Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-01-2017 Ran by DoAsnoPC (administrator) on DESKTOP-90OM0O5 (12-01-2017 08:28:27) Running from C:\Users\DoAsnoPC\Downloads Loaded Profiles: DoAsnoPC (Available Profiles: DoAsnoPC) Platform: Windows 10 Pro Version 1607 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (MDL Forum, mod by Ratiborus) C:\ProgramData\KMSAuto\bin\KMSSS.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-Agent.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Spotify Ltd) C:\Users\DoAsnoPC\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) C:\Users\DoAsnoPC\AppData\Roaming\Spotify\SpotifyCrashService.exe (Spotify Ltd) C:\Users\DoAsnoPC\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) C:\Users\DoAsnoPC\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Spotify Ltd) C:\Users\DoAsnoPC\AppData\Roaming\Spotify\Spotify.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\reader_sl.exe () C:\Windows\KMS-R@1nHook.exe (Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040296 2015-08-28] (Realtek Semiconductor) HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [927280 2016-11-11] (GAS Tecnologia LTDA) HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-11-20] (Microsoft Corporation) Winlogon\Notify\ GbPluginBb: C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll [2016-11-11] (Banco do Brasil) Winlogon\Notify\ GbPluginBes: C:\Program Files (x86)\GbPlugin\gbiehBes.dll [2016-09-02] (Banco do Estado de Sergipe - BANESE) HKU\S-1-5-21-274241934-1915277421-3324831707-1001\...\Run: [Spotify Web Helper] => C:\Users\DoAsnoPC\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1444976 2016-12-26] (Spotify Ltd) HKU\S-1-5-21-274241934-1915277421-3324831707-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [1694344 2016-12-13] (BlueStack Systems, Inc.) IFEO\OSppSvc.exe: [Debugger] KMS-R@1nHook.exe IFEO\SppExtComObj.exe: [Debugger] KMS-R@1nHook.exe ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399027} - C:\Program Files (x86)\GbPlugin\gbiehbes.dll [1909984 2016-09-02] (Banco do Estado de Sergipe - BANESE) ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES (X86)\GbPlugin\gbieh.dll [1947872 2016-11-11] (Banco do Brasil) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google) GroupPolicy: Restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.25.1 Tcpip\..\Interfaces\{b86b617f-a7a1-49db-9b5e-74945ba9b103}: [DhcpNameServer] 192.168.25.1 Internet Explorer: ================== SearchScopes: HKU\S-1-5-21-274241934-1915277421-3324831707-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-04] (Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-04] (Microsoft Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-12-03] (Microsoft Corporation) BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll [2016-11-11] (Banco do Brasil) BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540027} -> C:\Program Files (x86)\GbPlugin\gbiehbes.dll [2016-09-02] (Banco do Estado de Sergipe - BANESE) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-12-03] (Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-03] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-03] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-03] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-03] (Microsoft Corporation) FireFox: ======== FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-03] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-03] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-09-30] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-274241934-1915277421-3324831707-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\DoAsnoPC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-10-26] (Unity Technologies ApS) Chrome: ======= CHR Profile: C:\Users\DoAsnoPC\AppData\Local\Google\Chrome\User Data\Default [2017-01-12] CHR Extension: (Google Slides) - C:\Users\DoAsnoPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-22] CHR Extension: (Google Docs) - C:\Users\DoAsnoPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-22] CHR Extension: (Google Drive) - C:\Users\DoAsnoPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-22] CHR Extension: (YouTube) - C:\Users\DoAsnoPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-22] CHR Extension: (Google Sheets) - C:\Users\DoAsnoPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-22] CHR Extension: (Google Docs Offline) - C:\Users\DoAsnoPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-24] CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\DoAsnoPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-10-24] CHR Extension: (Chrome Web Store Payments) - C:\Users\DoAsnoPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-22] CHR Extension: (Gmail) - C:\Users\DoAsnoPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-22] CHR Extension: (Chrome Media Router) - C:\Users\DoAsnoPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-17] CHR HKU\S-1-5-21-274241934-1915277421-3324831707-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [486936 2016-12-13] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [470552 2016-12-13] (BlueStack Systems, Inc.) S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [511512 2016-12-13] (BlueStack Systems, Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3698888 2016-12-04] (Microsoft Corporation) R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [631520 2016-09-02] (GAS Tecnologia) R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [329280 2016-02-19] (Intel Corporation) S2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2016-10-22] () [File not signed] R2 KMSEmulator; C:\ProgramData\KMSAuto\bin\KMSSS.exe [301056 2015-07-24] (MDL Forum, mod by Ratiborus) [File not signed] S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-11-20] (Microsoft Corporation) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [256120 2016-02-01] (Synaptics Incorporated) R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [927280 2016-11-11] (GAS Tecnologia LTDA) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-12-13] (BlueStack Systems) S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-11-08] (Bluestack System Inc. ) R1 gbpddfac; C:\WINDOWS\System32\drivers\gbpddfac64.sys [28888 2017-01-12] (GAS Tecnologia) R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2016-09-02] (GAS Tecnologia) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 RadioHIDMini; C:\WINDOWS\System32\drivers\RadioHIDMini.sys [32168 2015-07-16] (Windows (R) Win 7 DDK provider) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek ) R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2016-09-02] (GAS Tecnologia LTDA) S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) R1 wsddfac; C:\WINDOWS\System32\drivers\wsddfac.sys [28376 2017-01-12] (GAS Tecnologia) R1 wsddntf; C:\WINDOWS\system32\DRIVERS\wsddntf.sys [47176 2016-11-11] (GAS Tecnologia) R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [25184 2016-11-11] (GAS Tecnologia) R3 wsddprm; C:\WINDOWS\system32\drivers\wsddprm.sys [25184 2016-11-11] (GAS Tecnologia) S0 gbpddreg; system32\drivers\gbpddreg64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-01-12 08:28 - 2017-01-12 08:30 - 00014766 _____ C:\Users\DoAsnoPC\Downloads\FRST.txt 2017-01-12 08:28 - 2017-01-12 08:28 - 00000000 ____D C:\FRST 2017-01-12 08:27 - 2017-01-12 08:28 - 02419200 _____ (Farbar) C:\Users\DoAsnoPC\Downloads\FRST64.exe 2017-01-12 08:27 - 2017-01-12 08:27 - 01761280 _____ (Farbar) C:\Users\DoAsnoPC\Downloads\FRST.exe 2017-01-11 16:37 - 2017-01-11 16:42 - 00000000 ____D C:\Users\DoAsnoPC\AppData\Local\Troubleshooter 2017-01-11 16:37 - 2017-01-11 16:37 - 00000000 ____D C:\Users\DoAsnoPC\.android 2017-01-11 16:33 - 2017-01-11 16:33 - 00000000 ____D C:\Users\DoAsnoPC\AppData\Local\Macromedia 2017-01-11 16:31 - 2017-01-11 16:31 - 00000000 ____D C:\Users\DoAsnoPC\AppData\Roaming\Mozilla 2017-01-11 16:30 - 2016-11-23 10:37 - 00000570 _____ C:\Users\DoAsnoPC\AppData\Local\TroubleshooterConfig.json 2017-01-11 16:29 - 2017-01-11 16:30 - 00000000 ____D C:\ProgramData\BlueStacksSetup 2017-01-11 16:29 - 2017-01-11 16:29 - 00001644 _____ C:\Users\Public\Desktop\BlueStacks.lnk 2017-01-11 16:29 - 2017-01-11 16:29 - 00001644 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BlueStacks.lnk 2017-01-11 16:28 - 2017-01-11 16:28 - 00000000 ____D C:\Users\DoAsnoPC\AppData\Local\Bluestacks 2017-01-11 16:26 - 2017-01-11 16:29 - 00000000 ____D C:\Program Files (x86)\Bluestacks 2017-01-11 16:26 - 2016-12-13 14:27 - 00000000 ____D C:\ProgramData\Bluestacks 2017-01-11 16:23 - 2017-01-11 16:26 - 331190024 _____ (BlueStack Systems Inc.) C:\Users\DoAsnoPC\Downloads\BlueStacks2_native_c220567f61452e2cb6c7296f52cd88d6.exe 2017-01-10 07:39 - 2017-01-10 07:39 - 00180346 _____ C:\Users\DoAsnoPC\Documents\Books List Y4.pdf 2017-01-10 07:38 - 2017-01-10 07:38 - 00213106 _____ C:\Users\DoAsnoPC\Documents\Books List Y5.pdf 2017-01-10 07:37 - 2017-01-10 07:37 - 00069757 _____ C:\Users\DoAsnoPC\Documents\Books List Y6.pdf 2017-01-10 07:37 - 2017-01-10 07:37 - 00062423 _____ C:\Users\DoAsnoPC\Documents\Books List Y8.pdf 2017-01-10 07:36 - 2017-01-10 07:36 - 00081398 _____ C:\Users\DoAsnoPC\Documents\Books List Y7.pdf 2017-01-06 20:18 - 2017-01-06 20:18 - 00025738 _____ C:\Users\DoAsnoPC\Desktop\extrato-segunda-via-publica-visualizacao.pdf 2016-12-30 11:19 - 2016-11-11 14:41 - 00047176 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddntf.sys 2016-12-30 11:19 - 2016-11-11 14:41 - 00025184 ____N (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddprm.sys 2016-12-30 11:19 - 2016-11-11 14:41 - 00010345 _____ C:\WINDOWS\system32\Drivers\wsddntf.cat 2016-12-30 11:19 - 2016-11-11 14:41 - 00002708 _____ C:\WINDOWS\system32\Drivers\wsddntf.inf 2016-12-22 14:21 - 2016-12-22 14:22 - 00163704 _____ C:\Users\DoAsnoPC\Downloads\WhatsApp Image 2016-12-22 at 2.21.04 PM.jpeg 2016-12-21 12:17 - 2016-12-21 12:23 - 00000000 ____D C:\Users\DoAsnoPC\Downloads\Friends Season 10 Complete 720p.BRrip.Sujaidr 2016-12-20 16:50 - 2016-12-20 17:39 - 00000000 ____D C:\Users\DoAsnoPC\Downloads\Friends Season 9 Complete 720p.BRrip.sujaidr 2016-12-19 16:04 - 2016-12-19 16:55 - 00000000 ____D C:\Users\DoAsnoPC\Downloads\Friends Season 8 Complete 720p.BRrip.mrlss.sujaidr 2016-12-19 15:09 - 2016-12-19 15:14 - 00000000 ____D C:\Users\DoAsnoPC\Downloads\Friends Season 7 Complete.720p.BRrip.mrlss.sujaidr 2016-12-19 13:12 - 2016-12-19 14:30 - 00000000 ____D C:\Users\DoAsnoPC\Downloads\Friends Season 6 Complete 720p.BRrip.mrlss.sujaidr 2016-12-19 11:37 - 2016-12-19 12:14 - 00000000 ____D C:\Users\DoAsnoPC\Downloads\Friends Season 5 Complete 720p.BRrip.mrlss.sujaidr 2016-12-17 09:41 - 2016-12-17 09:41 - 00003296 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 2016-12-17 09:30 - 2016-12-17 09:31 - 00417372 _____ C:\WINDOWS\Minidump\121716-60625-01.dmp 2016-12-15 09:38 - 2016-12-15 09:38 - 01518466 _____ C:\Users\DoAsnoPC\Downloads\Year 9 Class Schedule 2017.docx 2016-12-15 09:38 - 2016-12-15 09:38 - 01518456 _____ C:\Users\DoAsnoPC\Downloads\Year 7 Class Schedule 2017.docx 2016-12-15 09:38 - 2016-12-15 09:38 - 01518210 _____ C:\Users\DoAsnoPC\Downloads\Year 6 Class Schedule 2017.docx 2016-12-15 09:38 - 2016-12-15 09:38 - 01518135 _____ C:\Users\DoAsnoPC\Downloads\Year 8 Class Schedule 2017.docx 2016-12-14 17:23 - 2016-12-09 07:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2016-12-14 17:23 - 2016-12-09 07:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2016-12-14 17:23 - 2016-12-09 06:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2016-12-14 17:23 - 2016-12-09 06:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2016-12-14 17:23 - 2016-12-09 06:40 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys 2016-12-14 17:23 - 2016-12-09 06:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2016-12-14 17:23 - 2016-12-09 06:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-12-14 17:23 - 2016-12-09 06:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2016-12-14 17:23 - 2016-12-09 06:17 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2016-12-14 17:23 - 2016-12-09 06:16 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2016-12-14 17:23 - 2016-12-09 06:16 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2016-12-14 17:22 - 2016-12-09 07:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2016-12-14 17:22 - 2016-12-09 07:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2016-12-14 17:22 - 2016-12-09 07:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll 2016-12-14 17:22 - 2016-12-09 06:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2016-12-14 17:22 - 2016-12-09 06:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2016-12-14 17:22 - 2016-12-09 06:57 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2016-12-14 17:22 - 2016-12-09 06:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-12-14 17:22 - 2016-12-09 06:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2016-12-14 17:22 - 2016-12-09 06:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll 2016-12-14 17:22 - 2016-12-09 06:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll 2016-12-14 17:22 - 2016-12-09 06:36 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2016-12-14 17:22 - 2016-12-09 06:34 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2016-12-14 17:22 - 2016-12-09 06:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll 2016-12-14 17:22 - 2016-12-09 06:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2016-12-14 17:22 - 2016-12-09 06:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2016-12-14 17:22 - 2016-12-09 06:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll 2016-12-14 17:22 - 2016-12-09 06:30 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-12-14 17:22 - 2016-12-09 06:30 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2016-12-14 17:22 - 2016-12-09 06:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2016-12-14 17:22 - 2016-12-09 06:27 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-12-14 17:22 - 2016-12-09 06:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-12-14 17:22 - 2016-12-09 06:20 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-12-14 17:22 - 2016-12-09 06:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll 2016-12-14 17:22 - 2016-12-09 06:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2016-12-14 17:22 - 2016-12-09 06:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll 2016-12-14 17:22 - 2016-12-09 06:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2016-12-14 17:22 - 2016-12-09 06:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2016-12-14 17:22 - 2016-12-09 06:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll 2016-12-14 17:22 - 2016-12-09 06:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll 2016-12-14 17:22 - 2016-12-09 05:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2016-12-14 17:14 - 2016-12-09 07:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2016-12-14 17:14 - 2016-12-09 07:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2016-12-14 17:14 - 2016-12-09 07:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2016-12-14 17:14 - 2016-12-09 06:45 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2016-12-14 17:14 - 2016-12-09 06:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-12-14 17:14 - 2016-12-09 06:21 - 01512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-12-14 17:13 - 2016-12-09 07:32 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-12-14 17:13 - 2016-12-09 07:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll 2016-12-14 17:13 - 2016-12-09 07:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-12-14 17:13 - 2016-12-09 07:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-12-14 17:13 - 2016-12-09 07:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2016-12-14 17:13 - 2016-12-09 07:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2016-12-14 17:13 - 2016-12-09 07:18 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-12-14 17:13 - 2016-12-09 07:15 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2016-12-14 17:13 - 2016-12-09 06:47 - 22563328 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-12-14 17:13 - 2016-12-09 06:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll 2016-12-14 17:13 - 2016-12-09 06:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2016-12-14 17:13 - 2016-12-09 06:37 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2016-12-14 17:13 - 2016-12-09 06:37 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2016-12-14 17:13 - 2016-12-09 06:36 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2016-12-14 17:13 - 2016-12-09 06:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2016-12-14 17:13 - 2016-12-09 06:36 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2016-12-14 17:13 - 2016-12-09 06:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2016-12-14 17:13 - 2016-12-09 06:30 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-12-14 17:13 - 2016-12-09 06:29 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2016-12-14 17:13 - 2016-12-09 06:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-12-14 17:13 - 2016-12-09 06:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll 2016-12-14 17:13 - 2016-12-09 06:26 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-12-14 17:13 - 2016-12-09 06:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2016-12-14 17:13 - 2016-12-09 06:22 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2016-12-14 17:13 - 2016-12-09 06:22 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-12-14 17:13 - 2016-12-09 06:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-12-14 17:13 - 2016-12-09 06:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2016-12-14 17:13 - 2016-12-09 06:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2016-12-14 17:13 - 2016-12-09 06:19 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2016-12-14 17:13 - 2016-12-09 06:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2016-12-14 17:13 - 2016-12-09 06:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2016-12-14 17:13 - 2016-12-09 06:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll 2016-12-14 17:13 - 2016-12-09 06:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll 2016-12-14 17:12 - 2016-12-09 07:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-12-14 17:12 - 2016-12-09 07:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-12-14 17:12 - 2016-12-09 07:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2016-12-14 17:12 - 2016-12-09 07:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2016-12-14 17:12 - 2016-12-09 07:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-12-14 17:12 - 2016-12-09 07:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-12-14 17:12 - 2016-12-09 07:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2016-12-14 17:12 - 2016-12-09 07:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2016-12-14 17:12 - 2016-12-09 07:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2016-12-14 17:12 - 2016-12-09 07:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2016-12-14 17:12 - 2016-12-09 07:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll 2016-12-14 17:12 - 2016-12-09 07:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2016-12-14 17:12 - 2016-12-09 07:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2016-12-14 17:12 - 2016-12-09 07:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-12-14 17:12 - 2016-12-09 07:14 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2016-12-14 17:12 - 2016-12-09 07:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2016-12-14 17:12 - 2016-12-09 07:09 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2016-12-14 17:12 - 2016-12-09 06:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll 2016-12-14 17:12 - 2016-12-09 06:38 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll 2016-12-14 17:12 - 2016-12-09 06:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll 2016-12-14 17:12 - 2016-12-09 06:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2016-12-14 17:12 - 2016-12-09 06:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll 2016-12-14 17:12 - 2016-12-09 06:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2016-12-14 17:12 - 2016-12-09 06:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2016-12-14 17:12 - 2016-12-09 06:26 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2016-12-14 17:12 - 2016-12-09 06:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll 2016-12-14 17:12 - 2016-12-09 06:24 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-12-14 17:12 - 2016-12-09 06:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll 2016-12-14 17:12 - 2016-12-09 06:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe 2016-12-14 17:11 - 2016-12-09 07:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2016-12-14 17:11 - 2016-12-09 07:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2016-12-14 17:11 - 2016-12-09 07:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi 2016-12-14 17:11 - 2016-12-09 07:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe 2016-12-14 14:14 - 2016-12-14 14:14 - 00000000 __SHD C:\found.003 2016-12-14 13:58 - 2016-12-14 13:58 - 00372724 _____ C:\WINDOWS\Minidump\121416-41437-01.dmp ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-01-12 08:27 - 2016-10-27 15:32 - 00000000 ____D C:\Users\DoAsnoPC\AppData\Local\Spotify 2017-01-12 08:27 - 2016-10-27 15:30 - 00000000 ____D C:\Users\DoAsnoPC\AppData\Roaming\Spotify 2017-01-12 08:16 - 2016-11-03 21:02 - 00028888 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\gbpddfac64.sys 2017-01-12 08:16 - 2016-10-22 15:00 - 00000000 __SHD C:\Users\DoAsnoPC\IntelGraphicsProfiles 2017-01-12 08:15 - 2016-11-19 23:51 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-01-12 08:15 - 2016-11-03 21:08 - 00028376 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddfac.sys 2017-01-12 08:15 - 2016-11-03 21:02 - 00000000 ____D C:\ProgramData\GbPlugin 2017-01-12 08:15 - 2016-11-03 21:02 - 00000000 ____D C:\Program Files (x86)\GbPlugin 2017-01-12 08:15 - 2016-07-16 03:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI 2017-01-12 08:03 - 2016-11-19 23:26 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2017-01-11 17:40 - 2016-07-16 08:36 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-01-11 16:37 - 2016-11-19 23:38 - 00000000 ____D C:\Users\DoAsnoPC 2017-01-11 16:29 - 2016-07-16 08:47 - 00000000 __RHD C:\Users\Public\Libraries 2017-01-11 15:47 - 2016-07-16 08:47 - 00000000 ___HD C:\Program Files\WindowsApps 2017-01-11 15:47 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-01-10 17:00 - 2016-11-19 23:51 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2017-01-10 08:22 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\system32\NDF 2017-01-04 11:47 - 2016-10-22 12:27 - 00000000 ____D C:\Users\DoAsnoPC\AppData\Local\Packages 2017-01-04 09:18 - 2016-10-31 13:40 - 00000000 ____D C:\Users\DoAsnoPC\AppData\Roaming\uTorrent 2017-01-04 09:17 - 2016-07-16 08:45 - 00000000 ____D C:\WINDOWS\INF 2016-12-30 10:58 - 2016-07-16 08:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-12-30 10:57 - 2016-07-16 03:04 - 00000000 ____D C:\Program Files (x86)\Common Files 2016-12-30 10:55 - 2016-10-22 14:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2016-12-19 15:24 - 2016-11-19 23:37 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{b794f0c9-4b5d-11e6-80e4-e41d2d719790}.TMContainer00000000000000000001.regtrans-ms 2016-12-17 14:50 - 2016-11-06 12:42 - 00002115 _____ C:\Users\Public\Desktop\Google Slides.lnk 2016-12-17 14:50 - 2016-11-06 12:42 - 00002113 _____ C:\Users\Public\Desktop\Google Sheets.lnk 2016-12-17 14:50 - 2016-11-06 12:42 - 00002103 _____ C:\Users\Public\Desktop\Google Docs.lnk 2016-12-17 14:50 - 2016-10-22 13:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2016-12-17 14:43 - 2016-11-19 23:51 - 00003586 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2016-12-17 14:43 - 2016-11-19 23:51 - 00003462 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2016-12-17 14:43 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\Tasks 2016-12-17 12:51 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\rescache 2016-12-17 09:41 - 2016-11-19 23:38 - 00000000 ___RD C:\Users\DoAsnoPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs 2016-12-17 09:41 - 2016-10-22 12:31 - 00002372 _____ C:\Users\DoAsnoPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-12-17 09:36 - 2016-11-19 23:26 - 00338592 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-12-17 09:35 - 2016-11-19 23:26 - 00524288 ___SH C:\WINDOWS\system32\config\DRIVERS{b794f0cf-4b5d-11e6-80e4-e41d2d719790}.TMContainer00000000000000000001.regtrans-ms 2016-12-17 09:35 - 2016-11-19 23:26 - 00065536 ___SH C:\WINDOWS\system32\config\DRIVERS{b794f0cf-4b5d-11e6-80e4-e41d2d719790}.TM.blf 2016-12-17 09:34 - 2016-07-16 08:47 - 00000796 ___SH C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini 2016-12-17 09:34 - 2016-07-16 08:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs 2016-12-17 09:34 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\SysWOW64\en-US 2016-12-17 09:34 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\system32\en-US 2016-12-17 09:34 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\system32\Boot 2016-12-17 09:34 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\ShellExperiences 2016-12-17 09:34 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\AppPatch 2016-12-17 09:34 - 2016-07-16 03:04 - 00000000 ____D C:\WINDOWS\SysWOW64 2016-12-17 09:34 - 2016-07-16 03:04 - 00000000 ____D C:\WINDOWS\System32 2016-12-17 09:30 - 2016-12-06 14:29 - 00000000 ____D C:\WINDOWS\Minidump 2016-12-17 09:30 - 2016-12-06 14:28 - 515192537 _____ C:\WINDOWS\MEMORY.DMP 2016-12-15 07:44 - 2016-10-22 16:49 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-12-15 07:39 - 2016-10-22 16:49 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-12-15 07:39 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\debug 2016-12-15 07:30 - 2016-10-22 13:45 - 00002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-12-14 16:05 - 2016-11-19 23:38 - 00524288 ___SH C:\Users\DoAsnoPC\NTUSER.DAT{a6b7c04e-aec8-11e6-b9a0-e5bbc836cc39}.TMContainer00000000000000000002.regtrans-ms 2016-12-14 16:05 - 2016-11-19 23:38 - 00524288 ___SH C:\Users\DoAsnoPC\NTUSER.DAT{a6b7c04e-aec8-11e6-b9a0-e5bbc836cc39}.TMContainer00000000000000000001.regtrans-ms 2016-12-14 16:05 - 2016-11-19 23:38 - 00065536 ___SH C:\Users\DoAsnoPC\NTUSER.DAT{a6b7c04e-aec8-11e6-b9a0-e5bbc836cc39}.TM.blf 2016-12-14 14:20 - 2016-10-22 12:23 - 00944346 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-12-14 14:20 - 2016-07-16 08:49 - 00766862 _____ C:\WINDOWS\system32\perfh009.dat 2016-12-14 14:20 - 2016-07-16 08:49 - 00169300 _____ C:\WINDOWS\system32\perfc009.dat 2016-12-14 14:16 - 2016-11-20 00:03 - 00000174 ___SH C:\Users\DoAsnoPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini 2016-12-14 14:16 - 2016-10-22 12:28 - 00000402 ___SH C:\Users\DoAsnoPC\Documents\desktop.ini 2016-12-14 14:16 - 2016-10-22 12:28 - 00000282 ___SH C:\Users\DoAsnoPC\Downloads\desktop.ini 2016-12-14 14:16 - 2016-10-22 12:28 - 00000282 ___SH C:\Users\DoAsnoPC\Desktop\desktop.ini 2016-12-14 14:16 - 2016-10-22 12:28 - 00000174 ___SH C:\Users\DoAsnoPC\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini 2016-12-14 14:16 - 2016-10-22 12:28 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-12-14 14:16 - 2016-10-22 12:28 - 00000000 ___RD C:\Users\DoAsnoPC\Searches 2016-12-14 14:16 - 2016-10-22 12:28 - 00000000 ___RD C:\Users\DoAsnoPC\Contacts 2016-12-14 14:16 - 2016-10-22 12:28 - 00000000 ___RD C:\Users\DoAsnoPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2016-12-14 14:16 - 2016-10-22 12:28 - 00000000 ___RD C:\Users\DoAsnoPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2016-12-14 14:16 - 2016-10-22 12:27 - 00000000 ___RD C:\Users\DoAsnoPC\Videos 2016-12-14 14:16 - 2016-10-22 12:27 - 00000000 ___RD C:\Users\DoAsnoPC\Saved Games 2016-12-14 14:16 - 2016-10-22 12:27 - 00000000 ___RD C:\Users\DoAsnoPC\Pictures 2016-12-14 14:16 - 2016-10-22 12:27 - 00000000 ___RD C:\Users\DoAsnoPC\Music 2016-12-14 14:16 - 2016-10-22 12:27 - 00000000 ___RD C:\Users\DoAsnoPC\Links 2016-12-14 14:16 - 2016-10-22 12:27 - 00000000 ___RD C:\Users\DoAsnoPC\Favorites 2016-12-14 14:16 - 2016-07-16 03:04 - 00262144 _____ C:\Users\Default\NTUSER.DAT 2016-12-14 14:10 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\system32\config\TxR 2016-12-14 14:09 - 2016-07-16 08:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2016-12-14 14:09 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe 2016-12-14 14:09 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2016-12-14 14:09 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\system32\wbem 2016-12-14 14:09 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-CS 2016-12-14 14:09 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\system32\oobe 2016-12-14 14:09 - 2016-07-16 03:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2016-12-14 14:09 - 2016-07-16 03:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2016-12-14 14:09 - 2016-07-16 03:04 - 00000000 ____D C:\WINDOWS\system32\Dism 2016-12-14 14:08 - 2016-07-16 08:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-12-14 14:08 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\system32\WDI 2016-12-14 14:08 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\bcastdvr 2016-12-14 14:08 - 2016-07-16 08:47 - 00000000 ____D C:\Program Files\Internet Explorer 2016-12-14 14:08 - 2016-07-16 08:47 - 00000000 ____D C:\Program Files (x86)\Internet Explorer 2016-12-14 14:08 - 2016-07-16 03:04 - 00000000 ____D C:\WINDOWS\servicing 2016-12-13 08:35 - 2016-11-19 23:32 - 00015487 _____ C:\WINDOWS\setupact.log ==================== Files in the root of some directories ======= 2017-01-11 16:30 - 2016-11-23 10:37 - 0000570 _____ () C:\Users\DoAsnoPC\AppData\Local\TroubleshooterConfig.json 2016-11-19 23:32 - 2016-11-19 23:32 - 0000000 ____H () C:\ProgramData\DP45977C.lfl ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-01-11 08:43 ==================== End of FRST.txt ============================