modified files and folders ========


(If an entry is included in the fixlist, the file/folder will be moved.)


2017-09-23 16:30 - 2011-01-11 19:37 - 000000000 ____D C:\Windows\system32\Macromed
2017-09-23 16:29 - 2015-08-09 19:58 - 000000000 ___RD C:\Users\Owner\Dropbox
2017-09-23 16:07 - 2016-12-03 19:41 - 000000894 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-09-23 15:41 - 2015-08-08 23:28 - 000000000 ____D C:\Users\Owner\AppData\Local\Adobe
2017-09-23 15:40 - 2015-08-10 22:26 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-09-23 15:40 - 2015-08-10 22:26 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-09-23 15:39 - 2016-12-09 10:47 - 000000982 _____ C:\Users\Public\Desktop\SRWare Iron.lnk
2017-09-23 15:39 - 2016-02-29 20:28 - 000001044 _____ C:\Users\Public\Desktop\Iron Config and Backup.lnk
2017-09-23 15:39 - 2015-08-17 14:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRWare Iron
2017-09-23 15:39 - 2015-08-17 14:40 - 000000000 ____D C:\Program Files\SRWare Iron
2017-09-23 15:22 - 2009-07-13 23:34 - 000016480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-09-23 15:22 - 2009-07-13 23:34 - 000016480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-09-23 15:11 - 2017-06-17 20:00 - 000085400 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-09-23 15:11 - 2017-06-17 00:30 - 000065824 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-09-23 15:11 - 2017-06-17 00:29 - 000040352 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-09-23 15:11 - 2017-06-17 00:26 - 000221600 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-09-23 15:11 - 2016-01-27 21:58 - 000000000 ___RD C:\Users\Owner\OneDrive
2017-09-23 15:10 - 2016-12-03 19:41 - 000000890 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-09-23 15:10 - 2009-07-13 23:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-09-23 11:37 - 2015-08-12 15:27 - 000000000 ____D C:\ProgramData\ProductData
2017-09-23 11:33 - 2015-08-09 22:36 - 000000000 ____D C:\Windows\pss
2017-09-21 18:22 - 2015-08-08 23:57 - 000000000 ____D C:\ProgramData\boost_interprocess
2017-09-21 17:56 - 2009-07-13 21:37 - 000000000 ____D C:\Windows\rescache
2017-09-21 15:14 - 2016-12-03 19:41 - 000000000 ____D C:\Program Files\Dropbox
2017-09-21 09:25 - 2011-01-11 18:29 - 000782656 _____ C:\Windows\system32\PerfStringBackup.INI
2017-09-21 09:25 - 2009-07-13 21:37 - 000000000 ____D C:\Windows\inf
2017-09-18 23:08 - 2015-08-11 09:10 - 000000000 ____D C:\Users\Owner\Desktop\shortcuts
2017-09-18 23:08 - 2015-08-11 08:59 - 000000000 ____D C:\Program Files\CCleaner
2017-09-18 22:38 - 2015-08-11 12:03 - 000000000 ____D C:\Program Files\Glary Utilities 5
2017-09-18 22:02 - 2015-08-11 12:03 - 000001058 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2017-09-15 11:54 - 2015-08-11 12:21 - 000000000 ____D C:\Users\Owner\AppData\Roaming\GoodSync
2017-09-14 20:12 - 2015-08-08 23:42 - 000000000 ____D C:\Windows\system32\MRT
2017-09-14 20:02 - 2015-08-08 23:42 - 135337392 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-09-14 19:40 - 2015-08-09 22:40 - 000002163 _____ C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2017-09-14 19:29 - 2017-06-17 00:31 - 000162240 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-09-13 12:21 - 2017-05-24 10:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo Backup 10.6
2017-09-09 21:05 - 2017-07-16 22:12 - 001309928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-09-09 21:05 - 2017-07-16 22:12 - 001213672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-09-09 21:05 - 2017-07-16 22:12 - 000187624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2017-09-09 21:05 - 2016-12-13 21:48 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2017-09-09 21:05 - 2016-09-22 08:56 - 000437248 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2017-09-09 12:13 - 2017-07-16 22:12 - 000444928 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2017-09-09 12:13 - 2017-06-14 00:04 - 000174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-09-09 12:13 - 2017-06-14 00:04 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-09-09 12:13 - 2017-06-14 00:04 - 000073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2017-09-09 12:13 - 2017-06-14 00:04 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\rundll32.exe
2017-09-09 12:13 - 2017-06-14 00:04 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-09-09 12:13 - 2017-06-14 00:04 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-09-09 12:13 - 2017-06-14 00:04 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2017-09-09 12:13 - 2017-05-11 23:57 - 000338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2017-09-09 12:13 - 2017-04-12 08:00 - 002746880 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-09-09 12:13 - 2017-04-12 08:00 - 000221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-09-09 12:13 - 2017-04-12 08:00 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2017-09-09 12:13 - 2017-03-30 08:21 - 000066400 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-09-09 12:13 - 2017-03-30 08:21 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-09-09 12:13 - 2017-03-30 08:21 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-09-09 12:13 - 2017-03-30 08:21 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-09-09 12:13 - 2016-11-09 11:20 - 002291712 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2017-09-09 12:13 - 2016-11-09 11:20 - 000202240 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2017-09-09 12:13 - 2016-11-09 11:20 - 000187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2017-09-09 12:13 - 2016-11-02 17:08 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2017-09-09 12:13 - 2016-10-11 17:48 - 000208896 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2017-09-09 12:13 - 2016-10-11 17:48 - 000117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2017-09-09 12:13 - 2016-09-22 08:56 - 001178112 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2017-09-09 12:13 - 2016-09-22 08:56 - 000249344 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2017-09-09 12:13 - 2016-09-22 08:56 - 000214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2017-09-09 12:13 - 2016-09-22 08:56 - 000199168 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2017-09-09 12:13 - 2016-09-22 08:56 - 000146944 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2017-09-09 12:13 - 2016-09-22 08:55 - 000054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2017-09-09 12:13 - 2016-09-22 08:55 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2017-09-09 12:13 - 2016-09-22 08:55 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2017-09-09 12:13 - 2015-08-10 21:44 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2017-09-09 12:13 - 2009-07-13 17:06 - 000201034 _____ C:\Windows\system32\winrm.vbs
2017-09-09 12:13 - 2009-07-13 17:06 - 000004675 _____ C:\Windows\system32\wsmanconfig_schema.xml
2017-09-09 12:13 - 2009-07-13 17:06 - 000002426 _____ C:\Windows\system32\WsmTxt.xsl
2017-09-09 12:13 - 2009-07-13 17:06 - 000001559 _____ C:\Windows\system32\WsmPty.xsl
2017-09-09 12:13 - 2009-06-10 16:40 - 000000035 _____ C:\Windows\system32\winrm.cmd
2017-09-09 12:12 - 2017-07-16 22:12 - 001227264 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2017-09-09 12:12 - 2017-07-16 22:12 - 000390144 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2017-09-09 12:12 - 2017-07-16 22:12 - 000303616 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2017-09-09 12:12 - 2017-07-16 22:12 - 000240872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-09-09 12:12 - 2017-07-16 22:12 - 000157184 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe
2017-09-09 12:12 - 2017-07-16 22:12 - 000103424 _____ (Microsoft Corporation) C:\Windows\system32\resmon.exe
2017-09-09 12:12 - 2017-07-16 22:12 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\pdhui.dll
2017-09-09 12:12 - 2017-07-05 00:31 - 000730856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-09-09 12:12 - 2017-07-05 00:31 - 000218856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-09-09 12:12 - 2017-07-05 00:31 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2017-09-09 12:12 - 2017-06-14 00:04 - 000091368 _____ (Microsoft Corporation) C:\Windows\system32\MigAutoPlay.exe
2017-09-09 12:12 - 2017-06-14 00:04 - 000078568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2017-09-09 12:12 - 2017-06-14 00:04 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2017-09-09 12:12 - 2017-04-20 08:27 - 001508352 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll
2017-09-09 12:12 - 2017-04-20 08:27 - 000007680 _____ (Microsoft Corporation) C:\Windows\system32\plasrv.exe
2017-09-09 12:12 - 2017-04-12 08:00 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2017-09-09 12:12 - 2017-04-12 08:00 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-09-09 12:12 - 2017-03-14 23:24 - 000741888 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-09-09 12:12 - 2017-03-14 23:24 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2017-09-09 12:12 - 2016-12-13 21:48 - 000105192 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2017-09-09 12:12 - 2016-12-13 21:48 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2017-09-09 12:12 - 2016-11-22 15:17 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2017-09-09 12:12 - 2016-11-09 11:20 - 000090624 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll
2017-09-09 12:12 - 2016-09-22 08:56 - 012574208 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2017-09-09 12:12 - 2016-09-22 08:56 - 011410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2017-09-09 12:12 - 2016-09-22 08:56 - 000988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2017-09-09 12:12 - 2016-09-22 08:56 - 000744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2017-09-09 12:12 - 2016-09-22 08:56 - 000617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2017-09-09 12:12 - 2016-09-22 08:55 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2017-09-09 12:12 - 2016-09-22 08:55 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2017-09-09 12:12 - 2016-09-22 08:55 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2017-09-09 12:12 - 2016-09-22 08:55 - 000354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2017-09-09 12:12 - 2016-09-22 08:55 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2017-09-09 12:12 - 2016-09-22 08:55 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2017-09-09 12:12 - 2016-09-22 08:55 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2017-09-09 12:12 - 2016-09-22 08:55 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2017-09-09 12:12 - 2009-07-13 16:28 - 000145519 _____ C:\Windows\system32\perfmon.msc
2017-09-09 12:11 - 2016-09-22 08:56 - 000442368 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2017-09-09 12:11 - 2016-09-22 08:55 - 000100352 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2017-09-08 00:26 - 2017-03-03 16:08 - 000000000 ____D C:\Users\Owner\AppData\Roaming\Skype
2017-09-08 00:24 - 2017-03-06 16:11 - 000000000 ___RD C:\Program Files\Skype
2017-09-08 00:23 - 2017-03-04 20:33 - 000000000 ____D C:\ProgramData\Skype
2017-09-08 00:18 - 2015-08-09 15:54 - 000000000 ____D C:\Program Files\TeamViewer
2017-09-08 00:11 - 2015-08-11 21:45 - 000000000 ____D C:\Users\Owner\.smplayer
2017-09-08 00:08 - 2015-08-11 21:44 - 000000000 ____D C:\Program Files\SMPlayer
2017-09-07 23:58 - 2015-08-10 22:19 - 000000000 ____D C:\ProgramData\Oracle
2017-09-07 23:48 - 2015-08-10 22:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-09-07 23:47 - 2015-08-10 22:20 - 000095808 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2017-09-07 23:45 - 2015-08-10 22:19 - 000000000 ____D C:\Program Files\Java
2017-09-07 23:37 - 2016-06-29 10:41 - 000000000 ____D C:\ProgramData\Foxit Software
2017-09-07 22:11 - 2017-01-10 18:50 - 010026094 ____H C:\Users\Owner\AppData\Local\IconCache.db.backup
2017-09-07 17:58 - 2016-06-15 22:53 - 000000000 ____D C:\Users\Owner\AppData\Local\MightyText
2017-09-07 17:09 - 2016-04-21 04:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag


==================== Files in the root of some directories =======


2016-02-11 21:51 - 2016-07-26 07:51 - 017348120 _____ (LastPass) C:\Program Files\Common Files\lpuninstall.exe
2015-08-10 00:41 - 2017-03-01 23:44 - 000007600 _____ () C:\Users\Owner\AppData\Local\Resmon.ResmonCfg
2016-06-29 10:18 - 2016-06-29 10:18 - 000000077 _____ () C:\Users\Owner\AppData\Local\smplayerhdpi.ini
2015-08-31 22:48 - 2015-08-31 22:48 - 000000000 ____H () C:\ProgramData\DP45977C.lfl


==================== Bamital & volsnap ======================


(There is no automatic fix for files that do not pass verification.)


C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2017-09-20 12:24


==================== End of FRST.txt ============================

Code: 
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23-09-2017 02Ran by Owner (23-09-2017 16:34:05)
Running from C:\Users\Owner\Desktop
Microsoft Windows 7 Starter  Service Pack 1 (X86) (2015-08-09 04:26:27)
Boot Mode: Normal
==========================================================




==================== Accounts: =============================


Administrator (S-1-5-21-2533281548-2792480986-1104297636-500 - Administrator - Disabled)
Guest (S-1-5-21-2533281548-2792480986-1104297636-501 - Limited - Disabled) => C:\Users\Guest
Owner (S-1-5-21-2533281548-2792480986-1104297636-1000 - Administrator - Enabled) => C:\Users\Owner


==================== Security Center ========================


(If an entry is included in the fixlist, it will be removed.)


AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Advanced SystemCare Ultimate (Enabled - Up to date) {91A1210C-78DD-A71C-E865-63DB27C767EE}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}


==================== Installed Programs ======================


(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)


7-Zip 16.04 (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Acer Crystal Eye webcam (HKLM\...\{51F026FA-5146-4232-A8BA-1364740BD053}) (Version: 1.0.5.2 - Liteon)
Acer ePower Management (HKLM\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3009 - Acer Incorporated)
Acer eRecovery Management (HKLM\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated)
Acer ScreenSaver (HKLM\...\Acer Screensaver) (Version: 1.1.1122.2010 - Acer Incorporated)
Acer Updater (HKLM\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)
Acer VCM (HKLM\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3004 - Acer Incorporated)
Adblock Plus for IE (32-bit) (HKLM\...\{E93152F1-E3AE-4B2A-9BAC-F770203F67E5}) (Version: 1.5 - Eyeo GmbH)
Adobe Flash Player 26 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Advanced SystemCare Ultimate 10 (HKLM\...\Advanced SystemCare Ultimate_is1) (Version: 10.1.0 - IObit)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.35 - Atheros Communications Inc.)
Belarc Advisor 8.5c (HKLM\...\Belarc Advisor) (Version: 8.5.3.0 - Belarc Inc.)
BleachBit (HKLM\...\BleachBit) (Version: 1.12 - BleachBit)
Box Sync (HKLM\...\{2c379291-5878-45c1-8c7f-1ba6d0a669e1}) (Version: 4.0.7724.0 - Box Inc.) Hidden
Box Sync (HKLM\...\{7D6EE9CB-76C8-4F30-A9E5-F1B140BAFB79}) (Version: 4.0.7848.0 - Box, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.34 - Piriform)
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Driver Booster 4.5 (HKLM\...\Driver Booster_is1) (Version: 4.5.0 - IObit)
Dropbox (HKLM\...\Dropbox) (Version: 35.4.20 - Dropbox, Inc.)
Dropbox Update Helper (HKLM\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.65.1 - Dropbox, Inc.) Hidden
Duplicate Cleaner Free 4.0.5 (HKLM\...\Duplicate Cleaner Free) (Version: 4.0.5 - DigitalVolcano Software Ltd) <==== ATTENTION
EaseUS Todo Backup Home 10.6 (HKLM\...\EaseUS Todo Backup_is1) (Version: 10.6 - CHENGDU YIWO Tech Development Co., Ltd)
ENE USB Card Reader Driver (HKLM\...\3B29FD3CCF1F5B855DA0C521597413EBABE97DFB) (Version: 5.89.0.70 - ENE)
Evernote v. 6.7.4 (HKLM\...\{1A61270A-9403-11E7-86C1-005056951CAD}) (Version: 6.7.4.5741 - Evernote Corp.)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 8.3.2.25013 - Foxit Software Inc.)
Glary Utilities 5.84 (HKLM\...\Glary Utilities 5) (Version: 5.84.0.105 - Glarysoft Ltd)
GoodSync (HKLM\...\{B26B00DA-2E5D-4CF2-83C5-911198C0F009}) (Version: 10.5.8.5 - Siber Systems)
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot)
Identity Card (HKLM\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.14.10.2117 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.4.1002 - Intel Corporation)
IObit Uninstaller (HKLM\...\IObitUninstall) (Version: 6.4.0.2119 - IObit)
Java 8 Update 141 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
Java 8 Update 144 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Junk Mail filter update (HKLM\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KC Softwares KCleaner (HKLM\...\KC Softwares KCleaner_is1) (Version: 3.2.4.87 - KC Softwares)
LastPass (uninstall only) (HKLM\...\LastPass) (Version:  - LastPass)
LastPass for Applications (HKLM\...\LastApp) (Version:  - LastPass)
Launch Manager (HKLM\...\LManager) (Version: 4.0.14 - Acer Inc.)
Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office 2010 (HKLM\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2533281548-2792480986-1104297636-1000\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MightyText (HKLM\...\{87B9BBD8-C449-4885-AD4F-97957734F734}_is1) (Version: 1.0 - MightyText)
PNotes.NET 3.0.1.5 (HKLM\...\{02384F4C-1820-49E9-9D03-81F27EEE1224}_is1) (Version: 3.0.1.5 - Andrey Gruber)
Prism Video File Converter (HKLM\...\Prism) (Version:  - NCH Software)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Send To Toys v2.71 (HKLM\...\Send To Toys_is1) (Version:  - Gabriele Ponti)
Skypeâ„¢ 7.40 (HKLM\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
Smart Defrag 5 (HKLM\...\Smart Defrag_is1) (Version: 5.7.0 - IObit)
SMPlayer 17.9.0 (HKLM\...\SMPlayer) (Version: 17.9.0 - Ricardo Villalba)
SRWare Iron version 61.0.3200.0 (HKLM\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: 61.0.3200.0 - SRWare)
Super Finder XT  2.6.3.2 (HKLM\...\Super Finder XT Supporters Edition_is1) (Version:  - FSL - FreeSoftLand)
System Explorer 7.0.0 (HKLM\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version:  - Mister Group)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamViewer 12 (HKLM\...\TeamViewer) (Version: 12.0.83369 - TeamViewer)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VPN Unlimited 4.1 (HKLM\...\{DC24521E-872B-41AF-93EA-FE477902D6FB}_is1) (Version: 4.1 - KeepSolid Inc.)
WebCam (HKLM\...\{FC9B811E-39BC-4813-9E29-B83CCF700010}) (Version: 2.103.13.11 - ALi)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)


==================== Custom CLSID (Whitelisted): ==========================


(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


CustomCLSID: HKU\S-1-5-21-2533281548-2792480986-1104297636-1000_Classes\CLSID\{004B49B7-11B9-5058-AA22-08DD0A3ADC4B}\InprocServer32 -> {1826A475-9468-D082-2334-57E985889A47} => No File
CustomCLSID: HKU\S-1-5-21-2533281548-2792480986-1104297636-1000_Classes\CLSID\{004B49B7-11B9-5058-FF22-08DD093ADC4B}\InprocServer32 -> {187E3C07-9468-D082-51AC-0FE985889A47} => No File
CustomCLSID: HKU\S-1-5-21-2533281548-2792480986-1104297636-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Owner\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileCoAuthLib.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2533281548-2792480986-1104297636-1000_Classes\CLSID\{25815CC0-43F4-3C75-8C3A-A139D9ADE740}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2533281548-2792480986-1104297636-1000_Classes\CLSID\{DD0822AA-3A0A-4BDC-B749-4B00B9115850}\InprocServer32 -> {5BC61A27-9468-D082-718A-B7AA85889A47} => No File
CustomCLSID: HKU\S-1-5-21-2533281548-2792480986-1104297636-1000_Classes\CLSID\{DD0822FF-3A09-4BDC-B749-4B00B9115850}\InprocServer32 -> {59F5238B-9468-D082-DDB3-84A885889A47} => No File
ShellIconOverlayIdentifiers: [    BoxSyncFileLocked] -> {2a607da5-abe8-358e-a881-c0f5faf2d3a5} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [    BoxSyncFileLockedByOther] -> {f7d2951f-0b6b-346c-99ec-69cffc30a364} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [    BoxSyncNotSynced] -> {5ea95e3d-3e46-3812-b03c-49785fa67d41} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [    BoxSyncProblem] -> {a88b7184-bfa1-3d14-8efb-2225df9699bc} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [    BoxSyncSynced] -> {c89f9943-8f58-3eca-bd55-a658f53b2f48} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.18.0.dll [2017-09-20] (Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files\IObit\Advanced SystemCare Ultimate\ASCExtMenu.dll [2016-11-18] (IObit)
ContextMenuHandlers1: [BoxContextMenuClient] -> {87768833-3c5c-30fb-af03-ba34bc95d084} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.18.0.dll [2017-09-20] (Dropbox, Inc.)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x86.dll [2017-08-19] (Foxit Software Inc.)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files\Glary Utilities 5\ContextHandler.dll [2015-12-21] (Glarysoft Ltd)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files\IObit\IObit Uninstaller\UninstallMenuRight.dll [2017-03-28] (IObit)
ContextMenuHandlers1: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files\EaseUS\Todo Backup\bin\ImageSh.dll [2017-09-04] (CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files\IObit\Advanced SystemCare Ultimate\ASCExtMenu.dll [2016-11-18] (IObit)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files\Glary Utilities 5\ContextHandler.dll [2015-12-21] (Glarysoft Ltd)
ContextMenuHandlers2: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files\EaseUS\Todo Backup\bin\ImageSh.dll [2017-09-04] (CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-04] ()
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files\IObit\Advanced SystemCare Ultimate\ASCExtMenu.dll [2016-11-18] (IObit)
ContextMenuHandlers4: [BoxContextMenuClient] -> {87768833-3c5c-30fb-af03-ba34bc95d084} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.18.0.dll [2017-09-20] (Dropbox, Inc.)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files\IObit\IObit Uninstaller\UninstallMenuRight.dll [2017-03-28] (IObit)
ContextMenuHandlers4: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files\EaseUS\Todo Backup\bin\ImageSh.dll [2017-09-04] (CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.18.0.dll [2017-09-20] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2010-04-18] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x86.dll [2017-08-19] (Foxit Software Inc.)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files\Glary Utilities 5\ContextHandler.dll [2015-12-21] (Glarysoft Ltd)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files\IObit\IObit Uninstaller\UninstallMenuRight.dll [2017-03-28] (IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-04] ()


==================== Scheduled Tasks (Whitelisted) =============


(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


Task: {07CD6803-28BD-419D-AA55-8A0032A24861} - System32\Tasks\Uninstaller_SkipUac_Owner => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [2017-05-26] (IObit)
Task: {0AE343E9-E45B-4A36-A866-A0FE20FF6E39} - System32\Tasks\ASCU10_SkipUac_Owner => C:\Program Files\IObit\Advanced SystemCare Ultimate\ASC.exe [2017-06-26] (IObit)
Task: {2540C1C1-B066-4BA9-94D7-C9C3F1C78F93} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files\IObit\Smart Defrag\AutoDefrag.exe [2016-06-06] (IObit)
Task: {5FE83F09-2589-407F-A668-C49DD8A016E6} - System32\Tasks\GlaryInitialize 5 => C:\Program Files\Glary Utilities 5\Initialize.exe [2017-09-15] (Glarysoft Ltd)
Task: {87B70E99-33CA-4716-8DE9-85DDD0194490} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-23] (Adobe Systems Incorporated)
Task: {88700527-EF1D-4DEF-9276-A9B6EFCA016E} - System32\Tasks\SmartDefrag_Update => C:\Program Files\IObit\Smart Defrag\AutoUpdate.exe [2017-07-28] (IObit)
Task: {8ACDAC39-E825-4805-B6A3-67A336F349A6} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_27_0_0_130_pepper.exe [2017-09-23] (Adobe Systems Incorporated)
Task: {8D556AF3-E5E5-4573-9E5D-4730B38EE77A} - System32\Tasks\Driver Booster Scheduler => C:\Program Files\IObit\Driver Booster\4.5.0\Scheduler.exe [2017-07-26] (IObit)
Task: {9E0F5302-DD1C-4DCB-91F8-103D78A6E6C9} - System32\Tasks\SmartDefrag_AutoDefrag => C:\Program Files\IObit\Smart Defrag\AutoDefrag.exe [2016-06-06] (IObit)
Task: {AFB464FD-112F-49B4-B7E1-0AAAEFE12645} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-12-03] (Dropbox, Inc.)
Task: {CE077C76-8718-4CB8-927B-E21287EC34F4} - System32\Tasks\Driver Booster SkipUAC (Owner) => C:\Program Files\IObit\Driver Booster\4.5.0\DriverBooster.exe [2017-07-28] (IObit)
Task: {F46DEF35-E246-48AD-B63A-7C4758C86EF1} - System32\Tasks\ASCU10_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare Ultimate\Monitor.exe [2016-12-14] (IObit)
Task: {F5C617D9-9EB7-4EBB-B204-DF6E17929D92} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-12-03] (Dropbox, Inc.)
Task: {F93653BB-7C76-4F54-8330-ECDC72E58158} - System32\Tasks\{1EB0654A-DAF2-4EF9-99D0-91CBA9D39C7A} => "c:\program files\internet explorer\iexplore.exe" hxxps://ui.skype.com/ui/0/7.33.0.104/en/abandoninstall?source=lightinstaller&page=tsProgressBar
Task: {FF6AE838-CAA3-47D0-9A75-C741A2FF2A66} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-09-07] (Piriform Ltd)


(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe


==================== Shortcuts & WMI ========================


(The entries could be listed to be restored or removed.)




Shortcut: C:\Users\Owner\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.htm


ShortcutWithArgument: C:\Users\Owner\Desktop\shortcuts\Netflix.lnk -> C:\ProgramData\OEM_E471269A730D\Netflix\StartURL.exe () -> hxxp://homepage.acer.com/redirect.aspx?rid=09000001
ShortcutWithArgument: C:\Users\Owner\AppData\Local\Chromium\User Data\Default\Web Applications\_crx_hmjkmjkepdijhoojdojkdfohbdgmmhki\Google Keep - notes and lists.lnk -> C:\Program Files\SRWare Iron\chrome.exe (SRWare) ->  --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Iron Apps\Google Contacts Launcher.lnk -> C:\Program Files\SRWare Iron\chrome.exe (SRWare) ->  --profile-directory=Default --app-id=dbhggpkpgfpkpebfmcbomdljchcmbilf
ShortcutWithArgument: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Iron Apps\Google Hangouts.lnk -> C:\Program Files\SRWare Iron\chrome.exe (SRWare) ->  --profile-directory=Default --app-id=knipolnnllmklapflnccelgolnpehhpl
ShortcutWithArgument: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Iron Apps\Google Keep - notes and lists.lnk -> C:\Program Files\SRWare Iron\chrome.exe (SRWare) ->  --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Iron Apps\Pocket.lnk -> C:\Program Files\SRWare Iron\chrome.exe (SRWare) ->  --profile-directory=Default --app-id=mjcnijlhddpbdemagnpefmlkjdagkogk
ShortcutWithArgument: C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Keep - notes and lists.lnk -> C:\Program Files\SRWare Iron\chrome.exe (SRWare) -> --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki


==================== Loaded Modules (Whitelisted) ==============


2017-05-25 06:52 - 2016-08-18 18:43 - 000442144 _____ () C:\Program Files\IObit\Advanced SystemCare Ultimate\madExcept_.bpl
2017-05-25 06:52 - 2016-08-18 18:43 - 000210720 _____ () C:\Program Files\IObit\Advanced SystemCare Ultimate\madBasic_.bpl
2017-05-25 06:52 - 2016-08-18 18:43 - 000059680 _____ () C:\Program Files\IObit\Advanced SystemCare Ultimate\madDisAsm_.bpl
2017-05-25 06:52 - 2016-11-01 10:11 - 000078624 _____ () C:\Program Files\IObit\Advanced SystemCare Ultimate\GetProcessDLL.dll
2017-09-13 12:21 - 2017-02-21 17:19 - 000083136 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CodeLog.dll
2017-05-24 10:16 - 2016-03-07 18:08 - 001291264 _____ () C:\Program Files\EaseUS\Todo Backup\bin\libxml2.dll
2017-05-24 10:16 - 2004-10-05 03:08 - 000055808 _____ () C:\Program Files\EaseUS\Todo Backup\bin\zlib1.dll
2017-05-24 10:16 - 2016-12-06 02:43 - 000019648 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CompressFile.dll
2017-05-24 10:16 - 2016-12-06 02:44 - 000090816 _____ () C:\Program Files\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll
2017-05-24 10:16 - 2016-12-06 02:43 - 000024768 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CmcTbProxy.dll
2017-05-24 10:16 - 2016-12-06 02:43 - 000188608 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CMCPipeCenter.dll
2017-09-13 12:21 - 2017-08-30 12:25 - 000183440 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CMCAdapt.dll
2017-05-24 10:16 - 2016-12-06 02:43 - 000163520 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CMCAdapt_RTTO.dll
2017-09-13 12:21 - 2017-08-30 12:27 - 000055952 _____ () C:\Program Files\EaseUS\Todo Backup\bin\TBInfo.dll
2017-05-24 10:16 - 2016-12-06 02:43 - 000018112 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CMCNetTokenProxy.dll
2017-09-13 12:21 - 2017-08-30 12:25 - 000061072 _____ () C:\Program Files\EaseUS\Todo Backup\bin\ActivationOnline.dll
2017-09-13 12:21 - 2017-09-04 17:39 - 000699024 _____ () C:\Program Files\EaseUS\Todo Backup\bin\EuActiveOnline.dll
2017-09-13 12:21 - 2017-08-30 12:26 - 000487568 _____ () C:\Program Files\EaseUS\Todo Backup\bin\EULicenseDLL.DLL
2017-09-13 12:21 - 2017-08-30 12:26 - 000021648 _____ () C:\Program Files\EaseUS\Todo Backup\bin\fsclog.dll
2017-09-13 12:21 - 2017-08-30 12:26 - 000085648 _____ () C:\Program Files\EaseUS\Todo Backup\bin\logsys.dll
2017-09-13 12:21 - 2017-08-30 12:26 - 000032912 _____ () C:\Program Files\EaseUS\Todo Backup\bin\DiskSearchImg.dll
2017-09-13 12:21 - 2017-08-30 12:26 - 000070800 _____ () C:\Program Files\EaseUS\Todo Backup\bin\MountImg.dll
2017-09-13 12:21 - 2017-08-30 12:26 - 000160400 _____ () C:\Program Files\EaseUS\Todo Backup\bin\ImgFile.dll
2017-09-13 12:21 - 2017-08-30 12:26 - 000296592 _____ () C:\Program Files\EaseUS\Todo Backup\bin\DsImgFile.dll
2017-05-24 10:16 - 2016-12-06 02:43 - 000078528 _____ () C:\Program Files\EaseUS\Todo Backup\bin\FatLib.dll
2017-09-13 12:21 - 2017-08-30 12:26 - 000305808 _____ () C:\Program Files\EaseUS\Todo Backup\bin\NTFSUtil.dll
2017-05-24 10:16 - 2016-12-06 02:44 - 000210112 _____ () C:\Program Files\EaseUS\Todo Backup\bin\NTFSLib.dll
2017-05-24 10:16 - 2016-12-06 02:43 - 000026304 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CallbackOperator.dll
2017-05-24 10:16 - 2016-12-06 02:43 - 000074432 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CheckImg.dll
2017-05-24 10:16 - 2016-12-06 02:44 - 000142016 _____ () C:\Program Files\EaseUS\Todo Backup\bin\vhdvmdk.dll
2017-09-13 12:21 - 2017-09-11 14:28 - 000085136 _____ () C:\Program Files\EaseUS\Todo Backup\bin\BootDriver.dll
2017-09-13 12:21 - 2017-08-30 12:26 - 000844944 _____ () C:\Program Files\EaseUS\Todo Backup\bin\ExImage.dll
2017-05-24 10:16 - 2016-12-06 02:43 - 000195776 _____ () C:\Program Files\EaseUS\Todo Backup\bin\EmailBackupSize.dll
2017-05-24 10:16 - 2016-12-06 02:43 - 000414400 _____ () C:\Program Files\EaseUS\Todo Backup\bin\AndroidImage.dll
2017-09-13 12:21 - 2017-08-30 12:26 - 000162448 _____ () C:\Program Files\EaseUS\Todo Backup\bin\EnumDisk.dll
2017-05-24 10:16 - 2016-12-06 02:43 - 000029376 _____ () C:\Program Files\EaseUS\Todo Backup\bin\DeviceAdapter.dll
2017-05-24 10:16 - 2016-12-06 02:44 - 000114368 _____ () C:\Program Files\EaseUS\Todo Backup\bin\FileStorage.dll
2017-05-24 10:16 - 2016-12-06 02:44 - 000026816 _____ () C:\Program Files\EaseUS\Todo Backup\bin\GetDriverInfo.dll
2017-05-24 10:16 - 2016-12-06 02:43 - 000022720 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CorrectMbr.dll
2017-09-13 12:21 - 2017-08-30 12:26 - 000034448 _____ () C:\Program Files\EaseUS\Todo Backup\bin\EnumTapeDevice.dll
2017-05-24 10:16 - 2016-12-06 02:44 - 000054464 _____ () C:\Program Files\EaseUS\Todo Backup\bin\TbTapeBrowse.dll
2017-05-24 10:16 - 2016-12-06 02:44 - 000066240 _____ () C:\Program Files\EaseUS\Todo Backup\bin\RegLib.dll
2017-09-13 12:21 - 2017-08-30 12:25 - 000026768 _____ () C:\Program Files\EaseUS\Todo Backup\bin\AccountManager.dll
2017-09-13 12:21 - 2017-08-30 12:26 - 000072848 _____ () C:\Program Files\EaseUS\Todo Backup\bin\NasOperator.dll
2017-05-24 10:16 - 2016-12-06 02:43 - 000221376 _____ () C:\Program Files\EaseUS\Todo Backup\bin\EmailBrowser.dll
2017-05-24 10:16 - 2016-12-06 02:43 - 000079040 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CloudOperator.dll
2017-09-13 12:21 - 2017-08-30 12:25 - 000021648 _____ () C:\Program Files\EaseUS\Todo Backup\bin\ActiveOnline.dll
2017-05-24 10:16 - 2016-12-06 02:44 - 000138432 _____ () C:\Program Files\EaseUS\Todo Backup\bin\VMConfig.dll
2017-05-24 10:16 - 2016-12-06 02:43 - 000021696 _____ () C:\Program Files\EaseUS\Todo Backup\bin\AndroidDeviceManager.dll
2017-09-13 12:21 - 2017-08-30 12:27 - 000074896 _____ () C:\Program Files\EaseUS\Todo Backup\bin\SqlExBrowser.dll
2017-09-13 12:21 - 2017-08-30 12:27 - 000585872 _____ () C:\Program Files\EaseUS\Todo Backup\bin\SqlSMOCPlusPlus.dll
2017-05-24 10:16 - 2016-12-06 02:44 - 000045248 _____ () C:\Program Files\EaseUS\Todo Backup\bin\TbDataSwap.dll
2017-09-13 12:21 - 2017-08-30 12:29 - 000260752 _____ () C:\Program Files\EaseUS\Todo Backup\bin\TodoBackupService.exe
2017-05-24 10:16 - 2016-12-06 02:44 - 000210112 _____ () C:\Program Files\EaseUS\Todo Backup\bin\SmartBackup.dll
2017-03-01 23:48 - 2017-05-16 19:25 - 000111448 _____ () C:\Program Files\VPN Unlimited\enc.dll
2010-07-04 16:32 - 2010-07-04 16:32 - 000010752 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2017-06-17 00:25 - 2017-07-01 04:36 - 001720264 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2011-01-11 18:14 - 2009-05-20 01:02 - 000072200 _____ () C:\Program Files\Launch Manager\CdDirIo.dll
2017-09-21 15:12 - 2017-09-20 11:48 - 000771904 _____ () C:\Program Files\Dropbox\Client\dropbox_watchdog.dll
2017-09-21 15:12 - 2017-09-20 11:48 - 001804608 _____ () C:\Program Files\Dropbox\Client\dropbox_crashpad.dll
2017-09-21 15:12 - 2017-09-20 11:49 - 000023872 _____ () C:\Program Files\Dropbox\Client\dropbox_bootstrap.dll
2017-09-21 15:13 - 2017-09-20 11:48 - 000100296 _____ () C:\Program Files\Dropbox\Client\_ctypes.pyd
2017-09-21 15:13 - 2017-09-20 11:48 - 000018888 _____ () C:\Program Files\Dropbox\Client\select.pyd
2017-09-21 15:13 - 2017-09-20 11:50 - 000020800 _____ () C:\Program Files\Dropbox\Client\tornado.speedups.pyd
2017-09-21 15:13 - 2017-09-20 11:48 - 000035792 _____ () C:\Program Files\Dropbox\Client\_multiprocessing.pyd
2017-09-21 15:12 - 2017-09-20 11:49 - 000021848 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-09-21 15:13 - 2017-09-20 11:48 - 000125904 _____ () C:\Program Files\Dropbox\Client\_cffi_backend.pyd
2017-09-21 15:13 - 2017-09-20 11:48 - 000694224 _____ () C:\Program Files\Dropbox\Client\unicodedata.pyd
2017-09-21 15:12 - 2017-09-20 11:49 - 001862992 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-09-21 15:12 - 2017-09-20 11:49 - 000022864 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-09-21 15:13 - 2017-09-20 11:48 - 000145864 _____ () C:\Program Files\Dropbox\Client\pyexpat.pyd
2017-09-21 15:13 - 2017-09-20 11:48 - 000116688 _____ () C:\Program Files\Dropbox\Client\pywintypes27.dll
2017-09-21 15:13 - 2017-09-20 11:48 - 000105928 _____ () C:\Program Files\Dropbox\Client\win32api.pyd
2017-09-21 15:13 - 2017-09-20 11:50 - 000022864 _____ () C:\Program Files\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-09-21 15:13 - 2017-09-20 11:49 - 000062784 _____ () C:\Program Files\Dropbox\Client\psutil._psutil_windows.pyd
2017-09-21 15:13 - 2017-09-20 11:48 - 000024528 _____ () C:\Program Files\Dropbox\Client\win32event.pyd
2017-09-21 15:12 - 2017-09-20 11:49 - 000040248 _____ () C:\Program Files\Dropbox\Client\fastpath.pyd
2017-09-21 15:13 - 2017-09-20 11:48 - 000020936 _____ () C:\Program Files\Dropbox\Client\mmapfile.pyd
2017-09-21 15:13 - 2017-09-20 11:48 - 000124880 _____ () C:\Program Files\Dropbox\Client\win32file.pyd
2017-09-21 15:13 - 2017-09-20 11:48 - 000116176 _____ () C:\Program Files\Dropbox\Client\win32security.pyd
2017-09-21 15:13 - 2017-09-20 11:48 - 000392656 _____ () C:\Program Files\Dropbox\Client\pythoncom27.dll
2017-09-21 15:13 - 2017-09-20 11:50 - 000392512 _____ () C:\Program Files\Dropbox\Client\win32com.shell.shell.pyd
2017-09-21 15:13 - 2017-09-20 11:50 - 000026456 _____ () C:\Program Files\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-09-21 15:13 - 2017-09-20 11:48 - 000024016 _____ () C:\Program Files\Dropbox\Client\win32clipboard.pyd
2017-09-21 15:13 - 2017-09-20 11:48 - 000175560 _____ () C:\Program Files\Dropbox\Client\win32gui.pyd
2017-09-21 15:13 - 2017-09-20 11:48 - 000030160 _____ () C:\Program Files\Dropbox\Client\win32pipe.pyd
2017-09-21 15:13 - 2017-09-20 11:48 - 000043472 _____ () C:\Program Files\Dropbox\Client\win32process.pyd
2017-09-21 15:13 - 2017-09-20 11:48 - 000026056 _____ () C:\Program Files\Dropbox\Client\win32job.pyd
2017-09-21 15:13 - 2017-09-20 11:48 - 000048592 _____ () C:\Program Files\Dropbox\Client\win32service.pyd
2017-09-21 15:13 - 2017-09-20 11:48 - 000057808 _____ () C:\Program Files\Dropbox\Client\win32evtlog.pyd
2017-09-21 15:12 - 2017-09-20 11:49 - 000022336 _____ () C:\Program Files\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-09-21 15:13 - 2017-09-20 11:50 - 000023368 _____ () C:\Program Files\Dropbox\Client\winshell.compiled._winshell.pyd
2017-09-21 15:12 - 2017-09-20 11:49 - 000023368 _____ () C:\Program Files\Dropbox\Client\crashpad.compiled._Crashpad.pyd
2017-09-21 15:13 - 2017-09-20 11:50 - 000082264 _____ () C:\Program Files\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2017-09-21 15:13 - 2017-09-20 11:50 - 000025432 _____ () C:\Program Files\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-09-21 15:13 - 2017-09-20 11:48 - 000028616 _____ () C:\Program Files\Dropbox\Client\win32ts.pyd
2017-09-21 15:13 - 2017-09-20 11:48 - 000024016 _____ () C:\Program Files\Dropbox\Client\win32profile.pyd
2017-09-21 15:13 - 2017-09-20 11:49 - 001796920 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtCore.pyd
2017-09-21 15:13 - 2017-09-20 11:48 - 000084424 _____ () C:\Program Files\Dropbox\Client\sip.pyd
2017-09-21 15:13 - 2017-09-20 11:49 - 001956152 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtGui.pyd
2017-09-21 15:13 - 2017-09-20 11:50 - 003859264 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-09-21 15:13 - 2017-09-20 11:50 - 000154440 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-09-21 15:13 - 2017-09-20 11:49 - 000521024 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-09-21 15:13 - 2017-09-20 11:50 - 000045888 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebEngineCore.pyd
2017-09-21 15:13 - 2017-09-20 11:50 - 000042304 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-09-21 15:13 - 2017-09-20 11:50 - 000131384 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-09-21 15:13 - 2017-09-20 11:50 - 000218944 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-09-21 15:13 - 2017-09-20 11:49 - 000204096 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-09-21 15:13 - 2017-09-20 11:48 - 000060880 _____ () C:\Program Files\Dropbox\Client\win32print.pyd
2017-09-21 15:13 - 2017-09-20 11:50 - 000054608 _____ () C:\Program Files\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-09-21 15:13 - 2017-09-20 11:50 - 000022864 _____ () C:\Program Files\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-09-21 15:13 - 2017-09-20 11:50 - 000022872 _____ () C:\Program Files\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-09-21 15:13 - 2017-09-20 11:50 - 000021848 _____ () C:\Program Files\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-09-21 15:13 - 2017-09-20 11:50 - 000022872 _____ () C:\Program Files\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2017-09-21 15:12 - 2017-09-20 11:49 - 000027488 _____ () C:\Program Files\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-09-21 15:13 - 2017-09-20 11:48 - 000349128 _____ () C:\Program Files\Dropbox\Client\winxpgui.pyd
2017-09-21 15:13 - 2017-09-20 11:50 - 000023896 _____ () C:\Program Files\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-09-21 15:13 - 2017-09-20 11:49 - 000025936 _____ () C:\Program Files\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-09-21 15:13 - 2017-09-20 11:48 - 000036296 _____ () C:\Program Files\Dropbox\Client\librsync.dll
2017-09-21 15:12 - 2017-09-20 11:49 - 000181056 _____ () C:\Program Files\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-09-21 15:13 - 2017-09-20 11:50 - 000030536 _____ () C:\Program Files\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2017-09-21 15:13 - 2017-09-20 11:48 - 014419408 _____ () C:\Program Files\Dropbox\Client\opengl32sw.dll
2017-09-21 15:13 - 2017-09-20 11:50 - 000026456 _____ () C:\Program Files\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-09-21 15:13 - 2017-09-20 11:50 - 000545080 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtQuick.pyd
2017-09-21 15:13 - 2017-09-20 11:50 - 000359224 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtQml.pyd
2017-09-21 15:13 - 2017-09-20 11:50 - 000038208 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebEngine.pyd
2017-08-07 17:13 - 2017-08-07 17:13 - 000097608 _____ () C:\Program Files\Box\Box Sync\_ctypes.pyd
2017-08-07 17:13 - 2017-08-07 17:13 - 001022792 _____ () C:\Program Files\Box\Box Sync\_hashlib.pyd
2017-08-07 17:13 - 2017-08-07 17:13 - 000052552 _____ () C:\Program Files\Box\Box Sync\_socket.pyd
2017-08-07 17:13 - 2017-08-07 17:13 - 001416008 _____ () C:\Program Files\Box\Box Sync\_ssl.pyd
2017-08-07 17:11 - 2017-08-07 17:11 - 000104776 _____ () C:\Program Files\Box\Box Sync\win32api.pyd
2017-08-07 17:09 - 2017-08-07 17:09 - 000116040 _____ () C:\Program Files\Box\Box Sync\pywintypes27.dll
2017-08-07 17:09 - 2017-08-07 17:09 - 000370504 _____ () C:\Program Files\Box\Box Sync\pythoncom27.dll
2017-08-07 17:08 - 2017-08-07 17:08 - 000053064 _____ () C:\Program Files\Box\Box Sync\psutil._psutil_windows.pyd
2017-08-07 17:10 - 2017-08-07 17:10 - 000693064 _____ () C:\Program Files\Box\Box Sync\unicodedata.pyd
2017-08-07 17:02 - 2017-08-07 17:02 - 000009544 _____ () C:\Program Files\Box\Box Sync\clr.pyd
2017-08-07 17:10 - 2017-08-07 17:10 - 000030536 _____ () C:\Program Files\Box\Box Sync\ujson.pyd
2017-08-07 17:09 - 2017-08-07 17:09 - 000016200 _____ () C:\Program Files\Box\Box Sync\select.pyd
2017-08-07 17:13 - 2017-08-07 17:13 - 000142664 _____ () C:\Program Files\Box\Box Sync\_elementtree.pyd
2017-08-07 17:08 - 2017-08-07 17:08 - 000142664 _____ () C:\Program Files\Box\Box Sync\pyexpat.pyd
2017-08-07 17:11 - 2017-08-07 17:11 - 000326472 _____ () C:\Program Files\Box\Box Sync\win32com.shell.shell.pyd
2017-08-07 17:11 - 2017-08-07 17:11 - 000024392 _____ () C:\Program Files\Box\Box Sync\win32event.pyd
2017-08-07 17:12 - 2017-08-07 17:12 - 000125768 _____ () C:\Program Files\Box\Box Sync\win32file.pyd
2017-08-07 17:13 - 2017-08-07 17:13 - 000056648 _____ () C:\Program Files\Box\Box Sync\_sqlite3.pyd
2017-08-07 17:12 - 2017-08-07 17:12 - 000114504 _____ () C:\Program Files\Box\Box Sync\win32security.pyd
2017-08-07 17:12 - 2017-08-07 17:12 - 000041800 _____ () C:\Program Files\Box\Box Sync\win32process.pyd
2017-08-07 17:12 - 2017-08-07 17:12 - 000048456 _____ () C:\Program Files\Box\Box Sync\win32service.pyd
2017-08-07 17:13 - 2017-08-07 17:13 - 000026440 _____ () C:\Program Files\Box\Box Sync\_yappi.pyd
2017-08-07 17:13 - 2017-08-07 17:13 - 000033608 _____ () C:\Program Files\Box\Box Sync\_multiprocessing.pyd
2017-08-07 17:11 - 2017-08-07 17:11 - 000023880 _____ () C:\Program Files\Box\Box Sync\win32clipboard.pyd
2017-08-07 17:12 - 2017-08-07 17:12 - 000173896 _____ () C:\Program Files\Box\Box Sync\win32gui.pyd
2017-05-25 06:52 - 2015-12-28 13:50 - 000899872 _____ () C:\Program Files\IObit\Advanced SystemCare Ultimate\webres.dll
2017-05-25 06:52 - 2017-05-19 11:27 - 000631584 _____ () C:\Program Files\IObit\Advanced SystemCare Ultimate\ProductStatistics.dll
2017-03-01 23:48 - 2017-05-16 19:25 - 001097560 _____ () C:\Program Files\VPN Unlimited\rpc_lib.dll
2017-03-01 23:48 - 2017-05-16 19:25 - 000827224 _____ () C:\Program Files\VPN Unlimited\open_vpn_wrapper_lib.dll
2017-03-01 23:48 - 2017-05-16 19:25 - 000046424 _____ () C:\Program Files\VPN Unlimited\qtkeychain.dll
2017-05-17 07:59 - 2014-09-23 13:36 - 015220736 _____ () C:\Program Files\VPN Unlimited\opengl32sw.dll
2017-09-07 13:42 - 2017-09-07 13:42 - 000667520 _____ () C:\Program Files\Evernote\Evernote\tidy.dll
2016-07-21 13:46 - 2016-07-13 15:23 - 001959600 _____ () C:\Program Files\MightyText\MightyText.exe
2016-06-15 22:53 - 2014-03-07 11:56 - 000117262 _____ () C:\Program Files\MightyText\libgcc_s_dw2-1.dll
2016-06-15 22:53 - 2014-03-07 11:56 - 000970766 _____ () C:\Program Files\MightyText\libstdc++-6.dll
2016-06-15 22:53 - 2014-01-15 01:36 - 003347428 _____ () C:\Program Files\MightyText\icuin52.dll
2016-06-15 22:53 - 2014-01-15 01:36 - 001992280 _____ () C:\Program Files\MightyText\icuuc52.dll
2016-06-15 22:53 - 2014-01-15 01:36 - 023544786 _____ () C:\Program Files\MightyText\icudt52.dll
2016-06-15 22:53 - 2014-09-11 07:00 - 001276928 _____ () C:\Program Files\MightyText\platforms\qwindows.dll
2016-06-15 22:53 - 2014-09-11 07:14 - 000051200 _____ () C:\Program Files\MightyText\imageformats\qdds.dll
2016-06-15 22:53 - 2014-09-11 06:58 - 000031232 _____ () C:\Program Files\MightyText\imageformats\qgif.dll
2016-06-15 22:53 - 2014-09-11 07:14 - 000042496 _____ () C:\Program Files\MightyText\imageformats\qicns.dll
2016-06-15 22:53 - 2014-09-11 06:58 - 000033280 _____ () C:\Program Files\MightyText\imageformats\qico.dll
2016-06-15 22:53 - 2014-09-11 07:15 - 000509440 _____ () C:\Program Files\MightyText\imageformats\qjp2.dll
2016-06-15 22:53 - 2014-09-11 06:59 - 000242176 _____ () C:\Program Files\MightyText\imageformats\qjpeg.dll
2016-06-15 22:53 - 2014-09-11 07:15 - 000363008 _____ () C:\Program Files\MightyText\imageformats\qmng.dll
2016-06-15 22:53 - 2014-09-11 07:02 - 000027136 _____ () C:\Program Files\MightyText\imageformats\qsvg.dll
2016-06-15 22:53 - 2014-09-11 07:15 - 000027136 _____ () C:\Program Files\MightyText\imageformats\qtga.dll
2016-06-15 22:53 - 2014-09-11 07:15 - 000423936 _____ () C:\Program Files\MightyText\imageformats\qtiff.dll
2016-06-15 22:53 - 2014-09-11 07:15 - 000026112 _____ () C:\Program Files\MightyText\imageformats\qwbmp.dll
2016-06-15 22:53 - 2014-09-11 07:16 - 000341504 _____ () C:\Program Files\MightyText\imageformats\qwebp.dll
2016-06-15 22:53 - 2014-09-11 06:58 - 000053760 _____ () C:\Program Files\MightyText\bearer\qgenericbearer.dll
2016-06-15 22:53 - 2014-09-11 06:59 - 000058368 _____ () C:\Program Files\MightyText\bearer\qnativewifibearer.dll
2017-05-17 07:58 - 2017-05-16 15:37 - 000013312 _____ () C:\Program Files\VPN Unlimited\QtWebEngineProcess.exe
2017-03-01 23:48 - 2017-01-23 17:44 - 000166639 _____ () C:\Program Files\VPN Unlimited\liblzo2-2.dll
2017-03-01 23:48 - 2017-01-23 17:44 - 000106810 _____ () C:\Program Files\VPN Unlimited\libpkcs11-helper-1.dll
2017-05-04 11:00 - 2017-03-28 17:08 - 000442144 _____ () C:\Program Files\IObit\IObit Uninstaller\madExcept_.bpl
2017-05-04 11:00 - 2017-03-28 17:08 - 000210720 _____ () C:\Program Files\IObit\IObit Uninstaller\madBasic_.bpl
2017-05-04 11:00 - 2017-03-28 17:08 - 000059680 _____ () C:\Program Files\IObit\IObit Uninstaller\madDisAsm_.bpl
2017-05-04 11:00 - 2017-03-28 17:09 - 000899872 _____ () C:\Program Files\IObit\IObit Uninstaller\webres.dll
2017-05-04 11:00 - 2017-05-10 13:19 - 000631584 _____ () C:\Program Files\IObit\IObit Uninstaller\ProductStatistics.dll
2017-08-23 10:40 - 2017-08-23 10:40 - 005032672 _____ () C:\Program Files\Siber Systems\GoodSync\gs-server.exe
2017-08-07 17:14 - 2017-08-07 17:14 - 000140616 _____ () C:\Program Files\Box\Box Sync\BoxSyncMonitor.exe


==================== Alternate Data Streams (Whitelisted) =========


(If an entry is included in the fixlist, only the ADS will be removed.)


AlternateDataStreams: C:\Users\Owner\Desktop\FRST.exe:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Owner\Desktop\jbooth.PNG:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Owner\Desktop\ListChkdskResult.exe:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Owner\Desktop\PrintLP.pdf:com.dropbox.attributes [168]


==================== Safe Mode (Whitelisted) ===================


(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"


==================== Association (Whitelisted) ===============


(If an entry is included in the fixlist, the registry item will be restored to default or removed.)




==================== Internet Explorer trusted/restricted ===============


(If an entry is included in the fixlist, it will be removed from the registry.)


IE restricted site: HKU\S-1-5-21-2533281548-2792480986-1104297636-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2533281548-2792480986-1104297636-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2533281548-2792480986-1104297636-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2533281548-2792480986-1104297636-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2533281548-2792480986-1104297636-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2533281548-2792480986-1104297636-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2533281548-2792480986-1104297636-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2533281548-2792480986-1104297636-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2533281548-2792480986-1104297636-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2533281548-2792480986-1104297636-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2533281548-2792480986-1104297636-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2533281548-2792480986-1104297636-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2533281548-2792480986-1104297636-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2533281548-2792480986-1104297636-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2533281548-2792480986-1104297636-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2533281548-2792480986-1104297636-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2533281548-2792480986-1104297636-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-2533281548-2792480986-1104297636-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-2533281548-2792480986-1104297636-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-2533281548-2792480986-1104297636-1000\...\100sexlinks.com -> 100sexlinks.com


There are 4788 more sites.




==================== Hosts content: ===============================


(If needed Hosts: directive could be included in the fixlist to reset Hosts.)


2009-07-13 21:04 - 2009-06-10 16:39 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts




==================== Other Areas ============================


(Currently there is no automatic fix for this section.)


HKU\S-1-5-21-2533281548-2792480986-1104297636-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 10.204.0.1 - 192.168.29.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.


==================== MSCONFIG/TASK MANAGER disabled items ==




==================== FirewallRules (Whitelisted) ===============


(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


FirewallRules: [{687E1E05-0C02-4B9C-ADDC-2C0605514B17}] => (Allow) C:\Program Files\VPN Unlimited\vpn-unlimited.exe
FirewallRules: [TCP Query User{D6DE5D98-619B-46BA-A303-43DF5C2BBC96}C:\program files\srware iron\chrome.exe] => (Allow) C:\program files\srware iron\chrome.exe
FirewallRules: [UDP Query User{F1261A35-175A-4797-BA39-6DFC26875E81}C:\program files\srware iron\chrome.exe] => (Allow) C:\program files\srware iron\chrome.exe
FirewallRules: [{CAB8E2FA-B3B1-487B-9480-3EF64B95CABD}] => (Block) C:\program files\srware iron\chrome.exe
FirewallRules: [{E2B1C789-B265-47C5-90DB-7086A32AF22F}] => (Block) C:\program files\srware iron\chrome.exe
FirewallRules: [{2E7D347C-6C96-4D6C-9248-A21EC23206F4}] => (Allow) C:\Program Files\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{518C866B-3771-4C86-B360-F519F8BD61CC}] => (Allow) C:\Program Files\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{F4DE022B-9213-441F-A90D-2735BA72B35C}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{F7DBC0C6-DAD2-4881-9557-196FA48EE399}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{AE543BB7-A1FA-4437-B688-08864CF57A04}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{51E8D653-41A1-40EA-91AE-7208931F2388}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CC47274C-9799-41F1-86DC-E702C521D6B5}] => (Allow) C:\Program Files\IObit\Advanced SystemCare Ultimate\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{10ED1399-EDA4-4B2F-A15B-A6F0E9104A81}] => (Allow) C:\Program Files\IObit\Advanced SystemCare Ultimate\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{A4AF4D48-BDB7-4DF8-BB2D-A078666174FB}] => (Allow) C:\Program Files\IObit\Advanced SystemCare Ultimate\AutoUpdate.exe
FirewallRules: [{517107EB-0983-43B5-B72D-B34A37E959CE}] => (Allow) C:\Program Files\IObit\Advanced SystemCare Ultimate\AutoUpdate.exe
FirewallRules: [{A0628C23-FCE0-4C68-9FF3-087A9230B77E}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{C742882B-2F3C-4DE1-BB54-C46ABAB8CC09}] => (Allow) C:\Program Files\VPN Unlimited\openvpn.exe
FirewallRules: [{65537180-09B0-46A7-B7C1-7C93343E7509}] => (Allow) C:\Program Files\VPN Unlimited\openvpn.exe
FirewallRules: [{64F589BB-F266-4E5D-A3E8-AF256CE96C9C}] => (Block) LPort=445
FirewallRules: [{552411D2-8962-4CAF-877E-05BC2EA4836F}] => (Block) LPort=445
FirewallRules: [{EB57368A-B8A1-4353-80DC-0769C6BDA279}] => (Allow) C:\Program Files\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{71F67A62-B3F7-469C-A2AD-FEAF26466B8A}] => (Allow) C:\Program Files\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{BBF1877C-23D0-4145-B466-6ABE20EC784E}] => (Allow) C:\Program Files\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{D9E1EF04-8CD0-4AE7-90D1-91A700CA24FD}] => (Allow) C:\Program Files\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{53EE311E-8ADA-4979-A2D7-BFBFD9EC4EC4}] => (Allow) C:\Program Files\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{52DFBC9C-BDC4-4F31-92D5-539861EA1586}] => (Allow) C:\Program Files\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{E2F95320-D16A-46AB-9C5F-D87F5BE7C559}] => (Allow) C:\Program Files\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{5CACD061-2926-4451-B573-676E5D23DAC4}] => (Allow) C:\Program Files\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{985F1EDF-EB6E-40FA-BA8C-026323849656}] => (Allow) C:\Program Files\IObit\Driver Booster\4.5.0\DriverBooster.exe
FirewallRules: [{0C8352CE-6382-4567-85D0-AF1AEF4B5815}] => (Allow) C:\Program Files\IObit\Driver Booster\4.5.0\DriverBooster.exe
FirewallRules: [{A56E36C1-7E37-4ABF-BFBF-9862AE4D1505}] => (Allow) C:\Program Files\IObit\Driver Booster\4.5.0\DBDownloader.exe
FirewallRules: [{E6F08EF7-2837-48CD-AFCE-81F5E35812D9}] => (Allow) C:\Program Files\IObit\Driver Booster\4.5.0\DBDownloader.exe
FirewallRules: [{B6EDE827-7F53-484D-85DC-1EB9CDCD90BC}] => (Allow) C:\Program Files\IObit\Driver Booster\4.5.0\AutoUpdate.exe
FirewallRules: [{1708EBF1-B1DB-45E3-BC3B-420D71BEC82A}] => (Allow) C:\Program Files\IObit\Driver Booster\4.5.0\AutoUpdate.exe
FirewallRules: [{14856755-98F3-419E-B907-848ED18B114A}] => (Allow) C:\Program Files\Siber Systems\GoodSync\gs-server.exe
FirewallRules: [{55377117-C761-4F31-BB69-711308D8FAAC}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{B9AF9814-4192-4C17-8AD4-A30114458545}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{4491E8F2-8B60-4F74-9B64-97BEDD15B498}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{8374C8CB-A669-4615-95CB-28B4EFEC5D32}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{960A2197-4867-427D-9F95-23211E114A33}] => (Allow) C:\Program Files\Dropbox\Client\Dropbox.exe


==================== Restore Points =========================


18-09-2017 20:54:40 Windows Update
18-09-2017 22:15:29 Installed Evernote v. 6.7.4
20-09-2017 11:00:55 Windows Update
20-09-2017 11:22:31 Windows Update
20-09-2017 11:49:09 Windows Update
20-09-2017 20:34:18 Restore Point Created by FRST
21-09-2017 09:05:56 Windows Update
21-09-2017 09:38:23 Windows Update


==================== Faulty Device Manager Devices =============




==================== Event log errors: =========================


Application errors:
==================
Error: (09/23/2017 03:14:49 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Stream product id=0x0066): Streaming Failed


Error: (09/23/2017 03:14:15 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
Too many failures while downloading ranges: 2


Error: (09/23/2017 12:30:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SmartDefrag.exe, version: 5.7.0.1137, time stamp: 0x598833cb
Faulting module name: lastapphook.dll, version: 1.0.0.1, time stamp: 0x568bb9bc
Exception code: 0xc0000005
Fault offset: 0x000041dc
Faulting process id: 0xac0
Faulting application start time: 0x01d33491a395a5aa
Faulting application path: C:\Program Files\IObit\Smart Defrag\SmartDefrag.exe
Faulting module path: C:\Program Files\LastPass\lastapphook.dll
Report Id: ec750568-a084-11e7-8925-90004e81900b


Error: (09/23/2017 11:52:57 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Stream product id=0x0066): Streaming Failed


Error: (09/23/2017 11:52:27 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
Too many failures while downloading ranges: 2


Error: (09/23/2017 05:02:11 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "c:\program files\easeus\todo backup\buildpe\easeus-x64\tb\bin\TrayNotify.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.


Error: (09/23/2017 05:00:47 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "c:\program files\glary utilities 5\DPInst64.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.


Error: (09/22/2017 09:40:23 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 90080108).


Error: (09/22/2017 08:48:32 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005).


Error: (09/22/2017 11:09:45 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Stream product id=0x0066): Streaming Failed




System errors:
=============
Error: (09/23/2017 03:15:30 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


Error: (09/23/2017 03:15:30 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


Error: (09/23/2017 03:15:30 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070422'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.


Error: (09/23/2017 03:15:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


Error: (09/23/2017 03:15:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


Error: (09/23/2017 03:15:27 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070422'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.


Error: (09/23/2017 03:15:09 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


Error: (09/23/2017 03:15:09 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


Error: (09/23/2017 03:15:08 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070422'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.


Error: (09/23/2017 03:15:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.




CodeIntegrity:
===================================
  Date: 2017-08-06 15:57:04.802
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FMAPO.dll because the set of per-page image hashes could not be found on the system.


  Date: 2017-08-06 15:56:19.718
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FMAPO.dll because the set of per-page image hashes could not be found on the system.


  Date: 2017-08-06 15:53:07.709
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FMAPO.dll because the set of per-page image hashes could not be found on the system.


  Date: 2017-08-06 15:53:06.633
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FMAPO.dll because the set of per-page image hashes could not be found on the system.


  Date: 2017-08-06 15:41:46.154
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FMAPO.dll because the set of per-page image hashes could not be found on the system.


  Date: 2017-08-06 15:41:42.636
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FMAPO.dll because the set of per-page image hashes could not be found on the system.


  Date: 2017-08-06 15:41:24.447
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FMAPO.dll because the set of per-page image hashes could not be found on the system.


  Date: 2017-08-06 15:41:23.956
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FMAPO.dll because the set of per-page image hashes could not be found on the system.


  Date: 2017-08-06 15:40:58.109
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FMAPO.dll because the set of per-page image hashes could not be found on the system.


  Date: 2017-08-06 15:40:57.644
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FMAPO.dll because the set of per-page image hashes could not be found on the system.




==================== Memory info =========================== 


Processor: Intel(R) Atom(TM) CPU N455 @ 1.66GHz
Percentage of memory in use: 54%
Total physical RAM: 2037.09 MB
Available physical RAM: 933.35 MB
Total Virtual: 4074.18 MB
Available Virtual: 2048.79 MB


==================== Drives ================================


Drive c: (Acer) (Fixed) (Total:135.95 GB) (Free:101.38 GB) NTFS
Drive e: (LaCie) (Fixed) (Total:465.76 GB) (Free:355.84 GB) NTFS
Drive m: () (Network) (Total:74.5 GB) (Free:67.29 GB) 


==================== MBR & Partition Table ==================


========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: 39ED5B73)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=136 GB) - (Type=07 NTFS)


========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 38383838)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)


==================== End of Addition.txt ============================
 
I need you to remove some programs as a part of my troubleshooting. If you wish, you can re-install these after the issue has been resolved.

Please uninstall the following:
Advanced SystemCare Ultimate 10
Smart Defrag 5
 
Uninstalled ASCU 10. Restarted, Would not shut down .. black screen with a very busy hard drive. Hit the button.

Started machine, came up to desktop. Got the WU unable to autocheck notification.

Scheduled a chkdsk /f. Restarted, chkdsk /f ran .... no problems found. Continues to Desktop ... Got the WU unable to check notification. A keyboard problem (intermittent random dead keys issue) appears to be FIXED.

Uninstalled SDEFRAG. Restarted ... Got the WU unable to autocheck notification.
 
Step#1 - Run Windows Repairs
Warning: this fix is specific to the user in this thread. No one else should follow these instructions as it may cause more harm than good. If you are after assistance, please start a thread of your own.
1. Download Windows Repair (All-in-One) Portable to your desktop.
2. Once the file is downloaded, right-click on the file on your desktop and choose Extract All...
3. Keep the defaults and click the Extract button.
4. A folder named tweaking.com_windows_repair_aio will be extracted to the desktop. Once the extraction is complete the folder will open.
5. Inside this folder, there is a folder named Tweaking.com - Windows Repair. Open this folder as well.
6. Double-click on Repair_Windows.exe to open. Note: Please make sure all of your programs are closed and anything you were working on is saved as we will be rebooting.
7. When the program opens, click the Reboot to Safe Mode button at the bottom of the screen. Answer Yes to allow.
8. Once rebooted into Safe Mode, open the program again. When the program opens, click the Repairs tab and click the Open Repairs button.
9. A backup of your registry will be made. After a few moments you will have many options from which you can choose.
10. Please click the Unselect All button and then click to enable only the following ones:

17 - Repair Windows Updates


11. Ensure the Restart check box is selected and click the Start Repairs button in the lower right of the screen. This may take some time to run so be patient.

12. Once the fixes are complete you will be prompted to restart your machine. Answer Yes.
 
OK ... machine restarting. Rebooting to normal mode. GET notification that WU cannot automatically update. WU set to "Check for updates but let me choose .....". Also says

Code: 
Most recent check for updates:  Never

Updates were installed:  Never

Only option is to check for updates. I did NOT. This is where the machine stands at this time
 
1. Download this file: Dropbox - Procmon.exe
2. Run ProcMon.exe
3. Go to the Options menu, and click Enable Boot Logging.
4. A dialogue will appear, please tick the box next to Enable the Profiling Events and make sure 100 miliseconds is selected.
5. Hit OK.
6. Reboot your computer. When it starts up, make sure you wait until you get the notification again.
7. Relaunch ProcMon. A dialogue box will appear asking if you wish to save the collected data. Please click Yes.
8. Save the file in the default format (.PML) and upload it to a filesharing service for me to review.
 
1. Click your start button and type cmd in the search box.
2. Right-click on cmd that comes up in the search results and select Run as administrator. Answer Yes to the UAC prompt if it appears.
3. Copy/Paste the following into the command-prompt window and hit enter.
reg query HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /s >1.txt && notepad 1.txt

4. Notepad will open showing the WU info. Can you copy and paste this into your next reply?
 
Code: 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate
    SusClientId    REG_SZ    59b9db50-2fc0-4b61-8b45-ea79a2145c15
    SusClientIdValidation    REG_BINARY    06022801302A20002000200020002000570044002D00570058005100310041004200300046003800340033003000061C7508CEAACD4200610073006500200042006F006100720064002000530065007200690061006C0020004E0075006D0062006500720043006800610073007300690073002000530065007200690061006C0020004E0075006D00620065007200
    LastRestorePointSetTime    REG_SZ    2017-09-26 08:45:39


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update
    NextSqmReportTime    REG_SZ    2017-09-27 22:17:05
    FeaturedUpdatesNotificationSeqNum    REG_DWORD    0x2573
    FeaturedUpdatesNotificationSeqNumGenTime    REG_SZ    2017-09-07 22:44:29
    ElevateNonAdmins    REG_DWORD    0x1
    AUOptions    REG_DWORD    0x2
    ScheduledInstallDay    REG_DWORD    0x0
    ScheduledInstallTime    REG_DWORD    0x3
    IncludeRecommendedUpdates    REG_DWORD    0x1
    EnableFeaturedSoftware    REG_DWORD    0x1
    ActionCenterLastPossibleRestartNotification    REG_SZ    2016-05-14 08:00:00
    NextDetectionTime    REG_SZ    2017-09-28 03:40:18
    NextFeaturedUpdatesNotificationTime    REG_SZ    2017-09-25 10:37:25


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Detect
    LastSuccessTime    REG_SZ    2017-09-27 09:11:41
    LastError    REG_DWORD    0x0


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\UAS
    UpdateCount    REG_DWORD    0x0


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\OSUpgrade


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\OSUpgrade\State
    OSUpgradeState    REG_DWORD    0x1
    OSUpgradeStateTimeStamp    REG_SZ    2015-08-11 06:31:37


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Reporting
    BatchFlushAge    REG_DWORD    0x1fa
    SamplingValue2    REG_DWORD    0x386


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Reporting\EventCache


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Reporting\RebootWatch


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Services
    DefaultService    REG_SZ    7971f918-a847-4430-9279-4a52d1efe18d


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Services\7971f918-a847-4430-9279-4a52d1efe18d
    AuthorizationCab    REG_SZ    authcab.cab


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Services\Pending
    ValidatedPreWsus3RegistrationRequests    REG_DWORD    0x1


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Setup
    SelfUpdateStatus    REG_DWORD    0x1
    SelfupdateUnmanaged    REG_DWORD    0x1
    ServerId    REG_SZ    9482f4b4-e343-43b6-b170-9a65bc822c77
    SetupHandlerUpdateId    REG_SZ    61ca813a-7585-442e-a66b-b0d15ce6bdc0
    UpdateSessionId    REG_DWORD    0xffffffff


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Setup\Results


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Setup\Results\SelfUpdate
    LastSuccessTime    REG_SZ    2015-08-10 01:21:26
    RebootFailCount    REG_DWORD    0x6
    LastError    REG_DWORD    0x80070bc9
 
SFCFix Script

Warning: this fix is specific to the user in this thread. No one else should follow these instructions as it may cause more harm than good. If you are after assistance, please start a thread of your own.


  1. Download SFCFix.exe (by niemiro) and save this to your Desktop.
  2. Download the attached file, SFCFixScript.txt, and save this to your Desktop. Ensure that this file is named SFCFixScript.txt - do not rename it.
  3. Save any open documents and close all open windows.
  4. On your Desktop, you should see two files: SFCFix.exe and SFCFixScript.txt.
  5. Drag the file SFCFixScript.txt onto the file SFCFix.exe and release it.
  6. SFCFix will now process the script.
  7. Upon completion, a log should be created on your Desktop: SFCFix.txt.
  8. Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this into your next post for me to analyse please - put [CODE][/CODE] tags around the log to break up the text.
 

Attachments

Code: 
SFCFix version 3.0.0.0 by niemiro.Start time: 2017-09-27 20:57:47.857
Microsoft Windows 7 Service Pack 1 - x86
Using .txt script file at C:\Users\Owner\Desktop\SFCFixScript.txt [0]








RegistryScript::
Successfully took ownership and permissions for registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Setup\Results\SelfUpdate.


Successfully imported registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Setup\Results\SelfUpdate.


Successfully restored ownership and permissions for registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Setup\Results\SelfUpdate.
RegistryScript:: directive completed successfully.








Successfully processed all directives.
SFCFix version 3.0.0.0 by niemiro has completed.
Currently storing 381 datablocks.
Finish time: 2017-09-27 20:57:49.184
Script hash: Wib5vq78V/7c+FdrGu+mO3zxc5h+DDq9WLVp3r2uerY=
----------------------EOF-----------------------
 
Restarted .... NO notification. For the H of it, restarted AGAIN ... no notification. Went to WU ... says

Code: 
Windows is up to date
Most recent check for updates  Today at 10:52 PM
Updates were installed: NEVER

10:52PM is about the time of the last restart.

Clicked "Check for Updates". NONE FOUND.

I would say it is fixed. Will await your comment before marking thread SOLVED. I'm bettin' it is fixed ... and on that bet, I can NOT thank you enough. There is no way to fully praise what you and your associates do here. I am practically speechless. :thumbsup2:
 
You must log in or register to reply here.

Has Sysnative Forums helped you? Please consider donating to help us support the site!

Back
Top